Duncan Cameron

View Profile

Contact Duncan Cameron

Software Medical Device Consultant

Status: Available 4 days p/week from early April 2023
Location: Oxford
Desired location: Fully Remote,Hybrid,Oxfordshire
Basic salary: Rate dependant on task and commitment. Range from £100-160 p/hour (inclusive of agency fees) +VAT
Exp. years: 25 years
Specialisms: software, regulatory, quality, risk management, security, privacy
Job Type: Contract
Availability: Available 4 days p/week from early April 2023
Overview:

Providing advice on regulatory strategy for SaMD and healthcare software Consultation on regulatory pathways and finding routes to market, as well as helping to create strategies for growth and adoption of quality, privacy and security processes as businesses adapt and expand.

Providing advice and help in implementing, maintaining and improving business management systems - Consultation and assistance in the implementation of policies and processes, staff training and internal auditing activities across quality, security, privacy and business continuity management systems.

Preparing regulatory filings under UK, EU and US medical device regulations - Assistance planning software medical device design, clinical evaluation and filing activities as well as offering support in creating design documentation and regulatory filings.

Technical planning and implementation - Helping to plan technical solutions to quality management and software production problems and providing technical support in commissioning, integrating and customising systems such asAtlassian Confluence and Jira, theGoogle suite, Microsoft 365, and other off the shelf eQMS and design tools.

Labelling and user documentation - Advice on product labelling and instructions for use, providing regulatory review of labelling and writing user documentation if needed.

Supporting regulatory roles - Acting as PRRC where required, to a Manufacturer orAuthorised Representative, as well as handling registration with and reporting to regulators.
 

Regulatory and Standards Compliance

  • Detailed knowledge of the UK Medical Device regulation 2002, EU Medical Device Directive 93/42/EC and EU Medical Device Regulation 2017/745
  • Knowledge of the U.S. Quality System Regulation (21 CFR 820)
  • Creation and management of medical device technical documentation for CE marking and UKCA marking for SaMD
  • FDA De Novo application and 510k clearance of novel SaMD
  • Creation and management of ISO 13485 and 21 CFR 820 compliant quality management systems
  • Medical device clinical and cybersecurity risk management (ISO 14971, IEC 80001-1 and -2, ISO/TR 80002-1)
  • SaMD development (IEC 62304, IEC 62366-1)
  • Clinical evaluation (MEDDEV 2.7/1, ISO 14155, UK REC approval, basic knowledge of IRB approval)
  • Labelling and instructions for use (ISO 15223-1, ISO 20417) and eIFUs (EU regulations 207/2012 and 2021/2226)
  • Creation of ISO 27001 and ISO 27701 compliant information security and privacy information management systems
  • Knowledge of ISO 22301 based business continuity management systems
  • HIPAA and HITECH compliance of security and information management systems, supporting signing of BAAs
  • Knowledge of UK DPA and UK/EUGDPR, with experience as DPO in a complex data controller and processor environment
  • Knowledge of the EU and UK Network and Information Systems Regulations (the NIS Directive, DSP Directive and UK NIS Regulations) and compliance with the ENISA technical guidelines for DSPs
  • Implementing NHS standards compliance (NHS DCB0129 Clinical Risk Management, Data Security and ProtectionToolkit, DTAC)
  • Knowledge of Web ContentAccessibilityGuidelines (WCAG) and the EU web accessibility directive
  • Knowledge and experience of UK Cyber Essentials and Cyber Essentials Plus


Quality Management

  • Principal ISO 13485 and CE marking audit representative, from stage 1 and 2, through full certification cycles
  • Creating and maintaining policies, processes and procedures
  • Vigilance activities including MIR, FSCA, HHE and communicating with CompetentAuthorities
  • Management and registration of economic operators in the UK and EU
  • PMS report and PSUR writing
  • Creation and management of training and competence systems and resources


Security and Privacy Information Management

  • Principal ISO 27001 audit representative, from stage 1 and 2, through full certification cycles
  • Creating and maintaining policies, processes and procedures
  • Creation and management of training and competence systems and resources


Software and DevelopmentTools

  • Support and development ticket management systems (ZenDesk,Jira,Gitlabs)
  • Wiki and knowledge management systems (Confluence, and other wiki systems)
  • Microsoft tools (Sharepoint,Teams, Flow), including configuration of automated Flow configurations
  • Google tools including scripting, customisation and some administration
  • Source code control systems (Git, Subversion, Mercurial)
  • CI/CD systems (Jenkins,Gitlabs Runners)
  • Electronic signature tool introduction and configuration (DocuSign)
  • Cyber security feeds and databaseAPIs (MS-ISAC, CISA, NIST NVD)
  • Previous extensive experience of C++ application andGUI implementation (15 years)
  • Experience with shell scripting and Python
  • Some experience Javascript development stacks (Javascript, node.js, SQL)
  • Windows and Linux development experience
View All Profiles