We have some software in development.
Initially we weren't developing this software along 62304, but had performed some of the early 62366 use related risk anticipations to help place the product concept / use specification in less risky waters.
I am wondering about how, when and whether to count some of these in regard to 62304's software safety classifications.
Basically all of these early "controls" I'm considering were applied by limiting features and changing the intended use and indications for use. In 62366 speak they are applied all the way down at the use specification level.
The hazardous situations we workshopped would only arise and convert into harms with some gross, deliberate off-label misuse or use in the wrong environment(actually th wrong institution) and even then by breaking with institutional procedure.
Would a 62304 classification exercise take these preliminary, pre-user need controls into account? Are Off-label uses considered?
I expect the following:
Off-label misuse could ostensibly place software in C
On-label use places the software in A or B
How and what stages do people generally sensibly synergise their 62366 and 62304 processes?
Hope this makes sense and follows forum rules. I did look for an answer for a long time, I promise!
Initially we weren't developing this software along 62304, but had performed some of the early 62366 use related risk anticipations to help place the product concept / use specification in less risky waters.
I am wondering about how, when and whether to count some of these in regard to 62304's software safety classifications.
Basically all of these early "controls" I'm considering were applied by limiting features and changing the intended use and indications for use. In 62366 speak they are applied all the way down at the use specification level.
The hazardous situations we workshopped would only arise and convert into harms with some gross, deliberate off-label misuse or use in the wrong environment(actually th wrong institution) and even then by breaking with institutional procedure.
Would a 62304 classification exercise take these preliminary, pre-user need controls into account? Are Off-label uses considered?
I expect the following:
Off-label misuse could ostensibly place software in C
On-label use places the software in A or B
How and what stages do people generally sensibly synergise their 62366 and 62304 processes?
Hope this makes sense and follows forum rules. I did look for an answer for a long time, I promise!