How MDR regulates software?

How MDR regulates software?

Artificial Intelligence (AI) has been used more and more in healthcare. When it comes to medical devices, the most frequently used AI technique is machine learning (Joher Institute, 2019). There are two main points that manufacturers are challenged by:

  • Classification of medical devices;
  • Demonstrating conformity of devices, i.e. which standards and practices should be followed when manufacturing compliant machine learning medical devices.

Classification

As software is defined as an active device, for the classification of active (hardware) devices, which also includes Medical Device Software providing information for patient management, Rule 9, 10, 11, 12 ,13, 15 or 22 of Annex VIII of the Medical Device Regulation (MDR) should be considered. In line with implementation rule 3.5, the strictest rule or sub-rule should hence apply.

The Medical Device Coordination Group has published a guidance concerning the classification of these devices, Guidance on Qualification and Classification of Software in Regulation (EU) 2017/745 – MDR and Regulation (EU) 2017/746 – IVDR.

The main change, as opposed to the Medical Device Directive, is that the majority of these devices will no longer be considered as Class I devices:

‘’Software intended to provide information which is used to take decisions with diagnosis or therapeutic purposes is classified as class IIa, except if such decisions have an impact that may cause:

  • death or an irreversible deterioration of a person's state of health, in which case it is in class III; or
  • a serious deterioration of a person's state of health or a surgical intervention, in which case it is classified as class IIb. Software intended to monitor physiological processes is classified as class IIa, except if it is intended for monitoring of vital physiological parameters, where the nature of variations of those parameters is such that it could result in immediate danger to the patient, in which case it is classified as class IIb.
  • All other software is classified as class I’’ (Official Journal of the European Union, 2017, Annex VIII, Chap.III, Rule 11).

Demonstrating compliance with General Safety and Performance Requirements

Manufacturers shall demonstrate compliance with the applicable general safety and performance requirements listed in Annex 1 of the MDR, including the specific requirements related to electronic programmable system to ensure repeatability, reliability and performancein line with their intended use.

In the event of a single fault condition, appropriate means shall be adopted to eliminate or reduce as far as possible consequent risks or impairment of performance (Official Journal of the European Union, 2017, annex I, 17.1):

  • To ensure that the software is developed and manufactured in accordance with the state of the art considering the principles of development life cycle, risk management, including information security, verification and validation (Official Journal of the European Union, 2017, annex I, 17.2);
  • Software intended to be used in combination with mobile platforms, must be designed and manufactured considering specific features of the mobile platform and the external factors related to the use (Official Journal of the European Union, 2017, annex I, 17.3);
  • Manufacturers shall set out minimum requirements concerning hardware, IT networks characteristics and IT security measures, including protection against unauthorised access, necessary to run the software as intended (Medical Device Coordination Group, 2020b). At the moment, no harmonized standard providing presumption of conformity with the relevant general safety and performance requirements specified in Annex 1 of the MDR has yet been published.

However, the following harmonized standards published in context of the medical device directive represents today the state of the art and may be used with the understanding that they may not be totally in line with the requirements set out in MDR. Therefore, it is advised to use them together with the MDR.

  • ISO 13485:2016
  • IEC 62304:2006
  • IEC 62366-1
  • ISO 14971
  • IEC 82304

More room to improve

2020 has been a year of digitalisation. As such, it comes as no surprise that the main healthcare players have been focused on AI. This resulted in the establishment of:

Our team is closely monitoring the news in the sector and is experienced in reclassification of medical devices with software. Are you a medical devices software manufacturer? Will your device be re-classified under the MDR?


18/12/2020

Nika Gavrilovic

Obelis Publishing department


Contact Obelis today and assure your devices can stay on the EU market as Class I Legacy devices!

Get in touch

References: