This guideline is intended to guide manufacturers in
submitting declaration data for medical device software
registration and to standardize the technical review requirements
for medical device software at the same time.
This guideline consists of general requirements for medical
device software. Manufacturers should submit the declaration
data for registration according to the characteristics of the medical
device software, and determine whether the specific content in
the guideline is applicable or not, and explain the reasons for
inapplicable contents. Manufacturers may also use other
alternative methods that meet the regulatory requirements, but
should provide detailed research and verification data.
This guideline is formulated based on the current regulations,
standard system and cognitive level, with reference to foreign
regulations and guidelines, international standards and technical
reports. With the continuous perfection of regulations and
standards, and the continuous improvement of cognitive level and
technical capabilities, the relevant content will also be revised in
time.
This guideline is a guiding document for manufacturers and
review personnel. It does not include the administrative matters
involved in review and approval, nor is it enforced as laws and
regulations. The guideline should be used in compliance with
relevant laws and regulations.
According to the particularity of the software, this guideline
further clarifies the requirements for medical device software
under the requirements of current laws and regulations, especially
the requirements for software updates and software version. This
guideline is a general guiding principle for medical device
software, and other guidelines related to software medical device
products can be adjusted, modified and perfected on the basis of
this guideline.
I. Scope
This guideline applies to the registration and declaration of
medical device software, including the second and third types of
medical device products. The applicable software development
methods include self-development, partial use of existing
software and full use of existing software.
Medical device software includes independent software and
software components. Independent software: Software as a
medical device or its accessory; Software components: Software
that consists of a medical device or its components and
accessories.
Independent software should have the following three
characteristics at the same time: it shall have one or more medical
uses, can complete the intended use without medical device
hardware, and run on a common computing platform.
Independent software includes general-purpose software and
special-purpose software, in which the general-purpose software
is jointly used with a number of medical device products based
on a general data interface, such as PACS and central monitoring
software; special-purpose software is jointly used with specific
medical instrument products based on a general, dedicated data
interface, such as Holter data analysis software and ophthalmic
microscope image processing software.
The software component should have both of the following
characteristics at the same time: it shall have one or more medical
uses, control (drive) medical device hardware or run on a
dedicated (medical) computing platform. Software component
includes embedded software and control software, in which the
embedded software (ie firmware) runs on a dedicated (medical)
computing platform and controls (drives) medical device
hardware such as the software contained in the electrocardiograph
and electroencephalograph; the control software runs on a general
computing platform and controls (drives) medical device
hardware such as software at CT image acquisition workstation
and MRI image acquisition workstation.
Software component can also have the processing functions.
Dedicated independent software can be registered separately, and
can also be registered with the medical device product, which is
called a software component at this time.
II. Basic principle
Software has no physical entities, and human factors affect
in the course of development and use everywhere. The software
testing can not cover all situations due to the limit of time and
cost, so the software defect can not be avoided. At the same time,
software updates frequently and rapidly, and minor updates can
have serious consequences, besides, there are degradation issues
(ie, a new flaw is created whenever several defects are repaired),
so software defect can not be eradicated. Therefore, software
defect can be regarded as one of the inherent attributes of software,
and the quality problem of software can not be ignored.
In view of the particularity of the software, medical device
software can only ensure the safety and effectiveness by
comprehensively considering the requirements of risk
management, quality management and software engineering.
The risk level of medical device software is graded by using
the software security level (YY/T 0664 “Medical Device
Software Life Cycle Process”), which is divided as follows based
on the severity of software damage:
Level A: It is impossible to cause injury and damage to
health;
Level B: There may be not serious injury;
Level C: There may be death or serious injury.
Software security level should be determined by combining