Featured Product
This Week in Quality Digest Live
FDA Compliance Features
Kari Miller
An effective strategy requires recruiting qualified personnel familiar with the process and technology
Dario Lirio
Modernization is critical to enhance patient experience and boost clinical trial productivity
Alexander Khomich
Healthcare software opens up opportunities for clinics in both management and patient care
Gary Shorter
Pharma needs to adapt and evolve with the changing environment of life science data
Etienne Nichols
Quality management system regulation explained

More Features

FDA Compliance News
Delivers time, cost, and efficiency savings while streamlining compliance activity
First trial module of learning tool focuses on ISO 9001 and is available now
Free education source for global medical device community
Good quality is adding an average of 11 percent to organizations’ revenue growth
Further enhances change management capabilities
Creates adaptive system for managing product development and post-market quality for devices with software elements
VQIP allows for expedited review and importation for approved applicants that demonstrate safe supply chains
An invite from Alcon Laboratories
Intended to harmonize domestic and international requirements

More News

Russ King

FDA Compliance

It’s Time to Get IEC 62304 Before It Gets You

Compliance is determined by a review of all required documentation, including risk management

Published: Wednesday, September 24, 2014 - 10:50

Food and Drug Administration (FDA) medical device recalls are on the rise. An increasingly active FDA coupled with an increase of medical device software components is adding up to new challenges for manufacturers. It’s important to understand how the FDA uses IEC 62304, an international standard developed by the International Electrotechnical Commission (IEC) that, among other things, says product testing by itself is not enough to prove software is safe for patients using the medical device.

The standard provides a common framework for medical device manufacturers to develop software. Conformance with this standard provides evidence that there is a software development process in place that fulfills the requirements of the Council of the European Union’s Directive 93/42/EEC of June 14, 1993 concerning medical devices. Because IEC 62304 has been harmonized with Directive 93/42/EEC in the European Union and recognized as a consensus standard by the FDA in the United States, IEC 62304 can be used as a benchmark to comply with regulatory requirements in both markets. To date, this standard has been recognized in most countries that use compliance standards to fulfill regulatory requirements.

Complying with IEC 62304 enhances the reliability of your device’s software by requiring attention to detail in design, testing, and verification, ultimately improving the overall safety of the medical device.

Here’s the $64,000, or usually much higher, question: Does your device have to meet the IEC 60601-1 requirements for basic safety and essential performance of medical electrical equipment?

The European Union has been using IEC 62304 since 2008, but it has gained even more traction with its incorporation into the third edition of IEC 60601-1’s Amendment 1. The inclusion of Amendment 1 shifted the standard from a recommendation to a requirement if your device utilizes software.

For those who design or manufacture medical electrical equipment, IEC 60601-1 is one of the most important safety and performance standards to meet. The standard addresses critical safety issues, including electrical shocks and mechanical hazards, such as pinching, crushing, and breaking. Devices that must meet IEC 60601-1 requirements include those that:
• Diagnose, treat, or monitor the patient under medical supervision
• Make physical or electrical contact with the patient
• Transfer energy to or from the patient
• Detect such energy transfer to or from the patient

IEC 60601-1 clause 14 requires manufacturers to comply with IEC 62304 unless the device’s software has no role in providing basic safety or essential performance, or unless risk analysis demonstrates that a failure of any programmable electronic safety system (PESS) does not lead to an unacceptable risk.

Basic safety is the main focus of IEC 60601-1. It’s important that you conduct a risk analysis to identify your device’s level of unacceptable risk and determine the role of software in risk mitigation. This analysis will determine the applicable basic safety requirements for your device and, for some requirements, the test parameters that need to be used by the test laboratory.

The most common mistake that medical device manufacturers make is that they do not always assess which elements of risk their software mitigates. These are the elements that must be addressed by IEC 62304. For example, what would happen if the manufacturer of a hoist didn’t properly vet the software that signaled the hoist to lower the patient at a certain speed? If a patient were lowered too quickly—or not at all—there would be a risk management nightmare. Because software plays a role in the basic safety functions of the hoist, it must comply with IEC 62304’s requirements.

In conjunction with IEC 60601-1, IEC 62304 is intended to minimize the occurrence of these situations. When device software is mitigating a known potential hazard, ensuring that the code is developed properly is critical for managing patient safety as well as liability to the manufacture.

It can be difficult to determine if a device’s software is tied to its essential performance, especially because the definition of essential performance has been widely debated for years. Thankfully, the definition and requirements for essential performance changed with Amendment 1 of IEC 60601-1 to help provide more clarity.

Determining essential performance begins with a list of all functional aspects of your device, including accuracy, measurements, and its capabilities. Once you identify these items, determine whether any of these are already covered by the basic safety requirements of IEC 60601-1 or whether any item is not part of the device’s intended use. Then—and this is key—every item remaining gets posed the question, “If this item degrades, will it create a risk for the patient?” If the answer is yes, you must identify how its functionality must be maintained so the risk is still acceptable. This is your essential performance.

A good example to help clarify the effect of essential performance on IEC 62304 is accuracy. Consider a device that claims its essential performance is accurate within 5 percent. If the device is relying on software to maintain that accuracy or provide an alert when accuracy is outside of 5 percent, and that software fails, then the manufacturer will be unable to detect if the device’s essential performance is being met. This means the software is providing essential performance.

Once you know your device software is responsible for essential performance, you must comply with IEC 62304 to ensure there is no unacceptable risk to a patient.

There are several situations that manufacturers often don’t realize require compliance with IEC 62304. These product features can create major headaches and costly delays if they are not properly developed. These scenarios include:

Alarms and alerts
Alarms are often an essential performance requirement because they are intended to detect abnormalities. If the alarm was removed, the device would no longer meet its performance requirements, making the risk unacceptable. Software is used to detect the issue, instigate the alarm, and make the sound.

Speed and position sensors
These sensors are in place to address basic safety concerns. For example, a hospital bed has a position sensor to keep it from crushing the operator’s foot, and mammography equipment has sensors to gauge compression. Devices like these use software to limit range of motion, speed, and force.

Algorithms are frequently used with physiological monitoring. If the software is removed, the device is no longer able to operate as intended, resulting in the algorithms being part of essential performance.

It is important to note that these situations apply to the patient, operator, or service personnel.

Once you know you must comply with IEC 62304, how do you go about preparing for it? To start, know that compliance with this standard is defined as implementing all of the processes, activities, and tasks identified in the standard in accordance with the software safety class. IEC 62304 does not prescribe a particular organizational structure or specific format for documentation, however. Compliance is determined by a review of all required documentation, including the risk management file.

Editor’s note: In Part 2, we’ll take a look at the best way to approach risk management.

First published Sept. 15, 2014, on the AssurX blog.


About The Author

Russ King’s picture

Russ King

Russ King is president of Methodsense, a consulting firm that helps clients deliver medical and technological breakthroughs by effectively meeting the requirements needed to bring their products to market.