Meeting Medical Software Regulatory Requirements

The development of a sound regulatory strategy is an essential starting point for medical device and in-vitro diagnostics (IVD) manufacturers. Regulatory strategy planning is critical to ensure compliance with all legislation and standards, particularly because the regulatory environment can vary from country to country. When developing a strategy, there are several factors that must be considered including customer needs and the nature of a particular target market.

What changes software into a medical device? The definition of a medical ‘device’ also tends to vary by country so a good starting point is the guidelines produced by the International Medical Device Regulators Forum (IMDRF).

In broad terms, a medical device is defined with regard to its intended use, clinical indications and efficacy claims. According to the IMDRF, software as a medical device (SaMD) is computer software intended to be used for one or more medical purposes and that perform those purposes without being part of a hardware medical device. Detailed information can be found in the organisation’s document IMDRF/SaMD WG/N10FINAL:2013. As part of the regulatory planning and classification, ensure that there is a clear and concise final product configuration.

The IMDRF is a voluntary group of medical device regulators from around the world, which currently includes members from Australia, Brazil, Canada, China, Europe Union (EU), Japan, Russia, Singapore and United States of America (USA).

KD&A provides expert regulatory consulting services to medical device and IVD companies that sell into Australian and international markets; helping demystify the process and help understand what needs to be done and when, as well as how much it will cost.

A tailored Regulatory Strategy Report by KD&A is a road map to market. The report identifies applicable target market regulatory requirements, and maps out the steps to meet requirements in preparation for market launch. Some requirements will feed into development and testing processes, and therefore must be part of early planning to avoid delays and additional cost.

In Australia and the EU, manufacturers are required to independently demonstrate the device is safe and performs its intended use. Companies must also show that the benefits outweigh the risk as well as prove all products claims.

Both the quality management system (QMS) and Technical File must be audited prior to certification. This requirement applies to devices higher then Class I. It can take some time to develop sufficient records for the QMS to be audited.

For sales in the USA, all medical devices must meet Food and Drug Administration (FDA) standards, with the majority of regulatory submissions—known as 510(k)’s—must demonstrate that the device is as safe and effective as another FDA cleared device.

KD&A’s, Kea Dent recently provided an insightful presentation about medical software regulation at Australia’s premier ANDHealth (Australia’s National Digital Health Initiative) conference 2017 in Melbourne.