Harmonization date of IEC 60601-1 , 3rd Edition

No, the suggestion that you cannot connect 2nd ed devices to 3rd ed devices is very wrong for a number of reasons. It sounds like UL needs a rap on the hand if they are saying this, but I'd like to hear their side of the story first. Chinese whispers and all that stuff.

The 3rd ed is a high profile standard, but only one of hundreds of standards that are changing all the time. I can imagine someone saying connection of 2nd ed to 3rd ed devices could hypothetically cause a safety issue using the assumption that anything not tested to a standard is unsafe. But if that thinking is applied broadly you would end up with just about all medical devices being pulled of the market.

Might be unusual to ask in a forum, but do you have a UL contact name and office? I have a lot of contacts in UL so might be able to figure out what the story is.

Hi Emilia - I work at UL and asked my colleagues for input to your questions. It looks like others have also clarified some of the information you received.

Both the EU and Canada have designated June 1, 2012 as the transition dates for 3rd edition of IEC 60601-1, so if you are planning on selling your device into the EU or Canada after that date, then it will need to be compliant with the 3rd edition. Also, FDA has recognized the 3rd edition and has set a transition date of June 30, 2013. Generally, the requirement for 3rd edition only applies to new device approvals, but some regulators are also requiring it for new devices placed on the market. There is a lot more detailed information on the 3rd edition on UL's 60601 transition web page.

To answer your second question regarding connecting devices evaluated to different standards:

There are significant differences between the 2nd and 3rd Edition of IEC 60601, most notably, the inclusion of requirements for a risk management process in accordance with ISO 14971, as well as the introduction of the requirement for preservation of essential performance. Understanding this, it is theoretically possible to connect a 2nd edition device (accessory) to a 3rd edition end-product if during your risk assessment for the end product, you identify the risks and determine there are no basic safety or essential performance impacts associated with connecting the 2nd edition accessory. Functionally, then the entire assembly (2nd edition accessory plus 3rd edition end-producttogether) becomes compliant with the 3rd edition. On the other hand, if the risk management process for the 3rd Edition end-product identifies some impact to basic safety and/or essential performance when the 2nd Edition accessory is connected, then clearly, this is not in compliance with the 3rd edition standard and is not permitted for markets that will require conformiy to 3rd edition.

I hope this information helps.

-Tara

Tara, thank you so much, this information is really important and so well explained!

We will go with 3rd edition on the new product and will sooner do the "upgrade" to the other device.

Thank you again,

Emilia

Anyone have some good advice for a manufacturer who already has Ed2 products on the market in the EU and wants to sell Ed2 compliant upgrades (Software and/or Hardware kits that are not Medical Electrical Equipment by themselves) that were originally included in the MDD technical file after the June2012 Ed3 deadline?

Does the manufacturer have to re-evaluate the old Ed2 base device to Ed3 and create a new Technical File? Does the original DoC cover the Ed2 upgrades being applied to Ed2 devices post June 2012 since the base device is already installed? Does the manufacturer have to evaluate the changes to the device once the upgrade is installed to determine if the upgraded system is newly "placed on the market" which would force Ed3 compliance of the old base device?

The implication here is that manufacturers would not be able to sell upgrades or optional equipment for installed devices into the EU without evaluating the devices to Ed3 after June2012. Is that correct?

It's actually a good question.

An upgrade (new hardware or software) would normally be considered a new "placing on the market", and therefore is subject to the full provisions of the directive as a new medical device.

You would not need a new "technical file", the changes would normally be documented in the existing technical file just like any design change.

For every design change, you should have a new declaration of conformity, or an equivalent system where compliance with the directive is ensured as part of the design change process.

However (this is the big point), the directive does say that compliance should be based on standards "at the time of design", provided there are no serious risks addressed by the new standards.

With this in mind it is possible to argue that:

• new standards should be applied in full to the upgrade portion of the design
• new standards should be reviewed to make sure that there are no new requirements which address significant risks for your device. If they do, then apply this portion of the standard only.

In the case software (IEC 62304) you will still have to establish a baseline for configuration management prior to the upgrade. But, as IEC 62304 is already harmonized, this should already have been done.

CE marking does not require certification to 60601-1, but if you attempted to rely on it that way, as its "Annex Z" (EN 60601-1 version only) suggests you can, the Third Editions will present new and additional problems of the very same type you are trying to avoid.

The Third Edition relies on 14971:2000, which has been withdrawn by both Europe and the FDA. Likewise, the software standard 60601-1-4 it references is obsolete as well. The Official Journal in Europe makes it clear that the Third Edition cannot be used for compliance with 93/42/EEC since it was ammended by 2007/47/EC. The Third Edition was developed before the Medical Device Directive was ammended with 2007/47/EC. The current posting at the European "Official Journal" website makes that clear.

Official Journal "(*): This European Standard does not necessarily cover the requirements introduced by Directive 2007/47/EC".

Putting the Horse back in front of the cart
Use EN 14971:2009 to support conformity with the Essential Requirments
The Risk Management standard is a great approach for satisfying the revised 93/42/EEC. You don't need 60601-1 to apply ISO 14971. Use ISO 14971 to address the Essential Requirements, and then use whatever standard(s) you choose to populate your risk analysis/risk control form. You will likely need EN 1041 to address labeling requirements in the MDD, and perhaps other particular standards, as well. I've never been able to use less than 4 standards for completing an Essential Requirements checklist, but ISO 14971 comes the closest. By comparison, 60601-1 is hardly useful at all, which is perhaps why Annex Z of 60601-1 has no table that cross references to any single Essential Requirement.

EN 14971:2009 is really right as rain when used for populating an "Essential requirements" checklist. Its ideal because CE/QMS auditors can see more clearly how the product and quality management system interlinks with Essential Requirements and "reduce risks as far as reasonably practical". For example, they can check receiving, storage, in-process and environmental controls, right where they occur, at the factory in the filed records. Of course they can check the design and development controls and like to see verification and validation reports.

Auditors doing your QMS and Technical File review will feel at home with ISO 14971:2007 being your base standard, since it is a part of the "Management System" type of standards, like like ISO 13485, 14000, 9001, etc. NOTE - Product testing labs are not not accredited for assessing managment systems anyway, since labs are accreditated to ISO 17025, which doesn't cover "managment systems".

You need to be cautious to remember that testing labs are really an extension of your "Design and Development" process under ISO 13485 if you are CE marking using Annex II or Annex V of the MDD.

If you throw all your compliance behind a standard, you more or less make the lab, and the standard your new master. For regulatory purposes, be very cautious about using the 60601-1 Third Edition. It may be "recognized" on a list like the "Official Journal" or FDA database, but relying on it as if it were the sole instrument for compliance is a really big mistake on several different levels. Your technical file or 510(K) submission will not survive careful scrutiny.

Regulations are the horse we need to saddle. Hitch your compliance to ISO 14971:2007 and drag whatever standards behind that you feel are necessary.

IEC 60601-1 Third Edition is very expensive, and not particularly useful for regulatory compliance. I know the labs are marketing this as something of a must for compliance, but many individuals I have questioned who have made that statement have never completed an Essential Requirements checklist, 510(k) submission or medical device license application. They assume more than they know. I am even more alarmed that laboratory technicians and test engineers are being asked to evaluate our Risk Management System compliance. This is not something you can measure with temperature probes, a meter and a humidity chamber. They are way out of their league if they think they can do this, and even farther outside the scope of their accreditation.

Risk management is already being looked at during the ISO 13485/CE audit, and these are legitimate, ISO 17021 accredited management system audits. I really don't think we should pay for this twice, and its really asking the impossible, for a laboratory technician to assess compliance of the risk managment system from afar. This is making "trusting" equivalent to "testing" and that is something I doubt any laboratory technician can sleep easily with. Its no wonder the Third Edition evaluations are taking 6 months or more.

Peter and gramaley,

Thanks for the comments. Once again we're back to the discussion as to whether the standard grants a "presumption of conformity" to the Medical Device Directive.

Since 93/42/EEC has a provision for Member States to flag harmonized standards that don't meet the Essential Requirements (Article 5 (3) "If a Member State or the Commission considers that the harmonized standards do not entirely meet the essential requirements referred to in Article 3...") has any Member State taken action on EN 60601-1 Ed3?

If not, then even though the standard appears inadequate, my inner lawyer tells me that the Regulation grants the presumption of conformity per Article 5 (1) "Member States shall presume compliance with the essential requirements referred to in Article 3 in respect of devices which are in conformity with the relevant national standards adopted pursuant to the harmonized standards.." and a manufacturer can CE mark a device solely by showing conformance to EN60601-1 Ed3.

I welcome feedback on this line of thought.

The EC has sent a formal objection to the harmonization of ISO 14971:2007, and "ten other ISO standards" according to a news story in the January 2011 issue of AAMI News, to its Committee on Standards and Technical Regulation, i.e. the 98/34 Committee. I don't know what the "ten other ISO standards" are, and I don't know whether the process being applied constitutes a determination per MDD Article 5(3) that conformance with the identified standards may not entirely meet "the essential requirements referred to in Article 3". This however could be relevant to the status of EN 60601-1:2005.

Perhaps that is why Europe's planned recast of the medical device "Directive" to make it a singular European-wide "Regulation", which will bind all member states at once

The Third Edition cannot be used solely for CE marking, since CE marking now includes requirements under 2007/47/EC, which the Third Edition could not possibly have considered.

The ammended Directive would have already led to each EU member state transposing 2007/47/EC into their national law. It would be illegal to use 60601-1 3rd Edition, by itself, as a means of conformity assessment with ammended laws within each member state.

Indeed, most manufacturers should have already been audited by now, to see whether they have identified the changes under 2007/47/EC and have addressed them. If you claim you comply because you used the "Third Edition", the auditor will likely cite your company with a nonconformity, since the standard predates the changes to 93/42/EEC and some of the changes are quite significant.

One particular, and major "gotcha" moments for auditors to unwary manufacturers is if your device could be considered a machine. 2007/47/EC makes the machinery Directive "Essential Health and Safety Requirements", mandatory for electro-medical devices that are "machines" as defined in 2006/42/EC. Since EN 60601-1 Third Edition does not claim itself capable of supplying conformity with 2006/42/EC, and also predates 2007/47/EC, it is clearly not elligible as a stand-alone standard for CE certifying medical devices.

EN 14971:2009 however is highly adaptable, and even capable of serving both the Machinery Directive's EHSR, and the 2007/47/EC changes in Annex 1.

Since "Software" was added under 2007/47/EC, the Third Edition's reference to a software standard that has been obsolete since 2002 is particularly glaring problem, and FDA has never recognized 60601-1-4, ever. Thy created ANSI/AAMI SW68 in 2001, which became EN 62304.

The Third Edition and other standards can be used to help with CE marking, but they really need to be taken as a collection of tests used selectively for targeting risk reduction activities under EN 14971:2009. This is the right way to address the legal requirements that are now transposed into national law, as derived from 2007/47/EC and even 2006/42/EC, [The latter if your device is also a "machine"]. COCIR has some good advice on how to use ISO 14971 to address 93/42/EEC and 2006/42/EC at the same time.

As we are discussing this again , i urge for people to remember ISO 16142 which shows examples of how to use standards to comply with essential requirements (this standard is being revised to take into consideration the new requirements of the revised MDD).

As can be seen on the document, IEC 60601-1 is expected to be used, if the case, to show compliance to some of the essential requirements, particularly related to electrical safety.

It also makes it clear that the main standards to use are 14971 and 13485.

Although i do have found some possible error, the document in general is a great pointer.

There is really nothing new on the horijzon, but it´s great that this discussion resurfaces from time to time so people can get more aware of being possible persuaded to something which they do not need by pople whici wants to get their money