Sterling Medical Devices & RBC Medical Innovations are combining to create Vantage MedTech! Meet RBC
Contact Us
Close Form

Interested in learning more about how we can work together in your current or next medical device design project?

Just fill out this form and we’ll be in touch!

  • This field is for validation purposes and should be left unchanged.

Wherever you are in your product development lifecycle,
Sterling can help.

P: 201-877-5682
F: 201-301-9169

The New EU Medical Device Software Requirements

Author: Carrie Britton | Date: February 18, 2021

With the EU’s new medical device software (MDSW) requirements, the guidance related to qualification, classification, clinical evaluation and cybersecurity present challenges for software as a medical device (SaMD) manufacturers. Approaches to MDSW under the EU Medical Device Regulation (MDR) 2017/745 and In Vitro Diagnostic Regulation (IVDR) 2017/746 are much stricter than other regulations and require a deeper dive.

The Regulatory Affairs Professionals Society details these changes in Medical Device Software Under the EU MDR. Here is a synopsis of their findings to help you navigate the process.


Qualification is the activity that determines whether the MDSW is covered under the MDR. To that end, MDCG 2019-11 offers a qualification workflow that takes manufacturers through the following questions:

  • Is the product software in accordance with the definition of the MDCG 2019-11 guidance?
  • Is the software an annex XVI device, an accessory for a medical device according to MDR art 2(2)?
  • Is the software driving or influencing the use of a (hardware) medical device?
  • Is the software performing an action on data different from storage, archival, communication or simple search?
  • Is the action for the benefit of individual patients?
  • Is the software an MSDW according to the definition of the guidance?


Classification determines the risk class of a medical device. Software under the MDR is an active device and must follow active device classification rules. The final classification will be determined by the highest classification of the MSDW after all classification rules are applied.

To avoid being assigned a classification that is too high, follow MDR Annex VIII Rule 3.3 and MDCG 2019-11 guidance, which is based on International Medical Device Regulators Forum (IMDRF) recommendations. For example, according to this guidance, because most software has an indirect influence on treatment or diagnosis, the classification should be lower. And any software that drives a medical device or influences its use should be assigned the same risk class as the device itself.


The most recent clinical evaluation guidance (MEDDEV 2.7.1 rev 4) was not written with MDSW in mind. Yet governing bodies expect clinical evaluations to follow the guidance, using the Clinical Evaluation Assessment Report (CEAR) template for the review. Therefore, manufacturers should have solid understanding of the CEAR, keeping in mind the following omissions from MEDDEV which create critical gaps for MDR requirements:

  • No references to the MDR, such as articles, annexes, and general safety and performance requirements (GSPR) sections.
  • No discussion about MDR Article 61(10) that technical data can replace clinical data under certain conditions
  • Missing MDR requirements for clinical evaluation plan, identifying GSPRs requiring (clinical) data and defining which level of clinical evidence is required
  • Clinical investigation for class IIb implantables and class III devices
  • Post-market surveillance plan, post-market clinical follow-up plan and clinical development plan
  • Common specifications
  • Stricter requirements for clinical data
  • Qualified assessment of sufficient level of clinical evidence

Clinical Evidence:

According to the MDR, clinical evidence is based on a very strict definition of clinical data from an original or equivalent device, with clinical data coming mainly from clinical investigations (and not from post-market surveillance clinical data). To help MSDW manufacturers navigate the regulation, the Medical Device Coordination Group (MDCG) created a suite of documents that offer guidance specific to:

  • Sufficient clinical evidence for legacy devices
  • Clinical evaluation
  • Clinical (MDR) or performance (IVDR) evaluation of medical device software

Note, both MDR and MDSW clinical evaluations are required.

Cybersecurity guidance

With the recent prevalence of ransomware attacks on hospitals around the world, MDCG 2019-16 guidance on cybersecurity was developed to protect MDSW—and updated guidance is expected soon.  The guidance also requires that manufacturers inform the hospital asset owner and system integrator on how the MDSW can be protected.

Manufacturers are strongly encouraged to carefully study the MDCG guidance for the MDR, as it contains solutions for common problems, plus additional requirements for acquiring the MDR CE mark. If you have any questions or are looking for additional information about the new EU medical device software requirements, contact our regulatory team.

Share this!

Contact Us

  • This field is for validation purposes and should be left unchanged.


July 7, 2015

Should the FDA’s Regulatory Oversight of Medical Device Apps be Limited Any Further?

The medical technology (medtech) sector is ablaze with change as a result of the increased usage of mobile apps. Today, legislators, media outlets, and decision-makers in industry are increasingly...
Read More >
View More Blogs

February 18, 2021

5 Mistakes Medical Device Startups Make

Startups are the lifeblood of medical device innovation. Without universities researching ways to solve pressing healthcare problems or doctors with experience in a particular field who have an idea to develop a prototype medical device that could help patients, the future technologies needed to help save lives wouldn't happen. But the long, arduous road through the FDA submission process to get market approval can take a long time and cost a lot of money without help. Sterling Medical Devices has been helping startups through the FDA approval process since 1998 without ever having a submission rejected.
Read More >
View More Videos
active drug delivery system

September 8, 2020

Implanted Drug Delivery System

Sterling Medical Devices designed and developed a Class III pain medication delivery system for patients with spinal injuries. The system is comprised of three devices: an implantable pump, a handheld Clinician Programmer, and a handheld Patient Therapy Controller. The pump is surgically implanted into the patient, and the two handheld devices each communicate with the pump when held within close proximity of it....
Read More >
View More Case Studies

Need help with your medical device?

Let Sterling Medical Devices show how to bring your idea from concept to prototype to
FDA/CE approval with a free custom project analysis.
Request Free Analysis