The International Medical Device Regulators Forum (IMDRF) has finalized technical documents offering guidance on cybersecurity, personalized devices, and conformity assessment bodies, as reported in Regulatory Focus.


In its 46-page guide for medical device cybersecurity, IMDRF discusses general principles and practices for device cybersecurity, as well as pre- and postmarket issues for device makers, regulators and other stakeholders to consider.
“Convergence of global healthcare cybersecurity principles and practices is necessary to ensure that patient safety and medical device performance is maintained. To date, however, current disparate regulations across governments lack the global alignment needed to ensure medical device cybersecurity,” IMDRF writes.

Personalized Medical Devices

For personalized medical devices, IMDRF presents a harmonized approach to applying existing regulatory pathways to personalized medical devices and discusses special considerations for regulating different types of personalized devices.
In light of advances in additive and subtractive manufacturing and 3D modeling, which have allowed for the proliferation of more complex personalized devices, IMDRF says a harmonized regulatory approach is needed to ensure adequate regulatory oversight while reducing compliance costs and improving patient access.

Conformity Assessment Bodies

IMDRF’s 26-page technical document provides recommendations for the requirements regulators should have for recognizing conformity assessment bodies that conduct regulatory reviews for medical devices.
The document is meant to be read alongside another IMDRF document, Competence, Training, and Conduct Requirements for Regulatory Reviewers, and IMDRF says it plans to develop additional documents addressing assessment and recognition for medical device marketing reviews in the future.
“This collection of IMDRF GRRP documents will provide the fundamental building blocks by providing a common set of requirements to be utilized by the regulatory authorities for the recognition and monitoring of entities that perform regulatory reviews and other related functions,” IMDRF writes.

Read more from Regulatory Focus.