Cloud Services for Medical Devices with CE Mark

E

elbatius

My company is trying to push things online with IoT for our class IIb device. We need a company to provide cloud hosting services, and there is quite a number of them on Google. What are the regulations and standards we should look out for when choosing a cloud hosting service, one that has security, privacy and CE compliance?
 
Ronen E

Ronen E

Problem Solver
Moderator
elbatius said:
My company is trying to push things online with IoT for our class IIb device. We need a company to provide cloud hosting services, and there is quite a number of them on Google. What are the regulations and standards we should look out for when choosing a cloud hosting service, one that has security, privacy and CE compliance?
Click to expand...

Hello elbatius and welcome to the Cove :bigwave:

Not an expert on this subject, but as a start there's an EU directive governing the protection of patient data. I would also expect some sort of certification along the ISO 27000 series lines, to ensure recoverability.

Hopefully others will soon chime in and provide the expertise I lack.

Cheers,
Ronen.
 
E

elbatius

Thanks for the welcome!! I just dove into the job of QA and got help here :D

By the protection of patient data, is it the general personal data protection(95/46/EC)?

And I realised... there's really two parts to my question:
1. What certifications/complied regulations should we look out for in the cloud service providers?
2. Is there any additional directives/standards (apart from 13485, 14971, 62304) my company have to comply with when integrating cloud services into our medical device?
 
shimonv

shimonv

Trusted Information Resource
The following link will take you to the European Commission page on data protection rules with links to the current directive and the new regulation:

http://ec.europa.eu/justice/data-protection/reform/index_en.htm

In terms of standards, I am not aware of any harmonized standards as yet; its kind of a new terrain. What I can recommend is to review FDA's recommendation for use and adoption of the voluntary “Framework for Improving Critical Infrastructure Cybersecurity” that has been developed by the National Institute of Standards and Technology (NIST) with collective input from other government agencies and the private sector:

https://www.nist.gov/sites/default/files/documents/cyberframework/Cybersecurity-Framework-for-FCSM-Jan-2016.pdf

Good luck,
Shimon
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
Ed Panek Do Cloud services require 21 CFR Part 11 compliance? Qualification and Validation (including 21 CFR Part 11) 7
L Design Transfer Concept of cloud SaMD US Medical Device Regulations 2
C Regulatory requirements of cloud platform for devices developed in compliance with 13485:2016 ISO 13485:2016 - Medical Device Quality Management Systems 5
J Cloud Based System Qualification and Validation (including 21 CFR Part 11) 7
R Cloud-based SaMD Validation IEC 62304 - Medical Device Software Life Cycle Processes 8
H Existing cloud based medical device - questions regarding improving the processes IEC 62304 - Medical Device Software Life Cycle Processes 6
DanBOS Cloud Connected Medical Device 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 3
Y Exporting data to the cloud is a "Significant Change"? EU Medical Device Regulations 5
Tagin Hosting in the cloud still requires DR (OVH fire) Business Continuity & Resiliency Planning (BCRP) 1
S DHF/DMR/MDF for a software-only, cloud-based, single-instance device Medical Information Technology, Medical Software and Health Informatics 2
B Oracle Cloud ERP Validation during Quarterly Patch ISO 13485:2016 - Medical Device Quality Management Systems 1
P Testing cloud-based backups IT (Information Technology) Service Management 8
shimonv Classification of a cloud- base viewer for the output from a medical device US Food and Drug Administration (FDA) 7
O ZenQMS cloud solution? Quality Assurance and Compliance Software Tools and Solutions 0
Q Storing and developing SAMD (Software as a Medical Device) in the Cloud IEC 62304 - Medical Device Software Life Cycle Processes 3
was named killer CLOUD BASED QUALITY DOCUMENTATION vs. SERVER BASED Document Control Systems, Procedures, Forms and Templates 5
S Validation of eQMS - Cloud based out of the box solution Other Medical Device Related Standards 18
S Moving from client-server to cloud-based, is that a new submission? Medical Information Technology, Medical Software and Health Informatics 3
Z Security for Approvals - Cloud based Complaint, NC, and CAPA systems Qualification and Validation (including 21 CFR Part 11) 8
T QMS - Documentation Cloud Storage EU Medical Device Regulations 0
R Validation of mobile app and cloud servers for data security IEC 62304 - Medical Device Software Life Cycle Processes 4
S Saving QMS documents in cloud drive - Compliance with ISO 13485 ISO 13485:2016 - Medical Device Quality Management Systems 3
T FDA proposed labeling standalone software cloud based US Food and Drug Administration (FDA) 4
R Online / Cloud Based Software as Medical Device EU Medical Device Regulations 8
S Cloud-Based Stand Alone Software - Software Medical Device (Class II) US Food and Drug Administration (FDA) 2
C Validation of Applications in a Cloud, CFR 21 part 11 (Environmental Monitoring) Other US Medical Device Regulations 3
D Anyone using a cloud based QMS software? Document Control Systems, Procedures, Forms and Templates 12
Q File Management system in Cloud for Medical Mobile Apps IEC 62304 - Medical Device Software Life Cycle Processes 2
D Can Cloud Data Management resources be qualified? Should they be? Quality Manager and Management Related Issues 3
R Cloud Computing Requirements for Design History Files for Software Medical Devices 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 4
Marc Anyone here affected by the volcano ash cloud? April 2010 Travel - Hotels, Motels, Planes and Trains 33
Jen Kirley What's procedurally required for "cloud computing"? TS16949 Clause 4.2.4. Records and Data - Quality, Legal and Other Evidence 8
K Definition Point-Cloud Data - Understanding of the term "Point-Cloud Data" Definitions, Acronyms, Abbreviations and Interpretations Listed Alphabetically 3
Marc Biggest Wi-Fi Cloud Is in Rural Oregon After Work and Weekend Discussion Topics 4
R Point Cloud Technology Validation - Point Cloud to CAD model comparisons for FAIR General Measurement Device and Calibration Topics 2
G Control of Externally Provided Processes, Products, and Services AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 7
L Quality Manual Help for Service Sector/Service Organization (Government Contractor/IT Services) Quality Management System (QMS) Manuals 5
D 8.3.2.1 Review of the Requirements for Products and Services. ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
D 8.2.3.1 Review of the Requirements for Products and Services AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 2
V Review of the Requirements of products and services ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
K Subcontractors Providing Services Under MDD or MDR need ISO 13485 from EU Notified Body? CE Marking (Conformité Européene) / CB Scheme 8
T SQL Server 2019 - Master Data Services - Validation needed? ISO 13485:2016 - Medical Device Quality Management Systems 4
P Can I exempt products/services from my AS9100 QMS? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
Anerol C Looking for sorting services at Singapore Career and Occupation Discussions 2
E Business Continuity Plan Exercise for Outsourced Services Business Continuity & Resiliency Planning (BCRP) 7
H Verification of the purchased products which are services, like continuous IT services ISO 13485:2016 - Medical Device Quality Management Systems 7
J External Standard Services Document Control Systems, Procedures, Forms and Templates 12
S Determining the requirements for the products and services ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
C Nerve stimulation Implant cleaning services ISO 13485:2016 - Medical Device Quality Management Systems 3
K AS9100D 8.2.1 Review Requirements for Products and Services AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 14

Similar threads

Top Bottom