IEC 62304 - Compliance steps

K

KoD_RP

Hi,

My company is ISO:13485 certified and ISO:14971 complaint (almost).
I was wondering whether there is a guideline which identifies the modifications required on the QS in order to adapt to IEC 62304 as well?
As far as I have understood, we are not that far.

Thanks!
 

Pads38

Moderator
62304 clause 4.1 requires a quality system to be in place and suggests that ISO/IEC 90003 provides guidance of how to apply quality systems to software processes.

IEC 90003 uses a lot of the 12207 series of software engineering standards.

A further guidance that may be beneficial is IEC 80002, which deals with 14971 for software systems.
 

mihzago

Trusted Information Resource
I'll add one more guidance document that may be helpful to the list Pads38 provided: "Software as a Medical Device (SaMD): Application of Quality Management System" written by the IMDRF SaMD Working Group.

I don't think there are specific guidance documents describing how to adapt IEC 62304 within ISO13485 or other QMS standard.

One way to do it is to modify your design and development procedures to include IEC 62304 requirements. For example, if you have a procedure for project planning, make sure it covers all areas of section 5.1 of the standard.
Many of the sections of IEC 62304 fit well within the framework of ISO13485.
I'm attaching a matrix I put together, which shows relation between the FDA Design Controls, ISO 13485 and IEC 62304; hopefully that's helpful too.
 

Attachments

  • Software_Development_Lifecycle_Requirement_Matrix.pdf
    48.1 KB · Views: 838

Sravan Manchikanti

Starting to get Involved
I'll add one more guidance document that may be helpful to the list Pads38 provided: "Software as a Medical Device (SaMD): Application of Quality Management System" written by the IMDRF SaMD Working Group.

I don't think there are specific guidance documents describing how to adapt IEC 62304 within ISO13485 or other QMS standard.

One way to do it is to modify your design and development procedures to include IEC 62304 requirements. For example, if you have a procedure for project planning, make sure it covers all areas of section 5.1 of the standard.
Many of the sections of IEC 62304 fit well within the framework of ISO13485.
I'm attaching a matrix I put together, which shows relation between the FDA Design Controls, ISO 13485 and IEC 62304; hopefully that's helpful too.

Dear Mihzago,

Thank you very much for your IEC 62304 & ISO 13485 comparison document.

We are working on a QMS (ISO 13485 & MDSAP) for a SaMD product, which practically don't have any production process as such when compared to a typical hardware medical device. In that case, how would Section 7.5 Production and Service provision of ISO 13485 for SaMD look like when we consider IEC 62304 & IMDRF SaMD QMS guidance document? (a lot of sections look irrelevant to SaMD products)
  • Do you have any correlation document between ISO 13485 Vs IMDRF SaMD QMS guidance document?
  • How do you suggest on practical adoption of IMDRF SaMD QMS guidance document while fulfilling ISO 13485:2016 & MDSAP?
Appreciate your response.
 

yodon

Leader
Super Moderator
Regarding 7.5, it doesn't translate all that well to SaMD but there are some things to do. You could consider the production build environment and ensure all the build software is captured and controlled and the build procedures well defined (to enable, for example, a re-build possibly years later). That overlaps CM in 62304. One thing you want to be sure to do is to have a means to ensure the build is not corrupted; e.g., use a checksum value and build that confirmation in after / part of install. You still have UDI requirements probably so that kind of factors into the labeling aspect. You'll want to ensure you have traceability to any user that has the software. If, for example, you make it available for download from a website, you'll want to capture user info for use in the event of any notifications (including recalls).
 

mihzago

Trusted Information Resource
I'm not sure why you would need a correlation document, or try to adopt the IMDRF guidance. It is a guidance, it provides practical recommendations for how you should implement your QMS.

Most of 7.5 will not apply, but there are a few subsections that do.
For 7.5.1 you could explain in the Quality Manual that this section is addressed by product development process, including design transfer and design changes (assuming you don't ship any media or don't perform installations at customer sites).
You also have to explain or preferably have procedures for 7.5.6, 7.5.8 (configuration management?), 7.5.9, 7.5.10 (data privacy procedures?), and 7.5.11.
 
Top Bottom