About regulations regarding storage and archiving of radiological images
What are the applicable regulations regarding companies that use, but do not manufacturer, devices classified under 21 CFR 892 2010 or 892.2020? Specifically the storage and archiving of radiological images. Are there specific regs that cover this type of service operation?
FDA Centre For Devices And Radilogical Health ( CDRH ) does not regulate
device user facilities directly. Such Companies may be subject to State or
Local Regulation or to the requirements of the Joint Commission On
Accreditation Of Healthcare Organisations ( JCAHO ). See
http://www.jcaho.org/ for more
does , however , regulate mammography Facilities. Such facilities are
required to keep images in such a manner that they are of " Diagnostic
Quality" when they are retrieved. If your Company is serving
Mammography Facilities , these facilities will require you to meet this
standard. If you are such a facility , please go to http://www.fda.gov/cdrh/mammography/regulations.html
for more background on the Laws, Regulations And Guidance Documents
About regulatory control for software as Class I Medical Device
Also, at what point does software used in concert with a medical device come under regulatory control? I realize that stand-alone software is mostly Class 1 if the device can function without it, however what characteristics deem software a "medical device"? Does simply containing patient information constitute a medical device? If the software interfaces at ANY level with a device, is it a device?
Class I medical devices are still regulated by the FDA. Most Class I devices just do not require submission of a premarket notification (510(k)) but may still be subject to "general control" requirements. As the FDA states: general controls "include provisions that relate to adulteration; misbranding; device registration and listing; premarket notification; banned devices; notification, including repair, replacement, or refund; records and reports; restricted devices; and good manufacturing practices."
Software contained within a medical device is considered to be an accessory to the device and is, therefore, subject to
FDA regulation. Software products by themselves are considered to be medical devices if they meet the FDA definition of medical device: "an instrument, apparatus, implement, machine, contrivance, implant, in vitro reagent, or other similar or related article, including a component part, or accessory which is: recognized in the official National Formulary, or the United States Pharmacopoeia, or any supplement to them, intended for use in the diagnosis of disease or other conditions, or in the cure, mitigation, treatment, or prevention of disease, in man or other animals, or intended to affect the structure or any function of the body of man or other animals, and which does not achieve any of it's primary intended purposes through chemical action within or on the body of man or other animals and which is not dependent upon being metabolized for the achievement of any of its primary intended purposes."
This includes off-the-shelf software. As the third guidance document listed below states: "Where the software is developed by someone other than the device manufacturer (e.g., off-the-shelf software) the software developer may not be directly responsible for compliance with FDA regulations. In that case, the party with regulatory responsibility (i.e., the device manufacturer) needs to assess the adequacy of the off-the-shelf software developer's activities and determine what additional efforts are needed to establish that the software is validated for the device manufacturer's intended use."
There are three FDA guidance documents that will help you in understanding what the FDA requires for software:
* Guidance for the Content of Premarket Submissions for Software Contained in Medical Devices; Final:
* Guidance for Off-the-Shelf Software Use in Medical Devices; Final:
* General Principles of Software Validation; Final Guidance for Industry and FDA Staff: