Medical software includes all software used for healthcare, particularly for medical devices or medical devices (embedded software), and software that is itself a medical device (standalone software).
IEC/CD1 82304-1 (Health Software – Part 1: General requirements for product safety) distinguishes between the following terms:
HEALTH SOFTWARE Software intended to be used specifically for maintaining or improving health of individual persons, or the delivery of care
MEDICAL SOFTWARE
Software intended to be used specifically for incorporation into a physical medical device or intended to be a SOFTWARE MEDICAL DEVICE
SOFTWARE MEDICAL DEVICE
Software intended to be a medical device in its own right
MEDICAL DEVICE SOFTWARE
Software intended to be used specifically for incorporation into a physical medical device
This clarifies that medical software can be a medical device but does not have to be.
Fig. 1: Medical software includes medical device software and software as a medical device (click to enlarge).
Software that is a medical device or part of a medical device must meet the regulatory requirements:
In Europe, the medical device regulations (MDR, IVDR) are relevant. However, these only contain relatively general regulations for software, which this article presents.
IEC 62304 defines the life cycle processes for medical device software.
IEC 82304-1 applies to all “health software”. IEC 82304-1 also requires conformity with the requirements of IEC 62304.
There are also MDCG guidelines, e.g., MDCG 2019-11 and MDCG 2023-4.
The FDA sets out specific requirements in its guidance documents, including specific requirements for medical software. It also answered many questions specifically about software as a medical device in this FAQ.
Do you have questions about developing and approving medical devices that contain or are software? Our free micro-consulting will provide you with answers.
In the medical software compact seminar, you will acquire the prescribed competencies. You will learn about and fulfill the legal requirements for software development.
The Medical Device University’s video training will help you to create a lean and IEC 62304-compliant “software file” step by step. In addition, a complete set of templates takes a lot of work off your hands.
Have the IT security of your software evaluated using penetration tests.
Contact us right away so that we can discuss the next steps. This will ensure that the “approval” is a success and that your software or devices are quickly launched on the market.
MDCG published guideline MDCG 2023-4 in October 2023 entitled “Medical Device Software (MDSW) – Hardware combinations – Guidance on MDSW intended to work in combination with hardware or hardware components.”
Both the FDA and IEC 62304 recognize software developed by third parties. They refer to Off-the-Shelf Software (OTS) and Software Of Unknown Provenance (SOUP). What is the difference between OTS and SOUP? What do they have in common? What legal requirements do they have to meet? This article provides answers.
For manufacturers, the answer to whether and when clinical studies are necessary when using artificial intelligence in medical devices is relevant. After all, the duration and cost of bringing these devices to market depend on this. The good news in advance: there are cases where manufacturers can avoid clinical studies for devices with AI. This…
The term “medical device PC” is not clearly defined. However, most people understand a medical device PC to be Depending on the constellation, manufacturers must fulfill different regulatory requirements. These are presented in this article.
IEC 80001-1 has the long title “Application of risk management for IT-networks containing medical devices – Part 1: Tasks, responsibilities and activities“. This article reveals what the standard requires and why manufacturers should also consider it.
The V-model is a development process model that was originally used for government projects (e.g., armaments). To this day, it is still anchored in many people’s minds and in standards for projects in regulated environments (e.g., medical technology, banks). This leads to disputes in teams that prefer agile development processes. This article helps to resolve…
Laws and standards formulate requirements on how medical device manufacturers must define and document the development process. Notified bodies check these requirements during audits. This article on the development process provides tips on how to design the process and how to align it with other processes, such as the risk management process.
Medical software manufacturers must meet the legal requirements for software components in order to “approve” their devices. This article presents these requirements and gives seven tips on how to fulfill them quickly and easily.
Since 2020, the German legislature has allowed the reimbursement of digital health applications (DiGA). DiGA manufacturers must fulfill several requirements for this. This article describes the steps required to do so.
The cybersecurity standard IEC 81001-5-1 focuses on how IT security needs to be taken into account in the software life cycle. As a special standard for health software, it supplements IEC 82304-1 and IEC 62304 among others, and can close gaps that urgently need to be closed. The EU is currently planning to harmonize IEC…
We need your consent before you can continue on our website.If you are under 16 and wish to give consent to optional services, you must ask your legal guardians for permission.We use cookies and other technologies on our website. Some of them are essential, while others help us to improve this website and your experience.Personal data may be processed (e.g. IP addresses), for example for personalized ads and content or ad and content measurement.You can find more information about the use of your data in our privacy policy.You can revoke or adjust your selection at any time under Settings.
If you are under 16 and wish to give consent to optional services, you must ask your legal guardians for permission.We use cookies and other technologies on our website. Some of them are essential, while others help us to improve this website and your experience.Personal data may be processed (e.g. IP addresses), for example for personalized ads and content or ad and content measurement.You can find more information about the use of your data in our privacy policy.Here you will find an overview of all cookies used. You can give your consent to whole categories or display further information and select certain cookies.