FDA permits limited modifications to previously cleared infusion pumps without requiring submission of a new 510(K) premarket notification
The policy is aimed at increasing the availability and remote monitoring capabilities of infusion pumps and related accessories used to treat patients infected with COVID-19 during the pandemic
FDA will not object to limited modifications to:
The policy applies where a modification is made to the device that normally would trigger the requirement of a new 510(k) premarket submission.
During Pandemic, ISO (The International Organization for Standardization) ISO temporarily allows free access to health and medical device related standards
The list includes ISO 13485, the medical device manufacturers quality system standard.
Additional standards available (read-only) for free:
ISO 13688:2013, Protective clothing – General requirements
ISO 17510:2015, Medical devices — Sleep apnea breathing therapy — Masks and application accessories
ISO 19223:2019, Lung ventilators and related equipment — Vocabulary and semantics
ISO 22301:2019, Security and resilience – Business continuity management systems –Requirements
ISO 80601-2-12:2020, Medical electrical equipment — Part 2-12: Particular requirements for basic safety and essential performance of critical care ventilators
ISO 80601-2-13:2011, Medical electrical equipment — Part 2-13: Particular requirements for basic safety and essential performance of an anesthetic workstation
ISO/TS 16976-8:2013, Respiratory protective devices — Human factors — Part 8: Ergonomic factors
Company Name – Mandelay Kft (Hungary, manufacturer of devices that detect (diagnose) electrical signatures of tissues, organs, nutrients, toxins and allergens and record the degree to which the body reacts to these elements)
Subject: CGMP/QSR/Medical Devices/Adulterated
Violations included in the letter (not a full list):
The Department of Homeland Security has issued cybersecurity alert about BD’s line of Pyxis medication and supply management devices
DHS’s Cybersecurity and Infrastructure Security Agency alerted users of Pyxis MedStation and Anesthesia ES Systems to a vulnerability that could enable someone with physical access to the machines to view or modify sensitive data. However, BD (Becton, Dickinson and Company) has no reports of the vulnerability being exploited.
The affected BD medical devices utilize a method of software application implementation called “kiosk mode.” This kiosk mode is vulnerable to local breakouts, which could allow an attacker with physical access to bypass kiosk mode and view and/or modify sensitive data.
BD said “the probability of harm is low” because the user would need physical access to the equipment to exploit the vulnerability. In the longer term, BD plans to roll out a security update to mitigate the threat. The security update will strengthen kiosk mode by closing off known means of escape. The company said the update will restrict “access to tools for viewing or manipulating local resources.”
© 2021 BeanStock Ventures