Interactive Workshop Day

Tuesday May 17 2022

9:00am - 10:30am | Workshop A: Compliant Integration of Third-party Computing Technologies

How to design safe & effective devices that leverage cloud computing, patient-owned smartphones, AI/ML & other modern computing technologies that you don’t control

From AI/ML to smartphones to cloud computing to web services, MedTech faces a growing imperative to leverage these technologies to support the core functions of a regulated medical device. The vendors creating and operating these new technologies have an admirable focus on continuous improvement, but their approach often isn’t compatible with MedTech’s traditional approaches to regulated change management. We can no longer ignore this uncomfortable truth. Instead, we need to adapt to a new set of architectural approaches, best practices, and systems thinking, embracing a more modern approach to device safety and the meaning of the validated state. Join us for a highly interactive workshop where participants break out into teams and use a hypothetical but realistic case study of a connected medical device that uses several modern third-party computing technologies to perform different regulated functions. This workshop builds on multiple streams of work being conducted under AAMI’s auspices, as well as independently by the workshop leaders, including:

  • CR:510(2021): Appropriate Use of Public Cloud Computing for Quality Systems and Medical Devices. Baird and Horton co-chaired this CR effort, and Kappe served as a member of the team that wrote the CR.
  • The new AAMI Technical Information Report (TIR) that continues to develop the ideas first published in the Cloud Computing CR
  • AAMI SM-SG10 – Cloud Computing WG

Workshop Leaders:

Pat Baird

Pat Baird
Head of Regulatory & Global Software Standards

Randy Horton

Randy Horton
Co-Chair, Software Mgmt Working Group 10 and TIR 115

11:30am - 1.00pm | Workshop B: Journey & Learnings from Waterfall to Agile in Medical Device Software Development

In a high paced changing world where the regulated healthcare companies needs to adapt quickly to market needs, processes and structures of organizations struggle to keep up with the demands. Changing existing solution development model to a scalable agile framework requires cross functional collaboration and a deep understanding of the underlying lean-agile principles. Such a change is not limited to software engineering but to the entire organization (including product management, Quality Assurance, Regulatory, etc). What are the top challenges and top gains for such a paradigm shift for medical device software companies?

Join this workshop to:

  • Apply lean-agile principles to existing organizational setups
  • Learn about testing challenges and how to overcome them in a regulated environment
  • Build a scaled agile solution development in an internationally distributed organization
  • Increase efficiency to generate effective outcomes

Workshop Leader:

Karl Fleisher

Karl-Heinz Fleischer
Senior Agile Transformer
GE Healthcare




2:00pm - 4:00pm | Workshop C: Cybersecurity for Connected Devices

The cybersecurity of connected medical devices is one of the biggest challenges facing healthcare today. The compromise of a medical device can result in severe consequences for both patient health and patient data. This workshop covers aspects of medical device cybersecurity, with a focus on cybersecurity capability development and maintenance, system and software threat modelling, secure design of medical devices, vulnerability management, and integrating cybersecurity design aspects into a medical device manufacturer’s Quality Management Systems (QMS):

Join this workshop to:

  • Lay out clear guidelines for how to build a medical device cybersecurity program through the development of capabilities
  • Discuss different regulatory requirements of cybersecurity and how to incorporate them into a Quality Management System

Workshop Leader:


Arnab Ray
Director, Product Cybersecurity