Is it possible to assign medical software to security class A (according to IEC 62304)?

MaHoDie

Starting to get Involved
Hello everyone,

I wonder if medical software can be classified as safety class A (according to IEC 62304) - in other words: can my software really not contribute to a hazardous situation? Or: my software contributes to a hazardous situation, but without an unacceptable risk (when external control measures are included)? Is that really realistic? What do you think? Any examples?

Thank you in advance
Best wishes
 

shimonv

Trusted Information Resource
Personally, I have not worked with a software with safety class A, but I am sure it is exists. Most medical software have class B or class C safety classification. This is because manufacturers wants to give the users maximum controls…
You could, for example, offer the users, an optional software tool, that displays information, non-critical information, on your cell phone without the option of activating the device. That could be a class A software.

Shimon
 

MaHoDie

Starting to get Involved
Thank you very much for your reply(s) and your examples. Your example shimonv is good - thanks. But is such software still medical software? Like a medicine: without side effects there are no effects. What do you think?!
 

shimonv

Trusted Information Resource
Hi MaHoDie,
Software is not like medicine because you have to consider 'risk control measures external to the software system'. So, for example, if you have a detector movements which are software controlled BUT you also have a manual override button and a pressure sensitive device on the detector for automatic stop in case it comes too close to the patients body, than that particular piece of software may have safety class A.

I would say that since 'risk control measures external to the software system' are costly, we end up with the vast majority of software as safety class B or C.

Shimon
 

MaHoDie

Starting to get Involved
Shimon you are absolutely right! wow thanks for your thoughts This concept of IEC 62304 keeps me pondering. But your example is really good!
 

Fadila19821982

Starting to get Involved
Hello Everyone,
This dicussion is really interresting about software classification. As you are mentionning risk control measures; how would you classify pops up in SaMD? is this inherent safety by design, protective measure or information for safety? Thank you.
Fadila
 

MaHoDie

Starting to get Involved
Hi Fadila,
it would be protective measure.
Because: inherent safety by design would be e.g., "Eliminating the hazard of sharp edges that can cause injury by designing the surfaces with rounded edges" or "Reducing the probability of unauthorised access to data by identity management."
but in your case the pop ups seem to be measures against an identified hazard/ hazardous situation. Such hazards couldn't be avoided by design (otherwise you did it) and therefore you are introducing pop ups.
Pop ups force an interaction and the attention with/of the user (this is important). An exampe would be: "Using visual or acoustic alarms to alert the user to a hazardous situation".

Finally, information for safety are mostly in the IFU or are warnings on the medical device.

Check also ISO TR 24971:2020 Chapter 7.1.1 for a list of examples (the examples here are also from there)
 
Top Bottom