The new article elaborates on the specifics of the regulatory approach medical device software products are subject to.
Table of content
SwissMedic, a country’s regulating authority in the sphere of healthcare products, has published a new revision of a guidance document dedicated to medical device software. The document provides an overview of the applicable regulatory requirements, as well as additional clarifications and recommendations to be taken into consideration by medical device manufacturers (software developers) and other parties involved in order to ensure compliance.
At the same time, the authority also reserves the right to make changes to the guidance and provisions thereof, should such changes be reasonably necessary to reflect corresponding amendments to the underlying legislation.
In particular, the guidance provides an extensive overview of the current regulatory framework for software products subject to regulation as medical devices, emphasizing the most important aspects and considerations addressing the specific nature of the their associated risks.
For this purpose, the document outlines the stringent regulatory framework governing the safety and performance of medical devices in Switzerland. These regulations encompass a comprehensive range of requirements from initial conformity assessment to post-market surveillance.
In Switzerland, entities intending to place a medical device on the market should ensure compliance with the established regulatory standards. These standards are designed to ensure the devices meet high safety and performance benchmarks.
The present guidance describes the specifics of these regulations, including the requirements for technical documentation, clinical evaluations, product labeling, and the responsibilities of economic actors.
Basic Safety and Performance Requirements
First of all, the document outlines the basic safety and performance requirements applicable to medical device software, including the ones related to conformity assessment. Under the general rule, before a medical device can be marketed, it must undergo a thorough assessment of conformity with the basic safety and performance requirements outlined in the appendices of the EU-MDR or EU-IVDR.
This step is critical to ensuring that the device meets all legal and safety standards considering the intended use. For products designed for self-use and those related to patient care, additional specific requirements must be met, to enhance the safety and effectiveness of these devices under the IvDV guidelines.
The authority additionally emphasizes that all medical software devices should be engineered to mitigate risks associated with their operational IT environments. This includes ensuring that devices function reliably within these settings, addressing any potential security vulnerabilities, and adhering to the latest industry standards for software development and lifecycle management.
The regulations also underscore the importance of software repeatability, reliability, usability, and cybersecurity, necessitating state-of-the-art practices in development and manufacturing, paying special attention to the aspects related to compatibility and interoperability of software components as highlighted in the guidance document MDCG 2019-16 (regarding cybersecurity challenges).
Technical Documentation
Apart from the above, the guidance also addresses the matters pertaining to documentation associated with the software. The authority states that manufacturers must compile and maintain comprehensive technical documentation that complies with Annexes II and III of the EU-MDR or EU-IVDR.
This documentation should clearly describe the device’s main functional elements and provide a transparent overview of the design and production processes. The documentation must also include detailed data on the verification and validation of the medical device, ensuring that every aspect of the device has been tested and confirmed to meet the specified standards.
Clinical and Performance Evaluation
In order to comply with the basic safety and performance requirements, medical device manufacturers (software developers) are expected to provide robust evidence through clinical or performance evaluations. These evaluations should demonstrate the device’s safety, performance, clinical benefits, and overall clinical performance.
Relevant clinical data can be obtained from medical device trials or other reliable sources. This information is vitally important for substantiating the safety and efficacy claims of the device.
Product Identification, Information, and Labeling
In accordance with applicable regulatory requirements, all medical devices distributed within Switzerland must be properly labeled with a conformity mark, except in cases where the devices are test products or specifically used within healthcare facilities.
The UDI system requirements, as detailed in Art. 17 MepV and Art. 16 IvDV, should also be followed, providing a clear mechanism for tracking devices throughout their distribution and use.
The authority also mentions comprehensive labeling requirements, including the ones for the instructions for use, as set forth under the EU-MDR or EU-IVDR, with additional specifics required for devices intended for personal use under the IvDV.
Distance Selling Regulations
Medical devices sold through online services or other forms of distance selling must meet all regulatory requirements outlined in the MepV or IvDV, ensuring safety and compliance even in the absence of physical retail settings.
Responsibilities of Economic Actors
According to the guidance, economic actors, including manufacturers, distributors, and suppliers, must fulfill specific regulatory responsibilities detailed in the MepV and IvDV. This includes ensuring compliance with all aspects of the device lifecycle from manufacture to post-market surveillance.
Robust post-market surveillance systems are intended to monitor the ongoing safety and efficacy of medical devices. This system includes requirements for UDI recording, traceability, vigilance, and the submission of safety reports.
Conclusion
In summary, the present revised guidance document issued by SwissMedic provides a comprehensive overview of the applicable regulatory requirements for software medical devices, addressing multiple aspects related to their manufacturing, labeling, and distribution. The document outlines the responsibilities of the parties involved and provides additional recommendations to be taken into consideration when placing software products on the country’s market.
How Can RegDesk Help?
RegDesk is a holistic Regulatory Information Management System that provides medical device and pharma companies with regulatory intelligence for over 120 markets worldwide. It can help you prepare and publish global applications, manage standards, run change assessments, and obtain real-time alerts on regulatory changes through a centralized platform. Global expansion has never been this simple.