MDR, Data Breaches, Data Protection

What MDR class is my software?

The new Medical Device Regulation promotes many eHealth applications to Class II or even Class III medical devices. Use our useful infographic to find out what MDR class your software is.

There's a ton of resources out there about the new MDR. But, unsurprisingly, most of them focus on actual hardware devices. We wanted to create something specifically for software. So, we are proud to present our MDR classification infographic. Note that the MDR was enacted in 2017 and becomes mandatory from May 26, 2020.

Does my software fall under MDR?

Use our easy-to-follow infographic to determine what MDR class your software is. Please feel free to share this with your colleagues and friends.  

What do the classes mean?

The MDR classification reflects the risk of harm that a medical device poses. Class I devices pose the lowest risk while Class III has the highest. Under MDR, there is a new class of High Risk Software. Importantly, this includes stand-alone software – it needn't be connected to any hardware. What matters is if the software provides "information which is used to take decisions". Hence, an app for calculating the correct dosage for drugs is now a Class III medical device. This is because if it makes a mistake it could cause death from an overdose.

Why MDR focusses on software

One of the biggest changes in the MDR is its focus on software and digital applications. Standalone software will be classified based on intended purpose and risk assessment and not based on purpose alone.  The guide above helps to differentiate between medical and well-being apps, as only medical apps will fall under MDR. The intended purpose is used to determine the difference.

"Any software that has an intended purpose of predicting or providing a prognosis on a disease is a Medical Device."

For instance, an application collecting users data for the purpose of maintaining their general well-being, like weight loss, is seen as a well-being app. However, the same app collecting the same data for treatment of eating disorders or diabetes is an MDR Class I (or potentially even Class IIa) device.

How Chino.io can help

Chino.io is the first (and only) ISO 13485 certified Database as a Service (DBaaS) for medical applications and devices. This means we can save you considerable time and effort. Our service is also completely GDPR compliant. Remember, GDPR and MDR have considerable overlap – GDPR compliance is effectively a prerequisite for MDR compliant apps.

MDR and eHealth: How to build MDR compliant applications

Download here
Author image

About Ruta Naujokaite

Strategic thinker developing innovative strategies for the Digital Health sector.
  • Berlin, Germany