Product Design & Development: Regulatory and Standards Overview

Photo by smolaw11/iStock / Getty Images

While you’re developing a great new product that’s going to change healthcare globally, concerns about regulatory approval can be overwhelming and cause you to push it off until later.  


Medical device regulations require information to be recorded as you develop; this includes how the design was created, why design decisions were made, and what risks were considered in the process.

Postponing regulatory understanding can be expensive and ultimately delay product approvals and market introduction.

So, how can you quickly make sense of the acronyms and terms to ensure you’re recording the correct information for your product?

Here is a basic outline to get you started.


Regulations are laws that are enacted by a country. They apply only to that country and are not required to be the same throughout (although many countries have similar regulations). Not all countries have medical regulations; however those with larger markets generally do.

Other types of regulations also apply to medical devices and medical device companies. These include material (RoHS, WEEE, and others), import/export (NAFTA and other trade agreements), electrical safety, and financial regulations. 


Standards are developed by private organizations such as the Internationals Standards Organization (ISO), American National Standard Institute (ANSI) and International Electrotechnical Commission (IEC).

Standards are not required unless a country’s regulations bring the standard into scope.  

It can be difficult to identify which standards are in scope and which are not. Standards that are focused on specific products or product features can be an effective way to identify both risks for a design and mitigations (or requirements) that reduce risk to an acceptable level, and are often identified during early risk management activities. Looking for standards that are related to your technology or type of medical treatment is a good start.

Other risk areas such as biocompatibility and electrical safety may apply to your product. Note, also, that there may be multiple versions of a standard (e.g., IEC or ISO). Have an understanding of the standards that are in the scope of your project, as well as closely related standards that are not in scope, is a safe strategy.

Standards often provide guidance on verification methods and suggested sample sizes to show the mitigation. A standard such as IEC 60101-1 for medical electrical equipment basic safety provides information on electrical risks to evaluate your product, mitigations for those risks, and testing methods.

Additional standards that may be useful for products include ISO 10993 for biocompatibility, IEC 60601-1-2 for electromagnetic susceptibility and interference, and IEC 60601-1-11 for home use products. There are collateral and particular IEC 60601 standards for ultrasound, defibrillators, X-ray, physiotherapy, incubators, and many other medical products.

Process Standards

Process standards apply primarily to Quality Management System (QMS) processes and not directly to products. These standards identify requirements for QMS processes; they are not intended to be Quality Management System procedures. 

Examples for process standards include ISO 13485 general quality management system requirements, ISO 14971 for risk management, and IEC 62304 for software development. These are useful for establishing company procedures and for acquiring process certification, such as ISO 13485:2016 required for the EU. 

Be Prepared for Regulatory Inspection

The big takeaway here is that you shouldn’t be relying solely on an ISO certification as evidence that you’re prepared for regulatory inspection or standards qualification.

Know your device’s regulations and approval process well and don’t assume one will cover the other. Prepare in advance to give your product the best chance at approvals and market introduction.