1. Definitions
Medical software includes all software used for healthcare, particularly for medical devices or medical devices (embedded software), and software that is itself a medical device (standalone software).
IEC/CD1 82304-1 (Health Software – Part 1: General requirements for product safety) distinguishes between the following terms:
- HEALTH SOFTWARE
Software intended to be used specifically for maintaining or improving health of individual persons, or the delivery of care
- MEDICAL SOFTWARE
Software intended to be used specifically for incorporation into a physical medical device or intended to be a SOFTWARE MEDICAL DEVICE
- SOFTWARE MEDICAL DEVICE
Software intended to be a medical device in its own right
- MEDICAL DEVICE SOFTWARE
Software intended to be used specifically for incorporation into a physical medical device
This clarifies that medical software can be a medical device but does not have to be.

Fig. 1: Medical software includes medical device software and software as a medical device (click to enlarge).
2. Regulatory requirements
a) Medical software – a medical device?
The question often arises as to when medical software meets the definition of a medical device. You can find a further discussion on this topic in the article on the classification of software as a medical device and in the article on the qualification and classification of IVD medical device software.
b) Regulations, laws, standards
Software that is a medical device or part of a medical device must meet the regulatory requirements:
- In Europe, the medical device regulations (MDR, IVDR) are relevant. However, these only contain relatively general regulations for software, which this article presents.
- IEC 62304 defines the life cycle processes for medical device software.
- IEC 82304-1 applies to all “health software”. IEC 82304-1 also requires conformity with the requirements of IEC 62304.
- There are also MDCG guidelines, e.g., MDCG 2019-11 and MDCG 2023-4.
- The FDA sets out specific requirements in its guidance documents, including specific requirements for medical software. It also answered many questions specifically about software as a medical device in this FAQ.
3. Support for medical device manufacturers
Benefit from the support of the Johner Institute:
Contact us right away so that we can discuss the next steps. This will ensure that the “approval” is a success and that your software or devices are quickly launched on the market.
C5 certificates are relevant for service providers and, where applicable, for medical device manufacturers. The German Digital Act (DigiG), which came into force at the beginning of 2024, redefines the requirements for cloud services in the healthcare sector. This article explains the most important aspects of C5 certification for medical device manufacturers and service providers…
Details
This article examines the AI Act’s applicability to manufacturers of medical devices and IVD that do not place AI-based devices on the market. Among other things, it answers the question of whether a manufacturer must comply with the AI Act if he uses ChatGPT or develops an AI system that classifies customer feedback for his…
Details
The EU AI Act has been published. Many manufacturers of medical devices and IVD, as well as other healthcare players, are faced with the major task of understanding the 140+ pages of legal text and complying with the requirements. Note: Infringements/violations of the AI Act are punishable by a fine of up to 7% of…
Details
The incorporation of AI in medical devices has made great strides, for example, in the diagnosis of disease. Manufacturers of devices with machine learning face the challenge of having to demonstrate compliance of their devices with the regulations. Even if you know the law – what are the standards and best practices to consider in…
Details
Regulation (EU) 2025/327 on the European Health Data Space (EHDS for short) is another European regulation that may affect medical device and IVD manufacturers. This article explains what this regulation requires and what these manufacturers have to do by when, as well as the possible advantages of the EHDS and the EHDS Regulation.
Details
ISO/IEC 42001 is titled “Information technology – Artificial intelligence – Management system.” The first medical device manufacturers have set out to be certified according to this standard. But are the efforts required to do so justified? Does ISO/IEC 42001 help to meet the requirements of the AI Act? This article provides answers.
Details
Software as Medical Device (SaMD) refers to (independent) standalone software that is a medical device but not part of one. It should not be confused with Medical Device Software as defined by the EU. As a manufacturer, when do you have to qualify Software as Medical Device, and when as Medical Device Software? Find out…
Details
More and more medical devices are using artificial intelligence e.g., to diagnose patients more precisely and to treat them more effectively.
Medical devices are increasingly based on closed-loop systems. These “closed-loop systems” are already mentioned in the Medical Device Regulation (MDR). One example is a system consisting of an insulin pump controlled by a device with a glucose sensor. In this article, you will learn what closed-loop systems are, where they are used in medicine, and what…
Details
Accessibility refers to the design of products and services that can also be used by people with physical limitations. The term “products and services” encompasses both physical and digital products and services. This also includes medical devices (physical devices, apps, other standalone software). This article explains which accessibility requirements manufacturers of medical devices should be…
Details