Medical Software
Our range of services includes:
Benefit from our long-term experience in implementing efficient and requirements-compliant software lifecycle processes – from embedded software on the controllers of a medical device or in the graphical user interface (GUI), as standalone software (SaMD = software as a medical device, SWMD), as network, database and cloud software or in the Internet of Medical Things (IoMT), as a medical app, German digital health application (DiGA), German digital care application (DiPA) or health software:
- Development of customized processes according to
- EN 82304-1 (system layer for health software/Standalone software),
- EN 62304 (Software life cycle processes for medical device software),
- EN IEC 81001-5-1 (Security activities in the life cycle of health software),
- Implementation of all processes required for the specification, development, verification, validation, deployment and product care / maintenance of the software
- Training on software lifecycle processes,
- Support with reviews, internal and external audits, assistance with certification audits and
- Long-term support in establishing and optimizing your software lifecycle processes.
Regulatory Cybersecurity Affairs – we support you with:
- Teaching the basics and terms as well as understanding safety & security,
- Definition of your protection goals to avert hazards,
- Identification, understanding and implementation of regulatory and normative requirements for the IT security of medical devices in accordance with regulations (MDR, IVDR, MDCG-2019-16, MPBetreibV, FDA) as well as standards and guidelines (IEC 81001-5-1, IEC 62443-4-1, ISO/IEC 27001, IEC 60601-1, IEC 80001-1 for manufacturers, ISO 27034, AMI TIR 57/97 etc.),
- Establishing a secure development and product life cycle: ensuring and maintaining cybersecurity/IT security and monitoring it after it has been placed on the market,
- Identification and assessment of risks and threats (security risk management in accordance with EN IEC 81001-5-1, safety risk management in accordance with ISO 14971) and
- Compliance with the requirements for data protection of patient data (GDPR; HIPAA etc.).
Even older medical devices featuring software or insufficiently documented software are not lost for approval. We help you with
- the subsequent documentation of the software according to the currently valid requirements or
- the application of the legacy software approach to bridge transitional periods up to your new products.
A combination of post-documentation and simultaneous digitization is often a sensible option. See also our digitization section
What distinguishes the specification, development, verification, validation and approval of medical apps or health software from the usually already well-established procedure for embedded software?
We set up processes tailored to these software products with the corresponding documentation and support you in all life cycle phases of your medical app or health software.
And who says that there are no medical apps in risk class I according to MDR?
We offer approaches that comply with the requirements but are still streamlined.
Health software for use in the healthcare sector that is not a medical device is also subject to process, product and documentation requirements. We help to implement a practicable, risk-based approach that ensures safety, performance and the intended benefits.
New reimbursement concepts are intended to ensure digitalization in medical diagnostics and therapy as well as facilitate care.
Our digital health experts support you with
- Development and approval as a medical device (a mandatory requirement for DiGAs),
- Implementation of the special technical requirements for DiGA and DiPA,
- Development of clinical & reimbursement concepts (Reimbursement),
- Implementation of the special clinical requirements for DiGA and DiPA and
- Implementation of the application and authorization procedure with the BfArM.
Artificial intelligence (AI)/machine learning (ML) has numerous applications in medical devices. These are often health software (SWMD, SaMD), but this technology is also increasingly being used in devices and systems (embedded SW).
Our human intelligence (MI) supports you with:
- Communicating the regulatory basis for AI-based medical devices,
- Identifying, understanding and implementing the regulatory requirements for AI/ML in medical technology, in particular
- European AI Act and other European regulatory concepts,
- Regulatory approaches of the FDA and other regional regulatory authorities,
- General and medical device-specific AI/ML standards,
- Expansion of the quality management system for AI/ML medical devices,
- Adaptation of product/software lifecycle processes to AI/ML technology
- Establishment of data management for training, validation and tuning of the AI/ML system,
- Extension of the required technical documentation and
- Approval of AI/ML medical devices in the EU and the USA.