It is certain that no medical device manufacturer or marketer wants to ship a defective product. From personal experience, there is an indication that such a supplier is exposed to major dangers. A device with incorrect software may be rejected from the market. Suppose software problems develop after a release, such as after an update or after more extensive gadget utilization. In that case, the product could be recalled from the market, and the company that sold it could be punished.
Users’ well-being could also be harmed by low-quality custom software, such as when a therapy choice is taken depending on erroneous diagnostic data. Furthermore, if custom software security is inadequate, a medical software supplier runs the danger of revealing patients’ health information and violating HIPAA requirements.
As a result, the medical device provider’s reputation suffers, potentially leading to increased customer attrition, missed sales, and lower revenue.
It’s a terrible situation. It can, thankfully, be avoided. There are some QA and testing actions you could utilize to help you ensure that software for medical devices is of good quality.
In this article, Hanna Shnaider, the head of marketing at FortySeven discusses the elements to consider while creating a QA process for medical device software and the QA activities to undertake and recommended practices to help assure thorough medical device software testing. You can find out more about her here.
Tried-and-true Method for Medical Device Software Testing
It is recommended that you begin the testing process by reviewing the product’s intended use formulation – the description of what the software from the software development company would be utilized for and how it will be used. The proposed utilization would serve as the foundation for subsequent software testing.
The next stage is to determine the software’s compliance requirements. In the United States, a medical device maker must obtain premarket approval from the US Food and Drug Administration (FDA) and adhere to FDA and CGMP regulations on software quality management (21 CFR part 820).
If a software vendor develops software for medical devices rather than a device manufacturer, the software vendor is not directly responsible for assuring compliance with FDA standards. In this instance, the device manufacturer or market operator must analyze the custom software agency’s quality assurance activities and determine whether further efforts are required to achieve compliance standards before cooperating with the software vendor.
Determining the scope of medical device software verification activities by determining which category of concern (major, moderate, or minor) software accompanies a medical device comes under. The following actions ought to be included in a mobile app development or software testing procedure for medical devices of all levels of concern:
#1 Verification of software
Begin by validating software requirements and ensuring that the software developed in response to these needs would align with and be beneficial in its intended use.
#2 Verification of software requirements
As a further step in detecting potential software problems at the earliest phases of the software life cycle, it is recommended that you assess the quality of requirements. Review the software’s functional, performance, security, and other requirements for clarity, consistency, and traceability.
#3 Software design verification
Involve a custom software development firm to ensure that the software architecture accurately reflects the requirements, adheres to appropriate security standards, and is designed to reduce quality risks. The software design specification from development companies should be checked for clarity and unambiguity by the QA team. Even though the FDA mandates at least one formal design review during the software design stage, a custom software developer would advocate including design verification at the end of each software life cycle stage.
#4 Code reviews and unit testing
FortySeven software professionals recommend establishing procedures for spotting flaws earlier in the custom software development life cycle. Adopt code quality rules to define what is required in terms of clarity, complexity, maintainability, and other pertinent factors. Perform a source code analysis to ensure it complies with industry standards and schedules regular code reviews as your software development process components.
Additionally, increasing the percentage of testing performed by the development team at the unit level is beneficial because it aids in detecting faults when they are much easier and less expensive to resolve.
#5 Software verification
Medical devices and software vendors are frequently under pressure to deliver high-quality software fast, yet medical device software testing cannot be minimized. As a result, most custom software development companies advocate combining API testing with system testing, followed by rigorous regression testing to streamline the test process without compromising product quality. Consider using tried-and-true techniques like test automation and continuous testing as part of a CI/CD pipeline.
Medical device software’s non-functional aspects must also be thoroughly evaluated. As a result, software development companies advocate performing performance, usability, security, and compatibility testing in addition to functional testing.
#6 Compliance verification
If a medical device is under the influence of a compliance check, such as to ensure that it meets the needs of ISO 13485, IEC 62304, or IEC 82304-1, include compliance verification in the scope of verification activities.
Best Practices to Follow to Present a Medical Device to the Market Successfully
A medical device software or medical software supplier must ensure that their quality assurance process meets the following criteria to effectively submit a medical device to the market and pass an FDA review:
#1 Detailed and comprehensive test documentation
You must give physical evidence of the validation and verification tasks you did. Depending on the software’s level of concern, some papers may be included in the list of minimally necessary deliverables.
#2 Traceability of requirements from beginning to end and complete coverage
Technical requirements and test design papers should be mapped to business, compliance, and risk treatment needs, and this mapping should be expressed in a needs traceability matrix. This will guarantee that test scenarios handle all technical specs, speed up the testing process, and simplify debugging.
#3 Testing operations are prioritized based on the software’s expected usage and dangers
Testing efforts should be prioritized according to the risk level of software parts, with the riskiest components validated first in the software delivery life cycle.
Because medical device software must meet stringent quality standards and adhere to many regulations, such software’s QA and testing procedures must be meticulously planned and implemented. You are welcome to submit a request to FortySeven IT for QA help to execute appropriate QA-related tasks.