Do you work in the medical device industry?

This practical course provides you with the key knowledge to understand and correctly apply the software lifecycle process under IEC62304, one of the pillars of current regulatory compliance for medical devices that incorporate software.

• Format:
  • In-person: 8 hours over 2 days
  • Online: 4 hours over 1 day
• Certificate of attendance
• Access to course teaching materials

Course contents

1. Safety Classification under IEC62304
2. Software Development Process. Stages based on classification
3. Software Maintenance Process
4. Configuration Management Process
5. Problem Resolution Management Process
6. Risk Management Process
7. Case studies
8. Questions – What have we learned?
9. Conclusions

Who is it aimed at?

This course is designed for healthcare professionals involved in the development, verification, validation, or regulation of products that incorporate software, including:

• SW engineers
• R&D engineers and technicians
• Quality managers
• Regulatory affairs specialists
• Consultants or manufacturers who prepare technical documentation
• Any professional involved in technical documentation

By the end of the course, you will be able to…

• Learn how to classify software at both the product and component levels.
• Understand the processes to be established in order to properly implement the life cycle of a software product.
• Understand the stages of the life cycle of a software medical device product.
• Apply what you have learned through practical cases and reflect on your understanding.

Why SQS Software Quality System?

• Training delivered by software and regulatory experts
• Case studies + downloadable material
• Clear, direct approach that can be applied from day one
• Small groups and personalized attention

Do you work in the medical device or in vitro diagnostics sector and want to master risk management according to MDR/IVDR and ISO 14971?

This practical course will provide you with the skills you need to plan, execute, and document a rigorous Risk Analysis, one of the pillars of safety and regulatory compliance.

Format: In-person and live online
Duration: 4 hours
Certificate of attendance
100% focused on ISO 14971 and MDR/IVDR requirements
Access to course teaching materials

Course contents

1. Introduction
   Description of the scope of training and review of general concepts according to ISO 14971:2019.
2. Risk management
   Structure and key tools: risk file, internal procedure (QMS), management plan, general process and its stages.
3. Risk analysis
   Methodology for identifying hazards: types of analysis (FMEA, HAZOP, etc.), intended use vs. misuse, safety features, and risk estimation.
4. Risk assessment
   Acceptability criteria and development of the benefit-risk balance.
5. Risk control
   Design and implementation of mitigation measures, verification of their effectiveness, assessment of residual risk, and analysis of new risks introduced.
6. Overall residual risk assessment
   Consolidated review of the risk level after applying all control measures.
7. Risk management review
   Frequency, responsible parties, and procedures for continuously updating your risk documentation.
8. Production and post-production activities
   Collection and analysis of actual usage data, review of findings, and implementation of corrective and preventive actions.
9. Examples and case studies
10. Reference resources
    – Standards, MDCG guidelines, and specialized literature.

Who is it aimed at?

Professionals involved in:

• Quality Management and Product Engineering
• Regulatory Affairs
• R&D and device validation
• Consulting and preparation of technical files
• Post-market surveillance teams

By the end of the course, you will be able to…

• Interpret the requirements of ISO 14971 in the context of the MDR/IVDR.
• Plan and document a robust Risk Management Plan.
• Apply practical techniques for hazard identification and assessment.
• Define and verify effective controls to minimize risks.
• Integrate Risk Analysis into your Technical File and your quality system.
• Monitor and update your Residual Risk after commercialization.

Why SQS Software Quality System?

• Accredited experts in regulation and risk management.
• Practical approach: real cases and downloadable material.
• Small groups for maximum interaction.
• Content updated with the latest interpretations of MDR, IVDR, and ISO 14971.
• Post-course advice to answer your questions about application.

Sign up now and guarantee the safety, quality, and compliance of your medical devices with a flawless Risk Analysis.

Do you work in the medical device industry?

This practical course provides you with the key knowledge to understand and correctly apply the usability engineering process in accordance with the EN62366-1 standard.

• Format: In-person and live online
• Duration: 4 hours
• Certificate of attendance
• Access to course teaching materials

Course contents

1. Introduction
2. Key definitions and concepts
3. Usability principles
4. Usability engineering process
5. Case studies
6. Questions—What have we learned?
7. Guidelines, standards, and reference resources
8. Conclusions

Who is it aimed at?

This course is designed for professionals in the medical device sector who are involved in development, verification, validation, or clinical or performance evaluation, including:

• Regulatory Affairs Specialists
• Quality Managers
• Clinicians and research staff
• R&D engineers and technicians
• Consultants or manufacturers who prepare technical files
• Any professional involved in documentation

By the end of the course, you will be able to…

• Understand the regulatory framework
• Integrate usability engineering
• Define user profiles
• Analyze usage risks
• Design usability tests
• Prepare usability documentation

Why SQS Software Quality System?

• Training delivered by experts in medical devices
• Case studies + downloadable material
• Clear, direct, and applicable approach from day one
• Small groups and personalized attention
• Updated with the latest interpretations of the regulation

Duration: 2 hours

In this webinar, we will provide an introduction to the application of artificial intelligence in medical devices.

Block 1: Regulatory strategy. MDR/IVDR and AI Act

Block 2: Introduction to artificial intelligence

Block 3: Life cycle of medical devices containing AI

Block 4: Introduction to the validation and verification of medical devices containing artificial intelligence

This course provides a solid understanding of the STRIDE threat model and its specific application in the field of connected medical devices. Through practical examples and case studies from the healthcare sector, you will learn to identify, analyze, and mitigate cybersecurity threats in medical systems, complying with FDA and MDR/IVDR regulations.

• Format: Online
• Duration: 1 hour
• Certificate of attendance
• Access to course materials

Course contents

1. Introduction to cybersecurity in medical devices
2. Fundamentals of the STRIDE model
3. Methodology for applying STRIDE
4. Risk assessment and prioritization
5. Mitigation controls and best practices
6. Tools and resources

Who is it aimed at?

This course is designed for professionals in the diagnostics sector who are involved in the development, verification, validation, or regulation of IVD products, including:

• SW or hardware engineers in the medical sector
• Cybersecurity professionals
• R&D engineers and technicians
• Quality managers
• Regulatory affairs specialists
• Manufacturers or auditors who prepare technical files
• Any professional involved in technical documentation

By the end of the course, you will be able to…

• Understand and implement the STRIDE model in the context of medical devices.
• Identify specific threats to connected medical systems and classify their impact.
• Create detailed threat models with appropriate DFDs.
• Integrate threat management into device design, development, and maintenance processes.
• Align your analysis with relevant regulatory standards for the medical industry.

Why SQS Software Quality System?

• Training delivered by experts in software, cybersecurity, and regulation
• Case studies + downloadable material
• Clear, direct, and applicable approach from day one
• Small groups and personalized attention
• Updated with the latest interpretations of the regulation

This practical course provides you with the key knowledge to understand and correctly apply the technical verification and validation process, one of the pillars of current regulatory compliance.

• Format: Online
• Duration: 2 hours
• Certificate of attendance
• Access to course teaching materials

Course contents

1. Secure software lifecycle: Premarket and Postmarket
2. Threat, Risk, and Requirements Model
3. Threat Model Tool
4. Defense-in-Depth Architecture
5. Secure Design
6. Secure Coding Standards
7. System Testing
8. Software Release
9. Case Studies
10. Questions—What have we learned?
11. Guidelines, Standards, and Reference Resources
12. Conclusions

Who is it aimed at?

This course is designed for healthcare professionals involved in the development, verification, validation, or regulation of products that incorporate software, including:

• SW engineers
• R&D engineers and technicians
• Quality managers
• Regulatory affairs specialists
• Consultants or manufacturers who prepare technical documentation
• Any professional involved in technical documentation

By the end of this course, you will be able to…

• Understand the purpose and scope of IEC 81001-5-1 in the context of health system software.
• Identify and apply key principles of information security and cybersecurity in the development and maintenance of clinical software.
• Describe the software life cycle according to IEC 81001-5-1 and how it integrates with other relevant standards (such as IEC 62304, ISO 14971, ISO 27001).
• Apply security requirements from the design stage (“Security by Design”) and demonstrate how to incorporate them into the development process.
• Assess medical software security risks at different stages of the life cycle.
• Implement appropriate security controls to protect the confidentiality, integrity, and availability of healthcare software.
• Adequately document processes and activities to demonstrate regulatory compliance.
• Analyze threat and vulnerability scenarios using frameworks defined in the standard.

Why SQS Software Quality System?

• Training delivered by experts in software, cybersecurity, and regulatory affairs
• Case studies + downloadable material
• Clear, direct, and applicable approach from day one
• Small groups and personalized attention

Do you work in the medical device industry?

This practical course provides you with the key knowledge to understand and correctly apply the technical verification and validation process, one of the pillars of current regulatory compliance.

• Certificate of attendance
• Access to course teaching materials

Course contents

1. Introduction to IT Security
2. Fundamentals of Networks and Protocols
3. Vulnerability Analysis
4. Penetration Testing (Pentesting)
5. Vulnerability Scanning
6. Web Application Testing

Who is it aimed at?

This course is designed for professionals involved in the development, verification, validation, or regulation of IVD products, including:

• SW engineers
• IT professionals who wish to specialize in cybersecurity
• Security auditors or consultants

Recommended prerequisites

• Basic knowledge of networks and operating systems
• Familiarity with the command line (Linux and/or Windows)

By the end of the course, you will be able to…

• Understand the entire vulnerability analysis and penetration testing process.
• Use specialized tools to detect and exploit vulnerabilities.
• Identify security risks in networks, servers, and web applications.
• Apply recognized methodologies (OWASP, OSSTMM, MITRE ATT&CK).
• Prepare technical reports with findings and recommendations
• Perform a basic pentest ethically and professionally in controlled environments

Why SQS Software Quality System?

• Training delivered by software and cybersecurity experts
• Case studies + downloadable material
• Clear, direct, and applicable approach from day one
• Small groups and personalized attention