We use modern development practices to document the code and the APIs exposed by our microservices. We use tools to automatically generate developer portals. Is this enough when developing software used in a regulated domain?
This talk introduces the audience to the particularities of developing medical device software and the regulatory landscape that you must comply with. I’ll focus on the processes and culture that facilitate compliance, without damaging the team velocity and spirit.
What Goes Wrong with Language Definitions and How to Improve the Situation
Delivering Features at High Velocity in Regulation Intensive Environments
1. Delivering Features at High Velocity in
Regulation Intensive Environments
Vlad Știrbu
CompliancePal
Nordic APIs Platform Summit, Stockholm
23.10.2018
2. CompliancePal
What is regulation intensive environment?
Organizations have to adhere to laws,
regulations, guidelines and specifications
relevant to their business.
3. CompliancePal
Laws and regulations
HIPAA: Health Insurance Portability and Accountability Act
GDPR: General Data Protection Regulation
MDR: Medical Device Regulation
6. CompliancePal
Software safety classification
death or serious injuryC
thorough design documentation
and testing
non-serious injuryB design documentation and testing
no injury or damage to healthA
design documentation and testing
not required
9. CompliancePal
Manifesto for agile software development
Individuals and interactions over processes and tools
Working software over comprehensive documentation
Customer collaboration over contract negotiation
Responding to change over following a plan
13. CompliancePal
“transition... tasks from being implicitly
performed to explicitly scheduled”
Does Agile Kill Innovation, Jan Bosch
https://www.linkedin.com/pulse/does-agile-kill-innovation-jan-bosch/