Home
>
Blog
>
This is some text inside of a div block.

CE Marking for Medical Softwares: A Comprehensive Guide

January 16, 2025
CE marking is a mandatory conformity marking for products placed on the European Economic Area (EEA) market. It indicates that a product has been assessed and meets EU safety, health, and environmental protection requirements. For medical software, it signifies that the product meets the Medical Device Regulation (MDR) 2017/745 requirements.

Summary

Determining If Your Medical Software Needs CE Marking

First step in determining whether your medical software is considered to be a medical device (MD) is to define its intended use.

For instance, if your product is used for the diagnosis, prevention, monitoring or treatment of a disease, and therefore meets the definition of “medical device” under Article 2 of the MDR 2017/745, then this software is likely to be considered a medical device.

If your software meets all the criteria, the CE marking process will depend on your Medical Device classification. Indeed, all medical devices are classified according to their intended purpose and their inherent risks.

Risk Classification System

  • Class I: Low risk (e.g: personalized information on health status or biological data)
  • Class IIa: Medium-low risk (e.g: an ultrasound Scanner software or a connected stethoscope)
  • Class IIb: Medium-high risk (e.g: ECG, EEG)
  • Class III: High risk (e.g: calculation of the dosage of a substance to be administered)

CE Marking Process for Medical Software

There are two primary ways to obtain a CE mark for your product: self-filling or third party—each with its own set of procedures, timeframes, and resource requirements.

Filing the CE mark yourself

While this approach allows you to have direct control over the process, it is time-consuming and resource-intensive. Typically, it will take at least two years to complete due to the high demand and workload faced by notified bodies, which are the organizations designated to assess the conformity of products before they are placed on the market. To navigate this process successfully, you will likely need to assemble a dedicated team of experts who are familiar with the regulatory landscape and can manage the intricate details of the application.

Preparing Technical Documentation

The technical file is a comprehensive document that provides a detailed description of the functionalities and operation of your medical device or software. This file should include:

  • An overall description of the product, including its design and intended use.
  • Technical specifications and drawings.
  • Details on the product's components and materials.
  • Information on the manufacturing process.
  • Risk analysis and mitigation measures.
  • Results from pre-clinical and clinical evaluations.
  • Instructions for use and labeling information.

Implementing a Quality Management System (QMS)

Implementing a robust Quality Management System is crucial for demonstrating compliance with current regulatory standards. The QMS should encompass all processes and actions taken to ensure the product meets the necessary safety and performance criteria. Essential components of a QMS include:

  • Documented procedures and policies for quality assurance.
  • A structured approach to managing product design, development, and production.
  • Regular internal audits and management reviews to monitor compliance.
  • Corrective and preventive action plans to address any identified issues.
  • Comprehensive records of all quality-related activities and decisions.
“Quality management is a collective responsibility” emphasizes Rémi Buffet, Head of Quality and Regulatory Affairs at Posos.

To implement a robust QMS, he also advises to:

  • Make sure of your management's commitment to providing necessary means and resources.
  • Focus on developing a well-trained team that is actively involved in medical devices: part of the role of your QARA professional (or team) is to take time to understand how each employee involved in your medical device (design, development, marketing, etc.) works.

Working with notified bodies

Notified bodies (NB) play a crucial role in medical device's certification as they serves as independent organizations appointed by the European Union to assess a product’s conformity before being placed on the European market.

As a medical software publisher, it is your responsibility to select and contact a notified body that will evaluate you through your certification process. To find out the right notified body for your medical software, you should first define:

  • The qualification and classification of your device.
  • The conformity assessment applicable to your device.
  • The specific horizontal technical competence you would need from your notified body.
    • This means that not all NBs are able to assess all types of DM. For example, some NBs cannot assess the conformity of software DMs.

You will find the comprehensive list of notified bodies for medical devices on the official website of the European Union.

Cost and Timeline Considerations: filling the CE mark yourself

The CE marking process represents a serious organizational and financial commitment.

Indeed, you should keep in mind that the typical development timeline varies consequently depending on your risk class and may require extended periods depending on your preparation.

  • Class I software: 3-6 months.
  • Class IIa, IIb and III software: 12-18 months.

Furthermore, a successful CE marking typically requires a dedicated team of specialized professionals:

  1. Quality Assurance and Regulatory Affairs (QARA) Specialist
    • Full-time role.
    • Critical for ensuring regulatory compliance.
    • Requires specialized expertise and equivalent compensation.
  2. Regulatory-Trained Software Developer
    • Understands medical device standards.
    • Implements compliance-focused development practices.
  3. Product Management Representative
    • Coordinates cross-functional compliance efforts.
    • Ensures alignment between technical development and regulatory requirements.
  4. Clinical Evaluation Expert
    • Conducts comprehensive clinical performance assessments.
    • Validates device safety and effectiveness.

The estimated initial investment ranges from €120,000 to €300,000 (sometimes more for the initial certification of a class IIb medical device) and you have to consider ongoing costs, which include:

  • The service provided by the NB
    • QMS audit
    • Technical Documentation assessment
  • With new MDR (EU) 2017/745,  the focus has been placed on clinical evaluation.
  • Human Resources
  • Continuous maintenance.
  • Periodic training.
  • Internal audit processes.

Partnering with a third-party like Posos

The second method for obtaining a CE mark involves partnering with a third party that has already secured CE marking for its APIs (Application Programming Interfaces) or interfaces, which can be deployed on your premises. By leveraging the CE marking of a third party like Posos, you can streamline the compliance process and integrate certified components into your product.

Utilizing CE-Marked APIs

When you utilize CE-marked APIs from a third party like Posos, your product can inherit the CE marking for specific functionalities related to those APIs.

This solution alleviates regulatory obligations for API developers and streamlines the CE marking compliance process. Under this approach, API developers are primarily responsible for:

  • Developing user interfaces.
  • Adhering to specific technical specifications.
  • Implementing critical design requirements (e.g., displaying absolute contraindications in full red text).

Partnering with a third-party like Posos reduces the complex regulatory burden while maintaining rigorous safety and performance standards. It is also a way of reducing the cost of your CE marking process and enabling your team to focus on core software development and user experience design.

Implementing Deployable Widgets

In addition to APIs, Posos can provide CE-marked interfaces in the form of deployable widgets. These widgets are pre-built, self-contained components that can be easily integrated into your software.

Implementing widgets has substancial advantages:

  • Accelerated implementation timeline.
  • Preset interface.
  • Minimized internal development costs.
  • Streamlined development process.

Consequently, the integration of a widget streamlines even more the compliance process, though it moderately reduces the solution's customization options.

To conclude

The CE mark represents more than a regulatory requirement—it's a commitment to patient safety and medical technology innovation. The certification is also a key to deploy your medical software in Europe.

As developed in this article, success in this process requires strategic planning, technical expertise, and significant investment. To achieve it, you can choose between developing in-house compliance capabilities or leveraging third-party solutions like Posos that simplify the regulatory process.

Contact us if you are interested in utilizing CE marked APIs or implementing deployable widgets.

Zoé Vilan
Senior Brand and Content Manager

Other articles

No items found.

Essayez Posos gratuitement

Après testé Posos Premium pendant 60 jours, profitez de la version gratuite de Posos, pour toujours
Essayez gratuitement
Pour vous renseigner sur nos solutions pour l'hôpital, cliquez ici
Posos is the world's most advanced artificial intelligence platform dedicated to medical prescription.
Prescribe EasilyData importReduce OveralertingTechnologyResearchAboutBlog
Contact Us
©2023 Posos SAS. All rights reserved. RGPD compliant.
EN
EnglishFrançais