eSTAR Version 3 Transcript (Non-IVD Version)

About this eSTAR Transcript 🔗

The electronic Standard Technical Application (eSTAR) is a complete regulatory framework meant to accelerate and harmonize the medical device documentation submission process. This document is intended to help you understand the eSTAR format and its implications for non-IVD device applications.

Starting in October 2023, all medical device applications submitted to regulatory bodies will be required to use eSTAR, ensuring a standardized and quick review procedure. This framework contains a lot of guidance materials that should ensure ease for manufacturers in regards to navigation through the submission procedure.

This kind of format also specifies the structure of documents, allowing for greater uniformity and comparison across applications. This is advantageous to regulatory bodies since it streamlines the submission review and evaluation.

Innolitics introduction 🔗

Innolitics provides US FDA regulatory consulting to startups and established medical-device companies. We’re experts with medical-device software, cybersecurity, and AI/ML. See our services and solutions pages for more details.

We have practicing software engineers on our team, so unlike many regulatory firms, we speak both “software” and “regulatory”. We can guide your team through the process of writing software validation and cybersecurity documentation and we can even accelerate the process and write much of the documentation for you (see our Fast 510(k) Solution).

Cover Letter / Letters of Reference 🔗

• Attach your Cover Letter

If this is a premarket notification, the cover letter should include your preference for continued confidentiality (21 CFR 807.95). For all premarket submissions, if the device was marketed under an EUA or enforcement policy guidance during the COVID-19 public health emergency, include the EUA number or guidance information.

The cover letter should state applicant or sponsor name and/or their authorized representative, the type of submission, the common name of the device (if applicable), device trade name or proprietary name (both of the base device and a new name if one is given to the new version/model of the device) and include the purpose of the application, including any changes being made to existing approvals.

If applicable and accepted by the regulator, it should include information pertaining to any Master Files referenced by the submission.

If applicable, acknowledgement that a device sample has been submitted or offered alternatives to allow the regulator to view or access the device (when the regulator requests a sample).

If the submission is requesting approval of a change that is the result of CAPA due to a recall, this should be stated.

If the submission is in response to a request for information from the regulator this should be stated and the date of that letter should be included as well as any reference numbers).

If the submission is unsolicited information, this should be stated and any related reference number (s) provided.
You should identify the regulatory jurisdiction (s) in which marketing is sought.

NOTE: The cover letter should not contain any detailed scientific information.

Resources

• 21 CFR 807.95

• Attach any Letters of Reference

This includes letters from the owner of any separate document referenced in the submission (e.g. Master File or previous marketing submission), granting access to the information in the referenced document.

FDA typically refers to a "Letter of Reference" as a "Letter of Authorization." Information in a Master File (MAF) may be incorporated by reference in a client's PMA, 510(k), or IDE, or other submissions to FDA. Their use of information in an MAF can only be authorized by the MAF holder or by a designated agent if so authorized. This authorization must be on company letterhead or that of the agent or representative. After FDA has referred to an MAF and the client's application has been approved, authorization cannot be withdrawn.

An MAF holder should provide a letter of authorization directly to a client with instructions that: (1) the original of the authorization letter be included in the original copy of the client's submission and (2) a copy be placed in each subsequent copy of the client's submission. An authorization letter should not be sent directly to CDRH for inclusion in the MAF or the client's submission.

The letters should specify the scope of access granted.

Applicant Information 🔗

Contact 🔗

• Title
• Last Name
• First Name
• Email
• Phone Number
• Occupation Title

Company 🔗

• Company Name
• Address - Line 1
• Address - Line 2
• City
• State
• Zip
• Country/Region

Primary Correspondent/Consultant Information 🔗

You may add one primary correspondent. When you do, a new section appears that has all of the same contact and company fields as the “Applicant Information” section.

Correspondent/Consultant Information 🔗

You may add one or more correspondents. When you do, a new section appears that has all of the same contact and company fields as the “Applicant Information” section.

Pre-Submission Correspondence & Previous Regulatory Interaction 🔗

• Are there prior related submissions or regulatory interaction of the subject device(s)?
  • Yes
    • Please provide the submission number(s) of prior related submission(s) as defined
      above, regardless of outcome. If none, type "N/A."
    • Please upload copies of prior regulatory feedback (e.g., letter, meeting minutes,
      submission feedback) regarding this device and/or data and/or information to support
      this submission. Please specify the location in the current submission where
      additional information requests in prior submissions were addressed, or provide a
      rationale for not responding to those additional information requests.
  • No

During the product lifecycle, pre-submission correspondence, including teleconferences or meetings, may be held between the regulator and the applicant. Further, the specific subject device may have been subject to previous regulatory submissions to the regulator. The contents should be limited to the subject device as similar devices are addressed in other areas of the submission. If applicable, answer Yes.

Standards 🔗

• Please list the standards used in your submission (if any). If only certain sections were used, or there were deviations, cite these in an attachment. A recognition number is only applicable to certain regulators, see help text. Instead of typing in information, some regulators request standards information be attached, see help text.

The Organization is the Standard Developing Organization (SDO) that developed the standard (e.g., UL, ISO). The Designation Number and Edition/Date identify the standard (e.g., 1642 5th Ed). The Title is the textual title (e.g., Lithium Batteries). The FDA uses recognition numbers for the standards they recognize (e.g., 19-10).

An international standard that another country adopts may be identical to standards recognized by FDA (e.g., ISO or IC standards adopted as European Standards (EN/ISO), German standards (DIN/EN/ISO, DIN/ISO), or British standards (BS/ISO)). For example, if BS/EN/ISO 10993-5:2009 is used, you may use the same recognition у c number (2-245) as the parallel FDA recognized standard ISO 10993-5:2009. However, be sure to justify any country-specific differences in an attachment.

Resources

• Recognized Consensus Standards website

For each standard:

• Organization
• Designation Number and Edition/Date
• Recognition#
• Title
• Are you using this standard for general use, or are you declaring conformity to it?
  • General Use
  • Declaration of Conformity
  • Declaration of Conformity with ASCA

If you will declare conformity to the standard, a Declaration of Conformity (DoC) will be made for you near the end of this template, according to ISO 17050-1.

A DOC to a consensus standard may be used when a submitter certifies that its device conforms to all of the requirements of a consensus standard that FDA has recognized or decided to recognize. In a DOC, the submitter may not deviate from the consensus standard that FDA has recognized or decided to recognize.

General use of a consensus standard in premarket submissions refers to situations where a submitter chooses to conform to a consensus standard, in part or in whole, but does not submit a DOC. Also, a submitter may not submit a DOC if the submitter chose to rely on a consensus standard that FDA has not recognized or decided to recognize, or the submitter has deviated from an FDA-recognized consensus standard.

Under the ASCA (Accreditation Scheme for Conformity Assessment) Pilot, the FDA grants ASCA Recognition to qualified accreditation bodies to accredit testing laboratories to perform premarket testing for medical device companies. If you used an ASCA-accredited testing laboratory to conduct this testing, and an ASCA summary test report was provided, please indicate this.

Resources

• Appropriate Use of Voluntary Consensus Standards Guidance
• The Accreditation Scheme for Conformity Assessment (ASCA) Pilot Program Website

Device Description 🔗

Listing of Devices 🔗

• Provide the Product Trade Name and (optionally) Model Number/Name
  • Trade Name
  • Model Number/Name

A model/variant/configuration of a device has common specifications, performance and composition, within limits set by the applicant.

If the submission contains multiple devices as part of a kit, please provide only the name of the kit here. You will have the opportunity to identify all system/kit components or accessories later in this section.

Note that, for De Novo requests, only one device type will be reviewed; therefore, generally, we will not accept bundled De Novos.

General Device Characteristics 🔗

• Is the device life-supporting or life-sustaining? [Yes/No]

Life-supporting or life-sustaining device means a device that is essential to, or that yields information that is essential to, the restoration or continuation of a bodily function important to the continuation of human life. (21 CFR 860.3(e))

• Are there any direct or indirect tissue contacting components? [Yes/No]

Direct Contact:

Defined as a device or device component that comes into physical contact with body tissue. Examples of devices that have Direct Contact include: implanted cardiovascular stents, implanted replacement hips, blood pressure cuffs, and skin electrodes.

Indirect Contact:

Defined as a device or device component through which a fluid or gas passes, prior to the fluid or gas coming into physical contact with body tissue (in this case the device or device component itself does not physically contact body tissue). Examples of devices that have Indirect Contact include: infusion pumps and ventilators.

Typically devices that indirectly contact the body have direct contacting components, such as solution administration sets, extension sets, transfer sets, and blood administration sets, where a needle would have direct contact with the blood, and all other components of the set would indirectly contact the body via contact with fluid that is allowed to enter into the blood stream through the needle. Catheters with infusion lumens are another device where some components have direct contact with blood and cardiovascular tissue (e.g., balloon, outer catheter shaft), while other components have only indirect contact (e.g., infusion ports or lumens down the internal length of the catheter).

• Does the device use software/firmware?

For more information, refer to the guidance document entitled ‘Guidance for the Content of Premarket Submissions for Software Contained in Medical Devices.’

Resources

• Guidance for the Content of Premarket Submissions for Software Contained in Medical Devices

• Yes
  • Is the device, or does it contain, digital health technology?

  Digital Health Technology includes the following items:

  • Mobile Apps including Mobile Medical Apps;
  • Machine Learning;
  • Advanced Analytics;
  • Cloud Technology;
  • Wireless Communication;
  • Interoperability with other devices or systems;
  • Software as a Medical Device; and
  • Cybersecurity.

  Resources

  • Digital Health website

  • Please check the attributes that are applicable to your device.
    • Cloud Communication
    • Network connection (active or not)
    • Wireless communication in any form
    • USB/serial ports/removable media
    • Software upgrades (this includes patches)
    • None of the above

    Indicate if a network is used, regardless of whether it is active or not. Examples of wireless communication include but are not limited to wifi, bluetooth, NFC, bluetooth low energy (BLE), and inductive communication. If the device includes a USB, serial port, JTAG, or removable media, whether or not it is used by the device, indicate that it is used. If the device/system does not include any of these connections, no Cybersecurity data need to be provided.

• No
  • Is the device or a component packaged as sterile? [Yes/No]
  • The device/system uses or is… (chose all that apply)
    • a single use device(s), non-sterile or packaged as sterile
    • a single use device(s), terminal/end user sterilized
    • a reusable single patient use device(s)
    • a reusable multi-patient use device(s)

If the device is or uses a Single Use Device (SUD), ensure the single use device/component is labeled "Do Not Reuse," "Single Use," or "Single Use Only."

If the device/system only uses or is a Single Use Device (SUD) that is non-sterile or is packaged as sterile (i.e., this is the only option checked), no Reprocessing review is needed.

If the device or a component is reusable, cleaning/disinfection instructions should be included in the labeling, unless a valid justification is provided in the Reprocessing section for not including them (e.g., the device is an in vitro diagnostic device for laboratory use, or the device is a software only device (SaMD)). Be sure the device is labeled for either single or multiple patient use (or both if applicable).

• The environment of use of the device/system includes…(choose all that apply)
  • Professional Healthcare Facility
  • Home Environment
  • Magnetic Resonance (MR) Environment
  • Transport (Ambulatory) Environment
  • Other Environment

A professional healthcare facility is either:

(1) any environment where personnel with medical training are continually available to oversee or administer the use of medical devices. This includes, but is not limited to, hospitals, long-term care facilities, nursing homes, emergency medical services, clinics, physicians’ offices, and outpatient treatment facilities; or

(2) a clinical laboratory

A home use device is a medical device labeled for use in any environment outside a professional healthcare facility. This includes but is not limited to outdoor environments, office environments, schools, vehicles, emergency shelters, and independent living retirement homes. If the device is intended for use in professional healthcare facilities and also outside those facilities, it meets this definition.

If applicable, ensure the labeling incorporates the principles of the “Home Use guidance document”

In addition, ensure adequate performance data are provided to support home use.

Resources

• Home Use guidance document

• Is the device a combination product or does a Request
  For Designation (RFD) / pre-RFD exist for the product?

  Combination products are defined in 21 CFR 3.2(e). The term combination product includes:

  (1) A product comprised of two or more regulated components, i.e., drug/device, biologic/device, drug/biologic, or drug/device/biologic, that are physically, chemically, or otherwise combined or mixed and produced as a single entity;

  (2) Two or more separate products packaged together in a single package or as a unit and comprise of drug and device products, device and biological products, or biological and drug products;

  (3) A drug, device, or biological product packaged separately that according to its investigational plan or proposed labeling is intended for use only with an approved individually specified drug, device, or biological product where both are required to achieve the intended use, indication, or effect and where upon approval of the proposed product the labeling of the approved product would need to be changed, e.g., to reflect a change in intended use, dosage form, strength, route of administration, or sign

  (4) Any investigational drug, device, or biological product packaged separately that according to its proposed labeling is for use only with another individually specified investigational drug, device, or biological product where both are required to achieve the intended use, indication, or effect.

  Information regarding the drug/biologic constituent part of a combination product may be needed and accounted for throughout the various sections of your premarket submission. In addition, as described in Product Stability documentation, medicinal substance refers to the drug/biologic constituent part of combination product as defined in 21 CFR 3.2(e).

  A company may submit a Request For Designation (RFD) to obtain a formal agency determination of a combination product's primary mode of action as well as assignment of the lead agency center for the product's premarket review and regulation.

  Resources

  • 21 CFR 3.2(e)
  • Combination Products Website
  • RFD/Pre-RFD Process

• Is the device electrical (battery or wall powered)?

  A device is considered Mains powered if it receives power from a wall socket. A device is considered Battery powered if it uses any battery in its operation (excluding wrist watch type batteries attached to circuit boards).

  If the device is battery powered, and is charged from Mains (regardless of whether the device is operable or not while charging), choose battery and mains powered.

• Please check the attributes that are applicable to your device. If
  none apply, keep all unchecked.
  • Medical Counter Measures Device
  • Nanotechnology
  • Reprocessed Single Use Device
  • Animal-Derived Material(s)
  • Predetermined Change Control Plan

  Medical Counter Measures (MCM):

  Medical countermeasures are defined as medical products which counter Chemical, Biological, Radiological or Nuclear (CBRN) threats and Emerging Infectious Diseases. Examples include both pharmaceutical interventions, such as vaccines, antimicrobials, antidotes, antitoxins, and medical devices such as ventilators, diagnostics, personal protective equipment and patient decontamination that may prevent, mitigate, or treat the adverse health effects of any CBRN threat.

  Nanotechnology:
  Check the checkbox if the device contains materials in the nanoscale range (i.e., with at least one dimension in the size range of approximately 1 nanometer (nm) to 100 nm). Please consult the "Nanotechnology guidance document" for more information.

  Reprocessed Single Use Device:
  Reprocessed Single Use Devices are those for which an original equipment manufacturer (OEM) has FDA-clearance for a single use, and are now being proposed for reprocessing and additional use (typically by a third party). A De Novo submission should not be a Reprocessed SUD. If the device is a Reprocessed Single Use Device, consult the "Reprocessed SUD guidance document" as well as the FAQ and FR Notice.

  Animal-Derived Material(s):
  For further information regarding devices with animal-derived materials you can consult the guidance document "Medical Devices Containing Materials Derived from Animal Sources (Except for In Vitro Diagnostic Devices)."

  Predetermined Change Control Plan (PCCP):
  This describes planned changes that may be made to the device (and that would otherwise require a new premarket submission). (see 515C of the FDC Act)

  Resources

  • Nanotechnology guidance document
  • Reprocessed SUD guidance document
  • Animal-Derived Material(s) guidance document

Description 🔗

• Please provide a Device Description Summary below, and ensure it includes an explanation of how the device functions, the scientific concepts that form the basis for the device, and the significant physical and performance characteristics of the device, such as device design, material used, and physical properties.

We recommend you include a brief description of the principle of operation for achieving the intended effect. We also recommend that you include a brief description of proposed conditions of use, such as surgical technique for implants; anatomical location of use; user interface; how the device interacts with other devices; and/or how the device interacts with the patient.

If you have links to online videos or resources that would aid in the review of your device, please add them to your summary.

If you choose to use the 510(k) summary produced for you at the end of this template (in the Administrative Documentation page), you must provide this device description information in the textbox below, in accordance with 21 CFR 807.92(a)(4). The contents of the 510(k) Summary will be made publicly available on the FDA website if your device is cleared.
ONLY ENTER NONCONFIDENTIAL INFORMATION IN THE DEVICE DESCRIPTION SUMMARY
TEXTBOX BELOW. CONFIDENTIAL INFORMATION CAN BE INCLUDED IN THE ATTACHMENT(S).

• Comprehensive Device Description and Principles of Operation Documentation

  Please attach documentation that describes your device in detail. This should include key design features for the principle of operation and how performance is achieved.

  Please ensure you include a detailed description of any components or accessories for use with your device, and specify the name of the original equipment manufacturer (if the components or accessories are third-party produced). If your device is adjunctive to another legally marketed device, please ensure your device description clearly defines the interfaces that exist and dependencies.

• Device Pictures, Illustrations, Schematics, and/or Diagrams. Attach a justification if
  the device does not have a physical form.
• Description of Device Packaging

  This includes information regarding the packaging of the devices, including, when applicable, primary packaging, secondary and any other packaging associated.
  Specific packaging of accessories marketed together with the medical devices shall be described.

System/Kit Components and Accessories 🔗

• Is the device intended to be marketed with multiple system/kit components or accessories?

  For the purposes of this eSTAR, system components are those individual parts or assemblies intended to be used together to fulfill some or all of the device's intended functions. Kit components are often those assembled together strictly for the "convenience" of the purchaser.

  An accessory is a finished device that is intended to support, supplement, and/or augment the performance of one or more parent devices.

  Resources

  • Medical Device Accessories - Describing Accessories and Classification Pathway for New Accessory Types

  • Yes
    • Under section 513(f)(6), are you requesting risk-based classification of an accessory that is not explicitly identified in a classification regulation, or has not been included in a cleared 510(k), approved PMA, or granted De Novo request? [Yes/No]

    Section 513(f)(6)(C) of the FD&C Act authorizes a person submitting a 510(k), PMA, or PMA supplement to request proper classification of an accessory that has not been previous classified. This classification "shall... be based on the risks of the accessory when used as intended and the level of regulatory controls necessary to provide a reasonable assurance of safety and effectiveness of the accessory, notwithstanding the classification of any other device with which such accessory is intended to be used" (section 513(f)(6)(A) of the FD&C Act).

    • If the device is intended to be marketed as a kit, for the purposes of this premarket notification [510(k)], please attach your signed kit certification statement and please identify all the kit components included in your kit certification. For more information, including the text of the kit certification statement, see FDA's guidiances, "Kit Certifications for 510(k)s" and "Convenience Kits Interim Regulatory Guidance." If you cannot make the kit certification statement for each component of your kit, you must provide a list of these excluded components in the requested attachment below.
    • Please attach a list of all the system/kit components and accessories that are part of this submission. Please also include the submission number if the system/kit component or accessory received marketing authorization. For 510(k)s, only include kit components here that are not part of the kit certification statement if this certification was provided (see help text). If you only have kit components that are part of the kit certification statement, please provide an attachment here that states this.

    For 510(k)s only, if you cannot make the kit certification statements for each component of your kit, you must itemize the components without a pre-Amendments exemption, or premarket notification status. If you cannot make the referenced statement in the second paragraph of the kit certification statement for each component of your kit, you must itemize these components, state whether they are pre-Amendments, exempt, or have been found substantially equivalent through the premarket notification process, and describe how you further process them (e.g., sterilize, package/repackage, label/relabel, etc.).

    • Please attach System/Kit Component and/or Accessory Pictures, Illustrations,
      Schematics, and/or Diagrams
  • No

Guidance and Special Controls Adherence 🔗

In the text box below, please address or provide information demonstrating compliance with any applicable special controls, requirements in a device specific classification regulation, or adherence to device specific guidance recommendations for the Device Description. For each specific special control, regulation, or guidance recommendation applicable to your device: Please list the special control, regulation, or recommendation and cite the attachment(s) and page number(s) where it was addressed. Please use the primary product code you will provide in the Classification section below to determine whether a device specific guidance exists for your device. Type “N/A” if no device specific guidance, regulation, or special controls exist for your device type. If you type “N/A,” and special controls, a regulation, or a device specific guidance exists that requests information covered by this review section, the time-line for review of your file may be affected.

If you choose to use an alternative approach in comparison to what is stated in the applicable guidance or special controls, please provide a rationale for this alternative approach below.

Classification 🔗

Add a primary product code and any associated product codes below. You may type in the primary product code directly (only the product code field is required) or you may filter down by choosing first a medical specialty, regulation, then product code. If a device specific guidance is available for the product code, the guidance name and web link will be displayed. Use the Product Classification Website resource in the help text to obtain information about your product code and check the regulation text for any special controls that need to be considered (e.g, PAE and 21 CFR 890.3450).

This question intends to obtain the proper classification you believe your device should be cleared or approved under. This information is necessary for several reasons:

• It will let you know FDA's best judgement about which, if any, marketing submission is required for your product (e.g., 510(k), PMA, De Novo);
• It will let you know whether any guidance is available for your device to help ensure you are providing all of the necessary information in your submission;
• It allows FDA to route your submission to the appropriate review Division;
• It can help you compare your device to similar devices.

Your device will not be actually classified until it is cleared in a 510(k) or granted in a De Novo. If you find that your device falls under a regulation that is exempt from 510(k) review, you should be sure that the technology and indications for your device are consistent with the regulations or a device found substantially equivalent under that regulation. You may need to submit a 510(k) if you trip the limitations of exemption identified in the applicable.9 regulation (e.g., 872.9).

The Medical Specialty (usually equivalent to Review Panel) is a very general description of a particular medical area, and is the highest level of classification. All classified devices will reside under one of these classifications. Each Medical Specialty includes several Regulations, and within each Regulation resides one or more Product Codes (a.k.a. pro code).

The Medical Specialty is identified by a two letter code, for example PM, and is associated with the first 3 numerals in the regulation number, for this example 890. The regulation number is a 7 digit numeral, for example 890.5850 (formally the regulation is 21 CFR 890.5850 since all medical device regulations reside in Title 21 of the Code of Federal Regulations).

The Product Code will identify your device type, and is identified by a 3 three letter code, for example IPF. A device should always have a primary product code, but may have additional product codes associated that may or may not fall within the primary Regulation or Medical Specialty. Regulatory classes for devices are Class I, II, or III, with III being highest risk.

If multiple product codes apply to your submission (e.g., bundled submission, multiple device functions), then choose the product code with the highest regulatory class as your primary product code. If all relevant product codes share the same regulatory class, choose the product code with the highest safety risk as the primary product code.

This information is vital in understanding the kinds of specific information and data the FDA will be requesting in regards to your device. If you enter a product code at the 510(k) Search Website, it will inform you of the 510(k)s previously cleared under that product code, and which are appropriate predicate devices for use in your submission for your product code.

If you are unable to determine the regulation that best describes your device, FDA can perform this function for you (for a fee) with the submission of a Request for Classification 513(g) to our Document Control Center. A 513(g) is FDA's best judgment about how the product would be regulated. A 513(g) response is not a classification decision for a device and does not constitute FDA clearance or approval for commercial distribution.

Resources

• 513(g) Guidance
• Classify Your Medical Device Website
• Product Classification Website
• CFR Title 21 Database Website
• 510(k) Search Website
• 510(k) Staff Email

• Medical Specialty
• Regulation
• Product Code
• Associated Product Code(s)

  Add any product codes for features of the device or system that are not covered by the primary product code. For example, if the device includes accessories or components covered under other product codes, list those product codes here.

Predicates and Substantial Equivalence 🔗

Predicate and Reference Devices 🔗

For aid in finding appropriate devices, please consult the webpage How To Find A Predicate Device.

Resources

• How To Find A Predicate Device

Primary Predicate 🔗

• Is this a Preamendments or Exempt device without a submission number?

  The term "preamendments device" refers to devices legally marketed in the U.S. by a firm before May 28, 1976 and which have not been significantly changed or modified since then, and for which an order requiring a premarket approval (PMA) application has not been published by FDA.

  If a Preamendment device is claimed as a predicate device, be sure to see the Preamendment Status webpage for the documentation that should be provided.

  Preamendment documentation should be attached alongside the Substantial Equivalence Comparison documentation at the end of this section.

  Resources

  • Preamendment Status webpage

  • Yes
  • No
    • Predicate Submission Number (e.g., K210001)

      If the predicate device is a 510(k), De Novo or down-classified PMA, please provide the submission number (e.g. K#, DEN#, or P#).

    • Predicate Device Trade Name
    • Predicate Device Primary Product Code
      • Medical Specialty
      • Regulation
      • Product Code

Substantial Equivalence Comparison 🔗

If the device has different indications for use in comparison to the predicate device(s), describe why the differences do not constitute a new intended use. If the indications for use are the same, state this in the text box below. If you choose to use the 510(k) summary produced for you at the end of this template (in the Administrative Documentation page), and the Indications are different in comparison to your predicate device(s), you must include the information from 21 CFR 807.92(a)(5) in this rationale. The contents of the 510(k) Summary will be made publicly available on the FDA website if your device is cleared.
ONLY ENTER NONCONFIDENTIAL INFORMATION IN THE RATIONALE TEXTBOX BELOW.
CONFIDENTIAL INFORMATION CAN BE INCLUDED IN THE ATTACHMENT(S).

In accordance with 21 CFR 807.92(a)(5), please ensure any rationale includes an explanation as to why the differences are not critical to the intended therapeutic, diagnostic, prosthetic, or surgical use of the device, and why the

differences do not constitute a new intended use of the device when used as labeled.

Resources

• 21 CFR 807.92(a)(5)

If the device has the same technological characteristics (i.e., design, material, chemical composition, principle of operation, energy source, etc.) as the predicate device(s) identified above, include a summary in the memo box below of the technological characteristics of the new device in comparison to those of the predicate device(s). Or, if the device has different technological characteristics from the predicate device(s), include a summary of how the technological characteristics of the device compare to a legally marketed device(s) identified above.
If you choose to use the 510(k) summary produced for you at the end of this template (in the Administrative Documentation page), you must include the information from 21 CFR 807.92(a)(6) in this rationale. The contents of the 510(k) Summary will be made publicly available on the FDA website if your device is cleared.

ONLY ENTER NONCONFIDENTIAL INFORMATION IN THE DESCRIPTION TEXTBOX BELOW.
CONFIDENTIAL INFORMATION CAN BE INCLUDED IN THE ATTACHMENT(S).

See 21 CFR 807.92(a)(6) for the regulatory requirements regarding this question.

Resources

• 21 CFR 807.92(a)(6)

• Please attach your Substantial Equivalence Comparison in tabular format. Please
  ensure the table(s) includes a comparison of the Indications for Use as well as a
  comparison of the pertinent technology characteristics of your device and your
  predicate device(s).
  If your submission is intended for the safety and performance pathway, then you
  should satisfy the Substantial Equivalence comparison as outlined in the relevant
  guidance. Please open the link in the help text for more information.

Labeling 🔗

You must submit proposed labels, labeling, and advertisements sufficient to describe the device, its intended use, and the directions for its use. Where applicable, photographs or engineering drawings should be supplied (21 CFR 807.87(e)). We also strongly recommend you consult standard AAMI ANSI ES60601-1 Section 7 for applicable labeling that may be important for your device if it is electrical (consult ISO 14708-1 instead for implantable components).

General Labeling 🔗

• If a symbols glossary was used, please specifically cite the attachment and page number where it is located in the labeling (type "N/A" if not used). Be aware that if a glossary was not used, the symbols should be described in adjacent text (if applicable,
  see Help Text).

Symbols used in labeling must either be 1) established in a standard developed by a national or international standards development organization (SDO), and defined in the Instructions for Use symbols glossary, or 2) accompanied by adjacent explanatory text. A symbols glossary must include 1) symbol definition consistent with standard, 2) standard title, and 3) symbol title and reference number (if applicable).

Resources

• 21 CFR 801.15(c)(1)

• What is the Magnetic Resonance (MR) safety status for the device(s) in
  the submission?

MR Safe

An item that poses no known hazards resulting from exposure to any MR environment. MR Safe items are composed of materials that are electrically nonconductive, nonmetallic, and nonmagnetic. Choose “MR Safe” if an evaluation determined this, and this term appears in the labeling. This symbol appears as the letters “MR” in a green square.

MR Unsafe

An item which poses unacceptable risks to the patient, medical staff or other persons within the MR environment. Choose "MR Unsafe" if this term appears in the labeling. This symbol appears as the letters "MR" within a red circle and slash.

MR Conditional

The device can be safely used in the MR environment only under specific conditions of use. Choose "MR Conditional" if an evaluation determined this, and this term appears in the labeling. This symbol appears as the letters "MR" within a black bordered yellow filled triangle.

Not Evaluated - For devices that historically did not provide information about MR safety," Safety in MRI Not Evaluated" labeling may be used in certain circumstances. Choose this option if the device is a passive implant that has historically not included any labeling on MR safety, or choose this option if the device is not an implant and is not intended to be used in the MR environment (e.g., CT system, operating room table, software). "Safety in MRI Not Evaluated" labeling is not appropriate if:

• there are any known adverse effects or adverse events due to exposure to the MR environment for the device/device type, or
• the device or device type has typically been labeled as MR Conditional or MR Unsafe, or
• this is a new device type, or
• the medical device contains ferromagnetic material(s), or
• this is an active medical device, or is a partially implanted medical device.

Resources

• Testing and Labeling Medical Devices for Safety in the Magnetic Resonance (MR) Environment

• If the device(s) contains a static/permanent magnet, please specifically cite the attachment and page number where labeling includes a statement and/or contraindication regarding the risk of magnet use within 6 inches of other magnetically susceptible medical devices. Type "N/A" if not applicable.

If the subject device contains a static/permanent magnet, this magnet could adversely affect nearby magnetically susceptible implanted medical devices such as pacemakers, implantable cardioverter-defibrillators (ICDs), cochlear implants, or

neurostimulators. The FDA recommends that any medical device which could create magnetic interference be kept at least 6 inches (15 cm) away from other magnetically susceptible implanted devices.

If the medical device's expected use could be within 6 inches (15 cm) of a pacemaker or ICD they should be contraindicated. If the medical device's expected use could be within 6 inches (15 cm) of other magnetically susceptible medical devices (e.g. cochlear implants or neurostimulators), labeling should indicate that a separation distance of 6 inches (15 cm) should be maintained between the medical device and the other magnetically susceptible medical devices.

Example: "Warning: Keep this medical device 6 inches (15 cm) away from magnetically susceptible medical devices such as cochlear implants, neurostimulators, stents and shunts."

Type "N/A" if there are no magnets in the device. If the device has magnets and expected use would not be within 6 inches of a magnetically susceptible medical device, please provide a brief explanation why use would not be within 6 inches in this textbox.

Resources

• FDA Magnetic Susceptibility Advisory

Package Labeling 🔗

• Please attach copies of packaging that demonstrate the labeling of any applicable
  packaging used in the transportation of the device. This includes, but is not limited
  to, the device packaging and sterile packaging.

Please include the primary and secondary packaging labels, but do not include shipping labels.

NOTE: The sponsor/applicant should explicitly address any existing regional regulatory guidance related to labeling the subject device.

Package Insert / Instructions for Use 🔗

• Please attach copies of the User Instructions, Inserts, Directions for Use and/or
  Instructions for Use that are intended for use with your device. This includes
  instructions that may be downloaded or viewed on a website.

This includes the package insert/Instructions for Use included in the package. Alternatively, document why this documentation is not applicable.

NOTE: The sponsor/applicant should explicitly address any existing regional regulatory guidance related to labeling the subject device

Other Labeling 🔗

• Choose the attachment type in the dropdown for each attachment. Click the help text button to the right for an explanation of each option.

Other Labeling and Promotional Material: Information that may be important to the submission but that does not fit in any of the other labeling attachment types.

• Individual jurisdictions may have their own regulations or requirements regarding other labelling elements or advertising and promotional materials. If necessary, this section can be used to address jurisdiction-specific regulations or requirements involving other labelling elements other than those described elsewhere in this section, including advertising and promotional materials.

Shipping Labeling: This includes boxes and shipping container labeling.

Healthcare Professional Labeling: Labeling directed at the healthcare professional other than the package insert, such as the surgical manual

Patient Labeling: Labeling directed at the patient other than the package insert, such as informational material written to be comprehended by the patient or lay caregiver Technical and/or Operator Manual: Labeling directed at the technical users and operators of medical devices focusing on the proper use and maintenance of the device

e-Labeling: If a video/App is available to demonstrate how the test is to be performed and interpreted, provide a link as well as details about how it is maintained and updated throughout the life cycle of the device.

Specific Labeling 🔗

Please specifically cite the attachment and page number where the Indications for Use exists in the labeling.

Please specifically cite the attachment and page number where the name and place of business of the manufacturer, packer, or distributor is located.

Please see 21 CFR 801.1 for more information.

Resources

• 21 CFR 801.1

Guidance and Special Controls Adherence 🔗

In the text box below, please address or provide information demonstrating compliance with any applicable special controls, requirements in a device specific classification regulation, or adherence to device specific guidance recommendations for the Labeling. For each specific special control, regulation, or guidance recommendation applicable to your device: Please list the special control, regulation, or recommendation and cite the attachment(s) and page number(s) where it was addressed. Please use the primary product code you provided in the Classification section above to determine whether a device specific guidance exists for your device. Type “N/A” if no device specific guidance, regulation, or special controls exist for your device type. If you type “N/A,” and special controls, a regulation, or a device specific guidance exists that requests information covered by this review section, the time-line for review of your file may be affected.

If you choose to use an alternative approach in comparison to what is stated in the applicable guidance or special controls, please provide a rationale for this alternative approach below.

Reprocessing, Sterility, and Shelf-Life 🔗

Since the answers you provided in the Device Description section indicate reprocessing and sterility
information is needed, be aware that the Reprocessing section covers devices that are sterilized by the end user, while the Sterility section covers devices that are packaged as sterile.

Reprocessing 🔗

Reprocessing is defined as validated processes used to render a medical device, which has been previously used or contaminated, fit for a subsequent single use. These processes are designed to remove soil and contaminants by cleaning and to inactivate microorganisms by disinfection or sterilization. If the device(s) requires reprocessing, please consult the Reprocessing Guidance. Reprocessing documentation can be attached at the end of the "Reprocessing, Sterility, and Shelf-Life" section.

Resources

• Reprocessing Guidance

• Are cleaning or disinfection or sterilization instructions included in the labeling?
  • Yes
    • How many different sets of reprocessing instructions are included (maximum of 4):

    If you have more than four sets of reprocessing instructions, provide information for four of the reprocessing instructions in this form. For the remaining reprocessing instructions, clearly identify the relevant information in the Reprocessing attachments.

    Sterility 🔗

    Please consult the Sterility Guidance for more information.

    Resources

    • Sterility Guidance

    • Are cleaning or disinfection or sterilization instructions included in the labeling?[Yes/No]
    • How many sterilization methods are there (maximum of 4)?

    If you have more than four sterilization methods, provide information for four of the sterilization methods in this form. For the remaining sterilization methods, clearly identify the relevant information in Sterility attachments.

  • No
    • Please provide a rationale for why cleaning/disinfection instructions are not included in the labeling?

Guidance and Special Controls Adherence 🔗

In the text box below, please address or provide information demonstrating compliance with any applicable special controls, requirements in a device specific classification regulation, or adherence to device specific guidance recommendations for the Reprocessing or Sterility. For each specific special control, regulation, or guidance recommendation applicable to your device: Please list the special control, regulation, or recommendation and cite the attachment(s) and page number(s) where it was addressed.
Please use the primary product code you provided in the Classification section above to determine whether a device specific guidance exists for your device. Type “N/A” if no device specific guidance, regulation, or special controls exist for your device type. If you type “N/A,” and special controls, a regulation, or a device specific guidance exists that requests information covered by this review section, the time-line for review of your file may be affected.

If you choose to use an alternative approach in comparison to what is stated in the applicable guidance or special controls regarding reprocessing or sterility, provide a rationale for this alternative approach below.

Shelf-Life 🔗

• Does your device have a shelf-life?

  For Accelerated Lifetime Testing, we recommend consulting standard ASTM F 1980-07 as a guide for determining shelf-life.

  • Yes
    • What is the proposed shelf-life?
    • Provide a summary of the methods used to support the sterility and performance of the device over its
      proposed shelf-life. Alternatively, provide a rationale for why testing to establish shelf-life is not applicable.
  • No
    • Please summarize the methods used to support that the sterility and performance of the device is not adversely affected by aging. Alternatively, include a rationale for why the storage conditions are not expected to affect device safety or effectiveness

Reprocessing, Sterility, and Shelf-Life Documents 🔗

• Please attach any Sterility, Cleaning, Shelf-Life and Reuse documentation that
  you believe is pertinent to the review of your device. Choose the attachment type
  in the dropdown for each attachment.

Each attachment should contain the following: a) A summary of the non-clinical evidence that falls within this category; b) A discussion of the non-clinical testing considered for the device and support for their selection or omission from the verification and validation studies conducted in this category (ie. what tests were considered and why they were or were not performed); c) A discussion to support why the evidence presented is sufficient to support the application.

End-User Sterilization: Information and validation of end-user sterilization where it is necessary for the end-user to sterilize the device. This should include a description of the sterilization process (method, parameters), Sterility Assurance Level (SAL) and, if applicable, the rationale on the durability of the product against two or more sterilizations.

Manufacturer Sterilization: Information and validation of manufacturer sterilization where the device is provided sterile.

Residual Toxicity: Contains information on the testing for sterilant residues, where the device is supplied sterile and sterilized using a method susceptible to residues.

Cleaning and Disinfection Validation: Contains information on the validation of cleaning and disinfection instructions for reusable devices.

Reprocessing of Single Use Devices, Validation Data: The required validation data including cleaning and sterilization data, and functional performance data demonstrating that each single use device (SUD) will continue to meet specifications after the maximum number of times the device is reprocessed as intended by the person submitting the premarket submission.

Product Stability: This should contain details relating to product stability under specified storage conditions and in final packaging or simulated conditions. Also include:

• the shelf-life (for each component if there are differences between components) and the proposed storage condition for the device
• a summary of the non-clinical evidence, covering shelf-life period when stored at the proposed storage condition
• evidence to support stability of the medicinal substance contained in the device at the proposed storage condition (FDA Note: Medicinal Substances refers to drugs and biologics)
• evidence of in-use stability supporting actual routine use (real or simulated)

Package Validation: Contains details relating to package integrity over the claimed shelf-life and in the packaging and distribution environment (transport and packaging validation) and when applicable, following exposure to the sterilization process. Non-clinical evidence covering shelf-life period should be included.

Resources

• Reprocessing Medical Devices in Health Care Setting: Validation Methods and Labeling
• Submission and Review of Sterility Information in Premarket Notification (510(k)) Submissions for Devices Labeled as Sterile
• Validation Data in Premarket Notification Submissions (510(k)) for Reprocessed Single-Use Medical Devices

Biocompatibility 🔗

Studies supporting biocompatibility and assessing toxicology are to be included in this section. Studies to assess the immunological response to animal or human tissues, tissue components or derivatives are to be included in this section. This should include:

• A list of all materials in direct or indirect contact with the tissue or user.
• State conducted tests, applied standards, test protocols, the analysis of data and the summary of results
• A discussion of the non-clinical testing considered for the device and support for their selection or omission from the verification and validation studies conducted in this category (i.e. what tests were considered and why they were or were not performed)
• Discussion to support why the evidence presented is sufficient to support the application.

Based on the answer provided in the Device Description section, biocompatibility information is needed.

Tissue Contacting Products/Components/Materials 🔗

Please consult the Biocompatibility Guidance Document for considerations regarding the biocompatibility of your device.

Resources

• Biocompatibility Guidance Document

• How many tissue contacting products/components/materials are there?
  (See Help Text if multiple materials share the same justification for no testing.)

Tissue contacting includes blood contacting, per the Agency's guidance document "Use of International Standard ISO 10993-1, 'Biological evaluation of medical devices - Part 1: Evaluation and testing within a risk management process" Guidance Document. Tissue contacting includes any direct or indirect contacting product, components, or materials.

Separate testing may be needed (ie., increase the number of products/components/materials there are in the dropdown), if components of the device have different nature or duration of tissue contact, or any device components are made of novel material(s).

If multiple materials or components share the same contact type, duration of contact, and justification for why no testing is needed, they together may be considered a single product or component when choosing the number of tissue contacting products/components/materials.

For example:

• if you have multiple tissue contacting products/components/materials that all share the same nature of body contact, contact duration, and justification for why no testing is being provided, choose "1".
• if you have two groups of products/components/materials, and within each group they have the same contact type, duration of contact, and justification for why no testing is being provided, choose "2".

Resources

• Biocompatibility Guidance Document

• if greater than 0 to 50 (below form is the same for each tissue contacting material, more tissue contacting materials means more filled forms up to 50 materials)

  Tissue Contacting Material 1 - 50 🔗

  • Identify the device(s) / accessory(ies) / component(s) that directly or indirectly contacts the tissue
  • Please state the exact name and any identifiable information for the particular material used.
  • If color additives are included, please identify them here. If no color additives are included, state "N/A.”

    For 510(k): Please identify the tissue contacting color additives.
    For De Novo: Please state "N/A" in the textbox.
    For PMA: Please identify the following:

    1. the color additive common and chemical name,
    2. the amount of each color additive in the formulation by weight percent of the colored component, and
    3. the total amount (e.g., μg, ppm) of color additive in the device.

    Resources

    • Color Additives Website

  • Choose intended contact of the particular material.

    Direct contact - term used for a device or device component that comes into physical contact with body tissue.

    Indirect contact - term used for a device or device component through which a fluid or gas passes, prior to the fluid or gas coming into physical contact with body tissue (in this case the device or device component itself does not physically contact body tissue).

    For more information refer to Guidance Document "Use of International Standard ISO 10993-1, 'Biological evaluation of medical devices - Part 1: Evaluation and testing within a risk management process.""

  • Please provide the FDA submission number (e.g., K210001) if you are aware of a
    previously submitted device using the same material with similar nature of contact.
  • Is there a potential for repeat exposure? [Yes/No]

    Repeat exposure could be during a procedure or during multiple procedures/device uses. During a procedure, a patient might have multiple devices used or implanted, so the dose of a tissue contacting material would be higher than with use of a single device. Multiple uses also could be outside a single procedure, such as for dialysis where a patient might have 2-3 dialysis procedures each week.

  • Choose the type of tissue contact of your tissue contacting material.
    • Direct
    • Indirect
    • Both
  • Duration of Contact.

    Transient contact - term used for a device or device component that comes into very brief/transient contact with body tissue (e.g., hypodermic needles that are used for less than one minute).

    For devices with transient contact, assessment of biocompatibility risk should be conducted to determine if testing is needed (for more information refer to Guidance Document "Use of International Standard ISO 10993-1, 'Biological evaluation of medical devices - Part 1: Evaluation and testing within a risk management process"").

Biocompatibility Reports and Documentation 🔗

Please attach any documentation (e.g., test reports) pertaining to the biocompatibility
of your device. If no test reports were attached, please attach a rationale explaining
why testing is not necessary.

Software/Firmware & Cybersecurity/Interoperability 🔗

Based on the answers provided in the Device Description section, software, cybersecurity, and interoperability information is needed.

Software 🔗

Software Level of Concern (LOC) Determination 🔗

Please use our Guidance for the Content of Premarket Submissions for Software Contained in Medical Devices to ensure you have properly documented and tested your device. The software guidance applies to devices that contain one or more software components, parts, or accessories, or are composed solely of software as "software devices," including:

• firmware and other means for software-based control of medical devices
• stand-alone software applications
• software intended for installation in general-purpose computers
• dedicated hardware/software medical devices
• accessories to medical devices when those accessories contain or are composed of software

The software guidance applies to software devices regardless of the means by which the software is delivered to the end user, whether factory-installed, installed by a third-party vendor, or field-installed or -upgraded.

Resources

• Guidance for the Content of Premarket Submissions for Software Contained in Medical Devices
• General Principles of Software Validation; Final Guidance for Industry and FDA Staff
• Guidance for Industry, FDA Reviewers and Compliance on Off-The-Shelf Software Use in Medical Devices

• Does the Software qualify as Blood Establishment Computer Software? [Yes/No]

Blood Establishment Computer Software is defined as software products intended for use in the manufacture of blood and blood components or for the maintenance of data that blood establishment personnel use in making decisions regarding the suitability of donors and the release of blood or blood components for transfusion or further manufacture.

• Is the Software intended to be used in combination with a drug or biologic?
• Is the Software an accessory to a medical device that has a Major LOC?
• Prior to mitigation of hazards, could a failure of the Software result in death or serious injury,
  either to a patient or to a user of the device? Examples of this include the following:
  • a) Does the Software control a life supporting or life sustaining function?
  • b) Does the Software control the delivery of potentially harmful energy that could result in
    death or serious injury, such as radiation treatment systems, defibrillators, and ablation
    generators?
  • c) Does the Software control the delivery of treatment or therapy such that an error or
    malfunction could result in death or serious injury?
  • d) Does the Software provide diagnostic information that directly drives a decision regarding
    treatment or therapy, such that if misapplied it could result in serious injury or death?
  • e) Does the Software provide vital signs monitoring and alarms for potentially life
    threatening situations in which medical intervention is necessary?
• Is the Software an accessory to a medical device that has a Moderate LOC? [Yes/No]
• Prior to mitigation of hazards, could a failure of the Software result in Minor Injury, either to a
  patient or to a user of the device? [Yes/No]
• Could malfunction of, or a latent design flaw in, the software lead to an erroneous diagnosis
  or a delay in delivery of appropriate medical care that would likely lead to Minor Injury? [Yes/No]
• Based on the questions answered above, your LOC is determined to be:

The software documentation below is recommended for the level of concern specified. Click on the blue
help text buttons for details about what is recommended in the documentation for each.

Software Description 🔗

Specify the name of the software

Specify the version of the software - The version tested should be clearly identified and should match the release version of the software, otherwise justification must be provided.

Provide a description of the software including the identification of the device features that are controlled by the software, the programming language, hardware platform, operating system (if applicable), use of Off-the-shelf software (if applicable), a description of the realization process.

Provide a statement about software version naming rules, specify all fields and their meanings of software version, and determine the complete version of software and its identification version used for release.

Please attach a description of the software / firmware that includes: a textual
description of the software / firmware, the version number of the software / firmware,
the input parameters (user inputs), and the output parameters (device actions).

Software Documentation 🔗

• Device Hazard Analysis

The Device Hazard Analysis should take into account all device hazards associated with the device's intended use, including both hardware and software hazards. This document can be in the form of an extract of the software-related items from a comprehensive risk management document, such as the Risk Management Summary described in ISO 14971. In this format, each line item should include:

• identification of the hazardous event
• severity of the hazard
• cause(s) of the hazard
• method of control (e.g., alarm, hardware design)
• corrective measures taken, including an explanation of the aspects of the device design/requirements, that eliminate, reduce, or warn of a hazardous event; and
• verification that the method of control was implemented correctly.

• Software Requirements Specifications (SRS)

The Software Requirements Specification (SRS) documents the requirements for the software. This typically includes functional, performance, interface, design, developmental, and other requirements for the software. In effect, this document describes what the Software Device is supposed to do.

Minor LOC: Documentation should include a summary functional requirements section from the SRS, including identification of off-the-shelf software.

Major or Moderate LOC: The complete SRS should be included.

• Architecture Design Chart

The Architecture Design Chart is typically a flowchart or similar depiction of the relationships among the major functional units in the Software Device, including relationships to hardware and to data flows such as networking. It is usually not necessary to include every function call and module in this document; however, there should be sufficient information to allow for review of the organization of the software relative to the functionality and to the intended use of the Software Device. If the Architecture Design Chart is included in another document such as the SRS, a reference to the location of the Architecture Design Chart in the submission should be included.

• Software Design Specifications (SDS)

The Software Design Specification (SDS) describes the implementation of the requirements for the Software Device. In terms of the relationship between the SRS and the SDS, the SRS describes what the Software Device will do and the SDS describes how the requirements in the SRS are implemented. The information presented in the SDS should be sufficient to ensure that the work performed by the software engineers who created the Software Device was clear and unambiguous, with minimal ad-hoc design decisions. The SDS may contain references to other documents, such as detailed software specifications. However, the document should, in and of itself, provide adequate information to allow for review of the implementation plan for the software requirements in terms of intended use, functionality, safety, and effectiveness.

• Traceability Analysis/Matrix

A Traceability Analysis links together the product design requirements, design specifications, and testing requirements. It also provides a means of tying together identified hazards with the implementation and testing of the mitigations. The traceability among these activities and associated documentation should be explicit because they are essential to effective product development and to our understanding of product design, development and testing, and hazard mitigations. The Traceability Analysis commonly consists of a matrix with line items for requirements, specifications and tests, and pointers to hazard mitigations. It is possible to document traceability simply through a shared organizational structure with a common numbering scheme; however, it should include some mechanism, such as a matrix for guiding the reviewer through the submitted information.

• Software Development Environment/Life Cycle Process Description

The Software Development Environment/Life Cycle Process Description should describe the software development life cycle and the processes that are in place to manage the various life cycle activities.

Moderate LOC: Documentation should include a summary of the configuration management and maintenance plans.

Major LOC: Documentation should include an annotated list of the control/baseline documents generated during the software development process and a list or description of software coding standards. Changes to the Software Device after initial market release should be subject to positive control, with definitive specification and test plans including well-defined regression testing where appropriate. The description of the development environment should provide information on the configuration management and maintenance plan that addresses these aspects of the software development life cycle. Sufficient detail should be provided to allow for a thorough understanding of the configuration management and maintenance plan.

• Verification & Validation Testing

The following should be included in your Verification and Validation Testing for your Level of Concern.

Minor LOC: This should include a software functional test plan, pass/fail criteria, and results.

Moderate LOC: This should include a description of V&V activities at the unit, integration, and system level. It should also include system level test protocol, including pass/fail criteria, and tests results.

Major LOC: This should include a description of V&V activities at the unit, integration, and system level. This should also include unit, integration and system level test protocols, including pass/fail criteria, test report, summary, and tests results.

Although software verification may be performed using a per function test protocol, validation (e.g., actual user testing of the device's user interface including input and output testing of the program structure) should be done on the completed software. Although the verification ensures that the device performs as designed, the validation is needed to test these designs and ensure they are appropriate for the environments they will be used in (i.e., appropriate for the users and applications for which they are designed).

• Revision Level History

The Revision Level History should include the history of software revisions generated during the course of product development. This typically takes the form of a line-item tabulation of the major changes to the software during the development cycle, including date, version number, and a brief description of the changes in the version relative to the previous version. The last entry in the list should be the final version to be incorporated in the released device. This entry should also include any differences between the tested version of software and the released version, along with an assessment of the potential effect of the differences on the safety and effectiveness of the device.

• Unresolved Anomalies

Unresolved Anomalies documentation should include a list of remaining software anomalies, annotated with an explanation of the impact on safety or effectiveness, including operator usage and human factors. The description of each anomaly should include the:

• problem
• impact on device performance
• any plans or timeframes for correcting the problem (where appropriate).

Cybersecurity 🔗

Please use our guidances entitled "Content of Premarket Submissions for Management of Cybersecurity in Medical Devices," "Postmarket Management of Cybersecurity in Medical Devices," as well as "Design Considerations and Pre-market Submission Recommendations for Interoperable Medical Devices," to ensure you have properly documented and tested the device.

Only provide documentation regarding Cybersecurity and Interoperability if the device/system fulfills any of the following criteria:

• Can communicate with other devices/systems,
• Has a network/server connection or potential for a future network/server connection that should be disabled,
• Has the potential for unused ports for network connections,
• Uses any form of wireless communication (e.g. Bluetooth, Wi-Fi, cellular, RF, inductive),
• Has a USB port/physical media access (e.g. memory card, JTAG),
• Allows for software/firmware downloads (e.g. software/firmware updates or patching),
• Allows for cloud storage or cloud services.
  Providing documentation regarding the Cybersecurity is required if the submission is a 510(k), PMA, De Novo, or HDE, and any of the above conditions are met.
  Providing documentation regarding the Interoperability of your device is recommended if the submission is a Traditional or Abbreviated 510(k), and any of the above conditions are met. If the submission is a Special 510(k), and any of the above conditions are met, documentation is only recommended if any changes to the device (in comparison to the primary predicate) could affect the Interoperability of the device.

Resources

• Content of Premarket Submissions for Management of Cybersecurity in Medical Devices
• Design Considerations and Pre-market Submission Recommendations for Interoperable Medical Devices
• Postmarket Management of Cybersecurity in Medical Devices

A guided walk-through of Section 524B of the FD&C Act is not yet available below. It will be provided in a future eSTAR update. Please refer to the help text in this section for the content that is required according to this statute.

• Risk Management

Manufacturers are required to provide certain information in their premarket submissions per Section 524B of the FD&C Act. The 2014 Premarket Cybersecurity Guidance discusses the following activities as part of the validation and risk analysis for cybersecurity (Section 4), which may be helpful in providing the required information:

• Identification of assets, threats, and vulnerabilities;
• Assessment of the impact of threats and vulnerabilities on device functionality and end users/patients;
• Assessment of the likelihood of a threat and of a vulnerability being exploited;
• Determination of risk levels and suitable mitigation strategies;
• Assessment of residual risk and risk acceptance criteria.

Risk management for cybersecurity includes an assessment of the system to understand the parts of the device that are vulnerable to a cybersecurity attack (often referred as "the attack surface" in cybersecurity literature) along with the assessment of the assets, vulnerabilities, and risk controls employed. The compilation of the assets, vulnerabilities, and risk controls are collectively called the threat model.

The concepts (Identify, Protect, Detect, Respond, and Recover) in Section 5 of the 2014 Premarket Cybersecurity Guidance should be incorporated into the risk management documentation.

The concepts (Vulnerabilities/Risks, Controls, Traceability Matrix, Malware-Free Shipping) in Section 6 of the Premarket Cybersecurity Guidance should be incorporated into the risk documentation.

Threat Modeling

Threat Modeling documentation should address cybersecurity during the design and development of the medical device and related systems, as this can result in more robust and efficient mitigation of patient risks. Section 4 of the 2014 Premarket Cybersecurity Guidance discusses identifying assets, threats, vulnerabilities, and controls; the process is commonly called threat modeling (2014 Premarket Cybersecurity Guidance, Section 6, Item 1). The threat model should consider that threats change as new vulnerabilities are discovered and ways to exploit them are published (these are known as threat actors), which is one of the elements which distinguishes threat modeling from traditional risk assessment.

Cybersecurity Risk Assessment

The 2014 Premarket Cybersecurity Guidance discusses the following risk assessment activities for cybersecurity (Section 4):

• Identification of assets, threats, and vulnerabilities;
• Assessment of the impact of threats and vulnerabilities on device functionality and end users/patients;
• Assessment of the likelihood of a threat and of a vulnerability being exploited;
• Determination of risk levels and suitable mitigation strategies;
• Assessment of residual risk and risk acceptance criteria.

These assessments can be documented in a cybersecurity risk assessment. The Postmarket Cybersecurity Guidance recommends that manufacturers use exploitability to assess the likelihood of cybersecurity risks. This assessment should analyze the assets, threats, vulnerabilities, and controls identified in the threat modeling to determine any impact to the device performance and impact to the environment as well as patient safety. (2014 Premarket Cybersecurity Guidance, Section 6, Item 1).

Unresolved Anomalies

Unresolved anomalies are discussed in the FDA Guidance "Guidance for the Content of Premarket Submissions for Software Contained in Medical Devices." Software anomalies can cause security risks for the device which may impact the safety and effectiveness.

Cybersecurity Controls

Section 5 of the 2014 Premarket Cybersecurity Guidance recommends that manufacturers provide justifications for the security functions chosen for their medical device. These cybersecurity functions include but may not be limited to:

Limit Access to Trusted Users Only

• Limit access to devices through the authentication of users (e.g. user ID and password, smartcard, biometric)
• Use automatic timed methods to terminate sessions within the system where appropriate for the use environment
• Where appropriate, employ a layered authorization model by differentiating privileges based on the user role (e.g. caregiver, system administrator) or device role
• Use appropriate authentication (e.g. multi-factor authentication to permit privileged device access to system administrators, service technicians, maintenance personnel)
• Strengthen password protection by avoiding “hardcoded” password or common words (i.e. passwords which are the same for each device, difficult to change, and vulnerable to public disclosure) and limit public access to passwords used for privileged device access
• Where appropriate, provide physical locks on devices and their communication ports to minimize tampering
• Require user authentication or other appropriate controls before permitting software or firmware updates, including those affecting the operating system, applications, and anti-malware.

Ensure Trusted Content

• Restrict software or firmware updates to authenticated code. One authentication method manufacturers may consider is code signature verification
• Use systematic procedures for authorized users to download version-identifiable software and firmware from the manufacturer
• Ensure capability of secure data transfer to and from the device, and when appropriate, use methods for encryption.

Detect, Respond, Recover

• Implement features that allow for security compromises to be detected, recognized, logged, timed, and acted upon during normal use
• Develop and provide information to the end user concerning appropriate actions to take upon detection of a cybersecurity event
• Implement device features that protect critical functionality, even when the device’s cybersecurity has been compromised
• Provide methods for retention and recovery of device configuration by an authenticated privileged user.

Traceability Matrix

A traceability matrix links actual cybersecurity controls to the cybersecurity vulnerabilities/risks that were considered (2014 Premarket Cybersecurity Guidance, Section 6, Item 2). This matrix may also include traceability to the cybersecurity testing performed to evaluate the controls.

Cybersecurity Testing

FDA has recognized the consensus standards: AAMI/UL 2900-1:2017 and IEC 810001-5-1: 2021 which may be helpful to support cybersecurity documentation in submissions. These standards both include cybersecurity testing as a part of the device design and evaluation activities. See AAMI/UL 2900-1:2017, Clauses 13-19 or IEC 81001-5-1: 2021, Clauses 5.5-5.7 for cybersecurity testing types that may support demonstrating that the cybersecurity controls and requirements are effective.

SBOM and Supporting Info

Section 524B(b)(3) of the FD&C Act requires that you provide a software bill of materials (SBOM) for the commercial, open-source, and off-the-shelf software components. There are resources available to assist in understanding SBOMs including the minimum elements (also referred to as "baseline attributes") identified in the October 2021 National Telecommunications and Information Administration (NTIA) Multistakeholder Process on Software Component Transparency document "Framing Software Component Transparency: Establishing a Common Software Bill of Materials (SBOM)."

Additionally, Section V. of the FDA Guidance "Off-The-Shelf Software Use in Medical Devices" identifies documentation recommendations including a hazard analysis for OTS software. Vulnerabilities in the OTS software can present hazards and may be assessed in such documentation or provided with the SBOM information.

• Cybersecurity Management Plan / Plan for Continuing Support

Section 524B(b)(1) of the FD&C Act requires that you provide a plan to monitor, identify, and address, as appropriate, in a reasonable time, postmarket cybersecurity vulnerabilities and exploits, including coordinated vulnerability disclosure and related procedures.

Section 524B(b)(2) and 524B(b)(2)(A) requires that you make available postmarket updates and patches to the device and related systems to address, on a reasonably justified regular cycle, known unacceptable vulnerabilities.

Section 524B(b)(2) and 524B(b)(2)(B) requires that you make available postmarket updates and patches to the device and related systems to address, as soon as possible out of cycle, critical vulnerabilities that could cause uncontrolled risks.

The 2014 Premarket Cybersecurity Guidance makes recommendations about managing the device postmarket and providing the plans as part of the premarket submission in Section 6, Items 3 and 4. Section X of the Postmarket Cybersecurity Guidance also makes recommendations about the elements of an effective postmarket cybersecurity program. The FDA typically will not need to review or approve medical device software changes made solely to strengthen cybersecurity as described in the Postmarket Cybersecurity Guidance.

Please specifically cite the attachment(s) and page number(s) where the cybersecurity labeling is located. (Note: If there is separate cybersecurity labeling for the device, please attach this in the Labeling section above.)

Cybersecurity Labeling includes device instructions for use and product specifications related to recommended cybersecurity controls appropriate for the intended use environment (e.g., antivirus software, use of firewall). This should be consistent with the risk controls described in the risk assessment as well as any configuration items necessary on the computer or computing platform (e.g., recommending popups be blocked). (2014 Premarket Cybersecurity Guidance, Section 6, Item 5).

Interoperability 🔗

How many Electronic Interfaces are there?

For purposes of this review, the electronic interface is the medium by which systems interact and/or communicate with each other thereby allowing the exchange of information between systems. It includes both the type of connection (e.g., USB port, wireless connection) and the information content. It is a medium by which a medical device exchanges and uses information with other equipment or other medical devices.

• If greater than 0 to 20 (below form is the same for each electronic interface)
  • Name the Electronic Interface
  • Is the electronic interface inactive (i.e. not meant to connect, exchange, or use data with or from other medical devices, products, technologies, or systems)?
    • Yes
    • No
      • Are the interfaces only meant for service or maintenance?

EMC, Wireless, Electrical, Mechanical, and Thermal Safety 🔗

Evidence supporting electrical safety, mechanical and environmental protection, and electromagnetic compatibility are to be included in this section.

Based on the answers provided in the Device Description section, EMC and wireless technology information is needed.

Electromagnetic Compatibility (EMC) 🔗

• How many devices/accessories/components were subjected to EMC testing (maximum of 4)?

EMC testing is recommended for certain electrical devices that either emit EM radiation or that are by nature of the design or environment of use are susceptible to EM interference. Please see standard IEC 60601-1-2 for the applicable tests to consider, as well as our EMC Guidance to ensure you have properly documented and tested your device.

Resources

• EMC Guidance

• If greater than 0 (the same form below is used for each device/accessorie/component)

  EMC Test 1 - 4 🔗

  Device Specific EMC Considerations 🔗

  Please select the highest possible risk associated with this device(s) resulting from potential malfunction, disruption, or degradation due to electromagnetic interference (EMI) that could cause harm to the patient, user, or operator.

  Deaths or Serious Injuries: Medical device-related deaths or serious injuries include events (including procedure-related complications) in the use of the medical device that have caused or could cause or contribute to a death or injury or illness that is life-threatening, results in permanent impairment or damage to the body, or requires medical or surgical intervention to prevent permanent harm to the body.

  Non-Serious Adverse Events: Medical device-related non-serious adverse events include events (including procedure-related complications) in the use of the medical device that have caused or could cause or contribute to minor, temporary or medically reversible injuries that do not meet the criteria for classification as a medical device-related serious injury.

  No Reported Or Potential Harm: Medical device-related events without reported or potential harm include medical device nonconformities that have no related harm, medical device malfunctions that have no related harm, and procedure-related complications with no related harm.

  • Death or Serious Injuries
  • Non-Serious Adverse Events
  • No Reported Or Potential Harm

  Was testing performed according to a recognized edition of IEC 60601-1-2 and, if so, was an ASCA test summary report provided? Please attach any summaries/reports in the "EMC, Wireless & EMT Documentation" section below.

  • Yes, without ASCA
  • Yes, with ASCA
  • No

  FDA recognizes IEC 60601-1-2 Editions 4 and 4.1, but not Edition 3. Certain particular standards (e.g., IEC 60601-2-X, ISO 80601-2-X) might contain specific test setups, specific essential performance, modified test levels, etc. For IVDs Only: IEC 60601-1-2 is only scoped for IVDs that use an instrument, which is a Type B, BF, or CF Applied Part, per IEC 60601-1.

  Under the ASCA (Accreditation Scheme for Conformity Assessment) Pilot, the FDA grants ASCA Recognition to qualified accreditation bodies to accredit testing laboratories to perform premarket testing for medical device companies. If you used an ASCA-accredited testing laboratory to conduct this testing, and an ASCA summary test report was provided, please indicate this.

  If you are using standards that are not recognized or are partially-recognized you should make clear what standards or test methods you use, what test levels were applied, and provide summaries or reports.

  Please list the Essential Performance that is specific to the device, or provide a rationale why the
  device has no Essential Performance, in the space below.

  The 60601-1 standard specifies that the device manufacturer specify the performance of a clinical function, other than that related to basic safety, where loss or degradation beyond the limits specified by the manufacturer results in an unacceptable risk (ie., Essential Performance). Essential Performance as defined in 60601-1 is limited to safety related performance. Certain particular standards (60601-2-XX and 80601-2-XX) specify Essential Performance for the device. The results of risk analysis should be used to determine the essential performance. It is possible for a device to have no Essential Performance, and certain particular standards declare that there is no Essential Performance for the device (e.g., ISO 80601-2-70 for CPAP).

  The Essential Performance should be device-specific rather than a copy of the general pass/fail criteria from 60601-1-2.

  If wireless functionality is needed to achieve the Essential Performance of the device, then it is recommended that the immunity of those wireless functions to electromagnetic disturbance be included during the Electromagnetic Compatibility testing.

  Please provide the page number(s) in the summary/report that include pass/fail criteria specific to the device that are based on the device functions, intended use, and Essential Performance. It is recommended that all device functions that are associated with basic safety or Essential performance be tested and include device-specific pass/fail criteria.

  The pass/fail criteria should be device-specific rather than a copy of the general criteria from 60601-1-2. Some particular device standards (e.g., 60601-2-X, 80601-2-X) specify device-specific Essential Performance and pass/fail criteria.

  If the device under test is not the final finished version, please provide a justification for why the
  differences don't affect EMC. If the device under test is the final finished version, please state this.

  Please provide the page number(s) in the summary/report that include a
  description of the device/system configuration that adequately addresses and
  monitors the specific functions of the device that were tested.

  The pass/fail criteria should be device-specific rather than a copy of the general criteria from 60601-1-2. Some particular device standards (e.g., 60601-2-X, 80601-2-X) specify device-specific Essential Performance and pass/fail criteria.

  If the wireless technology is used in the medical device to achieve its intended use, was it "On" and communicating with other medical device subsystems or ancillary equipment during EMC testing?

  • Yes
  • No
  • Inapplicable

  Answering inapplicable means that your device’s use of wireless technology is not necessary to achieve its intended use.

  EMC Emissions and Immunity Test Information 🔗

  Please provide the page number(s) in the summary/report where the CISPR 11
  emission limits are located.

  There are 2 groups/classes of equipment defined in CISPR 11:

  Group
  Group 2 contains equipment that uses RF energy for treatment of material, for inspection/analysis purposes, or for transfer of electromagnetic energy. Group 1 contains any equipment that is not Group 2.

  Class
  Class A equipment is intended for Professional Healthcare Facility. Class B equipment is intended for Home environments, which could include a Professional Healthcare Facility.

  If the device includes any smart batteries that can be removed from the device for recharging, were the batteries tested as a standalone component during ESD testing?

  • Yes
  • No
  • Inapplicable

  Choose "Inapplicable" if the device does not contain any smart batteries or if the smart battery(ies) is not removable.

  A smart battery is a rechargeable battery with a battery management system that can provide safety (via protective electronic components) or enhance the performance of a battery (see Section IV.E of FDA's EMC Guidance).

  Please provide the page number(s) in the summary/report where the IEC 61000-4-2 electrostatic discharge (ESD) immunity test levels and test results (or observations) are located.

  We request that this test be conducted for both mains (if operable when mains powered) and battery (if operable when battery powered) operating modes. Test levels for IEC 61000-4-2 for electrostatic discharge (ESD) immunity when referencing IEC 60601-1-2 are:

  Air ESD: ±2, ±4, ±8, and ±15 kV

  Contact ESD: +8 kV

  Please provide the page number(s) in the summary/report where the IEC 61000-4-3 radiated RF electromagnetic field immunity test levels and test results (or observations) are located.

  We request that this test be conducted for both mains (if operable when mains powered) and battery (if operable when battery powered) operating modes. The test level for IEC 61000-4-3 for radiated RF electromagnetic field immunity for Home Use is 10 V/m.

  Please provide the page number(s) in the summary/report where the proximity field immunity test levels and test results (or observations) from IEC 60601-1-2 Sec 8.10 and Table 9 are located.

  We request that this test be conducted for both mains (if operable when mains powered) and battery (if operable when battery powered) operating modes.

  Please provide the page number(s) in the summary/report where the IEC 61000-4-8 power frequency magnetic field immunity test levels and test results (or observations) are located.

  We request that this test be conducted for both mains (if operable when mains powered) and battery (if operable when battery powered) operating modes. The test level for IEC 61000-4-8 for power frequency magnetic field immunity when referencing IEC 60601-1-2 is 30 A/m.

  Please provide the page number(s) in the summary/report where the IEC 61000-4-6 conducted disturbances induced by RF fields immunity test levels and test results (or observations) are located.

  We request that this test be conducted for both mains (if operable when mains powered) and battery (if operable when battery powered) operating modes. The test level for IEC 61000-4-8 for power frequency magnetic field immunity when referencing IEC 60601-1-2 is 30 A/m.

  Please provide the page number(s) in the summary/report where the IEC 61000-4-4 electrical fast transient/burst immunity test levels and test results (or observations) are located.

  Test levels for IEC 61000-4-4 for electrical fast transient/burst immunity are +2kV for the input power port and ±1kV for a signal input/output port.

  Please provide the page number(s) in the summary/report where the IEC 61000-4-5 surge immunity test levels and test results (or observations) are located.

  For 60601-2-XX: +0.5kV, ±1kV for line(s) to line(s); ±0.5kV, ±1kV, and ±2kV for line(s) to earth. XX would be the number of the particular standard, if it exists, for a specific type of device.
  For 60601-1-2: +0.5kV, ±1kV for line(s) to line(s) for power port; ±0.5kV, ±1kV, ±2kV for line(s) to ground for power port; ±2kV for line(s) to grounds for input/output ports.
  A device could be exempted from certain surge tests. For example, if the device is a class Il per IEC 60601-1, the device is exempted from line-to-earth (ground) testing.

  Please provide the page number(s) in the summary/report where the IEC
  61000-4-11 voltage dips, short interruptions, and voltage variations immunity
  test levels and test results (or observations) are located.

  For 60601-2-XX: Voltage test level under text (UT): <5% (0.5 cycle and 5s), 40% (5 cycles), 70% (25 cycles). XX would be the number of the particular standard, if it exists, for a specific type of device.
  For 60601-1-2: Voltage test level under test (UT): 0% (0.5 cycle, 1 cycle, and 250 (50 Hz) or 300 (60Hz) cycles), 70 % (25 (50 Hz) or 30 (60 HZ) cycles).
  If the device has a wide input voltage range power supply, the device should be tested at both minimum and maximum input line voltage and at minimum line frequency.

  Please provide the page number(s) in the summary/report where test data for the specifications in Section 20 (RF immunity, category R) of RTCA DO-160 are located. Alternatively, please specifically cite the attachment and page number where the labeling mitigation that cautions against the use of the device in an aircraft is located.

  Providing these data are recommended when Electromagnetic Interference could cause death or serious injury (see Section IV.C of FDA's EMC Guidance). This question will appear either when the risk of the device is unknown or the risk is known to be serious injury or death as indicated in the first EMC question above.

  If there were any degradations or observations noted during the testing, describe how the device(s) continued to meet the essential performance during these degradations or observations.

• Please add an attachment (e.g., Summary Report) that demonstrates that the device passed testing according to IEC 60601-4-2. If a Declaration of Conformity was used, choose TR 60601-4-2 in the Standards section above, and indicate you are declaring conformity to it (i.e., it is not for general use). Then attach a statement here indicating this standard is included in the eSTAR generated Declaration of Conformity in the Administrative Documentation section below.

  Testing to IEC 60601-1-2 can be used to demonstrate the device is safe in its intended electromagnetic environment but does not demonstrate the device is effective. Testing to 60601-4-2 can be used to demonstrate the device is effective. (see Section IV.D of FDA's EMC Guidance)

  Emitters, Allowances, Deviations & Modifications 🔗

  If any of the referenced standard's allowances were used during the testing (e.g., lowered ESD
  immunity), please provide these below.

  The IEC 60601-1-2 standard specifies allowances for testing and labeling. Some of the examples for allowances are listed below:

  • Allowance to change immunity test levels
  • Allowance for emissions such as use in home environment for Class A devices
  • Immunity test modulation can be modified per risk management process
  • Subsystem testing can be allowed
  • Allowances for device cabling depending on the IEC 60601-1-2 edition

  If there were any deviations from the referenced standard, please describe these below.

• Please add an attachment that includes descriptions of all modifications, as well as a
  statement indicating that all changes or modifications will be incorporated in the
  device intended for marketing. Not providing an attachment indicates no modifications
  were made in order to pass any of the EMC tests. In addition, be sure you include an
  adequate assessment of whether these modifications might impact other aspects of
  the device (e.g., performance, biocompatibility). It is recommended that the
  attachment contain information to demonstrate that the modifications would have no
  impact on the other aspects or that the modified device was used for the other
  performance tests. Please provide the page number(s) in the summary/report that demonstrate
  EMC of the device when exposed to common EM emitters including but not
  limited to: radio-frequency identification (RFID) readers, security systems (e.g.,
  metal detectors or electronic article surveillance (EAS)), wireless power
  transfer (WPT), and 5G cellular signals. Security systems may be excluded if
  the device is only intended for use in a Professional Healthcare Facility
  environment.

  Radio-frequency identification (RFID) is used for tracking or other purposes in a wide range of environments including health care facility. We request that RFID testing be performed according to AIM Standard 7351731 or subclause 8.11 of IEC 60601-1-2-2020. 60601-1-2-2020 specifies the following requirements: 8 A/m for 30 kHz, 65 A/m for 134.2 kHz, and 7.5 A/m for 13.56 MHz.

  Wireless power transfer (WPT) is the electromagnetic transfer of power without using wires. Near field WPT is transferred over very short distances using inductive coupling. Far field WPT radiates power at larger distances using higher frequencies.

  Electronic Article Surveillance (EAS) is also known as an anti-theft system.

  We request that these tests be conducted for both mains (if operable when mains powered) and battery (if operable when battery powered) operating modes.

  This question will appear either when the risk of the device is unknown or the risk is known to be non-serious injury, serious injury, or death as indicated in the first EMC question above. (see Section IV.J of FDA's EMC Guidance)

  Please provide the page number(s) in the summary/report that demonstrate
  EMC of the device when exposed to unique medical emitters, such as
  electrocautery, MRI, electrosurgical units, and diathermy devices. Alternatively,
  if the intent is to caution against exposure to these or other specific potential
  electromagnetic disturbance sources, please specifically cite the attachment(s)
  and page number(s) where the instructions describe avoiding the source or
  other mitigations

  The FDA recognized standard for MR conditional devices is ISO 10974. For devices that are not intended to be used in MR environment, labeling against bringing the devices into MR environments is an appropriate mitigation.

  Diathermy and Electrocautery have no recognized test methods. Ad hoc testing,
  approximation of field exposure, or labeling against use are examples of appropriate mitigations.

  This question will appear either when the risk of the device is unknown or the risk is known to be non-serious injury, serious injury, or death as indicated in the first EMC question above. (see Section IV.J of FDA's EMC Guidance)

• Please add an attachment that addresses the risks associated with exposure to
  specific EM emitters that are not adequately addressed by IEC 60601-1-2 (risk
  analysis with appropriate mitigation that might include testing or labeling)
  foreseeable in the intended use vicinity (e.g., RFID, security systems such as
  metal detectors and EAS, diathermy, electrocautery, MRI, electrosurgical units).

  If RFID testing was done in lieu of labeling modifications, we request RFID testing be performed according to AIM Standard 7351731 or subclause 8.11 of IEC 60601-1-2-2020. 60601-1-2:2020 specifies the following requirements: 8 A/m for 30 kHz, 65 A/m for 134.2 kHz, and 7.5 A/m for 13.56 MHz.

  RFID = Radio-frequency identification that is increasingly used for tracking or other purposes in a wide range of environment including health care facility

  EAS = Electronic article surveillance (also known as anti-theft system)

  This question will appear either when the risk of the device is unknown or there is no reported or potential harm as indicated in the first EMC question above.

  Device Labeling 🔗

  Please specifically cite the attachment(s) and page number(s) where the
  recommended separation distances and appropriate environment(s) of use are
  located in the labeling. This information is analogous to the Guidance Tables 1
  through 8 from the 3rd edition of IEC 60601-1-2.

  Please specifically cite the attachment(s) and page number(s) where the
  performance of the device that was determined to be Essential Performance
  and a description of what the operator can expect if the Essential Performance
  is lost or degraded due to electromagnetic disturbances are located in the
  labeling.

  If the device does not have Essential Performance, you should state the device does not have the Essential Performance in the labeling. If the performance of the device was tested for immunity anyway and met the "pass" criteria, it is recommended that you add that information to the device labeling.

  Please specifically cite the attachment(s) and page number(s) where the
  compliance for each emissions and immunity standard or test specified by the
  collateral standard (e.g., emissions class and group and immunity test level)
  are located in the labeling.

  Please specifically cite the attachment(s) and page number(s) where any
  deviations from the collateral standard and allowances used are described in
  the labeling. Type "N/A" if not applicable.

Wireless Technology 🔗

• How many separate wireless functions are there (maximum of 5)?

  Please see our Radio Frequency Wireless Guidance to ensure you have properly documented and tested your device, as well as recognized voluntary standards AAMI TIR69 and ANSI C63.27.

  Resources

  • Radio Frequency Wireless Guidance

• If greater than 0 (the same form below is used for each Wireless Function):

  Wireless Function 1 - 5 🔗

  Wireless Link 🔗

  Specify the device function to be implemented wirelessly and risks associated with failure, disruption, or delay of communication. Please consider inherent risks due to complete wireless communication loss as well as risks identified by the sponsor during their risk analysis process. Additionally, please consider the safeguards and redundancies that might be built into the wireless function when considering the risk.
  (If more than one function is specified, please use the dropdown directly above to indicate the number of functions, and address each separately)

  Please choose the most appropriate choice for the risk of the wireless function (which may not be the same as the risk of the device). The risks of the wireless function are defined in AAMI TIR69.

  Negligible: failure of the wireless function could result, as a maximum, in inconvenience or temporary discomfort. Commonly, this category of function is related to no foreseeable hazards to patients or users. This includes data that, if delayed, disrupted, or lost, will result at most as an inconvenience but with no
  risk to patient safety.

  Minor (Tier 3): failure of the wireless function could result in temporary injury or impairment not requiring professional medical intervention. This includes data that, if delayed, disrupted, or lost, does not significantly impact the patient’s health or medical device’s intended use. These can include hazards associated with minor harms or contributing factors in decision-making.

  Moderate (Tier 2): failure of the wireless function could result in injury or impairment requiring professional medical intervention. This includes data that, if delayed, disrupted, or lost, could result in a delay of therapy.

  Major (Tier 1): failure of the wireless function could result in death or serious injury. This includes critical data for patient health, critical therapy, high priority alarms, remote programming, and other information and signals necessary for life-sustaining or life-supporting activities.

  Examples of wireless functions that could result in:

  DEATH OR SERIOUS INJURY:

  • Remote programming of an infusion pump dosage
  • Patient physiological monitoring and vital sign monitoring to recognize a patient event
  • Alarms (e.g. ventilator, IV pumps) transmitted through e.g. the Nurse Call system to VOIP phones or a mobile medical app

  INJURY OR IMPAIRMENT REQUIRING PROFESSIONAL MEDICAL INTERVENTION:

  • Defibrillator issues where there might be failure to deliver data assessing effectiveness of treatment

  TEMPORARY INJURY OR IMPAIRMENT NOT REQUIRING PROFESSIONAL MEDICAL INTERVENTION:

  • Delivery of an updated drug library to an IV pump

  INCONVENIENCE OR TEMPORARY DISCOMFORT (AS A MAXIMUM):

  • Patient and device monitoring systems that send data to a central database for tracking, trending, and historical purposes, but is not used for immediate patient care
  • Patient requesting a glass of water from a VOIP Phone Nurse Call system

  What is the Quality of Service (QoS) of the device?

  Acceptable Quality of Service (QoS) should be defined with respect to data integrity, data latency or throughput, and accessibility/signal priorities of the network.

  Please select all the technologies that apply to this wireless function:

  • Bluetooth
  • Wifi
  • ZigBee
  • RFID
  • Cellular
  • Other

  Environment of Use 🔗

  Are other wireless products able to connect and transmit to the wireless network of the
  subject device? [Yes/No]

  Can other devices connect and transmit to the wireless network of the subject device? For example, is the subject device in Bluetooth discovery mode allowing other Bluetooth users to communicate?

  Wireless Coexistence Testing 🔗

  • Coexistence Testing

  Wireless coexistence is the ability of one system to perform a task in a given shared environment where other systems have an ability to perform their tasks and may or may not be using the same set of rules. Reasonable wireless coexistence testing should be performed that is appropriate to the device function, intended use environment, and expected types and numbers of potential interferers. FDA recognizes ANSI IEEE C63.27 and AAMI TIR69 for the evaluation of wireless coexistence.

  Please describe the Functional Wireless Performance (FWP).

  Functional Wireless Performance (FWP) is defined in ANSI C63.27 as: The subset of the total functionality that both uses the wireless capabilities of the Equipment Under Test (EUT) and would result in unacceptable consequences if degraded or disrupted.

  Please describe the pass/fail criteria for the FWP and be sure to clarify how each criterion was
  quantified and measured.

  Examples that are specific to the device FWP could include:

  • The wireless function has a success rate of X%
  • The throughput of the wireless function is above a specific threshold • The latency of the wireless function is below a specific threshold
  • The wireless function can store the data during an interference event and retransmit
    successfully afterwards without user intervention.

  Was the coexistence testing conducted to Tier X (per the risk category chosen above)?[Yes/No]

  AAMI TIR69 recommends following ANSI C63.27 Tiers of evaluation based on the risk level (see CI 5.4 and Annex A).

  Were the Equipment Under Test (EUT) and its companion device both exposed to the
  unintended signal?[Yes/No]

  If both the EUT and its companion are used close to each other, both should be exposed (e.g., insulin pump communicating with a mobile phone using Bluetooth).
  If the EUT can transmit to its companion while used in a different room, the test should expose the EUT and the companion separately (e.g., patient monitor communicating with nurse station using Wi-Fi).

  Was the functional wireless performance (FWP) maintained during the testing? If not, were adequate mitigations provided?[Yes/No]

  It's reasonable that FWP will not be maintained at all times during coexistence testing. At these times, the results of testing should be supplemented with mitigations which might include:

  1. specifying a reasonable separation distance between the EUT/companion and an interfering signal
  2. adjustment of channel/frequency during interference
  3. other design mechanisms (e.g. store and retransmit data for non time critical device communication)

  RF Wireless Labeling 🔗

  Please specifically cite the attachment(s) and page number(s) where the
  wireless specifications are included (QoS, frequency, power, operating
  distance, security).

  Include the exact wireless technology incorporated (e.g., IEEE 802.11 b/g), the operating frequency, the effective range, and the appropriate Quality of Service. Also include information about the specific security recommendations and how to properly setup security to the device user/installer.

  Please specifically cite the attachment(s) and page number(s) where the risks
  and mitigations about wireless use are included (precautions for proximity to
  other wireless products and recommendations for separation distances from
  such products).

  If device degradations were observed during coexistence testing, please
  specifically cite the attachment(s) and page number(s) where the labeling has
  information about how to mitigate this issue. Type "N/A" if not applicable

  If the subject device has problems with an interferer and they cannot coexist, then recommendations to resolve coexistence issues (ie., keep minimum separation distances between the subject device and interferer) should be included in the labeling.

• If both the number of devices/accessories/components that were subjected to EMC testing and the number of wireless functions is zero:

Electrical, Mechanical and Thermal Safety Summary 🔗

Please summarize the Electrical, Mechanical and Thermal Safety Testing of your device, or summarize why testing was not needed. Please ensure any standards cited here are also cited in the Standards subsection within the first part of this template (located after Applicant, Correspondent, and Pre-Submission Correspondence).

Please consult standard IEC 60601-1 Sections 8 - 15 for electrical, mechanical and thermal safety considerations.

EMC, Wireless, & EMT Documentation 🔗

• Please attach the documentation pertaining to the Electromagnetic Compatibility Testing (e.g., EMC test reports/summaries), Safeguards, Wireless Testing, and Electrical, Mechanical and Thermal Testing of your device.

Performance Testing 🔗

Was Bench Testing used in order to support this submission? [Yes/No]

Was Animal Testing used in order to support this submission? [Yes/No]

Was Clinical Testing used in order to support this submission? [Yes/No]

If the determination of substantial equivalence is also based on an assessment of performance data, we
recommend you fill out the text boxes below. If no testing was necessary, state this in the respective field
below. If you choose to use the 510(k) summary produced for you at the end of this template (in the
Administrative Documentation page), you must include this information, in accordance with 21 CFR
807.92(b). The contents of the 510(k) Summary will be made publicly available on the FDA website if your
device is cleared.
THEREFORE, ONLY ENTER NONCONFIDENTIAL INFORMATION IN THE SUMMARY TEXTBOXES
BELOW.

Provide a brief discussion of the nonclinical tests submitted, referenced, or relied on in the 510(k) for a determination of substantial equivalence. If any guidance documents or FDA recognized consensus standards were used/referenced for testing, cite these here.

See 21 CFR 807.92(b) for the regulatory requirements regarding this question.

Resources

• 21 CFR 907.92(b)

Provide a summary discussion of the clinical tests submitted, referenced, or relied on in the 510(k) for a determination of substantial equivalence. This discussion shall include, where applicable, a description of the subjects upon whom the device was tested, a discussion of the safety or effectiveness data obtained from the testing, with specific reference to adverse effects and complications, and any other information from the clinical testing relevant to a determination of substantial equivalence. Refer to the help text for a list of the details we recommend be included regarding the subjects and clinical evidence. If no clinical data were necessary, please type "Not Applicable." (There should not be any patient identifier information in the summary.)

See 21 CFR 807.92(b) for the regulatory requirements regarding this question.

Be sure to include a summary of baseline demographic information and where appropriate, subgroup analyses for sex, gender, age, race, and ethnicity of the subjects.

Resources

• 21 CFR 807.92(b)

State the conclusions drawn from the nonclinical and clinical tests that demonstrate that the device is as safe, as effective, and performs as well as or better than the legally marketed device identified above.

See 21 CFR 807.92(b) for the regulatory requirements regarding this question.

Resources

• 21 CFR 807.92(b)

Guidance and Special Controls Adherence 🔗

In the text box below, please address or provide information demonstrating compliance with any
applicable special controls, requirements in a device specific classification regulation, or adherence to device specific guidance recommendations for the Performance Testing. For each specific special control, regulation, or guidance recommendation applicable to your device: Please list the special control, regulation, or recommendation and cite the attachment(s) and page number(s) where it was addressed. Please use the primary product code you provided in the Classification section above to determine whether a device specific guidance exists for your device. Type “N/A” if no device specific guidance, regulation, or special controls exist for your device type. If you type “N/A,” and special controls, a regulation, or a device specific guidance exists that requests information covered by this review section, the time-line for review of your file may be affected.

If you choose to use an alternative approach in comparison to what is stated in the applicable guidance or special controls, please provide a rationale for this alternative approach below.

References 🔗

Is literature referenced in the submission?

• Yes

References may include legible copies, including translations where applicable, of manuscripts, journal articles, books, etc. This could also include a listing of published non-clinical studies involving the device(s) (e.g. cadaveric evaluations, biomechanical assessments). If clinical data were provided, clinical literature references should be included in the Clinical Testing section above.

• Please add legible reprints or a summary of each article in English.

If your literature references can be viewed online, you may submit their web addresses in the attachment instead of legible reprints.

Please include a discussion of how each article is applicable to support the submission.

• No

Administrative Documentation 🔗

Certain forms may require an Adobe Self-Signed Digital ID. You may alternatively answer questions such that you can attach wet signed scanned forms (e.g., by stating you aren't a responsible party for the applicant). Use the link below for directions, and be sure to choose "New PKCS# 12 Digital ID
File" instead of "Windows Certificate Store" when prompted.

Resources

• Adobe Digital IDs

• General Summary of Submission/Executive Summary

  We recommend that you provide an executive summary of the submission, which should include a concise description of the device, including the indications for use and technology, and a concise summary for any performance testing in the submission. If this is a 510(k), it should also include a comparison to the predicate device(s). Note that FDA considers this summary optional.

The Truthful and Accurate Statement is required for all 510(k) types (21 CFR 807.87(l)). It is a legally
binding statement that provides additional assurance that the data submitted in the 510(k) is truthful and
accurate and that no material fact has been omitted. This statement must be signed by a responsible
person of the applicant company; it cannot be signed by a consultant to the applicant. If you are a
responsible party of the 510(k) owner, this statement will be automatically produced and signed with your
electronic signature (click the Administrative Documentation help text above to learn how to obtain an
electronic signature). Ensure the signature you use to sign this application is for the owner of the 510(k), or,
if you are not a responsible party of the 510(k) owner, attach a Truthful and Accurate statement below.
Weblink: Truthful and Accurate Statement

• Are you a responsible party of the owner for this 510(k) Premarket Notification, and will you
  be electronically signing this application for submission? If you are unable to sign PDF
  documents with a valid electronic signature, choose No.
  • Yes
  • No
    • Please use the link above to download the Truthful and Accurate statement. Please
      have a responsible party of the 510(k) owner print and sign this document, then scan
      and upload this document here.
• Would you like to attach a 510(k) Statement or Summary? If you do not attach a 510(k)
  Statement or Summary, and you provided all of the data necessary to produce a 510(k)
  Summary, then a 510(k) Summary will be produced by this form. If you choose to submit a
  510(k) Summary instead of a 510(k) Statement, be aware that the data provided in the
  510(k) Summary will be publicly available if your 510(k) is cleared. As a result, be sure no
  confidential information is included in the 510(k) Summary. If you choose to submit a 510(k)
  Statement, be aware that you must provide summary information to anyone who requests it.
  • Yes
    • 510(k) Summary or Statement
  • No
• Please attach your User Fee form here. Please be sure to submit your user fee
  payment at least three (3) business days before submitting, to ensure the
  payment is processed and your submission is not placed on user fee hold.

  Directions on completing the MDUFA User Fee form can be found at the MDUFA Cover Sheet website. The standard and small business fees for a premarket submissions are updated annually on or about August 1st. More information about user fees, as well as the cost to submit your submission, can be found at the Medical Device User Fees (MDUFA) website.

  If an accredited Third Party Review Organization (3P510k Review Organization) will be submitting this eSTAR, please attachment a statement stating this here instead of the MDUFA User Fee Form.

  Resources

  • MDUFA Website
  • MDUFA Amendments Website
  • MDUFA Coversheet
  • MDUFA Coversheet Website

• Please enter in the User Fee Payment Identification Number.

  The User Fee Payment ID must adhere to the following format:

  • two letters,

  • followed by 7 numbers.

  If an accredited Third Party Review Organization (3P510k Review Organization) will be submitting this eSTAR, please enter "MD0000000" in this textbox.

Verification 🔗

• If you want to save the data in this eSTAR in XML format, you can click the Export
  Data button to the left. Attachments will not be included in the generated XML file.
• You can import the XML data of another eSTAR into this eSTAR by clicking the Import
  Data button to the left, and choosing the XML file. Attachments will not be imported.
• FOR ADMINISTRATOR USE ONLY

Registration and Listing 🔗

Owners or operators of places of business (also called establishments or facilities) that are involved in the production and distribution of medical devices intended for use in the United States (U.S.) are required to register annually with the FDA. This process is known as establishment registration.

Congress has authorized FDA to collect an annual establishment registration fee for device establishment registrations. A detailed list of all those establishment types that have to pay the registration fee can be found at the Who Must Register, List and Pay the Fee website. There are no reductions in annual establishment registration fees for small businesses or any other group.

Most establishments that are required to register with the FDA are also required to list the devices that are made there and the activities that are performed on those devices. If a device requires premarket approval or notification before being marketed in the U.S., then the owner/operator should also submit the FDA premarket submission number (510(k), De Novo, PMA, PDP, HDE). The owner/operator cannot list the device until the premarket submission has been cleared, granted, or approved to market in the United States.

Registration and listing provides FDA with the location of medical device establishments and the devices manufactured at those establishments. Knowing where devices are made increases the nation's ability to prepare for and respond to public health emergencies.

For details about registering and listing your device, please see the Device Registration and Listing
website. If you encounter an issue or wish to contact us regarding the Electronic Registration and Listing System known as the FDA Unified Registration and Listing System (FURLS)/Device Registration and Listing Module (DRLM), please send an email to reglist@cdrh.fda.gov.

Delivery Directions 🔗

Please submit this eSTAR PDF for review to the Center for Devices and Radiological Health (CDRH) using the CDRH Portal. You do not need to send any documentation in physical form using the postal service.