Choose another country to see content specific to your location

//Select Country

IEC 62304 Certification for Medical Device Software

Medical Device Functional Safety

About IEC 62304 Standard for Medical Device Software

The IEC 62304 standard covers both stand-alone software and software embedded into a Medical Device. Clients wishing to become certified in accordance with the IEC 62304 standard must hold a valid TÜV SÜD certificate in accordance with ISO 13485. If assessment is completed with a positive result, the client obtains a certificate and can use the respective TÜV SÜD certification mark on its software in the future.

The service covers review of quality management system documentation and product-specific life-cycle documentation in accordance with the IEC 62304 standard. The basis of assessment is the software life-cycle documentation in accordance with the IEC 62304 standard, building on a quality management system in accordance with ISO 13485.

In the EU, the requirements of ISO 13485 have been harmonized with the essential requirements of the EU’s Medical Device Directive (93/42/EEC), the Directive for In Vitro Diagnostic Medical Devices (98/79/EC) and the Directive for Active Implantable Medical Devices (90/385/EEC). Certification to ISO 13485 by an accredited certification body provides a presumption of conformity with the essential requirements of these important directives. In the U.S., the Food and Drug Administration (FDA) permits device manufacturers to submit ISO 13485 audit reports as a substitute of the evidence of compliance with its quality systems regulations (QSR). Health Canada also requires medical device manufacturers marketing their products in Canada to have their quality management system certified to ISO 13485.

ISO 62304 Certification process

1. Initial certification
Initial certification of a product requires review of the quality management system documentation in accordance with the IEC 62304 standard, and assessment of life-cycle documentation of the relevant software product (stand-alone software or embedded software).

2. Certificate updates
Clients can use a change report form to notify the certification body of software changes. Following a change review, the number of the software revision is updated on the certificate. Minor bug fixes that do not result in a change in use or a change in the accompanying documentation need not be reported, and thus should not be identified in the revision number on the certificate.

3. Recertification
Recertification of IEC 62304 will be combined with the ISO 13485 recertification in most cases. During recertification of IEC 62304 all relevant changes to the software lifecycle processes will be reviewed as well as all changes to the software which is covered by the IEC 62304 certificate(s).

Validity and the TÜV SÜD

Validity
The validity of an IEC 62304 certificate depends on the validity of the assigned ISO 13485 certificate issued by TÜV SÜD, and is thus set at a maximum of three years.

The TÜV SÜD octagon
As well as holding the certificate, the software manufacturer is authorized to affix the respective TÜV SÜD octagon to its software product. The software manufacturer may use the TÜV SÜD octagon on the product itself and in the product documentation and – in the case of stand-alone software – may integrate the octagon into the on-screen display.

EXPLORE

ISO 13485 Quality Management System for Medical Devices
White paper

ISO 13485 QMS for Medical Devices

Fulfill the requirements of ISO 13485:2016 with expert guidance

Learn More

VIEW ALL RESOURCES

Next Steps

Select Your Location

Global

Americas

Asia

Europe

Middle East and Africa