Documento sin título

New Standard for Medical Devices Software was released:
IEC 62304:2006 – Medical Device Software – Software Life Cycle Processes.

The International Electrotechnical Commission released on May 2006 the new standard for Medical Device Software IEC 62304:2006. This standard defines the life cycle requirements for medical device software. The set of processes, activities, and tasks described in this standard establishes a common framework for medical device software life cycle processes. It applies to the development and maintenance of medical device software when software is itself a medical device or when software is an embedded or integral part of the final medical device. On the other hand, it does not cover validation and final release of the medical device, even when the medical device consists entirely of software.

For those currently meeting IEC 60601-1-4 and FDA guidance docs, it is an evolution of current risk management driven, development life cycle process requirements, rather than an introduction of new concepts. One concept from FDA docs that has been incorporated is a safety classification system, based on the severity of the risk that's being mitigated. The higher the safety classification, the higher the burden of development life cycle controls. There are a number of helpful Annexes, including an Annex C, which explains the relationship of IEC 62304 to other standards, like ISO 14971, ISO 13485, IEC 60601-1-4, IEC 61508-3, and ISO 90003.

In order to avoid the problematic determination of probabilistic figures, alternative standard approaches propose to scale safety demands according to worst-case scenarios. This standard requires the classification of software components according to the harm their failure could cause and then requires software processes to be chosen dependant on the classification. This applies for example to the licensing of software for medical devices as shown in the following table:

Safety classification according to IEC 62304
Class A
No injury may occur to the patient or to the operator resulting from a hazard to which the software item may be a contributing factor
Class B
Non-serious injury may occur to the patient or to the operator resulting from a hazard to which the software item may be a contributing factor
Class C
Death or serious injury may occur to the patient or to the operator resulting from a hazard to which the software item may be a contributing factor

We can conclude that:
• This standard is aimed at acceptance by regulatory offices and its success depends on being harmonized by the EU and accepted by the FDA.
• Endorse the concept of software safety is related to software development processes.
• Defines a level playing field based on minimal acceptable processes
• Permits processes to be scaled according to risk

In the near future, meeting this standard is likely to be required to obtain CE mark of medical devices controlled by software or if software itself is a medical device.
Certification Organizations and manufacturers will experience significant changes as they adapt to IEC 60601-1:2005, but this process will bring about improvements in the safety and effectiveness of medical devices. Amongst other relevant changes, the enhanced role of risk management in compliance of ISO 14971 must be highlighted. Manufacturers will need to demonstrate that a risk management process is in place and that it has been applied to the device being certified, and data relevant to the compliance of IEC 60601-1 shall need to be included in the risk management file. This will also have an effect on the definition of the actual set of tests being performed.

For more information visit www.iec.ch