This content is only available to Standards Navigator subscribers. See our Subscribe page for information on subscriptions.
SoftwareCPR Standards Navigator provides information and tools related to standards that play a significant role in health software and software intensive medical devices. In addition to information on existing standards, SoftwareCPR Standards Navigator keeps you up to date on new standards activity and gives you expert insight into future changes to existing standards.
Recent standards and regulatory activity overview
- The third edition of ISO 14971 has been approved and will be published after final editing. The associated guidance document, TR ISO 24971 has also been approved and will be published by the end of 2019. Some key changes to ISO 14971 include:
- Changes to defined terms to align them with ISO/IEC Guide 63.
- Addition of defined terms benefit, reasonably foreseeable misuse and state of the art.
- The method that was used for the evaluation of overall residual risk is required to be defined in the risk management plan.
- Clarification that the criteria for the acceptability of the overall residual risk can be different from the criteria for the acceptability of individual risks.
- The review before commercial distribution of the medical device concerns the execution of the risk management plan. The results of the review are documented as the risk management report.
- The requirements for production and post-production activities have been clarified.
- Several informative annexes have been moved to TR 24971.
- TR 24971 has been greatly expanded and restructured. It now includes informative annexes formerly in 14971. Guidance in 24971 is now aligned with 14971 in structure and numbering of clauses and gives additional examples. Additional guidance is provided on specific aspects of risk management, including guidance on risks related to security and guidance on the use of components designed without using 14971.
- AAMI has produced a Consensus Report on Basic Introduction to the IEC 60601 Series. This document covers the structure of the IEC 60601 Series and provides basic information on the concepts and principles that the standards are built upon. It also covers U.S. national deviations from the IEC 60601 standards.
Medical Device Software
- A new international Technical Specification has been proposed for health and wellness apps. IEC 82304-2 Health and wellness apps – quality criteria across the life cycle – code of practice, will include a set of requirements for developers of health and wellness apps. It will include a set of quality criteria and cover the app project life cycle, through the development, testing, releasing and updating of an app. The new Technical Specification will be based on BSI PAS 277:2015, and is expected to become an International Standard sometime in the future.
- The FDA is continuing to pilot its Software Precertification Program for Software as a Medical Device. It recently released a mid-year update on its progress on evaluating the proposed Pre-Cert pathway against its traditional review process.
- An initial working draft of IEC 80001-5-1 Security Activities in the Product Lifecycle has been circulated for comment. This document specifies activities that the manufacturer of health software shall perform towards the information security of the health software product. These activities extend the processes required by IEC 62304.
- A committee draft of IEC TR 60601-4-5 Safety related security specifications has been circulated for comment. This document provides IT security specifications for medical devices connectable to medical IT networks. The intent of this document is to specify security capabilities that enable a medical device to be integrated into a medical IT network at a given security level.
While health apps and security continue to get the most discussion and debate regarding regulation and standards, a new topic is gaining attention, Regulation and standards for Artificial Intelligence are just beginning to be discussed. Both national and international standards groups have task forces currently investigating how AI impacts existing standards and what standards might be needed for use of AI in health applications and medical devices. This is likely to be an area of increasing activity in the next few years.
- FDA has released a discussion paper that proposes a framework for regulation of medical devices that incorporate AI that utilizes adaptive machine learning techniques. They are seeking feedback on a number of topics related to machine learning and regulation of modifications to a medical device based on machine learning.
- AAMI and BSI have published a set of recommendations for determining the role of standards in the regulation of Artificial Intelligence in medical devices.
- AAMI is developing a white paper on the use of AI in medical devices and health applications. The white paper will discuss:
- What is different about AI and why the differences are important
- Clarify AI concepts and terms related to medical devices
- Discuss potential regulatory approaches
- Propose development of specific consensus standards
AAMI’s timeline is to have a draft of this white paper this summer, with a final version by the end of the year.