Cloud Services for Medical Devices with CE Mark

E

elbatius

#1
My company is trying to push things online with IoT for our class IIb device. We need a company to provide cloud hosting services, and there is quite a number of them on Google. What are the regulations and standards we should look out for when choosing a cloud hosting service, one that has security, privacy and CE compliance?
 
Elsmar Forum Sponsor

Ronen E

Problem Solver
Staff member
Moderator
#2
My company is trying to push things online with IoT for our class IIb device. We need a company to provide cloud hosting services, and there is quite a number of them on Google. What are the regulations and standards we should look out for when choosing a cloud hosting service, one that has security, privacy and CE compliance?
Hello elbatius and welcome to the Cove :bigwave:

Not an expert on this subject, but as a start there's an EU directive governing the protection of patient data. I would also expect some sort of certification along the ISO 27000 series lines, to ensure recoverability.

Hopefully others will soon chime in and provide the expertise I lack.

Cheers,
Ronen.
 
E

elbatius

#4
Thanks for the welcome!! I just dove into the job of QA and got help here :D

By the protection of patient data, is it the general personal data protection(95/46/EC)?

And I realised... there's really two parts to my question:
1. What certifications/complied regulations should we look out for in the cloud service providers?
2. Is there any additional directives/standards (apart from 13485, 14971, 62304) my company have to comply with when integrating cloud services into our medical device?
 

shimonv

Trusted Information Resource
#6
The following link will take you to the European Commission page on data protection rules with links to the current directive and the new regulation:

http://ec.europa.eu/justice/data-protection/reform/index_en.htm

In terms of standards, I am not aware of any harmonized standards as yet; its kind of a new terrain. What I can recommend is to review FDA's recommendation for use and adoption of the voluntary “Framework for Improving Critical Infrastructure Cybersecurity” that has been developed by the National Institute of Standards and Technology (NIST) with collective input from other government agencies and the private sector:

https://www.nist.gov/sites/default/files/documents/cyberframework/Cybersecurity-Framework-for-FCSM-Jan-2016.pdf

Good luck,
Shimon
 
Thread starter Similar threads Forum Replies Date
Ed Panek Do Cloud services require 21 CFR Part 11 compliance? Qualification and Validation (including 21 CFR Part 11) 7
O ZenQMS cloud solution? Quality Assurance and Compliance Software Tools and Solutions 0
Q Storing and developing SAMD (Software as a Medical Device) in the Cloud IEC 62304 - Medical Device Software Life Cycle Processes 2
was named killer CLOUD BASED QUALITY DOCUMENTATION vs. SERVER BASED Document Control Systems, Procedures, Forms and Templates 5
S Validation of eQMS - Cloud based out of the box solution Other Medical Device Related Standards 18
S Moving from client-server to cloud-based, is that a new submission? Medical Information Technology, Medical Software and Health Informatics 3
Z Security for Approvals - Cloud based Complaint, NC, and CAPA systems Qualification and Validation (including 21 CFR Part 11) 8
T QMS - Documentation Cloud Storage EU Medical Device Regulations 0
R Validation of mobile app and cloud servers for data security IEC 62304 - Medical Device Software Life Cycle Processes 4
S Saving QMS documents in cloud drive - Compliance with ISO 13485 ISO 13485:2016 - Medical Device Quality Management Systems 3
T FDA proposed labeling standalone software cloud based US Food and Drug Administration (FDA) 4
R Online / Cloud Based Software as Medical Device EU Medical Device Regulations 8
S Cloud-Based Stand Alone Software - Software Medical Device (Class II) US Food and Drug Administration (FDA) 2
C Validation of Applications in a Cloud, CFR 21 part 11 (Environmental Monitoring) Other US Medical Device Regulations 3
D Anyone using a cloud based QMS software? Document Control Systems, Procedures, Forms and Templates 12
Q File Management system in Cloud for Medical Mobile Apps IEC 62304 - Medical Device Software Life Cycle Processes 2
D Can Cloud Data Management resources be qualified? Should they be? Quality Manager and Management Related Issues 3
R Cloud Computing Requirements for Design History Files for Software Medical Devices 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 4
Marc Anyone here affected by the volcano ash cloud? April 2010 Travel - Hotels, Motels, Planes and Trains 33
Jen Kirley What's procedurally required for "cloud computing"? TS16949 Clause 4.2.4. Records and Data - Quality, Legal and Other Evidence 8
K Definition Point-Cloud Data - Understanding of the term "Point-Cloud Data" Definitions, Acronyms, Abbreviations and Interpretations Listed Alphabetically 3
Marc Biggest Wi-Fi Cloud Is in Rural Oregon After Work and Weekend Discussion Topics 4
R Point Cloud Technology Validation - Point Cloud to CAD model comparisons for FAIR General Measurement Device and Calibration Topics 2
L Special Processes for SERVICES AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 10
T ISO 9001 8.5.2. - Identification and traceability to Identify Outputs - Services ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
V IATF 16949 8.4.1 Control of externally provided processes, products and services - Should the CB be on our Approved Supplier List? IATF 16949 - Automotive Quality Systems Standard 10
I Custom software services to be used by medical software ISO 13485:2016 - Medical Device Quality Management Systems 1
M Informational EU – New notified body designated under the MDR – NB 1912 – DARE!! Services B.V. – Netherlands Medical Device and FDA Regulations and Standards News 0
M Authorized Representative services for the EU Recommendations EU Medical Device Regulations 3
S Responsibility of intercessor services provider about services's quality ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
A Design and development of products and services ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
S Education authority requires approval of all courses - Training services provider ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
S Clause 8.2.2 Determining the requirements for products and services ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
S ISO 9001 Clause 8.3 Design for an education services provider ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 8
S Maintain and repair services company require ISO 9001 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
J ISO 17020 concerns of independence & impartiality of services Other ISO and International Standards and European Regulations 1
DuncanGibbons Why is 8.4 post-delivery activities before 8.6 release of products and services in AS9100D? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
Jen Kirley Conway Business Services LLC - Jen Kirley ISO 14001:2015 Specific Discussions 0
A Medical device CER (clinical evaluation report) training/seminar services EU Medical Device Regulations 2
M Informational EU – Eudamed Data exchange services and entity models introductions Medical Device and FDA Regulations and Standards News 4
M Informational EU – M2M Data Exchange available services for accessing MDR EUDAMED data available for Economic Operator (EO) organisations Medical Device and FDA Regulations and Standards News 0
M NIST is one of the government services shut down General Measurement Device and Calibration Topics 2
M Medical Device News New ANVISA health services public consultations – Consultas públicas de serviços em saúde Medical Device and FDA Regulations and Standards News 0
A ISO / IATF 16949 Requirements for Second Party Services IATF 16949 - Automotive Quality Systems Standard 10
I Imaging Services - Which standard should we be certified to? ISO 13485:2016 - Medical Device Quality Management Systems 4
R Creating WIs for a Heavy Civil Engineering Services company Document Control Systems, Procedures, Forms and Templates 19
T Value Chain Map for Food Services Industry Service Industry Specific Topics 1
qualprod Auditing Product and Services doubts ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
D Identifying externally provided services referenced by IATF16949 IATF 16949 - Automotive Quality Systems Standard 2
qualprod Including services in quality policy? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3

Similar threads

Top Bottom