Remember the 2005 guidance document, Guidance for the Content of Premarket Submissions for Software Contained in Medical Devices? In 2020 that guidance is as relevant as ever, and it can be useful to review what we know about the FDA’s expectations regarding Level of Concern (LOC) in medical devices. LOC is important if for no other reason than it determines what manufacturers should include in their premarket submission. The higher the LOC, the more extensive documentation the FDA “recommends” manufacturers submit.
Since manufacturers must state the LOC in their submission, and describe how they arrived at that LOC, it is important to understand the definition of LOC. As a term of art, Level of Concern means “an estimate of the severity of injury that a device could permit or inflict, either directly or indirectly, on a patient or operator as a result of device failures, design flaws, or simply by virtue of employing the device for its intended use.” For software specifically, LOC also implicates the “role of the software in causing, controlling, and/or mitigating hazards that could result in injury to the patient or the operator.”
Before jumping in to the three different levels of concern, note that LOC is not necessarily related to device classification or hazard or risk analysis. The FDA suggests that LOC be determined before any mitigation of relevant hazards. This means that mitigations, regardless of their effect on the individual hazards, do not necessarily decrease the LOC for a device.
What are the Levels of Concern?
Determining LOC for a Device
Documentation Based on LOC
Remember, LOC is about what documentation should be submitted to the FDA. Just because a manufacturer of a device with a Minor LOC does not have to submit as many documents as a manufacturer of a device with a Moderate or Major LOC, does not mean that the Minor LOC device manufacturer should not perform tests or keep documentation for a potential FDA inspection. The LOC flowchart and suggestions in this guidance are more about clerical ease – they govern paperwork to be submitted, but they do not necessarily excuse a manufacturer from “work” in the software development process.
There is some software documentation that must be submitted for all devices, regardless of the LOC. That list is:
- Level of Concern Statement
- Software Description
- Device Hazard Analysis
- Traceability Analysis
- Revision Level History
The list of software documentation that differs based on the LOC is:
- Software Requirements Specification
- Architecture Design Chart
- Software Development Environment Description
- Verification and Validation Documentation
- Unresolved Anomalies
In this list, the Moderate and Major LOC devices mostly have similar documentation requirements, although the Major LOC devices have additional requirements for the Software Development Environment Description and the V&V Documentation. Of these five types of documentation, only one category (V&V documentation) is required at the time of submission for Minor LOC devices. However, as previously mentioned, that does not mean that a manufacturer of a Minor LOC device does not need to perform any activity except V&V. This is the case even if a standard purports to exempt that type of device from some documentation – that is not what the FDA intended to convey with their LOC flowchart. When you think of the Guidance for the Content of Premarket Submissions for Software Contained in Medical Devices, think of the LOC flowchart as a list of submission requirements that the manufacturer can (and maybe should) exceed for their own records.
Read our initial impression of the guidance here: CBER Software Submission Guidance FDA CDRH
