Medical software

Last updated

Medical software is any software item or system used within a medical context, such as reducing the paperwork, tracking patient activity [1] [2] [3]

Contents

History

Medical software has been in use since at least since the 1960s, [4] a time when the first computerized information-handling system in the hospital sphere was being considered by Lockheed. [5] [6] As computing became more widespread and useful in the late 1970s and into the 1980s, the concept of "medical software" as a data and operations management tool in the medical industry — including in the physician's office — became more prevalent. [7] [8] Medical software became more prominent in medical devices in fields such as nuclear medicine, cardiology, and medical robotics by the early 1990s, prompting additional scrutiny of the "safety-critical" nature of medical software in the research and legislative communities, in part fueled by the Therac-25 radiation therapy device scandal. [9] [10]

The development of the ISO 9000-3 standard [9] as well as the European Medical Devices Directive in 1993 [1] helped bring some harmonization of existing laws with medical devices and their associated software, and the addition of IEC 62304 in 2006 further cemented how medical device software should be developed and tested. [11] The U.S. Food and Drug Administration (FDA) has also offered guidance and driven regulation on medical software, particularly embedded in and used as medical devices. [2] [12] [13] [14] There was an expansion of medical software innovation with the adoption of electronic health records and availability of electronic clinical data. In the United States, substantial resources were allocated starting with the HITECH Act of 2009. [15]

A portable heart rate variability device is an example of a medical device that contains medical device software. Portable heart rate variability device.JPG
A portable heart rate variability device is an example of a medical device that contains medical device software.

Medical device software

The global IEC 62304 standard on the software life cycle processes of medical device software states it is a "software system that has been developed for the purpose of being incorporated into the medical device being developed or that is intended for use as a medical device in its own right." [11] In the U.S., the FDA states that "any software that meets the legal definition of a [medical] device" is considered medical device software. [16] A similar "software can be a medical device" interpretation was also made by the European Union in 2007 with an update to its European Medical Devices Directive, when "used specifically for diagnostic and/or therapeutic purposes." [17]

Due to the broad scope covered by these terms, manifold classifications can be proposed for various medical software, based for instance on their technical nature (embedded in a device or standalone), on their level of safety (from the most trivial to the most safety-critical ones), or on their primarily function (treatment, education, diagnostics, and/or data management).

Software as a medical device

The dramatic increase in smartphone usage in the twenty-first century triggered the emergence of thousands of stand-alone health- and medical-related software apps, many falling into a gray or borderline area in terms of regulation. [18] While software embedded into a medical device was being addressed, medical software separate from medical hardware — referred to by the International Medical Device Regulators Forum (IMDRF) as "software as a medical device" or "SaMD" [19] — was falling through existing regulatory cracks.

In the U.S., the FDA eventually released new draft guidance in July 2011 on "mobile medical applications," with members of the legal community such as Keith Barritt speculating it should be read to imply "as applicable to all software, since the test for determining whether a mobile application is a regulated mobile 'medical' application is the same test one would use to determine if any software is regulated." [20] Examples of mobile apps potentially covered by the guidance included those that regulate an installed pacemaker or those that analyze images for cancerous lesions, X-rays and MRI, graphic data such as EEG waveforms as well as bedside monitors, urine analyzers, glucometer, stethoscopes, spirometers, BMI calculators, heart rate monitors and body fat calculators. [21]

By the time its final guidance was released in late 2013, however, members of Congress began to be concerned about how the guidance would be used in the future, in particular with what it would mean to the SOFTWARE Act legislation that had recently been introduced. [22] Around the same time, the IMDRF were working on a more global perspective of SaMD with the release of its Key Definitions in December 2013, focused on "[establishing] a common framework for regulators to incorporate converged controls into their regulatory approaches for SaMD." [19] Aside from "not [being] necessary for a hardware medical device to achieve its intended medical purpose," the IMDRF also found that SaMD also could not drive a medical device, though it could be used as a module of or interfaced with one. [19] The group further developed quality management system principles for SaMD in 2015. [23]

International standards

IEC 62304 has become the benchmark standard for the development of medical device software, whether standalone software or otherwise, in both the E.U. and the U.S. [3] [24] Leading industry innovation in software technologies has led key industry leaders and government regulators to recognize the emergence of numerous standalone medical software products that operate as medical devices. This has been reflected in regulatory changes in the E.U. (European Medical Devices Directive [1] ) and the U.S. (various FDA guidance documents [2] [12] [13] [22] ). Additionally, quality management system requirements for manufacturing a software medical device, as is the case with any medical device, are described in the U.S. Quality Systems Regulation [25] of the FDA and also in ISO 13485:2003.

Software technology manufacturers that operate within the software medical device space conduct mandatory development of their products in accordance with those requirements. Furthermore, though not mandatory, they may elect to obtain certification from a notified body, having implemented such quality system requirements as described within international standards such as ISO 13485:2003.

Further reading

See also

Commons-logo.svg Media related to Medical software at Wikimedia Commons

Related Research Articles

<span class="mw-page-title-main">Biomedical engineering</span> Application of engineering principles and design concepts to medicine and biology

Biomedical engineering (BME) or medical engineering is the application of engineering principles and design concepts to medicine and biology for healthcare applications. BME is also traditionally logical sciences to advance health care treatment, including diagnosis, monitoring, and therapy. Also included under the scope of a biomedical engineer is the management of current medical equipment in hospitals while adhering to relevant industry standards. This involves procurement, routine testing, preventive maintenance, and making equipment recommendations, a role also known as a Biomedical Equipment Technician (BMET) or as a clinical engineer.

<span class="mw-page-title-main">Food and Drug Administration</span> United States federal agency

The United States Food and Drug Administration is a federal agency of the Department of Health and Human Services. The FDA is responsible for protecting and promoting public health through the control and supervision of food safety, tobacco products, caffeine products, dietary supplements, prescription and over-the-counter pharmaceutical drugs (medications), vaccines, biopharmaceuticals, blood transfusions, medical devices, electromagnetic radiation emitting devices (ERED), cosmetics, animal foods & feed and veterinary products.

<span class="mw-page-title-main">Good manufacturing practice</span> Manufacturing quality standards

Current good manufacturing practices (cGMP) are those conforming to the guidelines recommended by relevant agencies. Those agencies control the authorization and licensing of the manufacture and sale of food and beverages, cosmetics, pharmaceutical products, dietary supplements, and medical devices. These guidelines provide minimum requirements that a manufacturer must meet to assure that their products are consistently high in quality, from batch to batch, for their intended use.

<span class="mw-page-title-main">Medical device</span> Device to be used for medical purposes

A medical device is any device intended to be used for medical purposes. Significant potential for hazards are inherent when using a device for medical purposes and thus medical devices must be proved safe and effective with reasonable assurance before regulating governments allow marketing of the device in their country. As a general rule, as the associated risk of the device increases the amount of testing required to establish safety and efficacy also increases. Further, as associated risk increases the potential benefit to the patient must also increase.

In drug development and production, good clinical practice (GCP) is an international quality standard, which governments can then transpose into regulations for clinical trials involving human subjects. GCP follows the International Council for Harmonisation of Technical Requirements for Registration of Pharmaceuticals for Human Use (ICH), and enforces tight guidelines on ethical aspects of clinical research.

ISO 13485Medical devices -- Quality management systems -- Requirements for regulatory purposes is a voluntary standard, published by International Organization for Standardization (ISO) for the first time in 1996, and contains a comprehensive quality management system for the design and manufacture of medical devices. The latest version of this standard supersedes earlier documents such as EN 46001 and EN 46002 (1996), the previously published ISO 13485, and ISO 13488.

Title 21 CFR Part 11 is the part of Title 21 of the Code of Federal Regulations that establishes the United States Food and Drug Administration (FDA) regulations on electronic records and electronic signatures (ERES). Part 11, as it is commonly called, defines the criteria under which electronic records and electronic signatures are considered trustworthy, reliable, and equivalent to paper records.

The Global Harmonization Task Force (GHTF) was “a voluntary group of representatives from national medical device regulatory authorities and the members of the medical device industry” whose goal was the standardization of medical device regulation across the world. The representatives from its five founding members were divided into three geographical areas: Europe, Asia-Pacific and North America, each of which actively regulates medical devices using their own unique regulatory framework. Founded in 1992, the GHTF was created in “an effort to respond to the growing need for international harmonization in the regulation of medical devices."

Verification and validation are independent procedures that are used together for checking that a product, service, or system meets requirements and specifications and that it fulfills its intended purpose. These are critical components of a quality management system such as ISO 9000. The words "verification" and "validation" are sometimes preceded with "independent", indicating that the verification and validation is to be performed by a disinterested third party. "Independent verification and validation" can be abbreviated as "IV&V".

<span class="mw-page-title-main">Notified body</span>

A notified body, in the European Union, is an organisation that has been designated by a member state to assess the conformity of certain products, before being placed on the EU market, with the applicable essential technical requirements. These essential requirements are publicised in European directives or regulations.

SOUP stands for software of unknownpedigree, and is a term often used in the context of safety-critical and safety-involved systems such as medical software. SOUP is software that has not been developed with a known software development process or methodology, or which has unknown or no safety-related properties.

ISO 14971Medical devices — Application of risk management to medical devices is a voluntary consensus standard, published by International Organization for Standardization (ISO) for the first time in 1998, and specifies terminology, principles, and a process for risk management of medical devices.

Global Medical Device Nomenclature (GMDN) is a system of internationally agreed generic descriptors used to identify all medical device products. This nomenclature is a naming system for products which include those used for the diagnosis, prevention, monitoring, treatment or alleviation of disease or injury in humans.

IEC 62304 – medical device software – software life cycle processes is an international standard published by the International Electrotechnical Commission (IEC). The standard specifies life cycle requirements for the development of medical software and software within medical devices. It has been adopted as national standards and therefore can be used as a benchmark to comply with regulatory requirements.

<span class="mw-page-title-main">Parasoft C/C++test</span> Integrated set of tools

Parasoft C/C++test is an integrated set of tools for testing C and C++ source code that software developers use to analyze, test, find defects, and measure the quality and security of their applications. It supports software development practices that are part of development testing, including static code analysis, dynamic code analysis, unit test case generation and execution, code coverage analysis, regression testing, runtime error detection, requirements traceability, and code review. It's a commercial tool that supports operation on Linux, Windows, and Solaris platforms as well as support for on-target embedded testing and cross compilers.

<span class="mw-page-title-main">CEBEC</span> Electronics quality assurance label

CEBEC is a private Belgian rating label for the quality assurance of electrical appliances. Use of this label indicates that a piece of equipment conforms to European safety standards. The label is issued by SGS-CEBEC, now part of the SGS group. CEBEC has its own electrical testing laboratory located in Brussels. It is an approved laboratory for the purpose of certifications granted by SGS.

Cantata++, commonly referred to as Cantata in newer versions, is a commercial computer program designed for dynamic testing, with a focus on unit testing and integration testing, as well as run time code coverage analysis for C and C++ programs. It is developed and marketed by QA Systems, a multinational company with headquarters in Waiblingen, Germany.

Harmonization is the process of minimizing redundant or conflicting standards which may have evolved independently. The name is also an analogy to the process to harmonizing discordant music.

Digital therapeutics, a subset of digital health, are evidence-based therapeutic interventions driven by high quality software programs to prevent, manage, or treat a medical disorder or disease. Digital therapeutic companies should publish trial results inclusive of clinically meaningful outcomes in peer-reviewed journals. The treatment relies on behavioral and lifestyle changes usually spurred by a collection of digital impetuses. Because of the digital nature of the methodology, data can be collected and analyzed as both a progress report and a preventative measure. Treatments are being developed for the prevention and management of a wide variety of diseases and conditions, including type 1 & type II diabetes, congestive heart failure, obesity, Alzheimer's disease, dementia, asthma, substance abuse, ADHD, hypertension, anxiety, depression, and several others. Digital therapeutics often employ strategies rooted in cognitive behavioral therapy.

Guidances for statistics in regulatory affairs refers to specific documents or guidelines that provide instructions, recommendations, and standards pertaining to the application of statistical methodologies and practices within the regulatory framework of industries such as pharmaceuticals and medical devices. These guidances serve as a reference for statisticians, researchers, and professionals involved in designing, conducting, analyzing, and reporting studies and trials in compliance with regulatory requirements. These documents embody the prevailing perspectives of regulatory agencies on specific subjects. It is worth noting that in the United States, the term "Guidances" is used, while in Europe, the term "Guidelines" is employed.

References

  1. 1 2 3 Becchetti, C.; Neri, A. (2013). "Chapter 6: Medical Software". Medical Instrument Design and Development: From Requirements to Market Placements. Chichester, U.K.: John Wiley & Sons Ltd. pp. 359–418. ISBN   9781119952404.
  2. 1 2 3 Vogel, D.A. (2011). "Chapter 3: The FDA Software Validation Regulations and Why You Should Validate Software Anyway". Medical Device Software Verification, Validation, and Compliance. Boston, MA: Artech House. pp. 27–36. ISBN   9781596934238.
  3. 1 2 Jetley, R.; Sudarsan, S.; R., Sampath; Ramaswamy, S. (2013). "Medical Software - Issues and Best Practices". Distributed Computing and Internet Technology: 9th International Conference, ICDCIT 2013, Bhubaneswar, India, February 5-8, 2013, Proceedings. Hyderabad, India: Springer. pp. 69–91. ISBN   9783642360718.
  4. "Radar and Electronics". Radar and Electronics Association. March 1963. Retrieved 26 April 2016.
  5. Lockheed Hospital Information System. Lockheed Aircraft Corporation. 1965. p. 82.
  6. Gall, John E.; Norwood, Donald D.; El Camino Hospital (1977). Demonstration and evaluation of a total hospital information system. NCHSR research summary series. U.S. Dept. of Health, Education, and Welfare, Public Health Service, Health Resources Administration, National Center for Health Services Research. p. 38.
  7. Zimmerman, J.; Rector, A. (1978). Computers for the Physician's Office. Forest Grove, OR: Research Studies Press. p. 305. ISBN   0893550078.
  8. Freedman, E.; Hecht, E.; Whiteside, D. (1985). "Consultants Perspective on Medical Office Computerization". Computers in Healthcare, Volume 6. Englewood: Cardiff Publishing Company.
  9. 1 2 Cosgriff, P.S. (1994). "Quality assurance of medical software". Journal of Medical Engineering & Technology. 18 (1): 1–10. doi:10.3109/03091909409030782. PMID   8006924.
  10. Jones, P.; Jetley, R.; Abraham, J. (9 February 2010). "A Formal Methods-based verification approach to medical device software analysis". Embedded. UBM. Retrieved 26 April 2016.
  11. 1 2 International Electrotechnical Commission (2006). "Medical device software – Software life cycle processes" (PDF). International Standard IEC 62304, First Edition 2006-05. International Electrotechnical Commission. Retrieved 26 April 2016.
  12. 1 2 Office of Device Evaluation, Center for Devices and Radiological Health (9 September 1999). "Guidance for Industry, FDA Reviewers and Compliance on Off-The-Shelf Software Use in Medical Devices" (PDF). U.S. Food and Drug Administration. Retrieved 26 April 2016.
  13. 1 2 Center for Devices; Radiological Health (11 May 2005). "Guidance for the Content of Premarket Submissions for Software Contained in Medical Devices". U.S. Food and Drug Administration. Retrieved 26 April 2016.
  14. "Doctors near me".
  15. "HITECH Act of 2009".
  16. Murray Jr., J.F. (March 2010). "CDRH Regulated Software: An Introduction" (PDF). U.S. Food and Drug Administration. Retrieved 26 April 2016.
  17. "Directive 2007/47/ED of the European Parliament and of the Council" (PDF). Official Journal of the European Union. European Union. 5 September 2007. Retrieved 26 April 2016.
  18. "Technology in healthcare: how software improves medical practice?". Labs Explorer. Retrieved 5 May 2020.
  19. 1 2 3 Spanou, D. (9 December 2013). "Software as a Medical Device (SaMD): Key Definitions" (PDF). International Medical Device Regulators Forum. p. 9. Retrieved 26 April 2016.
  20. "New FDA Draft Guidance Sheds Light On Regulation of 'Mobile Medical Apps' and Other Software" (PDF). Medical Devices Law & Industry Report. 5 (16): 1–3. August 2011. Archived from the original (PDF) on 27 November 2013. Retrieved 26 April 2016.
  21. Yetisen, A.K.; Martinez-Hurtado, J.L.; Vasconcellos, F.C.; Simsekler, M.C.E.; Akram, M.S.; Lowe, C.R. (2014). "The regulation of mobile medical applications". Lab on a Chip. 14 (5): 833–840. doi:10.1039/C3LC51235E. PMID   24425070.
  22. 1 2 Slabodkin, G. (20 November 2013). "Congress, FDA at odds over software as a medical device". Fierce Mobile Healthcare. Questex, LLC.
  23. Mezher, M. (8 April 2015). "IMDRF Proposes QMS Principles for Software as a Medical Device". Regulatory Focus. Regulatory Affairs Professionals Society. Retrieved 26 April 2016.
  24. Rust, P.; Flood, D.; McCaffery, F. (2015). "Software Process Improvement and Roadmapping – A Roadmap for Implementing IEC 62304 in Organizations Developing and Maintaining Medical Device Software". In Rout, T.; C'Connor, R.V.; Dorling, A. (eds.). Software Process Improvement and Capability Determination. Cham, Switzerland: Springer. pp. 19–32. doi:10.1007/978-3-319-19860-6_3. ISBN   9783319198606.
  25. "Quality System (QS) Regulation/Medical Device Good Manufacturing Practices". U.S. Food and Drug Administration. 30 June 2014. Retrieved 26 April 2016.