What is a medical software?


“Medical devices”, as a broader term, refers to regulated products that must comply with local and regional laws.[1] In the United States (US), as of the mid-1980s, the Food and Drug Administration (FDA) has increased its involvement in reviewing the development of medical device software, due to patient overdoses caused by coding errors in a radiation therapy device (Therac-25).[2] The FDA is now focused on regulatory oversight in the medical device software development process and system-level testing.[3] Between 1995 and 2005, IEC 62304 became the benchmark standard for the development of medical software in both the EU and the US.[4]

Due to the broad scope covered by these terms, manifold classifications can be proposed for various medical software, based for instance on their technical nature (embedded in a device or standalone), on their level of safety (from the most trivial to the most safety-critical ones), or on their primarily function (treatment, education, diagnostics, data management).


The scope of the evolved regulatory definition of a medical device now explicitly includes the term “software” (and not simply software that is part of or within another product).[5] As such, the following would be considered to fall under its scope:

  • Software intended to analyse patient data generated by a medical device with a view to diagnosis and monitoring.
  • Software that incorporates dosage algorithms for chronic conditions (e.g. diabetes)
  • Software intended for use by patients to diagnose or treat a physical or medical ailment (condition or disease).

EU 2007/47/EEC that amended 93/42/EEC Directive introduces also the stand-alone software (Annex IX). This modifies the risk classification of the software because a stand-alone software is considered as an active medical device.


The generic term medical software has been around for almost three decades. The last decade then saw a vast new array of software programs entering the medical technology space. Dozens of examples now exist where the critical functions performed by medical devices are partly (or now sometimes entirely) directed by software, notably by software that is standalone. The interesting element is that, for the first time in the European MDD[ref 1], a medical device can now be 100% virtual (or invisible).

The dramatic increase in smartphone usage over the last five years or so is perhaps the most significant factor that has triggered the emergence of thousands of pure software programs and apps in this space, many falling into a ‘grey’ or borderline area in terms of regulation.