ISO 13485 and network security protection - Medical device manufacturer

P

pbell0000

#1
Quick question, hoping for guidance on this...

I'm looking for help with the following, I work at a medical device manufacturer (small one) and we are getting ISO 13485 certified. What are the requirements for security (password protection) of our electronic server? We have an all "hard paperwork" system, document control is paper, but we do have uncontrolled R&D drawings and such on the network. I found nothing specific in 13485 itself, but is there another guidance that applies?

We have password protection to login, but do we need to be cycling our passwords, having special characters, etc., any guidance associated with 13485?

Thanks, (first time poster, but frequent reader, this site rocks!)
 
Elsmar Forum Sponsor

GStough

Staff member
Super Moderator
#4
Quick question, hoping for guidance on this...

I'm looking for help with the following, I work at a medical device manufacturer (small one) and we are getting ISO 13485 certified. What are the requirements for security (password protection) of our electronic server? We have an all "hard paperwork" system, document control is paper, but we do have uncontrolled R&D drawings and such on the network. I found nothing specific in 13485 itself, but is there another guidance that applies?

We have password protection to login, but do we need to be cycling our passwords, having special characters, etc., any guidance associated with 13485?

Thanks, (first time poster, but frequent reader, this site rocks!)
Hi pbell0000 and welcome to the Cove! :bigwave:

Have you checked the FDA's web site? There are requirements in 21 CFR 820 regarding document control, as well as Part 11 for electronic signatures (if that is to become part of your document control process) which you must take into consideration. ISO 13485 does not have specific requirements for this, but there are several notes throughout the standard that refer to federal, regional, national, etc. regulations and requirements. It is up to the company seeking certification to determine which ones apply to them and take the necessary steps to establish, implement and maintain them.

I hope this helps. I'm sure there are others here who will be able to offer more specific advice. :bigwave:
 

Ajit Basrur

Staff member
Admin
#5
Quick question, hoping for guidance on this...

I'm looking for help with the following, I work at a medical device manufacturer (small one) and we are getting ISO 13485 certified. What are the requirements for security (password protection) of our electronic server? We have an all "hard paperwork" system, document control is paper, but we do have uncontrolled R&D drawings and such on the network. I found nothing specific in 13485 itself, but is there another guidance that applies?

We have password protection to login, but do we need to be cycling our passwords, having special characters, etc., any guidance associated with 13485?

Thanks, (first time poster, but frequent reader, this site rocks!)
Welcome to the Cove and great to note that you are a frequent reader :bigwave:

I agree with Danny's response that in the example that you stated you need not worry on network security but pl remember in case, any quality decision is made or any documentation is handled through any software and approvals done electronically, you may wish to have a look at 21 CFR Part 11 of FDA.
 
Thread starter Similar threads Forum Replies Date
Ed Panek ISO 13485:2016 Section 5.5.3 ISO 13485:2016 - Medical Device Quality Management Systems 3
ebrahim QMS as per ISO 13485, Clause 4.2 Requirements for regulatory purposes for Medical Devices Authorized Representatives. ISO 13485:2016 - Medical Device Quality Management Systems 3
D ISO 13485 scope (implantable) - Polymers for dental application EU Medical Device Regulations 9
N ISO 13485 7.3.9 Change control in medical device software ISO 13485:2016 - Medical Device Quality Management Systems 6
A ISO 13485 procedure change and reflect to legacy manufacture items ISO 13485:2016 - Medical Device Quality Management Systems 2
D ISO 13485 & CE Certification for Surgical Gloves CE Marking (Conformité Européene) / CB Scheme 0
S Inventory Listing and ISO 13485:2016 ISO 13485:2016 - Medical Device Quality Management Systems 3
M ISO 13485:2016 Certification Scope ISO 13485:2016 - Medical Device Quality Management Systems 2
D Reports under change management | ISO 13485:2016 & ISO 9001:2015 ISO 13485:2016 - Medical Device Quality Management Systems 3
M Scope for ISO 13485 Certification of a Translation Service Provider ISO 13485:2016 - Medical Device Quality Management Systems 17
Q ISO 13485 7.5.6 Validation - Off the shelf Software ISO 13485:2016 - Medical Device Quality Management Systems 3
A ISO 13485 Certification for Resin Manufacturer ISO 13485:2016 - Medical Device Quality Management Systems 4
A ISO 13485 Sterilization Clause Applicability ISO 13485:2016 - Medical Device Quality Management Systems 7
K ISO 13485 and compliance of electronic signature ISO 13485:2016 - Medical Device Quality Management Systems 5
T ISO 13485 - Assembly instructions written vs. online ISO 13485:2016 - Medical Device Quality Management Systems 5
M ISO 13485:2016 internal audit checklist Medical Device and FDA Regulations and Standards News 5
N 93/42/EEC certification without ISO 13485 EU Medical Device Regulations 3
M How Specific in an ISO 13485:2016 Scope for a Contract Manufacturer ISO 13485:2016 - Medical Device Quality Management Systems 9
A ISO 13485 for Class 1 Medical Device ISO 13485:2016 - Medical Device Quality Management Systems 7
0 ISO 13485:2016 Chapter 8 Integration of the subsections ISO 13485:2016 - Medical Device Quality Management Systems 3
M Change in Constitution / Ownership of firm -------ISO 13485 ISO 13485:2016 - Medical Device Quality Management Systems 1
E ISO 13485 QMS certification as a Supplier ISO 13485:2016 - Medical Device Quality Management Systems 8
T ISO 13485:2016 Clauses related to process matrix ISO 13485:2016 - Medical Device Quality Management Systems 3
J Can signed agreements over-ride review of every "contract" under ISO 13485:2016? ISO 13485:2016 - Medical Device Quality Management Systems 2
J Implementing an ISO 13485 QMS Software ISO 13485:2016 - Medical Device Quality Management Systems 6
Q EN ISO 13485:2016/AC:2018 - AC:2018 being stated in the applicable harmonized standard listing Other ISO and International Standards and European Regulations 1
J Leveraging another company's ISO 13485:2016 ISO 13485:2016 - Medical Device Quality Management Systems 5
J New Job Position - Achieving ISO 13485 Certification ISO 13485:2016 - Medical Device Quality Management Systems 5
A Scope of ISO 13485 certificate ISO 13485:2016 - Medical Device Quality Management Systems 1
A ASL requirement when the supplier is certified for ISO 13485 ISO 13485:2016 - Medical Device Quality Management Systems 6
M ISO 13485-2016 online certification ISO 13485:2016 - Medical Device Quality Management Systems 3
S Thoughts on managing ISO 9001, 13485, IATF 16949 and 17025 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 33
S Supplier Management ISO 13485: 2016- Which supplier needs to fill in a self assessment form? ISO 13485:2016 - Medical Device Quality Management Systems 6
J Possible to get ISO 13485 certified with only OEM Product? ISO 13485:2016 - Medical Device Quality Management Systems 4
D Definition of equipment for ISO 13485:2016 ISO 13485:2016 - Medical Device Quality Management Systems 1
M ISO 13485:2016 Complaint Definition Clarity Customer Complaints 2
D Rules for Paper Forms outside of an eQMS - 3 Questions (ISO 13485) Document Control Systems, Procedures, Forms and Templates 9
S Qualification question - ISO 13485 - Setting up a small lab Reliability Analysis - Predictions, Testing and Standards 2
K ISO 13485 clause 8.5.2 'Any necessary CA shall be taken without undue delay' ISO 13485:2016 - Medical Device Quality Management Systems 11
J How much to charge for helping a startup company with initial ISO 13485 certification? Consultants and Consulting 3
J ISO 13485 System 'soft start' - How to best reflect this in initial audits, management review minutes and other records? ISO 13485:2016 - Medical Device Quality Management Systems 3
D ISO 13485 - 7.3.6 Design and development verification - Do most folks create a separate SOP? ISO 13485:2016 - Medical Device Quality Management Systems 5
C ISO 13485 :2016 - CAPA - Does every CAPA need to be checked by regulations? ISO 13485:2016 - Medical Device Quality Management Systems 9
D ISO 13485 8.2.1 and 8.2.2 - Customer Feedback and Customer Complaints ISO 13485:2016 - Medical Device Quality Management Systems 5
Sravan Manchikanti How to interpret '8.3 Control of nonconforming product' for SaMD device while implementing ISO 13485 & MDSAP ISO 13485:2016 - Medical Device Quality Management Systems 7
M Getting started in ISO 13485 ISO 13485:2016 - Medical Device Quality Management Systems 31
P ISO 13485:2016 MDSAP Certification Fee Survey ISO 13485:2016 - Medical Device Quality Management Systems 6
C SOP Template needed for ISO 13485 6.3 Infrastructure ISO 13485:2016 - Medical Device Quality Management Systems 9
T ISO 13485 8.3 - Non-Conforming Materials - on-line rework or part of process? ISO 13485:2016 - Medical Device Quality Management Systems 11
B Do IFU designs have to be document controlled under ISO 13485? Document Control Systems, Procedures, Forms and Templates 2

Similar threads

Top Bottom