12 Feb 2020Blog

Is it possible to develop medical software with agile methods – is RegOps the next step?

To understand why this question has been topical at Solita recently, we need to go back a couple of years. In our specialised health and well-being unit, Solita Health, the customer project people began to increasingly run into keywords like ‘medical device’ and ‘MDR’. Health technology, along with the aviation and space business, for example, is one of the most regulated industries.

At Solita, we have our own CE marked medical device – Oravizio – and that story started two or three years ago. With Coxa – one of the largest hospitals specialising in joint replacement surgery in Europe – we developed an AI-based medical device that estimates the risks of an individual operation and communicates them to the patient. We built the regulatory competence at Solita, certified our own ISO 13485 quality management system, and we are now helping other manufacturers to do the same: make safe and efficient products with productive and agile software development methods.

Solita’s approach to the dilemma

Solita wants to lead the way in tackling the big challenge: combining agile modern software development methods and the regulatory framework. You may have heard about MDR – the new European medical device regulation. It introduces more requirements than ever before – and it affects software products and manufacturers in particular. Within the MDR classification rules, almost all SaMD (Sofware as a Medical Device) products will now fall into class IIa or higher – which entails huge changes, and increasing quality and regulatory requirements for manufacturers.

As part of this journey, we developed a Solita vision for aligning the two different perspectives. We thoroughly explored the relevant regulations, guidance documents, standards and other related documentation, and combined all this with the business perspective. The primary goal of the regulatory framework is to ensure the safety of medical devices. The agile approach is to maximise the value from the client’s perspective. These objectives are well aligned, as safety is one of the most valuable features of medical devices.

Solita Medical Software Development Model

In the picture above, we present the high-level process for developing the release of a medical software product using agile methods. It will give you an idea of how we see the software development cycles in the regulatory environment. In the next part of our blog series, we will provide more details about our vision, and define the required regulatory steps more deeply. We will also further clarify the relationships between the different terms for agile methods and standards, such as IEC 62304 and ISO 13485.

Although we have developed the Solita way to tackle the challenges, it must be underlined that at the end of the day, the implementation may and should vary for each company. The nature and risk of the products themselves, the existing product development process, the company’s culture and resources – all affect the completeness, and there’s no single correct way of doing it.

What is the key to succeed with all this? First, it is essential to thoroughly understand the goals and principles of the regulatory framework. Second, with the right people, you need to explore ways to efficiently build the regulatory requirements into your own processes and automate them as much as possible – that’s where the term RegOps comes into play. The ‘Solita way’, which we will further describe in upcoming blogs, is one way to do this.

So how agile can you be after all the regulatory documentation requirements? Is it even possible to adopt these two worlds? The answer, of course, is yes. But you need to be smart. Stay tuned.

Juha Vedenpää
Quality Manager, Health and Well-being Division, Solita

Tuomas Granlund
Regulatory Affairs Specialist, Health and Well-being Division, Solita