Validation of Software for Medical Device Quality Systems
Outline
Validation of software which is applied to medical device quality management system is one of the common problems in satisfying the requirements of the stadnards of ISO 13485 as it has been revised to 2016 edition among the medical device manufacturers.
ISO 13485: 2016 requires menufacturer to validate software(s) applied to their quality management system,
4.1.6 The organization shall document procedures for the validation of the application of computer software used in the quality management system.
7.5.6 The organization shall document procedures for the validation of the application of computer software used in production and service provision.
7.6 The organization shall document procedures for the validation of the application of computer software used for the monitoring and measurement of requirements.
The confusion
It’s not everybody and doesn’t happen everytime. But, we often meet manufacturers who have no idea how to meet above requirements.
First, we have to clarify few things.
Clarification
To meet the requirements about validaiting software applied to QMS we should use different method from what is described in IEC 62304.
Normative reference?
There is a standard established to meet these requirements. ISO/TR 80002-2 The titile of the standard is “Validation of Software for Medical Device Quality Systems.”
However, there is something odd.
The ISO/TR 80002-2 was established in 2017. One year later from the issuance of ISO 13485: 2016, and ISO 13485 does not specify to refer to and/or follow ISO/TR 80002-2 to validate software(s) you are using in your quality management system.
Of course if you apply ISO/TR 80002-2 to validate the software(s) of your quality management system, you will not face much difficulty satisfying your auditor from the certificaiton organization. If fact, many Notified Bodies are releasing a guideline and educational materials based on ISO/TR 80002-2 to resolve this matter.
There is a problem.
It’s a little complicated.
Validating your QMS software like validating process according to articel 7.5.6 of ISo 13485 won’t be enough to satisfying all requirements described in ISO/TR 80002-2.
Software validation according to ISO/TR 80002-2: 2017
ISO/TR 80002-2: 2017 divided lifecycle of QMS software(s) into three different phases, development, maintenance and retirement. The standards requires to valiate the QMS software before applying it by
establishing specified stages within three different phases;
define software intended use and requirements within each specified stages;
analyze process failure risk of each intended use and requirements according to ISO 149741; and
implement, test, and deploy based on the result of the analysis
Validation of software applied to QMS right now!(Nov. 9, 2018)
There is no doube that we can meet the requirements by following ISO/TR 80002-2: 2017, but it neither easy nor small task.
Luckly, there is no rational to enforce application of ISO/TR 80002-2: 2017 at the moment.
That might be the reason that the certification organizations are issueing nonconformities for undone QMS software validation and not for undone according to ISO/TR 80002-2: 2017.
For now, it might be enough to do the QMS software validation in the same way of validating processes according to article 7.5.6 of ISO 13485: 2016.
However, it is very much likelty that ISO/TR 80002-2 will be referenced in ISO 13485 standard.
Please Contact us for any further question.