Per IEC 62304, are DHF documents Configuration Items?

cwilburn

Starting to get Involved
#1
Our company provides software development services for medical device manufacturers. We use a configuration management tool for all of our documents, like planing docs, requirements, design, verification docs, etc. I am revising our software configuration management SOP and SCMP template to be compliant with 62304 - are documents considered "configuration items"?

Thanks,
Cathy
 
Elsmar Forum Sponsor

yodon

Leader
Super Moderator
#2
I say yes.

The definition of a configuration item is: entity that can be uniquely identified at a given reference point

(So no exclusion there). Then 8.1.1 says:

The MANUFACTURER shall establish a scheme for the unique identification of CONFIGURATION ITEMS and their VERSIONS to be controlled for the project. This scheme shall include other SOFTWARE PRODUCTS or entities such as SOUP and documentation. [Class A, B, C]

(Still no exclusion)

And finally, 8.1.3 (note placement under 8.1 Configuration Identification):

8.1.3 Identify SYSTEM configuration documentation
The MANUFACTURER shall document the set of CONFIGURATION ITEMS and their VERSIONS that comprise the SOFTWARE SYSTEM configuration. [Class A, B, C]

(Rather explicit INCLUSION, I'd say.)

That said, documents are generally managed through Doc Control; i.e., not so much under the SCM system. So the point is to ensure proper configuration control over everything that goes into the software system.
 

glork98

Involved In Discussions
#3
It depends on how you choose to define it. I'd say "no." The documents that go into the DHF are covered by the general quality system. (That's why they're in the DHF.) Pushing them into the SW CM system will create a redundant storage location.

I'll say this: I've never seen DHF work products placed into the Configuration Management system as part of the quality system. I see people putting informal _copies_ of documents there as it's convenient for SW to do. The docs are released into the DHF and put into electronic, or paper, storage per the corporate policies like docs from all other areas.

Now, there's nothing stopping a company from integrating the SW CM system with the DHF system. It's just electronic storage with version control and handy for all electronic work products. I think that'll become common in the future.
 

yodon

Leader
Super Moderator
#4
It depends on how you choose to define it. I'd say "no." The documents that go into the DHF are covered by the general quality system. (That's why they're in the DHF.) Pushing them into the SW CM system will create a redundant storage location.
Yes, completely agree (I think I said that but probably muddled it up a bit). My point was more that documents are considered to be "configuration items" in the fact that they need to be under configuration / change control but that doesn't imply HOW or WHERE (i.e., doc control is more suitable for documents than a software source code repository).
 

cwilburn

Starting to get Involved
#5
We use a configuration management tool to house our DHFs so that is where I believe I was muddling the two. We are a services organization, so we have a separate SCM repository for each client, with separate folders for the DHF, the source code, and other project documents.

What I am concluding is that DHF items need to be controlled, but when listing configuration items (per 62304) for a software system, DHF documents do not need to be listed.
 

akp060

Involved In Discussions
#6
Well, the definition of term "Configuration Item" in the standard IEC 62304 is pretty confusing to me. They did not revise it in the 2015 consolidated version. I hope they will revise it next year's edition. The definition has the terms "entity" and "reference point" which are not clear. Is it a reference point in time, or a point on the software system!!

In the definition, the standard makes reference to ISO 12207:2008, clause 4.7. If anyone has access please mention it here
 
#7
I'm looking at things from a model-based and system (not only software) development perspective. Why am I saying this?
  • model based: we developed a configuration management model that is applied to all artifacts (CIs) that are results of process activities - no matter what the nature; be it a document, a drawing, a product structure node etc.
    all these artifacts are results of value added efforts of a core process (e.g. development process) and should therefore be traceable, especially because they directly relate to the overall result of the core process (e.g. a product).
    The model provides all requirements, attributes, relations and functions that are applied to CIs (e.g. versioning, UID, change control etc.)
  • system development: sure, SCM systems have special features and, finally, usually are author-group-specific authoring / team data management tools (TDM = data that can be shared between multiple persons/roles and provides configuration management capabilities).
    However, for systems development, you usually have different TDMs, depending on the disciplines involved: DOORS (RM), Windchill (CAD interface / product structure, drawings), Integrity (software/RM), ... that all together must considered as a configuration management system (or, as we like to call it: Configuration Management Infrastructure)
Having said that, and to come back to the question on what should be considered a CI, it is logical to me to consider any artifact that contributes to traceability of core process activies to be a CI.
Yes, even meeting minutes or mails, if they contain important decisions. (They should usually end up as an attachment of a change request, of course.)​
 

akp060

Involved In Discussions
#8
I'm looking at things from a model-based and system (not only software) development perspective. Why am I saying this?
  • model based: we developed a configuration management model that is applied to all artifacts (CIs) that are results of process activities - no matter what the nature; be it a document, a drawing, a product structure node etc.
    all these artifacts are results of value added efforts of a core process (e.g. development process) and should therefore be traceable, especially because they directly relate to the overall result of the core process (e.g. a product).
    The model provides all requirements, attributes, relations and functions that are applied to CIs (e.g. versioning, UID, change control etc.)
  • system development: sure, SCM systems have special features and, finally, usually are author-group-specific authoring / team data management tools (TDM = data that can be shared between multiple persons/roles and provides configuration management capabilities).
    However, for systems development, you usually have different TDMs, depending on the disciplines involved: DOORS (RM), Windchill (CAD interface / product structure, drawings), Integrity (software/RM), ... that all together must considered as a configuration management system (or, as we like to call it: Configuration Management Infrastructure)
Having said that, and to come back to the question on what should be considered a CI, it is logical to me to consider any artifact that contributes to traceability of core process activies to be a CI.
Yes, even meeting minutes or mails, if they contain important decisions. (They should usually end up as an attachment of a change request, of course.)​
Thank you. This phrase, "that contributes to traceability of core process activities", clarifies CI to me. Is it correct to say that the "reference point" here could be the relevant activities or tasks that generate CI?
 
#9
Thank you. This phrase, "that contributes to traceability of core process activities", clarifies CI to me. Is it correct to say that the "reference point" here could be the relevant activities or tasks that generate CI?
I would very much interpret "reference point" like that, yes. A CI itself could be seen as the manifestation/representation of such a reference point.
 
Thread starter Similar threads Forum Replies Date
Sravan Manchikanti Software Risk Management & probability of occurrence as per IEC 62304 IEC 62304 - Medical Device Software Life Cycle Processes 9
K What is mean by Oxygen Rich Environment as per the IEC 60601-1 clause no 11.2.2 IEC 60601 - Medical Electrical Equipment Safety Standards Series 5
K Dielectric strength test as per IEC 60601-1 -Infant incubator IEC 60601 - Medical Electrical Equipment Safety Standards Series 2
S Are Defibrillator Protection and Pacemaker pulse detection features mandatory as per IEC 60601-2-25 or 2-27...? IEC 60601 - Medical Electrical Equipment Safety Standards Series 11
S Testing my ECG device as per IEC 60601-2-25 IEC 60601 - Medical Electrical Equipment Safety Standards Series 2
O EMC testing per IEC 60601-1-2 for considering new cables CE Marking (Conformité Européene) / CB Scheme 1
D Radiated Immunity Testing as per IEC 60601-1-2 IEC 60601 - Medical Electrical Equipment Safety Standards Series 2
sagai Safety Integrity Requirement as per ISO/IEC 61508 Other ISO and International Standards and European Regulations 2
J Marking (Labeling) Requirements on Medical Equipment per IEC 60601-1 IEC 60601 - Medical Electrical Equipment Safety Standards Series 5
I SIL (Safety Integrity Level) calculation per IEC 61508. Reliability Analysis - Predictions, Testing and Standards 6
R Volume of Alarm Signal per IEC 60601-1-8 IEC 60601 - Medical Electrical Equipment Safety Standards Series 5
S EMI/EMC Failure Cause Analysis per IEC 60601 IEC 60601 - Medical Electrical Equipment Safety Standards Series 2
J Medical Equipment (AC Adapter) Classification as per IEC 60601-1 IEC 60601 - Medical Electrical Equipment Safety Standards Series 6
N Measurement Uncertainty Explanation per ISO/IEC 17025:2005 clause 5.10.4.2 ISO 17025 related Discussions 3
D Calibration Frequency of CMM as per ISO/IEC 17025 ISO 17025 related Discussions 11
J Which gauge R&R to use per AIAG Gage R&R (GR&R) and MSA (Measurement Systems Analysis) 2
I Classification of device per Annex 8 of the EU MDR EU Medical Device Regulations 4
A Help required in establishing Laboratory Information Management System as per ISO 17025, Cl.7.11.2 ISO 17025 related Discussions 0
K Component Placement Per hour in Pick & Place Machine Lean in Manufacturing and Service Industries 3
C Medical Device Gamma Irradiation Validation per VDmax25 (ISO 11137) Qualification and Validation (including 21 CFR Part 11) 1
S Minimum Retention Time for Records of internal audit results as per AS9100 AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
E Performing a GRR when you get multiple readings over time per part. Gage R&R (GR&R) and MSA (Measurement Systems Analysis) 5
I MDR Audit: NC per MDR Annex IX Administrative provisions 8. EU Medical Device Regulations 6
M Is complete testing required as per ISO 10993 for materials used in orthopedic implants or is literature review route possible Other Medical Device Related Standards 3
J Common Specifications per MDR EU Medical Device Regulations 2
S Definition of disease as per medical device defintion EU Medical Device Regulations 14
L ASTM F88 Seal Strength of pouches - amount samples per pouch (discussion) Qualification and Validation (including 21 CFR Part 11) 8
B Leakage Current AC-DC discrimination per cl. 8.7.3 b) IEC 60601 - Medical Electrical Equipment Safety Standards Series 2
G Does TPI agencies comes under outsourced process as per Q1 Oil and Gas Industry Standards and Regulations 11
S Discussion on OBL and OEM test data for submission as per new EUMDR EU Medical Device Regulations 0
B Validating calibration certificate as per API Q1 General Measurement Device and Calibration Topics 9
P Demonstrate shelf life per ISO 11140-1 Other Medical Device Related Standards 0
Watchcat One UDI per country? ISO 13485:2016 - Medical Device Quality Management Systems 3
J QTC Requirement as per API 6A-21st Edition Oil and Gas Industry Standards and Regulations 1
M R&R Studies - how many? per product? Gage R&R (GR&R) and MSA (Measurement Systems Analysis) 3
M Summative evaluation: how many sample per participant? IEC 62366 - Medical Device Usability Engineering 5
M Validation of Data verification tool per 21 CFR 820 Quality Assurance and Compliance Software Tools and Solutions 1
D How to testing of Pressure relief valve as per API 6D ? Oil and Gas Industry Standards and Regulations 1
R Flammability requirements for applied parts as per 60601-1 IEC 60601 - Medical Electrical Equipment Safety Standards Series 4
Jim Wynne Most Important Manufacturing KPI, per Oracle Coffee Break and Water Cooler Discussions 3
J Technical Documentation as per MDR / subpoint 6.1 EU Medical Device Regulations 3
Q EPA PFAS - Per and Polyfluoroalkyl Substances (PFAS) US Food and Drug Administration (FDA) 1
I RCCA per AS9100D 7.5.2 AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 22
R Cost per test tool/formula Oil and Gas Industry Standards and Regulations 1
R Cost per test tool/formula Oil and Gas Industry Standards and Regulations 1
K RPN/ KC) per AIAG FMEA and Control Plans 0
ebrahim QMS as per ISO 13485, Clause 4.2 Requirements for regulatory purposes for Medical Devices Authorized Representatives. ISO 13485:2016 - Medical Device Quality Management Systems 3
P Should eIFU link per ISO 15223-1:2016 be added to labels out of scope of Reg 207/2012? EU Medical Device Regulations 1
S Bend allowance formula to calculate per degree per radii Manufacturing and Related Processes 2
R Risk control measures as per ISO 14971 ISO 14971 - Medical Device Risk Management 6

Similar threads

Top Bottom