The regulation of medical devices in the EU has been chaotic since the implementation of Regulation (EU) 2017/745, known as the Medical Device Regulation (MDR). This upheaval has been particularly challenging for manufacturers facing a backlog of MDR transition applications and a dwindling number of Notified Bodies equipped to handle them. As a result, companies holding Medical Device Directive—Council Directive 93/42/EEC (MDD) CE Certificates have been anxiously awaiting their transition to the MDR before the 2024 deadline for MDD certificate recognition.
Thankfully, the European Commission has provided some relief. If an application with a Notified Body is in place before the 2024 deadline, the EU has extended the transitional provisions to December 2027 or December 2028, depending on the device classification. This extension alleviates the immediate threat of having to withdraw MDD-certified devices from the market after May 26, 2024. However, it doesn’t fully address the ongoing challenges posed by the MDR transitional provisions.
The Software Sector’s Unique Struggles
MDR Article 120 imposes strict conditions that devices with valid MDD certificates can remain on the market only if they comply with the original directives and undergo no significant changes in design or intended purpose. This restriction is particularly challenging for software devices, which require frequent updates to fix bugs, enhance user interfaces and address cybersecurity threats.
The critical question facing software manufacturers is: What constitutes significant changes? Specifically, how do we define “significant changes in design or intended purpose” in the context of software? Spare a thought for the regulatory affairs professionals in software device manufacturing who must grapple with this question amidst a constant influx of frustrated colleagues: product managers clamoring for urgent feature requests and UI enhancements, software architects dealing with alterations to third-party software components and necessary security patches, customer support and test managers addressing bug fixes that may not fit neatly into the category of “bug fixes” because they stem from incorrect original specifications, and so forth. This scenario is likely all too familiar to many in the industry.
To address this situation, the MDCG 2020-3 guidance document, “Guidance on significant changes regarding the transitional provision under Article 120 of the MDR with regard to devices covered by certificates according to MDD or AIMDD,” was introduced in March 2020. This guidance includes flow diagrams or decision trees outlining various change types considered to be significant, such as changes to intended purpose, design, performance specifications and materials, as well as software changes.
Unfortunately, because the document’s definition of “significant changes” lacks clarity for software, even minor updates could be deemed significant. This blanket categorization has been a source of confusion and frustration and has even stifled development road maps.
Light at the End of the Tunnel
In May 2023, the EU released an updated version of the guidance, MDCG 2020-3 Rev. 1. This revision brings much-needed nuance and interpretive flexibility, aligning with the extended MDR transitional provisions. Key clarifications include:
- Defining “significant change”: A significant change now consists of two cumulative events: a change in design or intended purpose that is significant and does not negatively affect the risk/benefit ratio of the device.
- Expanded permissible changes: The updated guidance allows for more non-significant changes, such as performance improvements to reduce latency, updates to standard third-party operating systems and algorithm changes that enhance processing speed without altering diagnostic output.
Any change that doesn’t meet this threshold is valid, provided the risk/benefit ratio of the device isn’t negatively affected. The updated guidance significantly expands the types of permissible changes under an MDD certificate, particularly for software devices.
Notably, the updated guidance acknowledges that some algorithm changes are not necessarily significant. For instance, an updated algorithm that processes data faster but returns the same diagnostic output can be considered non-significant, representing a significant commercial enhancement.
Moving Forward
The updated MDR guidance offers a more flexible and nuanced approach to compliance, providing a clearer path for software device manufacturers. Manufacturers should embrace this opportunity to innovate and stay ahead in the competitive medical device market.
At EVERSANA, we understand the complexities of navigating MDR compliance, especially for software devices. Our expertise can help you interpret the new guidance, formulate justifications for permissible changes and strategize your path forward. By leveraging our experience, you can ensure that your regulatory assessments are robust and your product development remains agile.
Author
Gwilym is a seasoned regulatory professional with 15+ years of experience in Software as a Medical Device (SaMD). His expertise spans startups to large corporations, covering manufacturers and distributors. Gwilym has contributed significantly to…
With over 25 years in business and technology operations, Kory brings a wealth of experience to the ever-evolving medical device field. He partners with companies developing medical devices, leveraging his deep understanding of global…