Developing Software as a Medical Device

Companies in the pharmaceutical and healthcare markets are facing a major challenge: increasing the efficacy of their treatment by means of digital solutions while having to take national and international legislation on data protection and data security, as well as a variety of regulatory requirements for quality assurance, usability and risk management into consideration.

Producing standards-compliant documentation alone is an almost insurmountable task for many companies, due to its structure and formalism. We can plan and develop legally and standards-compliant software projects for you, and support you in your development projects. This applies to both CE-compliant software development and non-medical devices.

Our quality management in accordance with EN ISO 13485 enables us to meet the requirements of the Medical Device Directive (MDD) and the Medical Device Regulation (MDR) in Europe, and the FDA Code For Regulation (CFR) in the USA. We observe both the EU General Data Protection Regulation (GDPR) and the US Health Insurance Portability and Accountability Act (HIPAA).

Developing software as a medical device

We plan, design and implement software for you in strict accordance with the EN IEC 62304 software life cycle and the EN IEC 62366 usability requirements. In doing so, we document all interim and final results in our quality management system, meeting the requirements of EN ISO 13485. Risk management in accordance with EN ISO 14971, where we identify unknown risk, assess the identified risk and implement appropriate control measures, is applied to each phase of development.

Standards-compliant requirements engineering

Together with our customers we gather the requirements for the software according to the normative specifications of EN IEC 62366 in Europe and the USA. These are prerequisites for the implementation of the software life cycle (EN IEC 62304) and quality assurance (EN ISO 13485).

Standards-compliant architecture and design planning

We draft the architecture and design of your software and provide you with all the necessary documents, such as the software life-cycle file, the software requirements specification (SRS) and the software verification and test logs, based on the requirements.

Standards-compliant risk identification, assessment and control

We check the software concept for unknown risk, assess the risk and devise control measures, in accordance with risk-management requirements (EN ISO 14971).

Measuring and implementing usability in accordance with regulatory requirements

Due to our cooperation partners, we can validate usability in accordance with EN IEC 62366 in Europe and the USA.

Standards-compliant software operation

We support you in the PMS phase and work with you to define the vigilance processes for dealing with adverse events.

Necessary documents for the medical-device software conformity assessment

We prepare all the documents required for an MDD or MDR, or an FDA CFR conformity assessment. All the documentation is produced in our electronic quality management system (eQMS), which enables us to automatically sign documents, such as the Technical Documentation, or the Device Master Record and the Design History File (FDA), and make them available in digital format. In doing so, we triple-check the conformity of the documents and store all versions in accordance with audit-trail procedures.

Electronic quality management system (eQMS)

From planning to operation

We can perform all tasks for you: from planning, to development and operation. You must possess and apply a quality management system in accordance with the regulatory requirements for medical devices. We would be happy to advise you on issues concerning manufacturer quality-management requirements.

Learn more about our consulting services.

Do you have any questions?

Contact us! ! We would be happy to help you.

Your Contact Person

Michael Grüterich, CEO
+49 6221 8220 24


White Paper

Medical Apps — Intelligent Assistants or Complex Medical Products?

Learn here, when an app is a medical product and which legislation then has to be observed.


At which point does software become a medical product?