Training on regulations concerning health care information systems begins
“The training offers participants an overall view of the standardisation of health care information technology. The training also introduces the regulations related to the production of health information systems. If the aim is to sell Finnish products abroad as well, it pays to be informed about international standards,” says Research Director Alpo Värri, a teacher in the course.
Students can take the course completely remotely and study along a day job. The course is designed with the needs of working life and adult learners in mind. The course is part of the broader Health technology solutions - product development and commercialization study unit, but it can also be completed separately.
The application period will run until 3 January 2021 and the studies will begin on 12 January. Further information on the course and a link to registering in the course.
Regulations and decrees regarding health care systems and medical devices have changed in recent years. In addition to the EU’s General Data Protection Regulation, there have been changes in the legislation on health care solutions since the EU regulations on medical devices and in vitro diagnostic devices entered into force in spring 2017. These new European regulations (EU 2017/745 and 2017/746) apply to health care devices, supplies and software.
“The regulations have been changed so that increasingly many software require the approval of an external inspection body instead of in-house monitoring,” Värri says.
If a health care software is classified as a medical device, its manufacturing process must meet certain requirements when launched on the European market. Compliance with the requirements must be considered in product development. The transition period for the medical devices regulation (MDR) will end in May 2021 and for in vitro diagnostic devices (IVDR) in May 2022.
Knowledge of standards is also important for system interoperability. Users need to be aware of these issues so that they can formulate invitations to tender and purchase software and systems while ensuring that the systems meet regulatory and customer requirements for interoperability and information security.
Organisational responsibility and value judgement are also involved.
“A responsible operator considers the data protection and data security provisions throughout the life cycle of their products, which may pay off in the future, for example, when businesses change hands. A responsible organisation gets ready for regular monitoring and keeps a record of it,” says Sandra Liede, a lawyer at the Finnish Health Technology Association.
Specialist Minna Veiranto, minna.veiranto [at] tuni.fi