Documentation and Submission Deliverables for Medical Device Software

mscottf

Scott Fine
Does anyone have a Word table or Excel file that provides the documentation required for an FDA pre-market submission (510(k) or PMA), including a comprehensive potential list of deliverables. I know that this exists in the FDA Guidance, but it does not include a list of deliverables.

I don't know if this has evolved in the last year or two with the 2015 amendment to IEC 62304, and considering the Guidance is from 2005.

Also, do you know if there is a Standard or Guidance that relates to medical device software that will connect to the "cloud". The closest I could come was IEC/TR 80001-1 Application of risk management for IT Networks incorporating medical devices, but I don't think that would be correct.

Thanks.
 

yodon

Leader
Super Moderator
FDA recognizes both 62304:2006 and amendment 1 (2015) so if you follow one of those, you will have the documentation expected.

The FDA Guidance for the Content of Premarket Submissions for Software Contained in Medical Devices (http://www.fda.gov/MedicalDevices/DeviceRegulationandGuidance/GuidanceDocuments/ucm089543.htm) also lists expected documentation based on (documented) level of concern, you would be compliant. It lines up pretty well with 62304 but I think 62304 is more comprehensive so if you follow that, you're probably in better shape.

The biggest change in 62304 Amd 1 is the recognition of legacy software and how to deal with it. Personally, I think Amd 1 is an improvement and closes a few concerns so I would recommend that.

Not aware of any guidance on software in / connecting to a cloud. You're on the right track, though, with the risk-based approach.
 

mihzago

Trusted Information Resource
As Yodon said, the FDA guidance on the software submissions is the document that defines the content of the 510(k) for software. The guidance and IEC 62304 both use level of concern, and while the match up for the most part, make sure you answer both sets of questions.

Another guidance you want to review is the Content of Premarket Submissions for Management of Cybersecurity in Medical Devices, which applies to any networked device, including software connecting to a cloud.
 
Top Bottom