What is the MDR?

The Medical Device Regulation (“MDR”) is a EU Regulation that lays down rules concerning the placing on the European Economic Area (“EEA”) market, making available on the EEA market or putting into service of medical devices for human use and accessories for such devices in the EU. It also applies to clinical investigations concerning such medical devices and accessories conducted in the EU. A ‘medical device’ is, in short, any article intended by its (legal) manufacturer to be used, alone or in combination, for a specific medical purpose and which does not achieve its principal intended action by pharmacological, immunological or metabolic means, in or on the human body, but which may be assisted in its function by such means.[1] [see also: What is a medical device]. The MDR can be found on the website of the European Union. Please make sure to select the current consolidated version to get the most recent text.

What roles can be distinguished by the MDR?

The legal obligations that follow from the MDR differ per ‘role’. The MDR makes a distinction between, for instance, Manufacturers, Importers, Distributors and Notified Bodies. It is of crucial importance for each economic operator to identify it’s role under the MDR as they will be held accountable for fulfilling it properly.

Manufacturers: Manufacturers are natural or legal persons who manufacture or fully refurbish a device or have a device designed, manufactured or fully refurbished, and market that device under their name or trade mark.[2] Article 10 of the MDR establishes the general obligations of manufacturers. Please note that the term ‘legal manufacturer’ is often used to refer to the defined ‘role’ in the MDR and should not be mixed up with the factual manufacturer, often being one or more suppliers of components or the whole device to the ‘legal manufacturer’. Suppliers do not have an official role defined in the MDR. However, suppliers do play a crucial role in the quality management system;
Importers: Importers are natural or legal persons established within the EU that place a device from a third country on the EEA market.[3] Article 13 of the MDR establishes the general obligations of Importers;
Distributors: Distributors are natural or legal persons in the supply chain, other than the manufacturer or the importer, that make a device available on the EU market, up until the point of putting into service.[4] Article 14 of the MDR establishes the general obligations of Distributors;
Notified Bodies: Notified Bodies are accredited conformity assessment bodies designated in accordance with the MDR. For the conformity assessment procedure of most medical device software, a Notified Body must be involved.

What is the relation to the Regulation on in vitro diagnostic medical devices (IVDR)

The IVDR contains regulations on in vitro diagnostic medical devices. ‘In vitro diagnostic medical device’ means any medical device which is a reagent, reagent product, calibrator, control material, kit, instrument, apparatus, piece of equipment, software or system, whether used alone or in combination, intended by the manufacturer to be used in vitro for the examination of specimens, including blood and tissue donations, derived from the human body, solely or principally for the purpose of providing information on one or more of the following:

Concerning a physiological or pathological process or state;
Concerning congenital physical or mental impairments;
Concerning the predisposition to a medical condition or a disease;
To determine the safety and compatibility with potential recipients;
To predict treatment response or reactions;
To define or monitoring therapeutic measures[5].

For the purpose of this Q&A, we will not further elaborate on the IVDR. However, do note that software may be regulated as an in vitro diagnostic medical device instead of a ‘regular’ medical device.

Is there other relevant legislation

Aside from the MDR, other EU and/or national legislation could be relevant to (legal) manufacturers of medical devices. Even though we will not elaborate on these in much detail in this Q&A, please find below a short non-exhaustive list of potential relevant non-MDR topics (other than those that will be touched upon in this Q&A such as advertising and favours):

Intellectual Property (IP) law concerning software patents and copyrights;
Privacy legislation (GDPR) relevant to software processing personal data;
Consumer rights legislation providing information obligations and other requirements when contracting with consumers;
E-Privacy legislation covering electronic communications such as telemedicine or remote monitoring applications; and
Upcoming AI legislation about the regulation of the usage of artificial intelligence within the EU.

Are guidance documents and standards important?

Yes, guidance documents and standards should be taken into account when getting into conformity with the MDR. The following applies:

Guidance documents: Guidance documents regarding the MDR or other relevant legislation can be very helpful in understanding the law. Even though guidance documents are not legally binding themselves, national and EU courts, supervisory authorities and Notified Bodies usually take them into account when performing their duties. It is, however, important to take note of the source of the guidance documents you want to use. Guidance documents published by the European Commission’s Medical Device Coordination group (“MDCG”) or national competent and supervisory authorities have significant authority. Guidance documents published by your local law firm do usually not.
ISO-standards: When getting into compliance with EU and Member State legislation, ISO-standards are oftentimes used. ISO standards are a set of internationally recognized (mostly technical) guidelines developed by the International Organization for Standardization (ISO) that ensure products, processes, and services are safe, reliable, of high quality and in compliance with the relevant laws. Devices that are in conformity with ISO standards that are adopted by the European standardisation organisation and published in the Official Journal of the European Union (OJEU) are called ‘harmonized standards’ and are presumed to be in conformity with the requirements of the MDR covered by those standards or parts thereof. Examples of such standards relevant to medical device software are:
- EN ISO 13485:2016 on Quality Management Systems;
- EN ISO 14971:2019 on Application of risk management to medical devices; and
- IEC 62304:2006 on Software life cycle processes (not harmonized)

[1] Art. 2(1) MDR.

[2] Art. 2(30) MDR.

[3] Art. 2(33) MDR.

[4] Art. 2(34) MDR.

[5] Art. 2(2) IVDR.

Partners dhealth

In samenwerking met:

What is the MDR?

What is a medical device?

Can I use my medical device before having a valid CE mark

What risk class does my device belong to and what is the consequence?

Is there an overview of everything needed?

Where to start?

What happens after starting?

How much time and money does this whole story cost?

How can I build up knowledge?

Where can I find help?

How do I approach clinical evaluation including contact with hospitals?

What does contact with a Notified Body look like?

What do I have to think about after the device hits the market?

What is the MDR?

Bringing Digital Health to Life!