How is the clinical evaluation phase regulated?

As we have previously mentioned, the Clinical Evaluation process is explained in Article 61 of the MDR. More specifically, in paragraph 3 of the article, the general requirements of the Clinical Evaluation process are explained, be it not as thoroughly as you would like it to be. In the Annex XIV, additional information can be found as well. If you are already familiar with the MEDDEV guidance document (MEDDEV is an abbreviation of Medical Devices Documents, which was developed on behalf of the European Commission to help the implementation of medical device directives), you might notice that it strongly resembles the process described in Annex XIV of the MDR. More specifically document 2.7/1 rec. 4 “Clinical evaluation: Guide for manufacturers and notified bodies”. The process defined in Annex XIV (paragraph 1 of Part A) is as follows: You must follow a Clinical Evaluation Plan with these stages: 1. A planning stage 2. An identification stage of relevant clinical data 3. An appraising stage for the data 4. If the appraisal stage deems it necessary, there may be the need for the generation of new data through clinical investigation. However, please note that this will not be the case with every SaMD product. 5. A reporting stage The resemblance between both Annex XIV and the MEDDEV guidance document is no coincidence, as the authors of the MDR had the 2016 MEDDEV document in mind when writing part A of Annex XIV. This is good news for any company that may have a clinical evaluation process based on MEDDEV 2.7/1, as it means their process is also aligned well with the requirements in Annex XIV of the MDR. Thus, if you are looking to build your clinical evaluation process for the very first time, it is a very good idea to base your process on MEDDEV 2.7/1, as this will provide you with a very thorough basis for your clinical evaluation process. However, it is important to consider that there are three points that go beyond that of the MEDDEV. These are as follows: 1. The establishment of a Clinical Evaluation Plan, which must include the following: Identification of the general safety and performance requirements that require support from clinical data. A specification of the intended purpose of the device. Under the MDR, ‘intended purpose’ refers to the use for which a device is intended according to the data supplied by the manufacturer on the label, in the instructions for use, or in promotional or sales materials or statements, and as specified by the manufacturer in the clinical evaluation. A specification of intended target groups. A description of the intended clinical benefits A specification of the methods used for examination of the qualitative and quantitative aspects of clinical safety, with clear reference to risks and side effects. A list of the parameters to be used to determine the benefit-risk ratio of the device, and how benefit-risk issues are to be addressed. A clinical development plan, indicating a clear progression from initial exploratory investigations, to confirmatory investigations. The Clinical Evaluation Plan process must result in a Clinical Evaluation report. 2. The PMCF (Post-Market Clinical Follow-up Studies) Plan, which outlines the method for conducting post-market follow-up of your SaMD. 3. The requirement to produce a PMCF Evaluation Report during the post-market phase.

Ensure that your SaMD processes data in a compliant, secure way

If your SaMD has a connectivity component, such as using a cloud-based platform, you will have to prove data integrity. Proving data integrity involves demonstrating that the data produced by your SaMD is accurate, consistent, and complete, and that data is processed securely in accordance with regulatory data protection requirements such as the GDPR. By building your SaMD on a medical Backend-as-a-Service (mBaaS) like Extra Horizon, you will make this step much easier. Our backend platform already has all the data protection standards implemented right from the start, enabling you to build a GDPR-proof SaMD solution easily. Proving data integrity will be one less burden to solve.

Make sure you build a strong QMS from day one

When developing your SaMD, the importance of having an effective QMS from the very beginning should not be underestimated. Your QMS makes sure that all procedures and processes concerning customer and regulatory requirements are documented properly, as well as making sure that continuous improvements are made to the effectiveness and efficiency of your SaMD. In the Clinical Evaluation phase for your SaMD, your QMS is an invaluable tool, particularly during the analytical and technical evaluation phase. The QMS will generate helpful evidence that your SaMD correctly processes input data, and that your SaMD has been built properly, according to the relevant regulatory requirements. When we are talking about quality management for SaMD, we are mostly talking about the ISO 13485:2016 standard. The ISO 13485:2016 standard is an international standard that is required to sell in the EU. If you plan on getting a CE Mark for selling your SaMD in the EU, you will need to become compliant with the MDR, and to be compliant with the MDR, you will need to be compliant with the ISO 13485:2016 standard. Thus, having an ISO 13485:2016 certified QMS will make the clinical evaluation much easier, as it proves an important and essential adherence to the MDR.

SaMD Development requirements

For the analytical and technical evaluation component of the clinical evaluation process, it is essential that you have proof that your software has been built in a proper way, taking into account all of the relevant regulatory requirements. Documentation generated by your QMS during the software building phase will provide solid proof that your software has been built according to the necessary requirements. See our point above about building a strong QMS from day one for more information. Additionally, as part of the development requirements for your SaMD, you will be required to manage your software lifecycle processes according to the IEC 62304 standard, which specifies the requirements for the safe design and maintenance of software.

Solutions

Products

Getting Started

Contact ->

How can your SaMD pass the clinical evaluation phase with flying colours in EU markets?

Sophie Osborne

May 10, 2022

SaMD HIPAA GDPR ISO 13485 Software as a Medical Device

Before we dive into clinical evaluation, what is SaMD (Software as a Medical Device) exactly?

A SaMD (Software as a Medical Device) refers to software that is used for a medical purpose, without being part of a physical medical device. For example, it may refer to an application for a computer, mobile phone, or tablet that is intended to treat, diagnose, relieve, monitor, or cure a medical condition or disease.

A pure example of SaMD is the certified and successful app FibriCheck. FibriCheck is a smartphone app that can check your heart rhythm, detecting any irregularities and therefore preventing strokes. FibriCheck is not part of a physical medical device, but is instead installed directly on the user’s smartphone. Almost any smartphone, that is! This is why FibriCheck is classified as SaMD.

SaMD FibriCheck Software As A Medical Device Extra Horizon Backend

SaMD offers many useful benefits. It can facilitate rapid data collection and analysis, which is far quicker and more efficient than what can be achieved by clinicians in the same timespan. It can also pick up on any sudden changes in a patient’s condition very quickly, even detecting subtle changes that may not have been noticed by the patient or their monitoring clinician. For this reason, SaMD can have considerable benefits to the patient, as detecting abnormal patterns early means that these can be investigated and addressed, thus opening the possibility of preventative care and preventing the patient from becoming more seriously ill.

Clinical evaluation for SaMD in EU markets

In essence, the purpose of performing clinical evaluation is to make sure that the SaMD conforms with the required regulatory requirements. In the process of clinical evaluation, the clinical data related to the SaMD is analysed and assessed to verify that the SaMD is safe to use and that the data is clinically useful. Performing clinical evaluation also enables any risks to be identified that have not already been identified and assessed as acceptable in the risk analysis, thus preventing any unexpected and potentially dangerous side effects.

Why do you need to perform clinical evaluation for SaMD (Software as a Medical Device?

In the EU, the path for clinical evaluation of SaMD is split into 5 stages. These are illustrated in the figure below:

SaMD Clinical Evaluation Documentation Planning Data Appraisal Analysis Documentation Software as a Medical Device

The requirements for the clinical evaluation of SaMD are outlined in Article 61 of the MDR. When it comes specifically to the clinical evaluation of SaMD, the path for this is outlined in the document ‘MDCG 2020-1 Guidance on Clinical Evaluation (MDR) / Performance Evaluation (IVDR) of Medical Device Software’; a document endorsed by the Medical Device Coordination Group (MDCG) of the European Commission.

What is the MDR and the IVDR, and why do they matter when building SaMD?

The MDR (Medical Device Regulation) is a set of regulations that governs the manufacture and distribution of medical devices in the EU. It came into effect on 26 May 2021. The MDR aims to ensure a high quality and safety of medical devices in the EU.

SaMD Software as a Medical Device IVDR MDR MDD Regulations

The IVDR (In Vitro Medical Device Regulation) is a regulatory framework for in-vitro medical devices in the EU. It was entered into force on 26 May 2017, and will apply fully in all EU member states by 26 May 2022. The IVDR sets rules on how in-vitro medical devices are classified, and how they are regulated and kept under surveillance.

Both the MDR and the IVDR are especially important when building SaMD, as they are used as the basis of the requirements for building SaMD. Therefore, being compliant with the MDR and the IVDR is essential for any company developing SaMD.

The three main components in the EU clinical evaluation stage

The three main components in the EU SaMD clinical evaluation stage are as follows:

1. Valid Clinical Association of the SaMD

For this component, you must be able to prove a valid association between the output of your SaMD (e.g. measurements, conclusions) and the clinical condition that it is intended to target. You can prove a valid association by using things such as findings from clinical research and trials, secondary data analysis, etc.

2. Analytical / Technical Validation of the SaMD

Here, you must prove that your SaMD correctly processes input data to produce accurate and reliable output data. Not only must you prove that your SaMD processes data properly, but you must also show that your software has been built properly.

3. Clinical Validation of the SaMD

For the clinical validation element, you must prove that any data produced by your SaMD is clinically meaningful and beneficial. For example, with the FibriCheck app, it must be proven that the data produced is clinically useful for detecting cardiac arrhythmias.

For more information on these three main components, you can read this document here.

There are many ways to obtain the necessary clinical data for the clinical evaluations of a SaMD. Here are several possible ways to collect the data:

Published data on clinical experience with the device or equivalent
Clinical investigation
Clinical investigation with a similar device
Combination of the above

How to improve the likelihood of passing the dreaded clinical evaluation phase for a SaMD

How is the clinical evaluation phase regulated?
As we have previously mentioned, the Clinical Evaluation process is explained in Article 61 of the MDR. More specifically, in paragraph 3 of the article, the general requirements of the Clinical Evaluation process are explained, be it not as thoroughly as you would like it to be. In the Annex XIV, additional information can be found as well. If you are already familiar with the MEDDEV guidance document (MEDDEV is an abbreviation of Medical Devices Documents, which was developed on behalf of the European Commission to help the implementation of medical device directives), you might notice that it strongly resembles the process described in Annex XIV of the MDR. More specifically document 2.7/1 rec. 4 “Clinical evaluation: Guide for manufacturers and notified bodies”.

The process defined in Annex XIV (paragraph 1 of Part A) is as follows:
You must follow a Clinical Evaluation Plan with these stages:

1. A planning stage
2. An identification stage of relevant clinical data
3. An appraising stage for the data
4. If the appraisal stage deems it necessary, there may be the need for the generation of new data through clinical investigation. However, please note that this will not be the case with every SaMD product.
5. A reporting stage

The resemblance between both Annex XIV and the MEDDEV guidance document is no coincidence, as the authors of the MDR had the 2016 MEDDEV document in mind when writing part A of Annex XIV. This is good news for any company that may have a clinical evaluation process based on MEDDEV 2.7/1, as it means their process is also aligned well with the requirements in Annex XIV of the MDR. Thus, if you are looking to build your clinical evaluation process for the very first time, it is a very good idea to base your process on MEDDEV 2.7/1, as this will provide you with a very thorough basis for your clinical evaluation process.

However, it is important to consider that there are three points that go beyond that of the MEDDEV. These are as follows:

1. The establishment of a Clinical Evaluation Plan, which must include the following:
- Identification of the general safety and performance requirements that require support from clinical data.
- A specification of the intended purpose of the device. Under the MDR, ‘intended purpose’ refers to the use for which a device is intended according to the data supplied by the manufacturer on the label, in the instructions for use, or in promotional or sales materials or statements, and as specified by the manufacturer in the clinical evaluation.
- A specification of intended target groups.
- A description of the intended clinical benefits
- A specification of the methods used for examination of the qualitative and quantitative aspects of clinical safety, with clear reference to risks and side effects.
- A list of the parameters to be used to determine the benefit-risk ratio of the device, and how benefit-risk issues are to be addressed.
- A clinical development plan, indicating a clear progression from initial exploratory investigations, to confirmatory investigations.
- The Clinical Evaluation Plan process must result in a Clinical Evaluation report.
2. The PMCF (Post-Market Clinical Follow-up Studies) Plan, which outlines the method for conducting post-market follow-up of your SaMD.

3. The requirement to produce a PMCF Evaluation Report during the post-market phase.
Ensure that your SaMD processes data in a compliant, secure way

If your SaMD has a connectivity component, such as using a cloud-based platform, you will have to prove data integrity. Proving data integrity involves demonstrating that the data produced by your SaMD is accurate, consistent, and complete, and that data is processed securely in accordance with regulatory data protection requirements such as the GDPR.

By building your SaMD on a medical Backend-as-a-Service (mBaaS) like Extra Horizon, you will make this step much easier. Our backend platform already has all the data protection standards implemented right from the start, enabling you to build a GDPR-proof SaMD solution easily. Proving data integrity will be one less burden to solve.
Make sure you build a strong QMS from day one

When developing your SaMD, the importance of having an effective QMS from the very beginning should not be underestimated. Your QMS makes sure that all procedures and processes concerning customer and regulatory requirements are documented properly, as well as making sure that continuous improvements are made to the effectiveness and efficiency of your SaMD.

In the Clinical Evaluation phase for your SaMD, your QMS is an invaluable tool, particularly during the analytical and technical evaluation phase. The QMS will generate helpful evidence that your SaMD correctly processes input data, and that your SaMD has been built properly, according to the relevant regulatory requirements.

When we are talking about quality management for SaMD, we are mostly talking about the ISO 13485:2016 standard. The ISO 13485:2016 standard is an international standard that is required to sell in the EU. If you plan on getting a CE Mark for selling your SaMD in the EU, you will need to become compliant with the MDR, and to be compliant with the MDR, you will need to be compliant with the ISO 13485:2016 standard. Thus, having an ISO 13485:2016 certified QMS will make the clinical evaluation much easier, as it proves an important and essential adherence to the MDR.
SaMD Development requirements

For the analytical and technical evaluation component of the clinical evaluation process, it is essential that you have proof that your software has been built in a proper way, taking into account all of the relevant regulatory requirements. Documentation generated by your QMS during the software building phase will provide solid proof that your software has been built according to the necessary requirements. See our point above about building a strong QMS from day one for more information.

Additionally, as part of the development requirements for your SaMD, you will be required to manage your software lifecycle processes according to the IEC 62304 standard, which specifies the requirements for the safe design and maintenance of software.

Your secret weapon for the Clinical Evaluation phase: The Lifecycle Tool

Extra Horizon offers a Lifecycle tool; a tool that makes it easier to manage software lifecycles. Lifecycle management refers to the specification, design, development, and testing of a software application, from the initial conception of the application, right up until the discontinuation of the product. The documentation generated by the Lifecycle Tool can be used as valuable evidence to prove that your SaMD conforms to the necessary regulatory requirements - something that is extremely important during the Clinical Evaluation Phase.

Contact ->

How Extra Horizon can help carry the burden of passing the Clinical Evaluation phase for your SaMD

Saving precious time and money

Using Extra Horizon’s medical Backend-as-a-Service (BaaS) offers numerous benefits during the Clinical Evaluation phase. As we provide a leveraged platform, this means that companies are able to simply configure their own backend platform instead of building it from scratch in-house. This will save you a lot of time and money, which means you will have more time and effort to focus on tackling the often-daunting SaMD Clinical Evaluation phase.

Regulatory certifications

Extra Horizon holds a number of regulatory certifications, including, but not limited to, the list below:

ISO 13485:2016

ISO 13485:2016 is a standard for Quality Management Systems for medical devices, and is a prerequisite for CE-approval, which is a mark that signifies that a product meets the safety, health, and environmental protection requirements of the European Economic Area (EEA). By using Extra Horizon’s ISO 13485:2016-compliant medical BaaS, you are relieving yourself of a huge chunk of the burden of building an effective QMS. The QMS also generates evidence that your SaMD correctly processes input data, and that your software has been built properly in compliance with regulatory standards.

Achieving ISO 13485:2016 certification also involves meeting thorough post-market surveillance requirements, so using a BaaS provider with an ISO 13485:2016 certification demonstrates a commitment to meeting the post-market requirements of the clinical evaluation phase.

You can read more about ISO 13485:2916 and the path to certification in our informative eBook, ISO 13485:2016: Thirteen Boxes to Tick on the Path to Certification.

Download it for free here.
ISO 27001:2017

ISO 27001 provides a standard for how an organisation should deal with information and data security, including all policies and processes relevant to the control and use of data. This certification shows that your SaMD follows all internationally acknowledged best practices with regards to confidentiality, risk management, and data integrity.

Read more here.
ISO 27701:2019

ISO 27701 specifies the requirements for establishing and maintaining a Privacy Information Management System (PIMS), providing a framework for the handling of Personally Identifiable information (PII).
IEC 62304:2015

The IEC 62304:2015 certification specifies the requirements for the safe design and maintenance of software. This helps greatly during the analytical and technical development stage of clinical evaluation, as it helps prove that your software has been built correctly.

Read more here.
EU Cloud CoC (Code of Conduct)

Extra Horizon is listed as a trusted provider in the EU Cloud Code of Conduct, which demonstrates our commitment to providing a safe and compliant cloud backend environment for our customers, as well as meeting the requirements necessary to comply with the GDPR. Read more about the EU Cloud CoC here.
Compliances and regulations received by our customers, built on Extra Horizon
- CE Mark
- MDR
- GDPR

How does the SaMD clinical evaluation process differ in FDA-regulated markets?

In the FDA controlled regions, which includes the 50 United States, the District of Columbia, Puerto Rico, Guam, the Virgin Islands, American Samoa, and other U.S. territories and possessions, the clinical evaluation phase is quite similar to that of the EU markets, although there are some differences that are well worth mentioning. We're currently writing a piece that dives a bit deeper into this aspect, so keep your eyes open or stay in the loop via our newsletter.

To conclude

The Clinical Evaluation phase can be a very daunting process, but by paying close attention to the regulatory requirements and making sure that your SaMD has a good and thorough QMS, you will be able to pass the Clinical Evaluation phase with flying colours. By using Extra Horizon’s ready-made, already-compliant medical BaaS, you will relieve yourself of even more pressure during the process. To find out more, please do not hesitate to get in touch.

< Older Post Newer Post >

Discover our brand new Medical Device Tutorial, Control Center improvements and more

By Extra Horizon • 26 Jan, 2024

We’re excited to introduce our latest tutorial for building a blood pressure monitoring app with Extra Horizon! Dive into the step-by-step guide, tailored for all skill levels, and discover hands-on experiences with our CLI and SDK. Plus, explore our Control Center enhancements, featuring bug fixes and usability improvements, ensuring an optimal user experience. Read on to explore the new features of SDK v8.0.0 and the revamped Schema Verification process via the CLI.

Introducing the Software Lifecycle Tool & some major RQL improvements

By Extra Horizon • 28 Nov, 2023

We have some exciting things to share with you today! Join our SLCT Beta Program for IEC62304 compliant software development. Plus, check out our RQL 7.8.0 update that boasts some nice new improvements and bug fixes.

Show all ->

FREE EBOOKS

Building and releasing medical device software is hard, very hard. Here at Extra Horizon we have had

IEC 62304 - A thorough yet simple guide

By Free ebook • 11 Oct, 2022

Get a thorough yet simple guide to IEC 62304 in Extra Horizon's ebook. Unlock insights into software development for medical devices.

ISO 13485 Ebook Medical Device Development

ISO 13485:2016: Thirteen Boxes to Tick on the Path to Certification

By Free ebook • 27 Apr, 2022

Learn the thirteen essential boxes to tick on the path to ISO 13485:2016 certification. Gain insights and guidance in Extra Horizon's ebook. Download now!

GOT QUESTIONS?