Hello,
We have software registered as an IVD medical device. It is a legacy device, we registered to get a transition period under IVDR. No EC certificate. Only DoC, since under IVDD device falls under the "other" category.
When talking to our IT department, I discovered they made some changes to the software, and new versions were released. Those were not significant changes, but bug fixes and database updates. However, they did not do appropriate "IVDR documentation", especially release documentation.
We did all the missing documentation now (description of the change, demonstration that it is not a significant change, change management, ...). However, it can be seen in the system that we did it for past events. Also, the final release document (confirmation from the medical device responsible person to launch SW to production), cannot be done for the past.
My question is, what would happen if get surprise visit from local regulatory body and they see what happened? Do you thing things will be ok, since we documented everything for the past, and future work is done correctly? Or could we have some major problems due to what happened?
We have software registered as an IVD medical device. It is a legacy device, we registered to get a transition period under IVDR. No EC certificate. Only DoC, since under IVDD device falls under the "other" category.
When talking to our IT department, I discovered they made some changes to the software, and new versions were released. Those were not significant changes, but bug fixes and database updates. However, they did not do appropriate "IVDR documentation", especially release documentation.
We did all the missing documentation now (description of the change, demonstration that it is not a significant change, change management, ...). However, it can be seen in the system that we did it for past events. Also, the final release document (confirmation from the medical device responsible person to launch SW to production), cannot be done for the past.
My question is, what would happen if get surprise visit from local regulatory body and they see what happened? Do you thing things will be ok, since we documented everything for the past, and future work is done correctly? Or could we have some major problems due to what happened?