SlideShare une entreprise Scribd logo

Understanding IEC 62304

MethodSense, Inc.
MethodSense, Inc.

What do hospital beds, blood pressure cuffs, dosimeters, and pacemakers all have in common? They are all medical devices with software that regulates their functionality in a way that contributes to Basic Safety or Essential Performance. With the FDA reporting that the rate of medical device recalls between 2002 and 2012 increased by 100% – where software design failures are the most common reason for the recalls – it’s no wonder IEC 62304 has been implemented. Its implementation, however, has medical device manufacturers asking questions about if, when and under what circumstances the standard is required. This article explains what IEC 62304 is, when medical devices must comply with it and how IEC 62304 compliance is assessed.

Business
1  sur  8
Télécharger pour lire hors ligne
Understanding IEC 62304 Co-authored by MethodSense, Inc. and Medical Equipment Compliance Associates, LLC www.methodsense.com | 919.313.3960
delivering breakthroughs within the life sciences © 2014 MethodSense, Inc. Understanding IEC 62304 By: Rita King, Chief Executive Officer, Methodsense, Inc. and Alex Grob, Chief Biomedical Engineer & Quality Manager, Medical Equipment Compliance Associates, LLC What do hospital beds, blood pressure cuffs, dosimeters, and pacemakers all have in common? They are all medical devices with software that regulates their functionality in a way that contributes to Basic Safety or Essential Performance. With the FDA reporting that the rate of medical device recalls between 2002 and 2012 increased by 100% – where software design failures are the most common reason for the recalls – it’s no wonder IEC 62304 has been implemented. Its implementation, however, has medical device manufacturers asking questions about if, when and under what circumstances the standard is required. For starters, what is IEC 62304? IEC 62304 is the international standard that defines software development lifecycle requirements for medical device software. The standard was developed from the perspective that product testing alone is insufficient to ensure patient safety when software is involved. The standard requires all aspects of the software development life cycle to be scrutinized, including: • Development • Risk management • Configuration • Problem resolution • Maintenance The standard provides a common framework for medical device manufacturers to develop software. Conformance with this standard provides evidence that there is a software development process in place that fulfills the requirements of the Medical Device Directive. Because it has been harmonized with the Medical Device Directive in the EU and Recognized as a Consensus Standard by the FDA in the US, IEC 62304 can be used as a benchmark to comply with regulatory requirements in both markets. To date, this standard has been recognized in most countries that use compliance standards to fulfill regulatory requirements. When is IEC 62304 compliance required? One of the most commonly asked questions of test labs is, “Is compliance with this standard required?” Technically, the answer is “no” because compliance with the standard is voluntary. But, in practice, the answer is “yes.” Read on for greater clarification.
delivering breakthroughs within the life sciences © 2014 MethodSense, Inc. Since most medical devices in today’s market contain some type of software, manufacturers must determine under which circumstances IEC 62304 is required. These include: • FDA regulatory compliance with IEC 60601-1 Amendment 1 • Reliance upon software to perform Basic Safety functions • Reliance upon software for Essential Performance If your device falls into any of the above categories, you must have evidence that the software development process used is as good as, or better than, the process presented in IEC 62304. Complying with 62304 enhances the reliability of your device’s software by requiring attention to detail in design, testing and verification, ultimately improving the overall safety of the medical device. Does your device have to meet IEC 60601-1 requirements? The EU has been using IEC 62304 since 2008, but it has gained even more traction with its incorporation into the third edition of IEC 60601-1’s Amendment 1. The inclusion of Amendment 1 shifted the standard from a recommendation to a requirement if your device utilizes software. For those who design or manufacture electromedical equipment, 60601-1 is one of the most important safety and performance standards to meet. The standard addresses critical safety issues, including electrical shocks and mechanical hazards, such as pinching, crushing, and breaking. Devices that must meet IEC 60601-1 requirements include those which: • Diagnose, treat, or monitor the patient under medical supervision • Make physical or electrical contact with the patient • Transfer energy to or from the patient; and/or • Detect such energy transfer to or from the patient. 60601-1 Clause 14 requires manufacturers to comply with IEC 62304 unless the device’s software has no role in providing basic safety or essential performance or risk analysis demonstrates that a failure of any Programmable Electronic Safety System (PESS) does not lead to an unacceptable risk. What role does Basic Safety play? Basic safety is the main focus of IEC 60601-1. It’s important that you conduct a risk analysis to identify your device’s level of unacceptable risk and determine the role of software in risk mitigation. This analysis will determine the applicable basic safety requirements for your device, and, for some requirements, the test parameters that need to be used by the test laboratory. A Common Mistake… The most common mistake that medical device manufacturers make is that they do not always assess which elements of risk their software mitigates. These are the elements that must be addressed by IEC 62304. For example, what would happen if the creator of a hoist didn’t properly vet the software that signaled the hoist to lower the patient at a certain speed? If a patient were lowered to quickly – or not at all – there would be a risk management nightmare. Since software plays a role in the Basic Safety functions of the hoist, it must comply with 62304’s requirements.
delivering breakthroughs within the life sciences © 2014 MethodSense, Inc. In conjunction with IEC 60601-1, 62304 is intended to minimize the occurrence of these situations. When device software is mitigating a known potential hazard, ensuring that the code is developed properly is critical for the management of patient safety, as well as liability to the manufacturer. Does your software impact Essential Performance? It can be difficult to determine if a device’s software is tied to its Essential Performance (EP), especially because the definition of EP has been widely debated for years. Thankfully, the definition and requirements for Essential Performance changed with Amendment 1 of IEC 60601-1 to help provide more clarity. Determining Essential Performance begins with a list of all functional aspects of your device, including accuracy, measurements and its capabilities. Once you identify these items, determine whether any of these are already covered by the Basic Safety requirements of IEC 60601-1 or whether any item is not part of the device’s intended use. Then, and this is key, every item remaining gets posed the question, “If this item degrades, will it create a risk for the patient?” If the answer is yes, you must identify how its functionality must be maintained so the risk is still acceptable. This is your Essential Performance. A good example to help clarify the impact of Essential Performance on IEC 62304 is accuracy. Consider a device that claims its EP is accurate within 5%. If the device is relying on software to maintain that accuracy or provide an alert when outside of 5%, and that software fails, then the manufacturer will be unable to detect if the device’s Essential Performance is being met. This means the software is providing Essential Performance. Once you know your device software is responsible for Essential Performance, you must comply with IEC 62304 to ensure there is no unacceptable risk to a patient. What are common scenarios manufacturers miss? There are several situations that manufacturers often don’t realize require compliance with IEC 62304. These product features can create major headaches and costly delays if they are not properly developed. These scenarios include:
delivering breakthroughs within the life sciences © 2014 MethodSense, Inc. Alarms & Alerts Alarms are often an Essential Performance requirement because they are intended to detect abnormalities. If the alarm was removed, the device would no longer meet it’s performance requirements, making the risk unacceptable. Software is used to detect the issue, instigate the alarm and make the sound. Speed & Position Sensors These sensors are in place to address Basic Safety concerns. For example, a hospital bed has a position sensor to keep it from crushing the operator’s foot and mammography has sensors to gauge compression. Devices like these use software to limit range of motion, speed and force. Algorithms Algorithms are frequently used with physiological monitoring. If the software is removed, the device is no longer able to operate as intended, resulting in the algorithms being part of Essential Performance. It is important to note that these situations apply to the patient, operator or service personnel. How is compliance assessed? Once you know you must comply with IEC 62304, how do you go about preparing for it? To start, know that compliance with this standard is defined as implementing all of the processes, activities and tasks identified in the standard in accordance with the software safety class. 62304 itself does not prescribe a particular organizational structure or specific format for documentation, however. Compliance is determined by a review of all required documentation, including the risk management file. The logical first step toward achieving compliance is to assess risk management as seen in IEC 60601-1. This includes: • Defining your operational and manufacturing processes • Documenting and assessing operational risks • Defining controls Once your risk management file is complete, your next step is to review the requirements for IEC 62304. Make sure all required elements are defined and met in your procedures. Then, you’re ready to compile your documentation and submit it to your test lab. The test lab will review your documentation against a Test Report Form. They will comb through each step and verify you are including requirements in your procedures. If it has been decided that the software performs Basic Safety or Essential Performance for your device, the lab will conduct a product review. Alarms & Alerts, Speed & Position Sensors and Algorithms are components that are often missed by manufacturers. They all use software for Basic Safety and Essential Performance functions… requiring IEC 63204 compliance.
delivering breakthroughs within the life sciences © 2014 MethodSense, Inc. The lab will only review the segments of your software development process that apply to Basic Safety and Essential Performance. When the review is complete and approved, you’ll receive a compliance report. If you’ve failed any areas, they will be noted, allowing you to make corrections. If you passed, you are able to move forward with your other regulatory commitments, such as obtaining a 510(k) for the US market or CE Marking for Europe. What are some key pitfalls to look out for? Well-documented Processes When meeting the requirements of IEC 62304, there are areas you would benefit from paying close attention to. The most critical is making sure you have clearly defined processes for your company and your software development lifecycle in particular. IEC 62304 identifies several expectations related to the information that should be included in your software development lifecycle procedures. If your processes are not well documented, you will have a lengthy, costly process ahead of you. Document management is essential for meeting compliance goals. The SOUP Can The next most difficult issue is SOUP, and we’re not talking about chowder or minestrone here. SOUP is an acronym for Software of Unknown Provenance (or Pedigree). This is software you did not develop and have limited knowledge as to how it was created. Think of when an operating system, such as Windows, sends you updates and how your device’s software interacts with them. While test labs don’t expect you to be able to explain the development process of your SOUP manufacturer, you will have to identify how your software relies on SOUP to function. You must identify if SOUP contributes to any unacceptable risk. In your software development process, you will need a plan for how you will handle the SOUP. It’s recommended that you build your software around SOUP in a way that enables your device to operate properly in the event that it (the SOUP) causes your software to fail. Unfortunately, many developers and device manufactures neglect to consider the impact of SOUP. Software Partitioning The certifying body reviewing your device will only look at software partitioned around your Essential Performance and Basic Safety. However, if you’ve not taken the time to partition the code well, they will have to apply the principles of IEC 62304 to your entire code. Partitioning makes for a faster review process and minimizes your compliance risks. This is something to consider at the onset of your development process, as well as when your software undergoes changes over time. Document Development While software developers know what they are doing when it comes to writing code, that doesn’t mean they know what they are doing as it relates to medical devices. Documenting the software lifecycle as the code is created makes for a much smoother, more accurate process than trying to remember how the software was developed after the fact. All too often, software developers are unaware of the scope of documentation required for medical devices. This is particularly critical because over the last couple decades software development methodologies have been evolved and many of the emerging methodologies place less emphasis on documentation and more emphasis on rapid development. So, the key to the software development process is the management of a software development methodology that creates the efficiency the company is looking for with the accountability that the IEC 62304 is expecting.
delivering breakthroughs within the life sciences © 2014 MethodSense, Inc. Version Control & Updates The chance of your software requiring updates or version changes is pretty likely, and changes conducted after achieving compliance are often forgotten. When you create your software development lifecycle process, be sure to include how these are defined including how you maintain your software in a validated state. Keep in mind that when changes are made to your software, additional testing may be necessary. What about non-compliance? If you get caught in any of the abovementioned pitfalls, you can expect that you will not be in compliance. You will either not receive a report at all, or will receive a report that says you failed somewhere in IEC 60601-1 or IEC 62304. Because the standards are voluntary, you don’t necessarily have to make product changes if you fail. You can choose to not comply. However, for each “fail,” you will be required to provide justification for each deviation. If you have valid justification, your device should still attain regulatory approval from the FDA or in the EU, although developing this justification can be a lengthy process in itself. The reality is these standards are here to stay, especially as software becomes an even more influential medical device component. Summation Based on our experience, when seeking CE Marking, Notified Bodies try to create a level of consistency with their reviews. Thus, it has become more and more difficult to convince a Notified Body that you don’t have to comply with IEC 62304 when it is clear the role of software in your medical device contributes to Essential Performance. Attempting to take the path of “justification” will likely add more time to your process, and you may find yourself needing to complete IEC 62304 in the long run. Our recommendation is to avoid loopholes that don’t really exist and to go through the process of meeting IEC 62304 requirements. Not only will this be more effective for meeting commercialization goals, but it will prove you stand behind the safety of your device.
delivering breakthroughs within the life sciences © 2014 MethodSense, Inc. About the authors MethodSense is a life science consulting firm with offices in the US and Europe. They guide medical device, biotech and pharmaceutical companies with quality, regulatory and technology solutions. Their services enable clients to operate more effectively during the commercialization process and beyond. As it relates to IEC 60601-1 and 62304, MethodSense provides expert guidance and interpretation, helping you with: ! Reviewing the standard you must comply with ! Conducting a gap analysis of your Risk Management Program against ISO 14971 ! Updating your Risk Management Documentation ! Completing the IEC 60601-1 and other relevant tables ! Submitting your documentation for review For more information about MethodSense, visit www.methodsense.com. MECA was formed in 2002, to assist medical device companies with their safety certification, compliance, and regulatory needs. They have grown their business and network of associates with the leaders in their respective fields, to offer the highest level of certification and regulatory support that you will find anywhere. MECA works to help bring the safest devices possible to market, especially as it relates to IEC 60601-1 and IEC 62304 compliance. To learn more about MECA’s service, visit 60601-1.com.

Recommandé

ISO: 14971 Quality risk management of medical devices
ISO: 14971 Quality risk management of medical devicesISO: 14971 Quality risk management of medical devices
ISO: 14971 Quality risk management of medical devicesAtul Bhombe
 
IEC 62304: SDLC Conformance and Management
IEC 62304: SDLC Conformance and Management IEC 62304: SDLC Conformance and Management
IEC 62304: SDLC Conformance and Management MethodSense, Inc.
 
IEC 62304 Action List
IEC 62304 Action List IEC 62304 Action List
IEC 62304 Action List MethodSense, Inc.
 
Iso 14971 2019
Iso 14971 2019Iso 14971 2019
Iso 14971 2019Suhas R
 
Classification of In Vitro Diagnostic Devices per FDA and IVDR Rules
Classification of In Vitro Diagnostic Devices per FDA and IVDR RulesClassification of In Vitro Diagnostic Devices per FDA and IVDR Rules
Classification of In Vitro Diagnostic Devices per FDA and IVDR RulesZafirios Gourgouliatos, Ph.D.
 
Risk Management for Medical Devices - ISO 14971 Overview
Risk Management for Medical Devices - ISO 14971 Overview Risk Management for Medical Devices - ISO 14971 Overview
Risk Management for Medical Devices - ISO 14971 Overview Greenlight Guru
 
ISO Standard 13485
ISO Standard 13485ISO Standard 13485
ISO Standard 13485Himanshi Arora
 
Medical Devices Regulation (MDR) 2017/745 - Part I Purpose, Scope, Definitions
Medical Devices Regulation (MDR) 2017/745 - Part I Purpose, Scope, DefinitionsMedical Devices Regulation (MDR) 2017/745 - Part I Purpose, Scope, Definitions
Medical Devices Regulation (MDR) 2017/745 - Part I Purpose, Scope, DefinitionsArete-Zoe, LLC
 

Recommandé

ISO: 14971 Quality risk management of medical devices
ISO: 14971 Quality risk management of medical devicesISO: 14971 Quality risk management of medical devices
ISO: 14971 Quality risk management of medical devicesAtul Bhombe
 
IEC 62304: SDLC Conformance and Management
IEC 62304: SDLC Conformance and Management IEC 62304: SDLC Conformance and Management
IEC 62304: SDLC Conformance and Management MethodSense, Inc.
 
IEC 62304 Action List
IEC 62304 Action List IEC 62304 Action List
IEC 62304 Action List MethodSense, Inc.
 
Iso 14971 2019
Iso 14971 2019Iso 14971 2019
Iso 14971 2019Suhas R
 
Classification of In Vitro Diagnostic Devices per FDA and IVDR Rules
Classification of In Vitro Diagnostic Devices per FDA and IVDR RulesClassification of In Vitro Diagnostic Devices per FDA and IVDR Rules
Classification of In Vitro Diagnostic Devices per FDA and IVDR RulesZafirios Gourgouliatos, Ph.D.
 
Risk Management for Medical Devices - ISO 14971 Overview
Risk Management for Medical Devices - ISO 14971 Overview Risk Management for Medical Devices - ISO 14971 Overview
Risk Management for Medical Devices - ISO 14971 Overview Greenlight Guru
 
ISO Standard 13485
ISO Standard 13485ISO Standard 13485
ISO Standard 13485Himanshi Arora
 
Medical Devices Regulation (MDR) 2017/745 - Part I Purpose, Scope, Definitions
Medical Devices Regulation (MDR) 2017/745 - Part I Purpose, Scope, DefinitionsMedical Devices Regulation (MDR) 2017/745 - Part I Purpose, Scope, Definitions
Medical Devices Regulation (MDR) 2017/745 - Part I Purpose, Scope, DefinitionsArete-Zoe, LLC
 
GHTF study group 3
GHTF study group 3GHTF study group 3
GHTF study group 3Nirma University
 
Medical Devices Regulation (MDR) 2017/745 - Part II Placing devices on EU ma...
Medical Devices Regulation (MDR) 2017/745 - Part II Placing devices on EU ma...Medical Devices Regulation (MDR) 2017/745 - Part II Placing devices on EU ma...
Medical Devices Regulation (MDR) 2017/745 - Part II Placing devices on EU ma...Arete-Zoe, LLC
 
Quality System Requirements 21 CFR Part 820 and Labelling Requirements for Me...
Quality System Requirements 21 CFR Part 820 and Labelling Requirements for Me...Quality System Requirements 21 CFR Part 820 and Labelling Requirements for Me...
Quality System Requirements 21 CFR Part 820 and Labelling Requirements for Me...Swapnil Fernandes
 
Medical devices CHINA
Medical devices CHINA Medical devices CHINA
Medical devices CHINA Parul Institute of Pharmacy
 
Regulatory requirements for CE CERTIFICATION of Medical Devices in European U...
Regulatory requirements for CE CERTIFICATION of Medical Devices in European U...Regulatory requirements for CE CERTIFICATION of Medical Devices in European U...
Regulatory requirements for CE CERTIFICATION of Medical Devices in European U...Pallavi Christeen
 
Ce marking of medical devices
Ce marking of medical devicesCe marking of medical devices
Ce marking of medical devicesPallavi Christeen
 
ISO 13485:2016 QMS
ISO 13485:2016 QMSISO 13485:2016 QMS
ISO 13485:2016 QMSVishwasBhukal1
 
FDA Unique Device Identification (UDI) Overview
FDA Unique Device Identification (UDI) OverviewFDA Unique Device Identification (UDI) Overview
FDA Unique Device Identification (UDI) OverviewCaroline Bloemker, M.S., RAC
 
Iso 13485:2016
Iso 13485:2016Iso 13485:2016
Iso 13485:2016Suhas R
 
ISO 13485.pptx
ISO 13485.pptxISO 13485.pptx
ISO 13485.pptxPrachiSharma575050
 
ISO 13485: Quality Management System for Medical Device
ISO 13485: Quality Management System for Medical DeviceISO 13485: Quality Management System for Medical Device
ISO 13485: Quality Management System for Medical DeviceMananShah147368
 
Understanding Post-market Surveillance under EU MDR: Being Proactive, not Rea...
Understanding Post-market Surveillance under EU MDR: Being Proactive, not Rea...Understanding Post-market Surveillance under EU MDR: Being Proactive, not Rea...
Understanding Post-market Surveillance under EU MDR: Being Proactive, not Rea...Greenlight Guru
 
The European Medical Device Regulations - analysis of the final text
The European Medical Device Regulations - analysis of the final textThe European Medical Device Regulations - analysis of the final text
The European Medical Device Regulations - analysis of the final textpi
 
GHTF
GHTFGHTF
GHTFKDivya11
 
Applying IEC 62304 Risk Management in Aligned Elements - the medical device ALM
Applying IEC 62304 Risk Management in Aligned Elements - the medical device ALMApplying IEC 62304 Risk Management in Aligned Elements - the medical device ALM
Applying IEC 62304 Risk Management in Aligned Elements - the medical device ALMAligned AG
 
Medical Device Regulatory Approval
Medical Device Regulatory ApprovalMedical Device Regulatory Approval
Medical Device Regulatory Approvalruyang89
 
Difference between fda 21 cfr part 820 and ISO 13485
Difference between fda 21 cfr part 820 and ISO 13485Difference between fda 21 cfr part 820 and ISO 13485
Difference between fda 21 cfr part 820 and ISO 13485Anil Chaudhari
 
GLOBAL MEDICAL DEVICES NOMENCLATURE.pptx
GLOBAL MEDICAL DEVICES NOMENCLATURE.pptxGLOBAL MEDICAL DEVICES NOMENCLATURE.pptx
GLOBAL MEDICAL DEVICES NOMENCLATURE.pptxSanthiNori1
 
validation and verification of medical device.pptx
validation and verification of medical device.pptxvalidation and verification of medical device.pptx
validation and verification of medical device.pptxGargiVaghela
 
Understanding the New ISO 13485:2016 Revision
Understanding the New ISO 13485:2016 RevisionUnderstanding the New ISO 13485:2016 Revision
Understanding the New ISO 13485:2016 RevisionGreenlight Guru
 
Critical Steps in Software Development: Enhance Your Chances for a Successful...
Critical Steps in Software Development: Enhance Your Chances for a Successful...Critical Steps in Software Development: Enhance Your Chances for a Successful...
Critical Steps in Software Development: Enhance Your Chances for a Successful...Sterling Medical Devices
 
Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...3GDR
 

Contenu connexe

Tendances

Medical Devices Regulation (MDR) 2017/745 - Part II Placing devices on EU ma...
Medical Devices Regulation (MDR) 2017/745 - Part II Placing devices on EU ma...Medical Devices Regulation (MDR) 2017/745 - Part II Placing devices on EU ma...
Medical Devices Regulation (MDR) 2017/745 - Part II Placing devices on EU ma...Arete-Zoe, LLC
 
Quality System Requirements 21 CFR Part 820 and Labelling Requirements for Me...
Quality System Requirements 21 CFR Part 820 and Labelling Requirements for Me...Quality System Requirements 21 CFR Part 820 and Labelling Requirements for Me...
Quality System Requirements 21 CFR Part 820 and Labelling Requirements for Me...Swapnil Fernandes
 
Regulatory requirements for CE CERTIFICATION of Medical Devices in European U...
Regulatory requirements for CE CERTIFICATION of Medical Devices in European U...Regulatory requirements for CE CERTIFICATION of Medical Devices in European U...
Regulatory requirements for CE CERTIFICATION of Medical Devices in European U...Pallavi Christeen
 
Ce marking of medical devices
Ce marking of medical devicesCe marking of medical devices
Ce marking of medical devicesPallavi Christeen
 
Iso 13485:2016
Iso 13485:2016Iso 13485:2016
Iso 13485:2016Suhas R
 
ISO 13485: Quality Management System for Medical Device
ISO 13485: Quality Management System for Medical DeviceISO 13485: Quality Management System for Medical Device
ISO 13485: Quality Management System for Medical DeviceMananShah147368
 
Understanding Post-market Surveillance under EU MDR: Being Proactive, not Rea...
Understanding Post-market Surveillance under EU MDR: Being Proactive, not Rea...Understanding Post-market Surveillance under EU MDR: Being Proactive, not Rea...
Understanding Post-market Surveillance under EU MDR: Being Proactive, not Rea...Greenlight Guru
 
The European Medical Device Regulations - analysis of the final text
The European Medical Device Regulations - analysis of the final textThe European Medical Device Regulations - analysis of the final text
The European Medical Device Regulations - analysis of the final textpi
 
Applying IEC 62304 Risk Management in Aligned Elements - the medical device ALM
Applying IEC 62304 Risk Management in Aligned Elements - the medical device ALMApplying IEC 62304 Risk Management in Aligned Elements - the medical device ALM
Applying IEC 62304 Risk Management in Aligned Elements - the medical device ALMAligned AG
 
Medical Device Regulatory Approval
Medical Device Regulatory ApprovalMedical Device Regulatory Approval
Medical Device Regulatory Approvalruyang89
 
Difference between fda 21 cfr part 820 and ISO 13485
Difference between fda 21 cfr part 820 and ISO 13485Difference between fda 21 cfr part 820 and ISO 13485
Difference between fda 21 cfr part 820 and ISO 13485Anil Chaudhari
 
GLOBAL MEDICAL DEVICES NOMENCLATURE.pptx
GLOBAL MEDICAL DEVICES NOMENCLATURE.pptxGLOBAL MEDICAL DEVICES NOMENCLATURE.pptx
GLOBAL MEDICAL DEVICES NOMENCLATURE.pptxSanthiNori1
 
validation and verification of medical device.pptx
validation and verification of medical device.pptxvalidation and verification of medical device.pptx
validation and verification of medical device.pptxGargiVaghela
 
Understanding the New ISO 13485:2016 Revision
Understanding the New ISO 13485:2016 RevisionUnderstanding the New ISO 13485:2016 Revision
Understanding the New ISO 13485:2016 RevisionGreenlight Guru
 

Tendances (20)

GHTF study group 3
GHTF study group 3GHTF study group 3
GHTF study group 3
 
Medical Devices Regulation (MDR) 2017/745 - Part II Placing devices on EU ma...
Medical Devices Regulation (MDR) 2017/745 - Part II Placing devices on EU ma...Medical Devices Regulation (MDR) 2017/745 - Part II Placing devices on EU ma...
Medical Devices Regulation (MDR) 2017/745 - Part II Placing devices on EU ma...
 
Quality System Requirements 21 CFR Part 820 and Labelling Requirements for Me...
Quality System Requirements 21 CFR Part 820 and Labelling Requirements for Me...Quality System Requirements 21 CFR Part 820 and Labelling Requirements for Me...
Quality System Requirements 21 CFR Part 820 and Labelling Requirements for Me...
 
Medical devices CHINA
Medical devices CHINA Medical devices CHINA
Medical devices CHINA
 
Regulatory requirements for CE CERTIFICATION of Medical Devices in European U...
Regulatory requirements for CE CERTIFICATION of Medical Devices in European U...Regulatory requirements for CE CERTIFICATION of Medical Devices in European U...
Regulatory requirements for CE CERTIFICATION of Medical Devices in European U...
 
Ce marking of medical devices
Ce marking of medical devicesCe marking of medical devices
Ce marking of medical devices
 
ISO 13485:2016 QMS
ISO 13485:2016 QMSISO 13485:2016 QMS
ISO 13485:2016 QMS
 
FDA Unique Device Identification (UDI) Overview
FDA Unique Device Identification (UDI) OverviewFDA Unique Device Identification (UDI) Overview
FDA Unique Device Identification (UDI) Overview
 
Iso 13485:2016
Iso 13485:2016Iso 13485:2016
Iso 13485:2016
 
ISO 13485.pptx
ISO 13485.pptxISO 13485.pptx
ISO 13485.pptx
 
ISO 13485: Quality Management System for Medical Device
ISO 13485: Quality Management System for Medical DeviceISO 13485: Quality Management System for Medical Device
ISO 13485: Quality Management System for Medical Device
 
Understanding Post-market Surveillance under EU MDR: Being Proactive, not Rea...
Understanding Post-market Surveillance under EU MDR: Being Proactive, not Rea...Understanding Post-market Surveillance under EU MDR: Being Proactive, not Rea...
Understanding Post-market Surveillance under EU MDR: Being Proactive, not Rea...
 
The European Medical Device Regulations - analysis of the final text
The European Medical Device Regulations - analysis of the final textThe European Medical Device Regulations - analysis of the final text
The European Medical Device Regulations - analysis of the final text
 
GHTF
GHTFGHTF
GHTF
 
Applying IEC 62304 Risk Management in Aligned Elements - the medical device ALM
Applying IEC 62304 Risk Management in Aligned Elements - the medical device ALMApplying IEC 62304 Risk Management in Aligned Elements - the medical device ALM
Applying IEC 62304 Risk Management in Aligned Elements - the medical device ALM
 
Medical Device Regulatory Approval
Medical Device Regulatory ApprovalMedical Device Regulatory Approval
Medical Device Regulatory Approval
 
Difference between fda 21 cfr part 820 and ISO 13485
Difference between fda 21 cfr part 820 and ISO 13485Difference between fda 21 cfr part 820 and ISO 13485
Difference between fda 21 cfr part 820 and ISO 13485
 
GLOBAL MEDICAL DEVICES NOMENCLATURE.pptx
GLOBAL MEDICAL DEVICES NOMENCLATURE.pptxGLOBAL MEDICAL DEVICES NOMENCLATURE.pptx
GLOBAL MEDICAL DEVICES NOMENCLATURE.pptx
 
validation and verification of medical device.pptx
validation and verification of medical device.pptxvalidation and verification of medical device.pptx
validation and verification of medical device.pptx
 
Understanding the New ISO 13485:2016 Revision
Understanding the New ISO 13485:2016 RevisionUnderstanding the New ISO 13485:2016 Revision
Understanding the New ISO 13485:2016 Revision
 

Similaire à Understanding IEC 62304

Critical Steps in Software Development: Enhance Your Chances for a Successful...
Critical Steps in Software Development: Enhance Your Chances for a Successful...Critical Steps in Software Development: Enhance Your Chances for a Successful...
Critical Steps in Software Development: Enhance Your Chances for a Successful...Sterling Medical Devices
 
Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...3GDR
 
Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...3GDR
 
Elements to Consider for Risk Assessment in SaMDs
Elements to Consider for Risk Assessment in SaMDsElements to Consider for Risk Assessment in SaMDs
Elements to Consider for Risk Assessment in SaMDsEMMAIntl
 
Building a QMS for Your SaMD
Building a QMS for Your SaMDBuilding a QMS for Your SaMD
Building a QMS for Your SaMDEMMAIntl
 
Software controlled electron mechanical systems reliability
Software controlled electron mechanical systems reliabilitySoftware controlled electron mechanical systems reliability
Software controlled electron mechanical systems reliabilityASQ Reliability Division
 
Practical Advice for FDA’s 510(k) Requirements.pdf
Practical Advice for FDA’s 510(k) Requirements.pdfPractical Advice for FDA’s 510(k) Requirements.pdf
Practical Advice for FDA’s 510(k) Requirements.pdfICS
 
Developing Product Requirements For Medical Devices
Developing Product Requirements For Medical DevicesDeveloping Product Requirements For Medical Devices
Developing Product Requirements For Medical DevicesWalt Maclay
 
Reliability Instrumented System | Arrelic Insights
Reliability Instrumented System | Arrelic InsightsReliability Instrumented System | Arrelic Insights
Reliability Instrumented System | Arrelic InsightsArrelic
 
Compliance with medical standards iec 62304, iso 14971, iec 60601, fda title ...
Compliance with medical standards iec 62304, iso 14971, iec 60601, fda title ...Compliance with medical standards iec 62304, iso 14971, iec 60601, fda title ...
Compliance with medical standards iec 62304, iso 14971, iec 60601, fda title ...Intland Software GmbH
 
Computer system validation
Computer system validation Computer system validation
Computer system validation ShameerAbid
 
The critical role of QA in Medical Device Testing.pdf
The critical role of QA in Medical Device Testing.pdfThe critical role of QA in Medical Device Testing.pdf
The critical role of QA in Medical Device Testing.pdfMindfire LLC
 
5 Ways to Be Vigilant for your Medical Devices from a Cybersecurity Perspective
5 Ways to Be Vigilant for your Medical Devices from a Cybersecurity Perspective5 Ways to Be Vigilant for your Medical Devices from a Cybersecurity Perspective
5 Ways to Be Vigilant for your Medical Devices from a Cybersecurity PerspectiveEMMAIntl
 
Medical device regulations 510k
Medical device regulations 510kMedical device regulations 510k
Medical device regulations 510kSigma
 
Design Verification vs Design Validation
Design Verification vs Design ValidationDesign Verification vs Design Validation
Design Verification vs Design ValidationEMMAIntl
 
Software Testing - Software Quality (Part 2)
Software Testing - Software Quality (Part 2)Software Testing - Software Quality (Part 2)
Software Testing - Software Quality (Part 2)Ajeng Savitri
 
Usability Validation Testing of Medical Devices and Software
Usability Validation Testing of Medical Devices and SoftwareUsability Validation Testing of Medical Devices and Software
Usability Validation Testing of Medical Devices and SoftwareUXPA Boston
 
Computational Modeling & Simulation in Orthopedics: Tools to Comply in an Ev...
Computational Modeling & Simulation in Orthopedics: Tools to Comply in an Ev...Computational Modeling & Simulation in Orthopedics: Tools to Comply in an Ev...
Computational Modeling & Simulation in Orthopedics: Tools to Comply in an Ev...April Bright
 

Similaire à Understanding IEC 62304 (20)

Critical Steps in Software Development: Enhance Your Chances for a Successful...
Critical Steps in Software Development: Enhance Your Chances for a Successful...Critical Steps in Software Development: Enhance Your Chances for a Successful...
Critical Steps in Software Development: Enhance Your Chances for a Successful...
 
Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...
 
Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...
 
Elements to Consider for Risk Assessment in SaMDs
Elements to Consider for Risk Assessment in SaMDsElements to Consider for Risk Assessment in SaMDs
Elements to Consider for Risk Assessment in SaMDs
 
Building a QMS for Your SaMD
Building a QMS for Your SaMDBuilding a QMS for Your SaMD
Building a QMS for Your SaMD
 
Software controlled electron mechanical systems reliability
Software controlled electron mechanical systems reliabilitySoftware controlled electron mechanical systems reliability
Software controlled electron mechanical systems reliability
 
Practical Advice for FDA’s 510(k) Requirements.pdf
Practical Advice for FDA’s 510(k) Requirements.pdfPractical Advice for FDA’s 510(k) Requirements.pdf
Practical Advice for FDA’s 510(k) Requirements.pdf
 
Developing Product Requirements For Medical Devices
Developing Product Requirements For Medical DevicesDeveloping Product Requirements For Medical Devices
Developing Product Requirements For Medical Devices
 
TwinSPIN_Lecture.ppt
TwinSPIN_Lecture.pptTwinSPIN_Lecture.ppt
TwinSPIN_Lecture.ppt
 
Reliability Instrumented System | Arrelic Insights
Reliability Instrumented System | Arrelic InsightsReliability Instrumented System | Arrelic Insights
Reliability Instrumented System | Arrelic Insights
 
Compliance with medical standards iec 62304, iso 14971, iec 60601, fda title ...
Compliance with medical standards iec 62304, iso 14971, iec 60601, fda title ...Compliance with medical standards iec 62304, iso 14971, iec 60601, fda title ...
Compliance with medical standards iec 62304, iso 14971, iec 60601, fda title ...
 
Computer system validation
Computer system validation Computer system validation
Computer system validation
 
The critical role of QA in Medical Device Testing.pdf
The critical role of QA in Medical Device Testing.pdfThe critical role of QA in Medical Device Testing.pdf
The critical role of QA in Medical Device Testing.pdf
 
ISO 13485: What's Next?
ISO 13485: What's Next?ISO 13485: What's Next?
ISO 13485: What's Next?
 
5 Ways to Be Vigilant for your Medical Devices from a Cybersecurity Perspective
5 Ways to Be Vigilant for your Medical Devices from a Cybersecurity Perspective5 Ways to Be Vigilant for your Medical Devices from a Cybersecurity Perspective
5 Ways to Be Vigilant for your Medical Devices from a Cybersecurity Perspective
 
Medical device regulations 510k
Medical device regulations 510kMedical device regulations 510k
Medical device regulations 510k
 
Design Verification vs Design Validation
Design Verification vs Design ValidationDesign Verification vs Design Validation
Design Verification vs Design Validation
 
Software Testing - Software Quality (Part 2)
Software Testing - Software Quality (Part 2)Software Testing - Software Quality (Part 2)
Software Testing - Software Quality (Part 2)
 
Usability Validation Testing of Medical Devices and Software
Usability Validation Testing of Medical Devices and SoftwareUsability Validation Testing of Medical Devices and Software
Usability Validation Testing of Medical Devices and Software
 
Computational Modeling & Simulation in Orthopedics: Tools to Comply in an Ev...
Computational Modeling & Simulation in Orthopedics: Tools to Comply in an Ev...Computational Modeling & Simulation in Orthopedics: Tools to Comply in an Ev...
Computational Modeling & Simulation in Orthopedics: Tools to Comply in an Ev...
 

Dernier

The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyThe Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyEthan lee
 
Monthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxMonthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxAndy Lambert
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdfRenandantas16
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMRavindra Nath Shukla
 
Regression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRegression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRavindra Nath Shukla
 
Catalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdf
Catalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdfCatalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdf
Catalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdfOrient Homes
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...lizamodels9
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.Aaiza Hassan
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...Paul Menig
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesDipal Arora
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayNZSG
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Serviceritikaroy0888
 
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppelCorporation
 
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableDipal Arora
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageMatteo Carbone
 
Progress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitProgress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitHolger Mueller
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Neil Kimberley
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Dipal Arora
 

Dernier (20)

The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyThe Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
 
Monthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxMonthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptx
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSM
 
Regression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRegression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear Regression
 
Catalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdf
Catalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdfCatalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdf
Catalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdf
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 May
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
 
KestrelPro Flyer Japan IT Week 2024 (English)
KestrelPro Flyer Japan IT Week 2024 (English)KestrelPro Flyer Japan IT Week 2024 (English)
KestrelPro Flyer Japan IT Week 2024 (English)
 
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
 
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usage
 
Progress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitProgress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst Summit
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023
 
Forklift Operations: Safety through Cartoons
Forklift Operations: Safety through CartoonsForklift Operations: Safety through Cartoons
Forklift Operations: Safety through Cartoons
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
 

Understanding IEC 62304

  • 1. Understanding IEC 62304 Co-authored by MethodSense, Inc. and Medical Equipment Compliance Associates, LLC www.methodsense.com | 919.313.3960
  • 2. delivering breakthroughs within the life sciences © 2014 MethodSense, Inc. Understanding IEC 62304 By: Rita King, Chief Executive Officer, Methodsense, Inc. and Alex Grob, Chief Biomedical Engineer & Quality Manager, Medical Equipment Compliance Associates, LLC What do hospital beds, blood pressure cuffs, dosimeters, and pacemakers all have in common? They are all medical devices with software that regulates their functionality in a way that contributes to Basic Safety or Essential Performance. With the FDA reporting that the rate of medical device recalls between 2002 and 2012 increased by 100% – where software design failures are the most common reason for the recalls – it’s no wonder IEC 62304 has been implemented. Its implementation, however, has medical device manufacturers asking questions about if, when and under what circumstances the standard is required. For starters, what is IEC 62304? IEC 62304 is the international standard that defines software development lifecycle requirements for medical device software. The standard was developed from the perspective that product testing alone is insufficient to ensure patient safety when software is involved. The standard requires all aspects of the software development life cycle to be scrutinized, including: • Development • Risk management • Configuration • Problem resolution • Maintenance The standard provides a common framework for medical device manufacturers to develop software. Conformance with this standard provides evidence that there is a software development process in place that fulfills the requirements of the Medical Device Directive. Because it has been harmonized with the Medical Device Directive in the EU and Recognized as a Consensus Standard by the FDA in the US, IEC 62304 can be used as a benchmark to comply with regulatory requirements in both markets. To date, this standard has been recognized in most countries that use compliance standards to fulfill regulatory requirements. When is IEC 62304 compliance required? One of the most commonly asked questions of test labs is, “Is compliance with this standard required?” Technically, the answer is “no” because compliance with the standard is voluntary. But, in practice, the answer is “yes.” Read on for greater clarification.
  • 3. delivering breakthroughs within the life sciences © 2014 MethodSense, Inc. Since most medical devices in today’s market contain some type of software, manufacturers must determine under which circumstances IEC 62304 is required. These include: • FDA regulatory compliance with IEC 60601-1 Amendment 1 • Reliance upon software to perform Basic Safety functions • Reliance upon software for Essential Performance If your device falls into any of the above categories, you must have evidence that the software development process used is as good as, or better than, the process presented in IEC 62304. Complying with 62304 enhances the reliability of your device’s software by requiring attention to detail in design, testing and verification, ultimately improving the overall safety of the medical device. Does your device have to meet IEC 60601-1 requirements? The EU has been using IEC 62304 since 2008, but it has gained even more traction with its incorporation into the third edition of IEC 60601-1’s Amendment 1. The inclusion of Amendment 1 shifted the standard from a recommendation to a requirement if your device utilizes software. For those who design or manufacture electromedical equipment, 60601-1 is one of the most important safety and performance standards to meet. The standard addresses critical safety issues, including electrical shocks and mechanical hazards, such as pinching, crushing, and breaking. Devices that must meet IEC 60601-1 requirements include those which: • Diagnose, treat, or monitor the patient under medical supervision • Make physical or electrical contact with the patient • Transfer energy to or from the patient; and/or • Detect such energy transfer to or from the patient. 60601-1 Clause 14 requires manufacturers to comply with IEC 62304 unless the device’s software has no role in providing basic safety or essential performance or risk analysis demonstrates that a failure of any Programmable Electronic Safety System (PESS) does not lead to an unacceptable risk. What role does Basic Safety play? Basic safety is the main focus of IEC 60601-1. It’s important that you conduct a risk analysis to identify your device’s level of unacceptable risk and determine the role of software in risk mitigation. This analysis will determine the applicable basic safety requirements for your device, and, for some requirements, the test parameters that need to be used by the test laboratory. A Common Mistake… The most common mistake that medical device manufacturers make is that they do not always assess which elements of risk their software mitigates. These are the elements that must be addressed by IEC 62304. For example, what would happen if the creator of a hoist didn’t properly vet the software that signaled the hoist to lower the patient at a certain speed? If a patient were lowered to quickly – or not at all – there would be a risk management nightmare. Since software plays a role in the Basic Safety functions of the hoist, it must comply with 62304’s requirements.
  • 4. delivering breakthroughs within the life sciences © 2014 MethodSense, Inc. In conjunction with IEC 60601-1, 62304 is intended to minimize the occurrence of these situations. When device software is mitigating a known potential hazard, ensuring that the code is developed properly is critical for the management of patient safety, as well as liability to the manufacturer. Does your software impact Essential Performance? It can be difficult to determine if a device’s software is tied to its Essential Performance (EP), especially because the definition of EP has been widely debated for years. Thankfully, the definition and requirements for Essential Performance changed with Amendment 1 of IEC 60601-1 to help provide more clarity. Determining Essential Performance begins with a list of all functional aspects of your device, including accuracy, measurements and its capabilities. Once you identify these items, determine whether any of these are already covered by the Basic Safety requirements of IEC 60601-1 or whether any item is not part of the device’s intended use. Then, and this is key, every item remaining gets posed the question, “If this item degrades, will it create a risk for the patient?” If the answer is yes, you must identify how its functionality must be maintained so the risk is still acceptable. This is your Essential Performance. A good example to help clarify the impact of Essential Performance on IEC 62304 is accuracy. Consider a device that claims its EP is accurate within 5%. If the device is relying on software to maintain that accuracy or provide an alert when outside of 5%, and that software fails, then the manufacturer will be unable to detect if the device’s Essential Performance is being met. This means the software is providing Essential Performance. Once you know your device software is responsible for Essential Performance, you must comply with IEC 62304 to ensure there is no unacceptable risk to a patient. What are common scenarios manufacturers miss? There are several situations that manufacturers often don’t realize require compliance with IEC 62304. These product features can create major headaches and costly delays if they are not properly developed. These scenarios include:
  • 5. delivering breakthroughs within the life sciences © 2014 MethodSense, Inc. Alarms & Alerts Alarms are often an Essential Performance requirement because they are intended to detect abnormalities. If the alarm was removed, the device would no longer meet it’s performance requirements, making the risk unacceptable. Software is used to detect the issue, instigate the alarm and make the sound. Speed & Position Sensors These sensors are in place to address Basic Safety concerns. For example, a hospital bed has a position sensor to keep it from crushing the operator’s foot and mammography has sensors to gauge compression. Devices like these use software to limit range of motion, speed and force. Algorithms Algorithms are frequently used with physiological monitoring. If the software is removed, the device is no longer able to operate as intended, resulting in the algorithms being part of Essential Performance. It is important to note that these situations apply to the patient, operator or service personnel. How is compliance assessed? Once you know you must comply with IEC 62304, how do you go about preparing for it? To start, know that compliance with this standard is defined as implementing all of the processes, activities and tasks identified in the standard in accordance with the software safety class. 62304 itself does not prescribe a particular organizational structure or specific format for documentation, however. Compliance is determined by a review of all required documentation, including the risk management file. The logical first step toward achieving compliance is to assess risk management as seen in IEC 60601-1. This includes: • Defining your operational and manufacturing processes • Documenting and assessing operational risks • Defining controls Once your risk management file is complete, your next step is to review the requirements for IEC 62304. Make sure all required elements are defined and met in your procedures. Then, you’re ready to compile your documentation and submit it to your test lab. The test lab will review your documentation against a Test Report Form. They will comb through each step and verify you are including requirements in your procedures. If it has been decided that the software performs Basic Safety or Essential Performance for your device, the lab will conduct a product review. Alarms & Alerts, Speed & Position Sensors and Algorithms are components that are often missed by manufacturers. They all use software for Basic Safety and Essential Performance functions… requiring IEC 63204 compliance.
  • 6. delivering breakthroughs within the life sciences © 2014 MethodSense, Inc. The lab will only review the segments of your software development process that apply to Basic Safety and Essential Performance. When the review is complete and approved, you’ll receive a compliance report. If you’ve failed any areas, they will be noted, allowing you to make corrections. If you passed, you are able to move forward with your other regulatory commitments, such as obtaining a 510(k) for the US market or CE Marking for Europe. What are some key pitfalls to look out for? Well-documented Processes When meeting the requirements of IEC 62304, there are areas you would benefit from paying close attention to. The most critical is making sure you have clearly defined processes for your company and your software development lifecycle in particular. IEC 62304 identifies several expectations related to the information that should be included in your software development lifecycle procedures. If your processes are not well documented, you will have a lengthy, costly process ahead of you. Document management is essential for meeting compliance goals. The SOUP Can The next most difficult issue is SOUP, and we’re not talking about chowder or minestrone here. SOUP is an acronym for Software of Unknown Provenance (or Pedigree). This is software you did not develop and have limited knowledge as to how it was created. Think of when an operating system, such as Windows, sends you updates and how your device’s software interacts with them. While test labs don’t expect you to be able to explain the development process of your SOUP manufacturer, you will have to identify how your software relies on SOUP to function. You must identify if SOUP contributes to any unacceptable risk. In your software development process, you will need a plan for how you will handle the SOUP. It’s recommended that you build your software around SOUP in a way that enables your device to operate properly in the event that it (the SOUP) causes your software to fail. Unfortunately, many developers and device manufactures neglect to consider the impact of SOUP. Software Partitioning The certifying body reviewing your device will only look at software partitioned around your Essential Performance and Basic Safety. However, if you’ve not taken the time to partition the code well, they will have to apply the principles of IEC 62304 to your entire code. Partitioning makes for a faster review process and minimizes your compliance risks. This is something to consider at the onset of your development process, as well as when your software undergoes changes over time. Document Development While software developers know what they are doing when it comes to writing code, that doesn’t mean they know what they are doing as it relates to medical devices. Documenting the software lifecycle as the code is created makes for a much smoother, more accurate process than trying to remember how the software was developed after the fact. All too often, software developers are unaware of the scope of documentation required for medical devices. This is particularly critical because over the last couple decades software development methodologies have been evolved and many of the emerging methodologies place less emphasis on documentation and more emphasis on rapid development. So, the key to the software development process is the management of a software development methodology that creates the efficiency the company is looking for with the accountability that the IEC 62304 is expecting.
  • 7. delivering breakthroughs within the life sciences © 2014 MethodSense, Inc. Version Control & Updates The chance of your software requiring updates or version changes is pretty likely, and changes conducted after achieving compliance are often forgotten. When you create your software development lifecycle process, be sure to include how these are defined including how you maintain your software in a validated state. Keep in mind that when changes are made to your software, additional testing may be necessary. What about non-compliance? If you get caught in any of the abovementioned pitfalls, you can expect that you will not be in compliance. You will either not receive a report at all, or will receive a report that says you failed somewhere in IEC 60601-1 or IEC 62304. Because the standards are voluntary, you don’t necessarily have to make product changes if you fail. You can choose to not comply. However, for each “fail,” you will be required to provide justification for each deviation. If you have valid justification, your device should still attain regulatory approval from the FDA or in the EU, although developing this justification can be a lengthy process in itself. The reality is these standards are here to stay, especially as software becomes an even more influential medical device component. Summation Based on our experience, when seeking CE Marking, Notified Bodies try to create a level of consistency with their reviews. Thus, it has become more and more difficult to convince a Notified Body that you don’t have to comply with IEC 62304 when it is clear the role of software in your medical device contributes to Essential Performance. Attempting to take the path of “justification” will likely add more time to your process, and you may find yourself needing to complete IEC 62304 in the long run. Our recommendation is to avoid loopholes that don’t really exist and to go through the process of meeting IEC 62304 requirements. Not only will this be more effective for meeting commercialization goals, but it will prove you stand behind the safety of your device.
  • 8. delivering breakthroughs within the life sciences © 2014 MethodSense, Inc. About the authors MethodSense is a life science consulting firm with offices in the US and Europe. They guide medical device, biotech and pharmaceutical companies with quality, regulatory and technology solutions. Their services enable clients to operate more effectively during the commercialization process and beyond. As it relates to IEC 60601-1 and 62304, MethodSense provides expert guidance and interpretation, helping you with: ! Reviewing the standard you must comply with ! Conducting a gap analysis of your Risk Management Program against ISO 14971 ! Updating your Risk Management Documentation ! Completing the IEC 60601-1 and other relevant tables ! Submitting your documentation for review For more information about MethodSense, visit www.methodsense.com. MECA was formed in 2002, to assist medical device companies with their safety certification, compliance, and regulatory needs. They have grown their business and network of associates with the leaders in their respective fields, to offer the highest level of certification and regulatory support that you will find anywhere. MECA works to help bring the safest devices possible to market, especially as it relates to IEC 60601-1 and IEC 62304 compliance. To learn more about MECA’s service, visit 60601-1.com.