These are the standards, guidance documents, and so forth that are used for developing typical medical devices. I’ll try to keep this up to date. I’ve generally referred to the editions/versions that I’ve used most recently, which may be different from the latest version in effect.
When I can, I have a link to a source for the document, either a free copy (e.g., FDA documents) or the purchase page at evs.ee where most of them can be purchased for a seriously deep discount.
Standards, guidance documents and so forth should be generally thought of as product requirements. It’s quite important to identify, at the start of a project, the ones that apply to what we’re doing.
To check on which standards are recognized by the FDA you can use the searchable FDA database of recognized standards. These can be used, when appropriate, to demonstrate device safety and efficacy. Most are specific to a type of device. The database is searchable by keywords such as electrocardiogram, cybersecurity, and so forth.
The Basic Standards
These apply to pretty much all medical devices with embedded or desktop computers.
|Medical devices — Quality management systems — Requirements for regulatory purposes
|Basic quality management system standard, referenced by many other standards. Also requires the amendment, which is free.
|Medical device software – Software life-cycle processes
|Basic software lifecycle standard
|Medical devices – Application of risk management to medical devices
|Basic risk management, referenced by many other standards. Price is for the redlined version from prior version (includes non-redlined version)
|Medical electrical equipment – Part 1: General requirements for basic safety and essential performance (IEC 60601-1:2006)
|Basic safety standard – the top level for other 60601 safety standards.
|Amendment to 60601-1
|Fault tree analysis (FTA)
|Called out by 14971 as a way to perform risk analysis, and I prefer it to FMEA. Don’t necessarily need to follow this, but it provides useful information.
|Medical electrical equipment – Part 1-2: General requirements for basic safety and essential performance – Collateral standard: Electromagnetic disturbances – Requirements and tests
|Required. Automatically achieves FDA regulations for unintentional RF radiators.
|Medical electrical equipment — Part 1-6: General requirements for basic safety and essential performance – Collateral Standard: Usability
|Medical electrical equipment — Part 1-8: General requirements for basic safety and essential performance — Collateral standard: General requirements, tests and guidance for alarm systems in medical electrical equipment and medical electrical systems
|Optional last time I checked
|Medical devices — Part 1: Application of usability engineering to medical devices
|Mandatory now I think
|Biological evaluation of medical devices — Part 1: Evaluation and testing within a risk management process
|Biocompatibility. We probably don’t need to deal with this standard other than knowing that part which come in contact with patient need to be made from materials which meet this standard.
|ANSI/AAMI HE 75:2009
|Human factors engineering — Design of medical devices (Design Principles Standard)
|Some good advice. Not mandatory.
|FCC Part 15
|Regulations on radiated RF
|Meeting 60601-1-2 is sufficient to meet Part 15 for unintentional emissions. Intentional emissions, e.g., WiFi, is another matter – either use a module and antenna that are pre-certified, or need to get certified by a test house (expensive).
|Classification Of Defects In Health Software
|Referenced in new (11/2021) FDA draft guidance on content of 510k software submission. Not familiar with it yet. Not available at evs.ee
Cybersecurity page that includes links to guidance documents.
FDA Guidance Documents
Cybersecurity information including links to guidance documents.
A good overview of HIPAA. Note that device makers are not responsible for HIPAA, but our customers (healthcare providers) are. Our job is to support the enabling features that they’re looking for.
EU environmental regulations
The EU requires manufacturers to be environmentally responsible. Here are the major regulations. (My book contains in-a-nutshell overviews of these.)
|Restriction of Hazardous Substances.
|Mandated in EU, typically accommodated elsewhere. Mainly a matter of specifying components that meet RoHS which is easy to do.
|Registration, Evaluation, Authorization and Restriction of Chemicals.
|Mandated in EU. Compliments RoHS. Requires reporting the amounts used of certain chemicals, bans some other chemicals.
|Waste from Electrical and Electronic Equipment
|Mandated in EU. Covers the treatment, recovery and recycling of electric and electronic equipment.