const contentTitle = "R-TF-013-005 Checklist Annex C";
R-TF-013-005 Checklist Annex C
This checklist is based on ISO 14971:2019 Annex C "Questions that can be used to identify medical device characteristics that could impact on safety". It provides a systematic approach to identifying characteristics of Legit.Health Plus that could affect patient, user, or third-party safety.
Document Information
| Field | Value |
|---|---|
| Product Name | Legit.Health Plus |
| Version | 1.1.0.0 |
| Date | January 2025 |
| Standard Reference | ISO 14971:2019 |
Purpose
This checklist addresses Annex C of ISO 14971:2019, which provides questions that can be used during the risk analysis process to identify medical device characteristics that could impact safety. The questions are intended to help identify hazards and hazardous situations in accordance with clause 5.3 of ISO 14971:2019.
C.1 What is the intended use and how is the medical device to be used?
| Question | Applicable | Response |
|---|---|---|
| What is the intended medical indication? | YES | Decision support for dermatological conditions through AI-assisted image analysis. The device provides clinical decision support to healthcare professionals for assessment of skin conditions. |
| What patient population is intended? | YES | Patients with dermatological conditions requiring clinical assessment. No age restrictions; pediatric and adult populations included. |
| What part of the body or type of tissue is involved? | YES | Skin and visible mucous membranes. External imaging only; no internal tissues involved. |
| Who is the intended user? | YES | Healthcare professionals with dermatological training, including dermatologists, general practitioners, nurses, and other qualified healthcare personnel. |
| Where is the device intended to be used? | YES | Clinical settings including hospitals, dermatology clinics, primary care facilities, and via telemedicine platforms. Also suitable for clinical trials and research settings. |
| Is the device intended to contact the patient or other persons? | NO | The device is software-only (SaMD). Physical contact is limited to image capture devices (cameras, smartphones) which are not part of the medical device. |
| What materials or components are utilized, or are contacted by the medical device? | NO | Software-only device. No physical materials contact patients. |
| Is energy delivered to or extracted from the patient? | NO | No energy is delivered to or extracted from patients. The device only processes digital images. |
| Are substances delivered to or extracted from the patient? | NO | No substances are delivered to or extracted from patients. |
| Are biological materials processed by the medical device for subsequent re-use, transfusion or | NO | No biological materials are processed. |
| transplantation? | ||
| Is the medical device supplied sterile or intended to be sterilized by the user? | NO | Not applicable - software-only device. |
| Is the medical device intended to be cleaned and disinfected by the user? | NO | Not applicable - software-only device. |
| Is the medical device intended to modify the patient environment? | NO | The device does not modify the patient environment. |
| Are measurements taken? | YES | The device measures and quantifies dermatological features including lesion characteristics, severity scores (e.g., PASI, SCORAD, UAS), and area measurements. Measurement accuracy is validated per R-TF-012-009. |
| Is the medical device interpretive? | YES | Yes, the device provides AI-based interpretation of dermatological images to support clinical decisions. It provides differential diagnoses, severity scores, and clinical recommendations. Final clinical decisions remain with the healthcare professional. |
| Is the medical device intended for use in conjunction with other devices or medicinal products | YES | The device integrates with hospital information systems (HIS), electronic health records (EHR), and image capture devices. Interoperability requirements are documented in R-TF-012-031 Product requirements specification. |
| Are there unwanted outputs of energy or substances? | NO | No unwanted outputs of energy or substances. |
| Is the medical device susceptible to environmental influences? | YES | As software, the device depends on IT infrastructure (servers, networks). Environmental factors include network connectivity, server availability, and cybersecurity threats. Mitigations documented in R-TF-018-001 Cybersecurity risk management documentation. |
| Does the medical device influence the environment? | NO | The device does not influence the physical environment. |
| Are there essential consumables or accessories associated with the medical device? | NO | No physical consumables. The device requires compatible image capture devices (cameras, smartphones) but these are not medical device accessories. |
| Is maintenance and/or calibration necessary? | YES | Software updates and AI model calibration are performed periodically. Maintenance procedures documented in GP-012 and R-TF-012-005 Design change control. |
| Does the medical device contain software? | YES | The device is entirely software-based (SaMD Class IIa). Software lifecycle managed per IEC 62304 and documented in R-TF-012-006 Life cycle plan and report. |
| Does the medical device have a restricted shelf life? | NO | Software does not have a physical shelf life. Version support periods are defined in product documentation. |
| Are there any delayed and/or long-term use effects? | YES | Potential delayed effects relate to clinical decisions made based on device output. Misdiagnosis or delayed diagnosis could affect patient outcomes. Mitigated through clear intended use limitations and professional-only use. |
| To what mechanical forces will the medical device be subjected? | NO | Not applicable - software-only device. |
| What determines the lifetime of the medical device? | YES | Software version lifecycle, technology obsolescence, and continued compliance with evolving regulatory requirements. Version support documented in R-TF-012-012. |
| Is the medical device intended for single use? | NO | The device is intended for repeated use by authorized healthcare professionals. |
| Is safe decommissioning or disposal of the medical device necessary? | YES | Data protection requirements apply to decommissioning. Patient data must be securely deleted per GP-050 Data Protection. No environmental disposal concerns for software. |
| Does installation or use of the medical device require special training? | YES | User training is required as documented in R-TF-001-006 IFU. Training covers proper image capture, interpretation of results, and understanding of device limitations. |
| How will information for safe use be provided? | YES | Instructions for Use (R-TF-001-006), labels (R-TF-001-008), in-app guidance, online help documentation, and user training materials. |
| Will new manufacturing processes need to be established? | NO | Standard software development processes apply. Manufacturing (deployment) processes are established per GP-012. |
| Is successful application of the medical device critically dependent on human factors? | YES | Critical dependencies include: proper image capture technique, understanding of device limitations, appropriate clinical context interpretation, and integration into clinical workflow. Human factors addressed in R-TF-012-007/008 Formative evaluation. |
| Does the medical device use an alarm system? | NO | No alarm system. The device provides clinical decision support information, not time-critical alerts. |
| In what ways might the medical device be deliberately misused? | YES | Potential misuse includes: use by unqualified persons, use outside intended clinical settings, over-reliance on AI without clinical judgment, use for conditions outside intended use. Mitigations documented in R-TF-013-002. |
| Does the medical device hold data critical to patient care? | YES | The device processes and may store clinical images and assessment data. Data integrity and availability are critical. Addressed in cybersecurity documentation R-TF-018-001. |
| Is the medical device intended to be mobile or portable? | YES | The software can be accessed via mobile devices and tablets. Mobile use considerations addressed in usability documentation. |
| Does the use of the medical device involve medicinal products? | NO | The device does not directly involve medicinal products, though it may inform treatment decisions. |
C.2 Is the medical device intended to be implanted?
| Question | Applicable | Response |
|---|---|---|
| Is the medical device implantable? | NO | Not applicable - software-only device (SaMD). |
| All implant-related questions (C.2.1+) | NO | Not applicable. |
C.3 Is the medical device intended to contact the patient or other persons?
| Question | Applicable | Response |
|---|---|---|
| Does the device contact the patient? | NO | Software-only device. No physical contact with patients. |
| All contact-related questions (C.3.1+) | NO | Not applicable. |
| Biocompatibility considerations | NO | Not applicable - no patient contact. |
| Surface temperature considerations | NO | Not applicable. |
| Moving parts, sharp edges, etc. | NO | Not applicable. |
| Pressure, flow rate, heat considerations | NO | Not applicable. |
| Noise, vibration considerations | NO | Not applicable. |
| Electrical/electronic component considerations | NO | Not applicable - software does not include hardware. IT infrastructure managed by user organization. |
| Electromagnetic compatibility | NO | Not applicable at device level. IT infrastructure EMC is responsibility of user organization. |
| Ionizing radiation | NO | No ionizing radiation involved. |
| Thermal energy considerations | NO | Not applicable. |
| User interface ergonomics | YES | User interface design follows usability engineering per IEC 62366-1. Documented in R-TF-012-007/008/014/015. |
C.4 What materials and components are utilized in the medical device?
| Question | Applicable | Response |
|---|---|---|
| Are materials/components in contact with patients? | NO | Software-only device. |
| Substance compatibility considerations | NO | Not applicable. |
| Biological materials of animal origin | NO | Not applicable. |
| Biological materials of human origin | NO | Not applicable. |
| Reprocessing considerations | NO | Not applicable. |
| Third-party software components (SOUP) | YES | Software of Unknown Provenance is managed per IEC 62304. SOUP list maintained in R-TF-012-006-SOUP. |
| Data integrity and cybersecurity | YES | Addressed in R-TF-018-001 Cybersecurity risk management documentation and GP-051 Security incidents. |
C.5 Can the medical device be adversely affected by environmental conditions?
| Question | Applicable | Response |
|---|---|---|
| Is the device sensitive to temperature? | NO | Software operates within standard IT infrastructure parameters. Server environmental controls are user responsibility. |
| Is the device sensitive to humidity? | NO | Not applicable at software level. |
| Is the device sensitive to electromagnetic fields? | NO | Software is not directly sensitive. IT infrastructure EMC is user organization responsibility. |
| Is the device sensitive to power supply variations? | YES | System availability depends on power to IT infrastructure. Mitigation: cloud-based architecture with redundancy. Documented in R-TF-018-001. |
| Is the device sensitive to network connectivity? | YES | Device requires network connectivity. Mitigations include offline capabilities where applicable and clear user guidance. Documented in R-TF-012-031 and IFU. |
| Is the device sensitive to cybersecurity threats? | YES | Cybersecurity is a significant consideration. Comprehensive cybersecurity controls documented in R-TF-018-001, R-TF-018-002, and R-TF-018-003. |
| Is the device sensitive to software compatibility? | YES | Browser and operating system compatibility requirements documented in R-TF-012-031 Product requirements specification and tested per R-TF-012-034. |
C.6 How does the medical device interface with other medical devices or systems?
| Question | Applicable | Response |
|---|---|---|
| Does the device interface with other devices? | YES | Interfaces with EHR/HIS systems, image capture devices, and laboratory systems where applicable. |
| Data exchange protocols | YES | Uses standard healthcare data formats (HL7 FHIR, DICOM where applicable). Interoperability documented in R-TF-012-031. |
| Integration testing | YES | Integration testing performed per R-TF-012-034 Software Test Description. |
| Risk from connected systems | YES | Risks from connected systems assessed in R-TF-013-002. Includes data integrity, availability, and cybersecurity considerations. |
Summary
| Category | Total Questions | Applicable | Not Applicable |
|---|---|---|---|
| C.1 Intended use and device use | 32 | 18 | 14 |
| C.2 Implantable devices | 2 | 0 | 2 |
| C.3 Patient/person contact | 13 | 1 | 12 |
| C.4 Materials and components | 7 | 2 | 5 |
| C.5 Environmental conditions | 7 | 4 | 3 |
| C.6 Interface with other devices/systems | 4 | 4 | 0 |
| Total | 65 | 29 | 36 |
Conclusion
This checklist has been completed in accordance with ISO 14971:2019 Annex C to identify characteristics of Legit.Health Plus that could impact safety. The applicable questions have been addressed with corresponding evidence and documentation references.
Key findings:
- As a Software as a Medical Device (SaMD), many hardware-related questions (implants, patient contact, materials) are not applicable
- Critical safety considerations for this device relate to:
- Software reliability: Addressed through IEC 62304 compliance
- Cybersecurity: Comprehensive cybersecurity risk management per R-TF-018-001
- Human factors: Usability engineering per IEC 62366-1
- Data integrity: Data protection measures per GP-050
- Clinical decision support risks: Proper labeling of intended use and limitations
The hazards and hazardous situations identified through this analysis are documented in R-TF-013-002 Risk management record and assessed according to the risk management process defined in GP-013 Risk management.
Record Signature Meaning
- Author: JD-004
- Reviewer: JD-003
- Approval: JD-005
Signature meaning
The signatures for the approval process of this document can be found in the verified commits at the repository for the QMS. As a reference, the team members who are expected to participate in this document and their roles in the approval process, as defined in Annex I Responsibility Matrix of the GP-001, are:
- Author: Team members involved
- Reviewer: JD-003 Design & Development Manager, JD-004 Quality Manager & PRRC
- Approver: JD-001 General Manager