Greetings,
I'm currently working on writing my company's 510(k) for their web-based software device and I have an question pertaining to data storage and management.
The servers that are used to store the medical image and data displayed by our device are not under my company's control, but outsourced. We have a Master Service Agreement with one company who maintains 4 dedicated servers for us.
Is anyone able to provide guidance regarding how to explain this in the 510(k)? I've started with discussing that a copy of the data is sent to each of the 4 servers, discussed the characteristics of the servers along with server protection. Do I even have to explain that the servers are not under our control?
Regards, Tonia
I'm currently working on writing my company's 510(k) for their web-based software device and I have an question pertaining to data storage and management.
The servers that are used to store the medical image and data displayed by our device are not under my company's control, but outsourced. We have a Master Service Agreement with one company who maintains 4 dedicated servers for us.
Is anyone able to provide guidance regarding how to explain this in the 510(k)? I've started with discussing that a copy of the data is sent to each of the 4 servers, discussed the characteristics of the servers along with server protection. Do I even have to explain that the servers are not under our control?
Regards, Tonia
Good point, but why limit the scope to EU and US? What about the rest of the world? Japan, Australia, Israel, China to name but a few? Devicemakers who venture blindly down this road may see them selves in conflict with the law in more countries than they ever imagined!