Cloud Services for Medical Devices with CE Mark

E

elbatius

#1
My company is trying to push things online with IoT for our class IIb device. We need a company to provide cloud hosting services, and there is quite a number of them on Google. What are the regulations and standards we should look out for when choosing a cloud hosting service, one that has security, privacy and CE compliance?
 
Elsmar Forum Sponsor

Ronen E

Problem Solver
Staff member
Moderator
#2
My company is trying to push things online with IoT for our class IIb device. We need a company to provide cloud hosting services, and there is quite a number of them on Google. What are the regulations and standards we should look out for when choosing a cloud hosting service, one that has security, privacy and CE compliance?
Hello elbatius and welcome to the Cove :bigwave:

Not an expert on this subject, but as a start there's an EU directive governing the protection of patient data. I would also expect some sort of certification along the ISO 27000 series lines, to ensure recoverability.

Hopefully others will soon chime in and provide the expertise I lack.

Cheers,
Ronen.
 
E

elbatius

#4
Thanks for the welcome!! I just dove into the job of QA and got help here :D

By the protection of patient data, is it the general personal data protection(95/46/EC)?

And I realised... there's really two parts to my question:
1. What certifications/complied regulations should we look out for in the cloud service providers?
2. Is there any additional directives/standards (apart from 13485, 14971, 62304) my company have to comply with when integrating cloud services into our medical device?
 

shimonv

Trusted Information Resource
#6
The following link will take you to the European Commission page on data protection rules with links to the current directive and the new regulation:

http://ec.europa.eu/justice/data-protection/reform/index_en.htm

In terms of standards, I am not aware of any harmonized standards as yet; its kind of a new terrain. What I can recommend is to review FDA's recommendation for use and adoption of the voluntary “Framework for Improving Critical Infrastructure Cybersecurity” that has been developed by the National Institute of Standards and Technology (NIST) with collective input from other government agencies and the private sector:

https://www.nist.gov/sites/default/files/documents/cyberframework/Cybersecurity-Framework-for-FCSM-Jan-2016.pdf

Good luck,
Shimon
 
Thread starter Similar threads Forum Replies Date
Ed Panek Do Cloud services require 21 CFR Part 11 compliance? Qualification and Validation (including 21 CFR Part 11) 7
H Existing cloud based medical device - questions regarding improving the processes IEC 62304 - Medical Device Software Life Cycle Processes 6
DanBOS Cloud Connected Medical Device 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 1
Y Exporting data to the cloud is a "Significant Change"? EU Medical Device Regulations 5
Tagin Hosting in the cloud still requires DR (OVH fire) Business Continuity & Resiliency Planning (BCRP) 1
S DHF/DMR/MDF for a software-only, cloud-based, single-instance device Medical Information Technology, Medical Software and Health Informatics 2
B Oracle Cloud ERP Validation during Quarterly Patch ISO 13485:2016 - Medical Device Quality Management Systems 1
P Testing cloud-based backups IT (Information Technology) Service Management 7
shimonv Classification of a cloud- base viewer for the output from a medical device US Food and Drug Administration (FDA) 7
O ZenQMS cloud solution? Quality Assurance and Compliance Software Tools and Solutions 0
Q Storing and developing SAMD (Software as a Medical Device) in the Cloud IEC 62304 - Medical Device Software Life Cycle Processes 3
was named killer CLOUD BASED QUALITY DOCUMENTATION vs. SERVER BASED Document Control Systems, Procedures, Forms and Templates 5
S Validation of eQMS - Cloud based out of the box solution Other Medical Device Related Standards 18
S Moving from client-server to cloud-based, is that a new submission? Medical Information Technology, Medical Software and Health Informatics 3
Z Security for Approvals - Cloud based Complaint, NC, and CAPA systems Qualification and Validation (including 21 CFR Part 11) 8
T QMS - Documentation Cloud Storage EU Medical Device Regulations 0
R Validation of mobile app and cloud servers for data security IEC 62304 - Medical Device Software Life Cycle Processes 4
S Saving QMS documents in cloud drive - Compliance with ISO 13485 ISO 13485:2016 - Medical Device Quality Management Systems 3
T FDA proposed labeling standalone software cloud based US Food and Drug Administration (FDA) 4
R Online / Cloud Based Software as Medical Device EU Medical Device Regulations 8
S Cloud-Based Stand Alone Software - Software Medical Device (Class II) US Food and Drug Administration (FDA) 2
C Validation of Applications in a Cloud, CFR 21 part 11 (Environmental Monitoring) Other US Medical Device Regulations 3
D Anyone using a cloud based QMS software? Document Control Systems, Procedures, Forms and Templates 12
Q File Management system in Cloud for Medical Mobile Apps IEC 62304 - Medical Device Software Life Cycle Processes 2
D Can Cloud Data Management resources be qualified? Should they be? Quality Manager and Management Related Issues 3
R Cloud Computing Requirements for Design History Files for Software Medical Devices 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 4
Marc Anyone here affected by the volcano ash cloud? April 2010 Travel - Hotels, Motels, Planes and Trains 33
Jen Kirley What's procedurally required for "cloud computing"? TS16949 Clause 4.2.4. Records and Data - Quality, Legal and Other Evidence 8
K Definition Point-Cloud Data - Understanding of the term "Point-Cloud Data" Definitions, Acronyms, Abbreviations and Interpretations Listed Alphabetically 3
Marc Biggest Wi-Fi Cloud Is in Rural Oregon After Work and Weekend Discussion Topics 4
R Point Cloud Technology Validation - Point Cloud to CAD model comparisons for FAIR General Measurement Device and Calibration Topics 2
H Verification of the purchased products which are services, like continuous IT services ISO 13485:2016 - Medical Device Quality Management Systems 7
J External Standard Services Document Control Systems, Procedures, Forms and Templates 12
S Determining the requirements for the products and services ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
C Nerve stimulation Implant cleaning services ISO 13485:2016 - Medical Device Quality Management Systems 3
K AS9100D 8.2.1 Review Requirements for Products and Services AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 14
A 8.6 Release of products and services, 8.3 Design and development - evidence required ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
S ISO 9001 Clause 8.2.3 - Review of the requirements for products and services in a Cafe ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 8
L Special Processes for SERVICES AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 10
T ISO 9001 8.5.2. - Identification and traceability to Identify Outputs - Services ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
V IATF 16949 8.4.1 Control of externally provided processes, products and services - Should the CB be on our Approved Supplier List? IATF 16949 - Automotive Quality Systems Standard 10
I Custom software services to be used by medical software ISO 13485:2016 - Medical Device Quality Management Systems 1
M Informational EU – New notified body designated under the MDR – NB 1912 – DARE!! Services B.V. – Netherlands Medical Device and FDA Regulations and Standards News 0
M Authorized Representative services for the EU Recommendations EU Medical Device Regulations 3
S Responsibility of intercessor services provider about services's quality ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
A Design and development of products and services ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
S Education authority requires approval of all courses - Training services provider ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
S Clause 8.2.2 Determining the requirements for products and services ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
S ISO 9001 Clause 8.3 Design for an education services provider ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 8
S Maintain and repair services company require ISO 9001 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3

Similar threads

Top Bottom