February 10 - 11, 2025 | US Eastern Time: 10 AM to 3 PM | Central Europe Time: 4 PM to 9 PM


$1200 

Seminar Registration Options: *

Learn More


This comprehensive "SaMD Masterclass" will delve into the complexities of medical device validation, change management, and cybersecurity. This seminar addresses the challenges and intricacies of validating Software as a Medical Device (SaMD), offering insights into both traditional Computer System Validation (CSV) and the newer, risk-based Computer Software Assurance (CSA) as outlined in FDA’s draft guidance (September 2022). We'll guide you through each phase of validation—planning, requirements, testing, and maintenance—while emphasizing the importance of risk assessment and management, and the application of GAMP®5, Second Edition (July 2022).


Understand the critical aspects of maintaining a validated system through formal change control processes, typically documented in Standard Operating Procedures (SOPs). Effective vendor management, including audits and solid Service Level Agreements (SLAs), will also be covered to ensure clear responsibilities and accountability.


Cybersecurity is paramount in the development, manufacturing, testing, and distribution of SaMD products. This seminar will explore the severe threats posed by cyberattacks and the best practices for safeguarding medical devices against hacking attempts. We'll discuss the latest trends in cybersecurity, including SOC 2 certification, and how these can be integrated into your infrastructure to mitigate risks.


FDA trends indicate a high percentage of software recalls in the 1990s were due to software defects resulting from updates or patches. This seminar will discuss how FDA is collaborating with the industry to enhance the software development lifecycle for SaMD, incorporating standardization and improved controls.


Additionally, we'll explore IEC 62304, a risk-based compliance standard for medical device software development, which ensures that software applications are safe and reliable. Adopting IEC 62304 helps reduce software failure rates and supports both US and EU compliance.


WHY YOU SHOULD ATTEND:

Providing safe and effective medical devices is crucial for those involved in their development, manufacturing, testing, and distribution. One of the largest threats to these devices' functionality and safety is cyberattacks, which can compromise code and device performance. Preventing these attacks by identifying and mitigating threats is of utmost importance.


This seminar offers a detailed exploration of how cyberattacks impact medical devices and the current industry responses to these threats. You will learn the best practices for preventing and mitigating cybersecurity risks, ensuring your company's SaMD products remain secure and compliant.


KEY TAKEAWAYS:

  • Comprehensive Understanding: Gain knowledge on CSV and CSA, and their application in SaMD validation.
  • Effective Change Management: Learn how to maintain validated systems through structured change control processes.
  • Cybersecurity Insights: Understand the latest trends and best practices in cybersecurity for medical devices.
  • Compliance with IEC 62304: Adopt a lifecycle approach to ensure software safety and reliability.


This seminar is ideal for professionals in FDA-regulated industries, including pharmaceuticals, medical devices, biological products, animal health, and tobacco. It is particularly relevant for those involved in research and development, manufacturing, quality control, distribution, clinical testing, adverse events management, and post-marketing surveillance.


AREAS COVERED
WHO SHOULD ATTEND
  • Provide an overview of validation, and a comparison of Computer System Validation (CSV) and Computer Software Assurance (CSA)
  • Offer best practices to reduce validation effort and costs, such as leveraging vendor documentation, as appropriate
  • Offer the best approach to risk assessment and mitigation
  • Provide highlights of GAMP®5, Second Edition, and differences from the first edition
  • Provide guidance for meeting 21 CFR Part 11 compliance for electronic records and electronic signatures (ER/ES)
  • Provide guidance for meeting FDA’s Data Integrity Guidance issued in December 2018 that focuses on the “ALCOA+” principles
  • Offer a streamlined approach to managing Part 11 and data integrity compliance through validation and maintenance
  • Provide best practices for managing privacy data in compliance with worldwide regulations that differ 
  • Offer industry best practices for managing cyberthreats
  • Provide an overview of cybersecurity and guidance on medical device software
  • Provide an overview of IEC 62304 and compliance
  • Provide an overview of the most common problems faced by industry in terms of medical device security, efficacy, and safety
  • Provide industry best practices for developing, testing, releasing, and maintaining SaMD products in compliance with FDA
  • Gain an understanding of the importance of a vendor contract and Service Level Agreement (SLA) and what key areas to focus on



This seminar is intended for those working in the FDA-regulated industries, including pharmaceutical, medical device, biological and tobacco. Functions that are applicable include research and development, manufacturing, Quality Control, distribution, clinical testing and management, adverse events management and post-marketing surveillance.


You should attend this seminar if you are responsible for planning, executing or managing the implementation of any system governed by FDA regulations, or if you are maintaining or supporting such a system. Also, if you are developing and supporting software that is used in conjunction with a medical device, or is considered to be software as a medical device, you will benefit from this session. Examples of who will benefit from this seminar include:

  • Information Technology Analysts
  • Information Technology Developers and Testers
  • QA Managers and Analysts
  • Compliance and Audit Managers
  • Laboratory Managers
  • Automation Analysts
  • Computer System Validation Specialists
  • GMP Training Specialists
  • Business Stakeholders/Subject Matter Experts
  • Business System/Application Testers

This seminar will also benefit any consultants working in the life sciences industry who are involved in computer system implementation, validation and compliance.




AGENDA

DAY 1 (10 AM to 3 PM)

  • Identifying “GxP” Systems, and “SaMD” products
  • Current state of CSV approach based on FDA requirements
  • FDA’s Draft Guidance for Computer Software Assurance (CSA)
  • Transitioning from CSV to CSA for better quality results and greater efficiency
  • Risk-Based Approach to Validation Planning
  • GAMP®5, Second Edition (July 2022) and alignment with CSA
  • Maintaining a system in a validated state – holding the vendor accountable
  • Policies and procedures needed to support your validation process
  • Cybersecurity and SaMD products
  • Overview of IEC 62304 as it relates to cybersecurity and SaMD products
  • Q&A


 


DAY 2 (10 AM to 3 PM)

  • Agile approach to System Development Life Cycle (SDLC)
  • Pros and Cons of an Agile vs. Waterfall approach used to manage the SDLC of SaMD products
  • Agile continuous validation approach through automated testing
  • Cloud computing and Software as a Service (SaaS) systems
  • 21 CFR Part 11 Guidance for Electronic Records and Signatures (ER/ES)
  • FDA’s Data Integrity Guidance (2018) based on the “ALCOA+” Principles
  • Data Privacy Rules and Regulations worldwide
  • Recent Trends in FDA Compliance and Enforcement
  • Industry Best Practices for managing the SDLC for SaMD products
  • Q&A




Course Director: CAROLYN TROIANO

Carolyn Troiano has more than 30 years of experience in computer system validation in the pharmaceutical, medical device, animal health, tobacco and other FDA-regulated industries. She is currently an independent consultant, advising companies on computer system validation and large-scale IT system implementation projects.

During her career, Carolyn worked directly, or on a consulting basis, for many of the larger pharmaceutical companies in the US and Europe. She developed validation programs and strategies back in the mid-1980s, when the first FDA guidebook was published on the subject, and collaborated with FDA and other industry representatives on 21 CFR Part 11, the FDA’s electronic record/electronic signature regulation.

Carolyn has participated in industry conferences. She is currently active in the PMI, AITP, and RichTech, and volunteers for the PMI’s Educational Fund as a project management instructor for non-profit organizations.