Regulatory Open Forum

This message was posted by a user wishing to remain anonymous

Hello RAPS,

Could you please share your thoughts when the validation of SaMD is necessary and how does  the clause 7.5.6 of the ISO 13485 apply (if)?

Hi anon,

clause 7.5.6 of ISO 13485 is about validation of processes for production and service provision, including validation of software used in production and service provision. It odes not have a relation with SaMD.

Validation of SaMD is always applicable, as described in 7.3.7 Design and Development validation. 

------------------------------
Peter Reijntjes
Consultant Regulatory & Quality Affairs Medical Devices
Heteren
Netherlands
------------------------------

Original Message:
Sent: 25-Feb-2024 04:53
From: Anonymous Member
Subject: SaMD-validation

This message was posted by a user wishing to remain anonymous

Hello RAPS,

Could you please share your thoughts when the validation of SaMD is necessary and how does  the clause 7.5.6 of the ISO 13485 apply (if)?

Good day Anon,

In a simple statement, validation of Software as a Medical Device (SaMD) is always required.  In fact, this is one of the areas frequently cited by regulatory agencies being insufficient or non-existing related to validation of the software application.  As Peter stated, validation of finished medical device software falls under Section 7.3 of ISO 13485 and Section 7.5.6 is related to software contained in the quality management system, i.e. manufacturing equipment, document control software, record retention software, etc.

------------------------------
Richard Vincins ASQ-CQA, MTOPRA, RAC
Principal Strategy Consultant
NAMSA
------------------------------

Original Message:
Sent: 27-Feb-2024 05:04
From: Peter Reijntjes
Subject: SaMD-validation

Hi anon,

clause 7.5.6 of ISO 13485 is about validation of processes for production and service provision, including validation of software used in production and service provision. It odes not have a relation with SaMD.

Validation of SaMD is always applicable, as described in 7.3.7 Design and Development validation. 

------------------------------
Peter Reijntjes
Consultant Regulatory & Quality Affairs Medical Devices
Heteren
Netherlands

Original Message:
Sent: 25-Feb-2024 04:53
From: Anonymous Member
Subject: SaMD-validation

This message was posted by a user wishing to remain anonymous

Hello RAPS,

Could you please share your thoughts when the validation of SaMD is necessary and how does  the clause 7.5.6 of the ISO 13485 apply (if)?

Well, I would argue that validation of SaMD, as with any software, is always required to some degree or other. After all, validation is basically "demonstrated proof the software/device meets the needs of the user" and that seems fundamental, particularly when the entire device IS the software. Why would you not want to do that? Obviously, automated test can do most (all?) of your verification activity, but validation requires actual users or their surrogates.

Now, that said, specifics matter when determining what comprises sufficient validation. If your release is an initial product, generally a number of actual users should test the complete function of the device and assess that it met the "user needs" or "voice of the customer" (if you do systems engineering approaches). However, if the release is a small patch, you may be able to leverage the previous validation. And if it is a single new feature, the validation could be customized to that feature alone.

I encourage you to focus on the intent of the standards/regulations, and figure out what makes sense to assess - then go to the standard and see how it fits and aligns, rather than trying to use it as a "cookbook" or the "maximum" effort that is needed.

Ginger

------------------------------
Ginger Glaser RAC
Chief Technology Officer
MN
------------------------------

Original Message:
Sent: 25-Feb-2024 04:53
From: Anonymous Member
Subject: SaMD-validation

This message was posted by a user wishing to remain anonymous

Hello RAPS,

Could you please share your thoughts when the validation of SaMD is necessary and how does  the clause 7.5.6 of the ISO 13485 apply (if)?

Hi, 

aligned with previous answers and I highly recommend to consider risk management principles (ISO14970) & IEC 62304 in your validation. 

Béatrice

------------------------------
Beatrice NAJEM
CEO & Founder of Quarex Consulting LLC
Belmont MA
United States
------------------------------

Original Message:
Sent: 27-Feb-2024 09:29
From: Ginger Glaser
Subject: SaMD-validation

Well, I would argue that validation of SaMD, as with any software, is always required to some degree or other. After all, validation is basically "demonstrated proof the software/device meets the needs of the user" and that seems fundamental, particularly when the entire device IS the software. Why would you not want to do that? Obviously, automated test can do most (all?) of your verification activity, but validation requires actual users or their surrogates.

Now, that said, specifics matter when determining what comprises sufficient validation. If your release is an initial product, generally a number of actual users should test the complete function of the device and assess that it met the "user needs" or "voice of the customer" (if you do systems engineering approaches). However, if the release is a small patch, you may be able to leverage the previous validation. And if it is a single new feature, the validation could be customized to that feature alone.

I encourage you to focus on the intent of the standards/regulations, and figure out what makes sense to assess - then go to the standard and see how it fits and aligns, rather than trying to use it as a "cookbook" or the "maximum" effort that is needed.

Ginger

------------------------------
Ginger Glaser RAC
Chief Technology Officer
MN

Original Message:
Sent: 25-Feb-2024 04:53
From: Anonymous Member
Subject: SaMD-validation

This message was posted by a user wishing to remain anonymous

Hello RAPS,

Could you please share your thoughts when the validation of SaMD is necessary and how does  the clause 7.5.6 of the ISO 13485 apply (if)?

Hi, Validation of Software as a Medical Device (SaMD) is necessary to ensure that it consistently performs according to its intended use and meets the requirements of applicable regulations and standards. SaMD validation is particularly important because software can have a direct impact on patient safety and treatment outcomes.

Clause 7.5.6 of ISO 13485, which pertains to validation of computer software, applies when the software is used in the quality management system (QMS) or when it is part of a medical device. 

When it comes to SaMD specifically, ISO 13485 may not directly address all aspects of SaMD validation since it primarily focuses on quality management systems for medical devices. However, other relevant standards like ISO 14971 (Risk Management for Medical Devices) and IEC 62304 (Software Development Lifecycle for Medical Devices) provide more specific guidance on SaMD validation.

------------------------------
Raje Devanathan
Amerisource Bergen
TPIreg, Innomar Strategies
Senior Manager - Regulatory Affairs, Medical Devices
rdevanathan@tpireg.com
3470 Superior Court
Oakville ON L6L0C4
Canada
------------------------------

Original Message:
Sent: 25-Feb-2024 04:53
From: Anonymous Member
Subject: SaMD-validation

This message was posted by a user wishing to remain anonymous

Hello RAPS,

Could you please share your thoughts when the validation of SaMD is necessary and how does  the clause 7.5.6 of the ISO 13485 apply (if)?