Software in Medical Devices, by MD101 Consulting

To content | To menu | To search

Friday 13 May 2022

Software as a Medical Device Post-Market Surveillance

Post-Market Surveillance (PMS) is one of the strengthened requirements of the Medical Device Regulation (MDR). Performing an effective PMS can be a time consuming task, shared by several departments of MD manufacturers. This is also true for SaMD.

Continue reading...

Friday 22 April 2022

New SaMD Classification scheme

A new unofficial SaMD classification scheme. Will it be adopted with the postponement of the MDR?

Continue reading...

Friday 15 April 2022

SaMD decommissioning, recall, removal and withdrawal

We saw in the previous post how the lifetime of a SaMD can be defined. Let's continue with the operations that can affect this lifetime.

Continue reading...

Friday 25 February 2022

Medical Device lifetime and SaMD

Medical device regulations require the manufacturers to define lifetime for their devices. In the case of SaMD, this requirement needs some interpretation.

Continue reading...

Thursday 13 January 2022

IEC 81001-5-1, final version published

IEC 81001-5-1 was published in December 2021. We already talked about the draft version here. Combined with IEC/TR 60601-4-5, published in February 2021, these two standards constitute the state of the art in cybersecurity of medical devices in Europe.

The final version is very close to the draft version, apart from a few changes to the organizational requirements; formerly clause 10 present in the draft, but removed and copied to clause 4 in the final version.

Be prepared to apply these two standards for your MDR CE Mark submissions, when they are harmonized. Most probably by 2024.

Monday 6 December 2021

FDA Draft Guidance on Content of Premarket Submissions for Device Software Functions

Great news! The FDA announced their list of new or revised guidances for 2022. Software is going to be privileged, with 6 guidances on Clinical Decision Support software, SaMD risk categorization, cybersecurity, QMS SW, and Artificial Intelligence / Machine Learning. The draft guidance Content of Premarket Submissions for Device Software Functions opens the ball in 2021. This draft guidance will supersede the guidance titled Content of Premarket Submissions for Software Contained in Medical Device, when it is published in its final version. This little change in the title is a sign of the times.

Continue reading...

Monday 8 November 2021

MDCG 2020-3: Substantial change or not Substantial change?

That is the question.
MD manufacturers are pressed by end-users to implement changes. Especially SaMD, where the users are used to receiving new versions weekly or monthly. Thus, Class I MDD SaMD manufacturers are pressed to find a way to qualify their software changes as non-substantial according to the MDCG 2020-3. Otherwise, they can't deliver new versions to their end-users, blocked by the deadly MDR rule 11 and its class IIa trap.

Continue reading...

Saturday 6 November 2021

Ten years

This blog is ten years old!
Thank you to all of you who read, download and share the content of this blog.

Keep goin'

Friday 9 July 2021

Cybersecurity standards: IEC 81001-5-1 and IEC/TR 60601-4-5

The draft list of harmonized standards for the MDR regulation was published in May 2021. In this document, we find the references to the following cybersecurity standards:

  • IEC 80001-1: Safety, effectiveness and security in the implementation and use of connected medical devices or connected health software - Part 1: Application of risk management,
  • IEC 81001-5-1 (not published): Health Software and health IT systems safety, effectiveness and security - Part 5-1: Security - Activities in the product lifecycle,
  • IEC/TR 60601-4-5: Medical electrical equipment - Part 4-5: Guidance and interpretation - Safety-related technical security specifications.

Continue reading...

Wednesday 26 May 2021

Rest in peace class I SaMD

This is the end of MDD, and class I SaMD.

Continue reading...

Friday 26 March 2021

When Web meets SOUP

The definition of SOUP, and the requirements related to their lifecycle in IEC 62304 processes, are totally independent of any technology. Making no technological assumption, that's the way the standard is thought, so that it can be applied to any health software.
Cloud-based applications and web technologies make an intensive use of SOUPs. Let's see how IEC 62304 requirements can be applied to these technologies.

Continue reading...

Thursday 4 March 2021

Hey, European Commission, it's time to copy-paste Australian regulation!

The Australian Regulatory changes for software based medical devices took effect from 25th February 2021.

Continue reading...

Friday 19 February 2021

IEC 62304:2021 Committee Draft Version: Groundhog Day

That's a déjà-vu. The second version of IEC 62304 is still in draft. It has been in this state for five years, since the publication of the amendment 1. We already had a draft version in 2019. A new draft version is, again, in public review (or has been in public review in your country) under the name IEC CDV 62304:2021. Go to the website of your national standardization organization, to see if you can still download it for free!

Continue reading...

Friday 5 February 2021

FDA about to exempt fifteen software devices from 510k clearance

A Notice was published in the Federal Register the 15th January 2021, about the exemption of a long list of medical devices from premarket notification. This list, found in table 6 of the Notice, contains 83 class II devices.
Yet, we have to wait for 120 days, to see this Notice published with the list in its final version.

Continue reading...

Friday 25 December 2020

Is my software in IVDR class A, B, C, or D: A new hope

After the MDCG guide 2019-11 for the MDR, the MDCG 2020-16 gives the regulatory oversight on In-Vitro Diagnostic medical devices (IVD MD) classification; including software qualified as IVD MD. Let's see the consequences for software.

Continue reading...

Friday 20 November 2020

CE marking a new medical device with the MDR or IVDR: will it take one year?

The MDR 2017/745/EU and IVR 2017/746/EU define requirements, present in the Annex VII of both regulations, addressing the conformity assessment process that Notified Bodies shall put in place. It would be an understatement to say that this process will take some time.

Continue reading...

Friday 6 November 2020

Brexit: Regulating medical devices from 1 January 2021 in the UK

While the winds of Covid are blowing a bad air on Europe, the UK MHRA published in September 2020 the guidance on regulatory status of medical devices, IVD and AIMD from 1 January 2021.

Continue reading...

Friday 4 September 2020

FDA Guidance on Multiple Function Device Products

The FDA published in July the final version of the Guidance on Multiple Function Device Products. Despite the absence of the word "software" in the title, it addresses at first software medical devices. It also addresses hardware devices, but we will focus on software in this post.

Continue reading...

Friday 15 May 2020

Software release vs design transfer

A recurring question is the confusion, or more precisely the difference between software release of IEC 62304, and design transfer of ISO 13485.

Continue reading...

Sunday 3 May 2020

MDCG 2019-16 Guidance on cybersecurity for medical devices

So we have a new guidance on cybersecurity for medical devices: the MDCG 2019-16. This is not the one we expected so quickly, but we're not going to complain about the existence of this guidance! It was published in December 2019. At last I found time to write a review.
This guidance covers a broad range of topics applicable to all stakeholders in the medical device supply chains, and to end-users. It explains a bit why it is 46 pages long.

Continue reading...

- page 1 of 12