The two standards IEC 62304 and IEC 82304 both refer to software and both look at minimizing risks, but have entirely different targets.
IEC 62304:2006 - Medical device software – Software life cycle processes - focuses on the development elements (planning, requirements analysis, architectural design, verification, integration testing, etc.), and maintenance (updates and upgrades) aspects of software, as an embedded or integral part of a device, and relies on ISO 13485 (for activities and tasks managed through Quality system processes) and ISO 14971 (for management of product risks, based on software safety classification).
On the other hand, IEC 82304-1:2016 - Health software - Part 1: General requirements for product safety – focuses on the safety and security risks of stand-alone software (with no dedicated hardware), relying on IEC 62304 for the software development and maintenance processes, and using product validation to ensure the software performs as intended.
So, while software development is identified as a major area that may compromise patient safety, stand-alone health software has additional safety and security requirements, particularly around documentation.
Finally, under classification rules of the EU MDR (Rule 11 of Annex VIII, Chapter III) stand-alone software is classed solely on severity of potential risk, meaning certain health related software (including some mobile medical apps) could end up with a higher classification. IMDRF Guidance (IMDRF/SaMD WG/N12FINAL:2014) helps address this situation by introducing a graded scale (i.e. Treat or Diagnose/ Drive Clinical Management / Inform Clinical Management) based on the significance of information provided by the SaMD to healthcare decision-making.
In answer to your query, application of IEC 62304 alone to stand-alone health software would not fully address the safety and security risks covered by IEC 82304. Having said that, all standards are voluntary so manufacturers may adopt alternative means of demonstrating product safety and performance.
See also:
http://media.qadvis.com.loopiadns.com/2016/11/QAdvis-SW-Validation-RMD2016-w-WM.pdf------------------------------
Homi Dalal RAC
Regulatory Affairs Leader
Christchurch
New Zealand
------------------------------
Original Message:
Sent: 04-Feb-2019 16:04
From: Anonymous Member
Subject: IEC 82304-1:2016 Health Software
This message was posted by a user wishing to remain anonymous
Hello everyone
What is the transition period for the standard IEC 82304-1 Health software -- Part 1: General requirements for product safety? It applies to SaMD such as mobile apps. However, I haven't heard much discussion about this standard or known of any company applying this standard yet. However, it is an FDA recognized consensus standard. If a company only applies the IEC 62304 standard for health software, would it be out of compliance?
Thanks.