[joe_the_user]

Well, a big question is "what is a medical device"?

Is that any object or software that comes in contact with patients?

I worked producing software that segmented images produced by a medical imaging device. The software would be built-in but it was the kind of thing one could have also have done exporting the images to Photoshop.

So the question of what the boundary between normal software and medical software is going to be rather important if medical software winds-up constrained by NASA level procedures.

(Obviously, implanted devices need very particular standards but other devices raise questions).

[seren]

IEC62304 requires that for risk management you decompose your sw in modules or units and assess the risk for each one.

Roughly a class A module or device even if malfunctioning can not cause harm. For example it could be a logging or debugging module. It is annoying if it is broken for you but should not harm the patient.

A class B malfunction can have minor or severe consequences but that should be reversible like a minor injury, it can not have long lasting effect.

Finally class C means irreversible effects (amputing the wrong leg, death). Misdiagnosis are often class C (unless your system is detecting common cold)

This analysis has to be done for SW you develop but also for SW you buy: anything that goes into the product is concerned. In your case I assume you do not sell the final product but this the responsibility of your customer to do the risk management. And if you are class C you have to provide a whole lot of evidence : requirements, tests, FMEA, tests results, detailed design and so on.

This does not really answer what is or what is not a medical device. As far as I know in most jurisdiction it is linked to "claim".

If you are claiming that you system is curing or doing the diagnosis of some ailment, this is likely a medical device. On the other hand, if you do not claim anything (like homeopathy or food supplement), you are not regulated. That's why most of the time health mobile app do not claim to be able to diagnose anything.

[wmkn]

For the EU what is a 'medical device' is pretty well described in 93/42/EEC which is the law describing the medical CE process (http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CONSLE...)

There are quite a bit of edge cases though, so the definition of medical device actually has a guidance document that gives a bit more context (http://ec.europa.eu/DocsRoom/documents/10278/attachments/1/t...).

> I worked producing software that segmented images produced by a medical imaging device. The software would be built-in but it was the kind of thing one could have also have done exporting the images to Photoshop.

Segmentation software could certainly be considered a medical device if it has a medical purpose. For instance, if the segmentation is used to produce a diagnosis or a measurement. If you would like to sell it to medical professionals you would be required to have a medical CE for the software. Photoshop might have the same functionality, but it does not have a medical CE, so in principle it should not be used by medical professionals.

[davidw]

Something like that might cause a misdiagnosis or cause a doctor to not see something, if done incorrectly.

OTOH, it's certainly not an invasive device or something where someone dies if it fails.

There are different categories of medical device, IIRC. The last place I worked did non-invasive diagnostic devices.