Medical device manufacturers have long been following the timeline of the implementation obligations of the MDR and the predecessor MDD. The EU still has not announced an exact date for the end of MDD support, but it is clear that there is a strong will to end the transition period, and the deadline is inevitably approaching. For device manufacturers, this means that medical devices and their software will have to be updated and brought under the Medical Device Regulation in the near future – otherwise the device will have to be withdrawn from the market. The reform does of course have good intentions: to improve patient safety.
Health and well-being technologies is a very topical and growing sector in Finland, and the end of MDD support will not only affect the numerous device manufacturers in time, but also the end users who use and need medical devices – caregivers and patients. The devices are not only used widely in health centers and hospitals, but also in the homes of individuals and patients.
The Medical Device Directive (MDD) and the Medical Device Regulation (MDR), which have been in force until now, have given device manufacturers some leeway for the certification and sale of their devices, but the MDD certificates will expire in May 2024 at the latest. Until then, the devices may be sold as long as the certificate is valid, provided that no significant changes are made in the meantime.
MDD-MDR transition timeline
- 25 May 2017 – MDR entered into force
- 26 May 2017 – Application of MDR started, CE marking of new and modified devices according to MDR
- 26 May 2024 – General applicability of MDR replaces MDD, e.g. manufacturers must have a quality system that complies with MDR
- 26 May 2024 – Even the last MDD certificates expire unless the transition periods are extended *
* The European Commission has just adopted its proposal to extend the transitional provisions for medical devices. It should be noted that the proposals concern old devices already on the market. All other current requirements under the regulations, such as safety, performance and quality management, will remain unchanged. Decisions on the proposal are expected in early 2023.
A large proportion of products and services classified as medical devices also include software, or may be software without a physical device. Therefore, the transition from the Medical Device Directive to the Medical Device Regulation era also closely affects software companies providing services to the health and well-being sector.
In the case of software, the Medical Device Regulation emphasizes requirements relating to quality systems, data security, and the interoperability of software, among other things. Experienced software partners may aim to support device manufacturers in different ways.
The role of the software partner in ensuring a smooth transition
The role of software companies in ensuring compliance with the hardware manufacturer’s requirements varies quite significantly depending on the hardware and the agreed division of tasks. If the device manufacturer has in-house software expertise, the partner can take care of the implementation according to specifications. However, it is often the case that the software partner also plays an important consultative and discussion role.
In deeper collaborative models, the software partner is involved in the development of the medical device software, even right from the start. Larger companies typically seek consulting and additional hands-on assistance from software professionals, sometimes also wanting to procure software development on a turnkey basis.
Whatever the more detailed division of tasks in the partnership, certain common operating parameters should be ensured in advance. To ensure that the collaboration is smooth and serves the desired purpose, the software partner should
- have a sufficient understanding of the Medical Device Regulation and the software requirements for medical devices. Close cooperation is easier when the software partner can advise on what the transition to MDR compliance requires in terms of software, and how and within what timeframe compliance can be achieved.
- be flexible, because while regulations and standards guide and frame the work, development is always customer and equipment specific. The software partner must be able to apply the regulations and the equipment manufacturer’s own guidelines on a case-by-case basis.
- follow the same quality standards as the device manufacturer. It makes the device manufacturer’s job much easier if it can trust the service provider to follow the same principles and processes as the manufacturer.
While the software partner cannot act as an auditor or directly manage the certification of medical device software, at best a partner can significantly pave the way and contribute to the swift management of the transition from MDD to MDR.
Why Pinja?
We at Pinja have solved many issues on behalf of our medical device manufacturing clients.
1) Quality system
MDR makes quality management mandatory for all manufacturers, regardless of the risk category of the medical device.
Our ISO 13485:2016 certified quality system also has MDR requirements built-in. Our quality system covers software development, support services, and platform services. We are therefore able to meet the MDR requirements for all of these already. Our quality system is audited by the certification body every year, most recently in September 2022.
More and more so-called harmonized standards are being adopted under the MDR. Applying them is a good way for manufacturers to demonstrate that their products or services meet the technical requirements of EU legislation. In practice, the quality system must take into account the standards that apply to the device, and the software being developed. The quality system also needs to be updated not only to reflect changes in standardization, but also to reflect changes in our own practices and the technologies we use.
2) Data security
The Medical Device Regulation requires attention to data security, even though the regulation does not yet discuss cybersecurity that much. However, one sentence in the regulation concerning data security opens up a set of requirements that device manufacturers must take into account.
We are a software company employing over 500 experts, whose clients include medical device manufacturers and other players in the healthcare sector, as well as major industrial players, municipalities and cities, circular economy companies, and digital trade operators. Data security is an essential part of our daily work, and one in which our experts have long-standing, up-to-date knowledge. For medical devices, we use Finnish data centers with ISO 27001 and ISO 22301 certifications. We also carry out security and accessibility testing.
3) Software compatibility
One of the requirements of the Regulation concerns the compatibility of medical devices, and the same compatibility requirement is also explicitly mentioned for software.
At Pinja, we manage the transfer of data between software with our integration services, with and on behalf of our clients. We also use this expertise in medical device software development, although the constraints are different from many other industries. We offer integration expertise from single integration implementations to long-term integration partnerships, including architecture and testing services.
The transition to MDR can start immediately
As medical devices and the companies that manufacture them are always different and unique, the software partner also needs to be flexible, adaptable and visionary. At Pinja, we specialize in just that.
If you are considering transitioning to the MDR regulation, please contact us. We are happy to help and advice on all aspects of medical device software, and are a strong supporter of enabling a timely transition.
Read more:
Guide: Medical Device Regulation and Software Development – Key points to consider
Quality assurance at the heart of medical device software development and MDR regulation
Designing medical device software according to the Medical Device Regulation (MDR) blog post series:
- Part 1: Software definition and classification
- Part 2: Conformity assessment, software modules and impact of changes
- Part 3: Quality Management System (QMS)
- Part 4: Lifecycle processes for medical device software
Evondos® dispensing service system radically reduces medication errors
Also check out:
Pinja is developing one of Europe’s largest healthcare data warehousing solutions for the Hospital District of Helsinki and Uusimaa
The BI and reporting partnership with Pinja provided an overview of HUS’s operating room activities
