Building Safety into Medical Device Software

Published on January 7, 2012 by Bob in FDA, Medical Devices and Software Quality. 0 Comments

The article Build and Validate Safety in Medical Device Software takes a critical look at the current processes for medical device software and concludes:

The complexity of the software employed in many medical devices has rendered inadequate traditional methods (testing) for demonstrating their safety.

The article then provides examples of the types of analyses that can be performed to better ensure safety.

Interesting read.

Here are some references:

BohrBug: Not necessarily easy to find, but once discovered is reproducible.

Heisenbug: The ever-annoying bug that can not be reliably reproduced.

Spin: An open-source software tool for formal verification of distributed software systems.

SOPA and Internet Censorship

Published on December 17, 2011 by Bob in General. 0 Comments

I first heard about this from a system message on the Stack Overflow site. The post Protect intellectual property – but not like this explains their position (in particular, SOPA vs. DMCA) and has a lot of good links to more information.

SOPA-Rope-a-dope has a well written explanation of DNS blocking and DNSSEC.

This bill is a really bad idea. A lot of people in the know agree: An Open Letter From Internet Engineers to the U.S. Congress.

Congress to Resume SOPA Hearings Next Week (Wednesday 12/21) so it’s not too late to help stop this bill. If you’re like me and have always wondered why people contact their Congressperson, now we finally have a good reason to do so.  Go to Stop American Censorship and let your voice be heard.

From RWW Cartoon: SOPA Opera:

 

UPDATE (12/23/11): Bill that could ‘break the Internet’ delayed until 2012. Also see: What You Need to Know About SOPA in 2012

Validation of Off-The-Shelf Software Development Tools

Published on November 12, 2011 by Bob in FDA. 7 Comments Tags: , .

A reader asked me about OTS software tool validation. He says:

It seems to me that the editor and any other tool used to create the software is exactly that, a productivity tool. The end result (compiled binary installed on a validated PC configuration) is still going to go through verification and validation, therefore, it seems validating any of the items used to actually create the binary is unnecessary.

Any thoughts or guidance to help me understand this process?

This is a great question and the source of a lot of confusion.

The bottom line is that all third party tools (and libraries) used to construct or test FDA regulated software need to be validated.

You may think validating a compiler is unnecessary, but the FDA says otherwise — section 6.3 of the FDA Guidance on General Principles of Software Validation discussion includes “off-the-shelf software development tools, such as software compilers, linkers, editors, and operating systems.”

The form of the required documentation is detailed in the Off-The-Shelf Software Use in Medical Devices guidance document.  Section 2.1 has the questions that the OTS software BASIC DOCUMENTATION needs to answer:

  1. What is it?
  2. What are the Computer System Specifications for the OTS Software?
  3. How will you assure appropriate actions are taken by the End User?
  4. What does the OTS Software do?
  5. How do you know it works?
  6. How will you keep track of (control) the OTS Software?
For most products (again, OTS tools and libraries, including open source products) this documentation is not as onerous as you might think.  #5 is where you apply the intended use validation to the specific product. I have done this for many products: Visual Studio,  Subversion/TortoiseSVN, NUnit, Log4Net, etc.  You also need to validate custom developed testing tools and fixtures.
Like it or not, this is the reality of developing FDA regulated software.

Brain Wave Monitoring Through the Extremities

Published on November 8, 2011 by Bob in EEG and HCI. 0 Comments Tags: , .

The recent Time Magazine article Thought Control (subscription required) describes what is essentially another brain-computer interface.  What’s novel about this device is that the EEG signal is monitored from dry electrodes on the arm or leg. The BodyWave® Brain Wave Monitoring (pdf) system developed by Freer Logic claims to allow measurement of brain wave activity away from the head:

BodyWave simply views brain energy as a field, collects the field energy as if the brain were a radio tower broadcasting from the brain and through the body.

For the purposes of teaching “stress control, increase attention, and facilitate peak mental performance”, this may well be an adequate method.  Not having to wear the more traditional EEG head gear is certainly an advantage.  Providing reliable control of computer interaction tasks via either “mind reading” method is not likely to happen any time soon (see Turning the Mind into a Joystick).

Finally Launched: Healthcare IT Q&A

Published on October 26, 2011 by Bob in General. 0 Comments Tags: , .

The new Healthcare IT Stack Exchange site is now open to the public.

Hopefully this thing will take off.  So go search, ask, answer, up vote,  and (yes) down vote when necessary. Also, don’t forget to tell your friends and colleagues.

We make our world significant by the courage of our questions and by the depth of our answers. – Carl Sagan

Guest Article: RFID Systems in Healthcare Institutions

Published on October 25, 2011 by Yedidia in Medical Devices and Technology. 3 Comments Tags: .

Patient, medication, and equipment asset tracking are critical functions for any healthcare organization.  Yedidia Blonder of Vizbee RFID Solutions, a company providing RFID solutions for healthcare applications and other industries, provides an introduction to RFID technology and its benefits.

What healthcare executive wouldn’t want a system that:

  • Helps nurses locate necessary equipment in seconds?
  • Ensures that only the mother of a newborn or a nurse could remove that baby from the nursery?
  • Makes sure patients don’t wander into staff only areas?
  • Lists inventory of all the medications in a large medicine storage area in minutes?
  • Ensures even equipment distribution across wings and prevents theft?
  • Tracks disinfection patterns of employees?

Enter RFID.

RFID (radio frequency identification) is a technology in which radio waves emitted from electronic tags identify them uniquely. The tags are often used to pinpoint the location of the object, or person, to which the tag is attached. This is different than barcode technology, which is usually used to identify an object as belonging to a larger category without individual identification. Barcodes also need to be read one-by-one from very close proximity, whereas RFID readers can read many tags with a single pass of an RFID reader a few meters away.

How does RFID work?

First you need the tags. RFID tags can be split into two main categories: active tags and passive tags. The active tags are battery operated and transmit their data periodically to readers. Their reading distance varies between a few meters to hundreds. Passive tags are much smaller (sometimes like a paper sticker) and do not transmit their data until being interrogated by a reader in their proximity. The passive tags’ reading distance can reach 2-3 meters. Passive tags are usually used for inventory purposes.

The readers consist of an RFID antenna connected to an RFID reader. They receive the data from the tags and then, in order to have a functioning system which will do all the above tasks, transmit the data to a software system which manages the received data.

When the system receives the data, it will both store it for immediate or later review by the healthcare staff, as well as act according to predefined rules set by the administrator. For example, in the case of preventing equipment theft, a rule could be set that if tags attached to pieces of expensive lab equipment go past the reader stationed near the exit to the lab, its signal will set off an alarm, alert important staff members, and lock the exits to that wing of the hospital.

How can RFID help a healthcare institution?

Keeping in mind the stunning figure of 15% of hospital equipment stolen annually as well as the damage that improper maintenance causes, RFID tracking can significantly diminish losses and increase efficient use of equipment. It can ensure that only the right person uses or moves any given piece of equipment, guarantee the correct quantities of a certain apparatus in a designated zone, enable the immediate and accurate location of any item, indicate which item is in use or available, and the list goes on.

RFID can also provide an accurate and comprehensive picture of the total amount of the organization’s inventory, including expiry dates and amount of usage, and provide real-time data on parameters such as temperature and moisture levels, providing alerts in the case of inappropriate conditions that could damage equipment and medications.

Add to this the capacity to track patient and staff movement and interactions with other people and objects – and your RFID healthcare system gives you your entire hospital at a glance, and alerts you to problems.

Implementing RFID systems.

RFID technology is also getting easier to customize. In the past, often RFID hardware would be programmed to work only with specific software. Recently, there have been advances in RFID technology enabling administrators to choose hardware and software independently according to the unique needs of each project. Parameterization tools built into the software can customize applications to specific projects while enabling the implementation of RFID projects in a very short time (days to weeks). You no longer have the time, expense and risk that come with developing software just for your project.

With RFID systems, managing healthcare institutions is getting easier, safer and more efficient.

Open Source Medical Device Connectivity

Published on October 2, 2011 by Bob in EMR, FDA, Interoperability and Medical Devices. 4 Comments Tags: .

In The Case for Open Source Healthcare IT John Zaleski uses the VistA open source software as a model for improving the medical device data gathering in order to produce a “more robust end product”.  On the whole, I could not agree more. Achieving this in such a diverse and fragmented community would be a real challenge, but it may indeed be a worthwhile path to pursue.

There was one item I’d like to comment on:

The challenge is, of course, regarding regulatory management of open source frameworks. To a large degree open source software is anathema to the FDA regulatory process–and it relates to control and management of access.

OSS detested or loathed by the FDA? I don’t think so. The open source framework itself would not be subject to regulatory control.  The FDA does not really care where any specific software component comes from.  Also, security and  access management are certainly important, but I’m not sure of their applicability at the device connectivity level.

The FDA cares about intended use, efficacy, and safety of medical devices. All FDA regulated software is subject to the same design controls (§820.30) — design, risk analysis, verification, validation, etc. I.e. any company that included these open source software components would ultimately be responsible for proving these processes are followed.

Shahid N Shah’s OSCon 2011 Talk: The implications of open source technologies in safety critical medical device platforms does a good job of detailing these points (Will the FDA accept open source in safety-critical system? Yes!) as well as presenting an OSS connectivity software architecture.

Turning the Mind Into a Joystick

Published on September 18, 2011 by Bob in EEG, HCI and Technology. 5 Comments Tags: , .

More “mind reading” hyperbole in today’s New York Times Magazine: The Cyborg in Us All.

I’ve talked about EEG-related technology many times in the past. Here are some quotes from the article:

This creates a pulse in his brain that travels through the wires into a computer. Thus, a thought becomes a software command.

We’re close to being able to reconstruct the actual music heard in the brain and play it.

… a “telepathy helmet” that would allow soldiers to beam thoughts to one another.

The NeuralPhone was meant to demonstrate that one day we might mind-control the contact lists on our phones.

The general public has two reactions when the lay press publishes this kind of stuff:

  1. I always knew this would come true. I.e. perpetuation of scientific fantasies.
  2. This is really scary stuff. I don’t want anybody reading my mind — or worse, controlling it.
If you know anything about the underlying techniques and algorithms you also know that “mind reading” and useful brain-controlled interfaces are a long way off.  Because the article fails to provide any sort of time-frame perspective, why won’t someone think these capabilities exist now.
The real problem I have with these kinds of articles is that this is important work that could potentially improve the quality of life for many disabled individuals.  Hyping it up to be something it’s not doesn’t help anyone.
One more quote:

“This is freaky.” And it was.

Huh? … I think the NYT needs to improve their editorial oversight.

 

Microsoft BUILD Conference

Published on September 16, 2011 by Bob in .NET and Microsoft. 0 Comments

Wow — talk about drinking from a fire hose. BUILD Conference news and opinions are everywhere.

Fun stuff. It’s going to take a while to digest all of this.

Third Annual Medical Device Connectivity Conference

Published on August 14, 2011 by Bob in FDA, Interoperability and Medical Devices. 0 Comments Tags: , .

This year’s Medical Device Connectivity Conference is less than a month away. It’s being held Sept. 8-9, 2010 in Boston.


In addition to the post-conference workshops, there is also a special preconference event: an open house at the Medical Device Plug and Play Interoperability program’s lab. September 7, from 4pm to 6pm attendees can tour the lab, interact with various demonstrations and chat with program staff.

Tim has put together another great conference.

Subscribe

Categories

Twitter Updates