How to develop an MDR-ready software applications?
This website will help you understand the requirements of the new Medical Device Regulation (MDR) that every medical software will face. Revolve Healthcare provides bespoke software development services that comply with ISO13405 and IEC62304.
Big change for the developers of healthcare applications
MDR will come into being in 2021. In particular, it has a big impact on eHealth applications and other healthcare software. Many solutions previously classified as Class I, will now be obligatory classified as Class IIa or even higher. The class of the software depends on its intended purpose. Even for Class I devices, the MDR now requires an almost-complete QMS (Quality Management System), while the requirements were much lighter in the MDD.
The MDR applies if your software fulfils a medical purpose.
The MDR has a significant impact on software as it covers a wider range of applications than MDD and introduces a new high risk software class as well. This covers software that can cause “death or an irreversible deterioration of a person’s state of health”. Previously, medical software could reach Class IIb, but most companies were able to fit into Class I (low risk). Importantly, software providing “information which is used to take decisions” is also explicitly covered in the MDR. So, it is important to check which class your software falls under.
Web app (SaaS)
Mobile app
Desktop app
Embedded software
diabetes diet planning platform
medications side effects observation platform
conception prediction application
medical examination records storing, searching, sorting or filtering software
electrical hospital bed firmware
online symptom checker
app for diagnosing sleep disorders
software presenting live EEG charts
Digital Blood Pressure Monitor firmware
platform for nurses in hospitals for online monitoring of vital physiological processes
application for identifying skin cancer based on camera image
application for monitoring fertility days for pregnancy prevention
software used to set power of external beam radiotherapy device live
hemodialysis machine firmware
surgical robot control platform
mobile application for remote control of an implanted insulin pump
software for setting cardiostimulator parameters
respirator firmware
external beam radiotherapy device firmware
How to check if the medical app is MDR-ready?
First, every developer of a healthcare software needs to check under which category I-III (if any) their application falls. MDR compliance requires a suitable quality management system and the use of technologies that are GDPR-compliant. It is recommended to obtain ISO 13485 certification and follow appropriate guidelines like IEC 62304. So every company that plans to develop an MDR-compliant software needs to make sure the technology they develop is MDR-proof. The checklist below addresses some of the most important questions:
Under which category the software falls? (What is the Intended purpose of the application?).
Does it cover data pseudonymization?
Does it provide record-level encryption?
Does it provide a legally-valid audit trail?
Does it properly cover the user consent management?
In order the software to be compliant with the MDR, the answers to questions 2-5 have to be YES.
Timeline
The new regulations will enter into force in May 2021. However, the transition period will last until 2024, which means that companies that will not add new functionalities or include major changes in their software will still be able to use their application under the present regulations (MDD). The graph below shows the timeline for the rollout of MDR in Europe.
How can I make my application MDR compliant?
In order to sell or distribute healthcare software in the EU you need to be certified. This means a suitable QMS like ISO 13485, clinical evaluations and compliance with other regulations and standards, including the GDPR need to be in place. Also, hosting, cloud and development tools and platforms need to be checked and compliant. If your provider is ISO 13485 certified (like for example Chino.io), you only need to do minimal extra work. However, a standard cloud provider (like Amazon or Google) will require you to invest significant extra time, expertise and cost.
Do you still have questions or concerns?
Book a consultation with us by completing the form.
WHAT CAN YOU EXPECT FROM A MEETING?
- No longer than 45 minutes,
- The goal is to understand your product and and see if it is MDR-proof,
- We will send you a calendar invitation with a link to an online meeting,
- End-result: sum-up of our conversation and our feedback regarding the technology solutions to make sure your software is MDR-compliant.
How Revolve Healthcare can help?
Revolve Healthcare is a software engineering company that specialises in creation of medical software. The offering covers all aspects of software engineering from design, development, deployment and maintenance. Revolve follows the best development practices to maintain high quality necessary to comply with both ISO13485 and IEC 62304.
How Chino can help?
Chino.io integrates the legal and tech knowhow with a compliance toolkit to eliminate compliance risks, save costs and time for digital health projects. The company ensures the project is compliant-by-design and ready to face existing and rapidly changing privacy and security regulations.
How SoftComply can help?
SoftComply helps medical device manufacturers automate regulatory compliance to bring their innovative products to market faster. To that end, SoftComply has developed Jira and Confluence apps that fast-track compliant Quality Management System implementation and automate medical device risk management. SoftComply apps can be trialled for free. For more information, please visit the website