Certification of Medical Systems — Part 3

Written by Todd Brian, Validated Software.

In Part 1 of this series, we looked at off-the-shelf software, and the costs of saftey-critical products.

In Part 2, we examined the processes for developing and validating safety-critical products.

In this part, we'll look at the regulatory environment for medical devices.

Medical Device Market Regulatory Environment

The rules and regulations for medical devices come in two categories: technical and non-technical. Development standards and the product cycle fall within the first category, and non-technical governance falls into the second.

There are three broad types of organizations in the medical device field:

Manufacturers Involved in development, manufacturing, and sales
Regulators Government or non-governmental groups responsible for standards compliance
Industry and Standards Bodies International and regional groups that work to protect the industry and customers

The various players within the medical market may be active in more than one of these fields.

The Regulators

The laws and regulatory constraints that apply to a manufacturer of medical equipment demand a substantial time and expense commitment from manufacturers. And manufacturers that sell their products internationally face a vast, convoluted, and complex morass of global laws, regulations and statutes.

Each nation has its own agency that controls its medical market. In the U.S., Congress confers power to the FDA. In the European Union, the European Parliament and the Council of the EU, empower the Competent Authorities of member states with the responsibility. Such countries as Japan, Canada, Mexico, and Great Britain have a similar approach to regulation.

Industry and Standards Bodies

Medical standards are created by an array of voluntary associations made up of members and stakeholders from within the medical market. While federated employees also participate in the standards groups, standards represent a consensus on best practices that will benefit the industry as a whole. The goals are focused on improving the overall industry.

There are three primary international standardization organizations for medical devices: the International Organization for Standardization (ISO), the International Electrotechnical Commission (IEC), and the International Telecommunication Union (ITU). Generally, ITU covers telecommunications, IEC covers electrical and electronic engineering, and ISO covers the remainder.

The Institute of Electrical and Electronics Engineers (IEEE), and the Association for the Advancement of Medical Instrumentation (AAMI) also play roles in standards and guidance. The Global Harmonization Task Force (GHTF) is dedicated to harmonizing the different technical standards to achieve uniformity worldwide.

The Regulatory Environment in the United States

The U.S. FDA regulates food, drugs and medical devices within the U.S. The Center for Devices and Radiological Health (CDRH), a branch of the FDA, is responsible for the premarket approval of all medical devices, and oversees the manufacturing, performance and safety of these devices. The FDA's authority derives from Title 21 of the Code of Federal Regulations (CFR).

Depending on their classification, either the 510(k) or the Pre-market Approval (PMA) process governs FDA/CDRH compliant devices. Determining which application process to use is not complex, but it does seem to be somewhat arbitrary. Therefore, it is recommended that prior to making any assumptions about the device type, class or application process that the following determinations are made for a medical device:

  • The degree of development rigor placed on the manufacturer is dependent on a number of factors including the intended use of the device and predicate device classification play a large role in establishing the class of the device. The FDA allows a great deal of latitude in establishing predicated use. Attempts should be made to either reduce or eliminate the degree of regulatory controls placed on the device in question.
  • Work closely with the FDA or a qualified consultant throughout the process to avoid mistakes that require restarting the process.

FDA 510(k)

While one often hears the term “Certification” and “FDA 510(k)/PMA” used in the same sentence, in reality the 510(k) is not really a standard. It is the section of the Federal Food, Drug and Cosmetic Act (FD&CA) that defines how medical devices requiring FDA review qualify to be sold in the US market. The FDA 510(k) process is used to obtain marketing clearance for a device that is substantially equivalent in safety and effectiveness to another lawfully marketed device, or to a standard recognized by the FDA when used for the same intended purpose.

FDA Premarket Approval

Pre-market Approval (PMA) is the most stringent type of application required by the FDA and applies to “Class III” devices such as life-support devices, devices with the potential to do great injury or new devices, which have an unknown safety and hazard potential. To gain approval, the manufacturer must present adequate scientific evidence to assure that the device is safe and effective for its intended uses.

FDA Development Guidance

Once the application and device are established, the FDA provides the following documentation that provides guidance as to how the software should be developed, documented and controlled:

  • Guidance for the Content of Premarket Submissions for Software Contained in Medical Devices
  • General Principles of Software Validation
  • Guidance for Off-the-Shelf Software Use in Medical Devices
  • Cybersecurity for Networked Medical Devices Containing Off-the-Shelf (OTS) Software

The IEC 62304 Standard incorporates equivalent or superior software life-cycle processes compared with those above, and it is recognized in more markets than the FDA’s clearance.

Device Class

The FDA defines medical devices in three classes, which are assigned based on the level of potential hazard associated with a device. The probability that harm will manifest also influences the class of the device.

  • Class I devices represent the lowest degree of hazard and are subject to the lowest amount of regulatory controls. Many Class I devices are exempt and do not have to apply for clearance. If not found exempt, then a 510(k) is required.

Low-hazard devices are devices such as thermometers, blood pressure monitors, and certain laboratory equipment.

  • Class II has a higher likelihood of hazard and is therefore subject to greater number of regulatory controls. There are also a number of exempt Class II devices. If not found exempt, then a 510(k) is required.
  • Class III is associated with the greatest hazard and level of regulatory controls and is required to submit a PMA. Some Class III devices that have a manufacturer with a proven record of safety, use best practices, etc., may be allowed to use the 510(k) option.

Life-support and critical monitoring equipment are generally considered to be high-hazard devices. If they fail or are faulty, the probability for an adverse patient outcome is high. Devices that have the potential of doing significant harm to the operator also qualify as a Class III device.

Examples include anesthesia equipment that has the potential to harm more than the patient. During an operation, it can release a flammable gas and pure O2 into an enclosed space. Another class of device that is usually considered a class III device is a therapeutic device that uses energetic energy as part of the therapy. Neutron or electron treatment devices can do large degrees of harm if they fail, or used improperly.

Level of Concern (FDA/CDRH)

Not to be confused with the Medical Device Classification (Class I, II, or III), the FDA has defined additional protocols for devices that use or contain software. The Level of Concern (LOC) protocol is a measure of the hazard contributed solely by the software.

The LOC for software falls into one of three categories:

Major The software LOC is Major if the software could contribute, either directly or indirectly result in death or serious injury to the patient or operator.
Moderate The software LOC is Moderate if the software could contribute, either directly or indirectly result in minor injury to the patient or operator.
Minor The software LOC is Minor if failures or latent design flaws are unlikely to cause any injury to the patient or operator.

The FDA provides Table 2-01 [10] to assist in determining the degree of Verification and Validation that is required in order to support the clearance of the device.

Software Documentation Minor Concern Moderate Concern Major Concern
Level of Concern A statement indicating the Level of Concern and a description of the rationale for that level.
Software Description A summary overview of the features and software operating environment.
Device Hazard Analysis Tabular description of identified hardware and software hazards, including severity assessment and mitigations.
Software Requirements Specification (SRS) Summary of functional requirements from SRS. The complete Software Requirements Specification (SRS) document.
Architectural Design Chart No documentation is necessary in the submission. Detailed depiction of functional units and software modules. May include state diagrams as well as flow charts.
Software Design Specification (SDS) No documentation is necessary in the submission. Software Design Specification (SDS) document.
Traceability Analysis Traceability among requirements, specifications, identified hazards and mitigations, and verification and validation testing.
Software Development Environment Description No documentation is necessary in the submission. Summary of software life cycle development plan, including a summary of the configuration management and maintenance activities. Summary of software life cycle development plan. Annotated list of control documents generated during development process. Include the configuration management and maintenance plan documents.
Verification and Validation Document (V&V) Software functional test plan, pass / fail criteria, and results. Description of V&V activities at the unit, integration, and system level. System level test protocol, including pass/fail criteria, and tests results. Description of V&V activities at the unit, integration, and system level. Unit, integration and system level test protocols, including pass/fail criteria, test report, summary, and tests results.
Revision Level History Revision history log, including release version number and date
Unresolved Anomalies No documentation is necessary in the submission. List of remaining software anomalies, annotated with an explanation of the impact on safety or effectiveness, including operator usage and human factors.

Regulatory Environment in the European Union

Medical devices in the European Union and the standards that govern them have been harmonized and codified under a set of comprehensive Medical Device Directives. The primary directives are:

  • Directive 90/385/EEC for implantable medical devices
  • Directive 2007/47/EEC medical devices
  • Directive 98/79/EC in vitro diagnostic medical devices

2007/47/EC is a set of regulations comparable to the ones discussed in the Regulatory Environment in the U.S.

EUDevice Classes

The EU uses a ranking system similar to the FDA’s except it allows for four categories, ranging from low risk to high risk.

  • Class I (including Is & Im)
  • Class IIa
  • Class IIb
  • Class III

The difference between a Class IIa, and Class IIb device are beyond the scope of this article.

The final part in this series will look at the various medical device standards.

Tags: , ,

Questions or Comments?

Have a question or a suggestion for a future article?
Don't hesitate to contact us and let us know!
All comments and ideas are welcome.