IEC TR 60601-4-1:2017

IEC TR 60601-4-1
Edition 1.0 2017-05
TECHNICAL
REPORT
colour
inside
Medical electrical equipment –
Part 4-1: Guidance and interpretation – Medical electrical equipment and medical
electrical systems employing a degree of autonomy
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC
copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or
your local IEC member National Committee for further information.

IEC Central Office Tel.: +41 22 919 02 11
3, rue de Varembé Fax: +41 22 919 03 00
CH-1211 Geneva 20 info@iec.ch
Switzerland www.iec.ch
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.

About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigenda or an amendment might have been published.

IEC Catalogue - webstore.iec.ch/catalogue Electropedia - www.electropedia.org
The stand-alone application for consulting the entire The world's leading online dictionary of electronic and
bi bliographical information on IEC International Standards, electrical terms containing 20 000 terms and definitions in
Technical Specifications, Technical Reports and other English and French, with equivalent terms in 16 additional

documents. Available for PC, Mac OS, Android Tablets and languages. Also known as the International Electrotechnical
iPad. Vocabulary (IEV) online.

IEC publications search - www.iec.ch/searchpub IEC Glossary - std.iec.ch/glossary
The advanced search enables to find IEC publications by a 65 000 electrotechnical terminology entries in English and
variety of criteria (reference number, text, technical French extracted from the Terms and Definitions clause of
committee,…). It also gives information on projects, replaced IEC publications issued since 2002. Some entries have been
and withdrawn publications. collected from earlier publications of IEC TC 37, 77, 86 and

CISPR.
IEC Just Published - webstore.iec.ch/justpublished

Stay up to date on all new IEC publications. Just Published IEC Customer Service Centre - webstore.iec.ch/csc
details all new publications released. Available online and If you wish to give us your feedback on this publication or
also once a month by email. need further assistance, please contact the Customer Service
Centre: csc@iec.ch.
IEC TR 60601-4-1
Edition 1.0 2017-05
TECHNICAL
REPORT
colour
inside
Medical electrical equipment –

Part 4-1: Guidance and interpretation – Medical electrical equipment and medical

electrical systems employing a degree of autonomy

INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
ICS 11.040.01 ISBN 978-2-8322-4329-9

– 2 – IEC TR 60601-4-1:2017  IEC 2017
CONTENTS
FOREWORD . 5
INTRODUCTION . 7
1 Scope . 9
2 Normative references . 9
3 Terms and definitions . 10
4 DEGREE OF AUTONOMY (DOA) . 17
4.1 Introduction to DEGREE OF AUTONOMY . 17
4.2 Methodology to determine DEGREE OF AUTONOMY . 17
4.3 Relationship between DOA and RISK . 18
5 PROCESS STANDARDS supporting DOA . 18
5.1 General . 18
5.2 RISK MANAGEMENT PROCESS . 19
5.2.1 Defining INTENDED USE . 19
5.2.2 INTENDED USE and characteristics related to SAFETY . 19
5.3 RISK CONTROL . 20
5.3.1 General . 20
5.3.2 RISK CONTROL hierarchy . 21
5.4 USABILITY engineering considerations for MEE or MES having a higher DOA . 22
5.4.1 General . 22
5.4.2 OPERATOR situation awareness . 22
5.4.3 OPERATOR reaction time . 23
5.4.4 OPERATOR sensory input and response . 23
5.4.5 Detectability by OPERATOR of malfunction or errors of MEE or MES with a
higher DOA . 23
5.5 PROGRAMMABLE ELECTRICAL MEDICAL SYSTEMS (PEMS) and software
development LIFE CYCLE (IEC 62304) . 23
5.6 Application of RISK MANAGEMENT for IT-networks incorporating medical
devices . 24
6 BASIC SAFETY and ESSENTIAL PERFORMANCE related to DOA . 25
6.1 GENERAL . 25
6.2 BASIC SAFETY related to DOA . 25
6.3 ESSENTIAL PERFORMANCE related to DOA . 26
Annex A (informative) Rationale for defining the AUTOMATIC, AUTONOMY and DOA
framework and the distinction between a MEDICAL ROBOT and other MEE or MES . 28
A.1 General . 28
A.2 Existing definitions and limitations . 28
A.3 New approaches . 29
A.4 Definition of MONITOR – GENERATE – SELECT – EXECUTE . 30
A.5 Approaches to define ROBOT and MEDICAL ROBOT . 31
A.6 Conclusions . 31
Annex B (informative) DOA and relevant terms used in MEE standards. 32
B.1 General . 32
B.2 Procedure . 32
B.3 Results . 32
B.3.1 Summary . 32
B.3.2 Tables . 33
Annex C (informative) Exemplar methods for classifying DEGREE OF AUTONOMY . 42

C.1 Descriptive method . 42
C.2 Binary method . 43
C.3 Weighted method . 44
Annex D (informative) Examples of introducing DOA to MEE/MES . 50
D.1 General . 50
D.2 Example 1 – Lower extremity exoskeleton . 50
D.2.1 Description of the medical procedures . 50
D.2.2 DOA classification method . 50
D.2.3 Effect of DOA on the RISK MANAGEMENT PROCESS . 52
D.3 Example 2 – Orthopaedic MEE/MES/MEDICAL ROBOT for reshaping bone . 54
D.3.1 Description of the medical procedures . 54
D.3.2 DOA classification method . 54
D.3.3 Effect of DOA on the RISK MANAGEMENT PROCESS . 55
D.3.4 Summary and conclusions . 55
D.4 Example 3 – Instrument exchange on robotically-assisted surgical equipment . 55
D.4.1 Description of the medical procedures . 55
D.4.2 DOA classification method . 56
D.4.3 Effect of DOA on the RISK MANAGEMENT PROCESS . 56
D.4.4 Summary and conclusions . 57
D.5 Example 4 – Master–slave robotically-assisted surgical equipment . 57
D.5.1 Description of the medical procedures . 57
D.5.2 DOA classification method . 58
D.5.3 Effect of DOA on RISK MANAGEMENT PROCESS . 58
D.5.4 Summary and conclusions . 58
D.6 Example 5 – Image-guided radiotherapy equipment . 58
D.6.1 Description of the medical procedures . 58
D.6.2 DOA classification method . 59
D.6.3 RISK ANALYSIS for each level of DOA . 61
D.6.4 Effect of DOA on the RISK MANAGEMENT PROCESS . 61
D.6.5 Summary and conclusions . 61
D.7 Example 6 – Automated external defibrillator (AED) . 62
D.7.1 Description of the medical procedures . 62
D.7.2 DOA classification method . 63
D.7.3 Effect of DOA on the RISK MANAGEMENT PROCESS . 64
D.7.4 Summary and conclusions . 64
Annex E (informative) PATIENT SAFETY characteristics to be taken into account during
RISK MANAGEMENT for MEE or MES employing DOA . 65
E.1 Types of PATIENTS . 65
E.2 Additional attention for child (PATIENT) SAFETY . 65
E.3 PATIENT abilities and variability of physiological signals . 66
E.3.1 ISO/IEC Guide 71 . 66
E.3.2 Changing need and abilities of PATIENTS . 66
E.3.3 PATIENT’S sensory abilities . 66
E.3.4 PATIENT’S PHYSICAL ABILITIES . 67
E.3.5 PATIENT’S COGNITIVE ABILITIES . 67
E.3.6 PATIENT ALLERGIES . 67
ANNEX F (informative) PHYSIOLOGIC CLOSED-LOOP CONTROL SYSTEM AND DOA . 69
Annex G (informative) Examples of distributed ESSENTIAL PERFORMANCE . 72
Bibliography . 75

– 4 – IEC TR 60601-4-1:2017  IEC 2017

Figure 1 – Basic model of interoperability of MEE in an MES (Order of execution: 1 to 3) . 25
Figure A.1 – ALFUS approach applied to MEE or MES applications . 30
Figure C.1 – Application of weighted method to the “MONITOR” TASK . 45
Figure C.2 – Application of weighted method to “GENERATE OPTIONS” . 46
Figure C.3 – Application of weighted method to “SELECT OPTION” TASK . 47
Figure C.4 – Application of weighted method to the “EXECUTE” TASK . 48
Figure F.1 – Functional diagram indicating typical components of a PHYSIOLOGIC
CLOSED-LOOP CONTROL SYSTEM (PCLCS) utilizing a PCLC . 69
Figure F.2 – Examples of introducing DOA into the MONITORING TASK via PCLCS . 70
Figure F.3 – Examples of introducing DOA into the GENERATING TASK via PCLCS . 70
Figure F.4 – Examples of introducing DOA into the SELECTION TASK via PCLCS . 70
Figure F.5 – Examples of introducing DOA into the EXECUTION TASK via PCLCS . 71

Table 1 – Examples of ESSENTIAL PERFORMANCE of MEE or MES with a DOA . 27
Table B.1 – List of terms that indicate the use of AUTONOMY . 33
Table B.2 – List of reviewed standards – sorted by standard number (1 of 4) . 34
Table B.3 – List of identified inconsistencies in reviewed standards (1 of 2) . 40
Table C.1 – Descriptive classification of DOA . 43
Table C.2 – Binary classification of DOA . 44
Table D.1 – Example 1 – Effect of DOA on the RISK MANAGEMENT PROCESS . 52
Table D.2 – Example 1 – Physical and cognitive capability of individual and CLINICAL
FUNCTION needed . 52
Table D.3 – Example 1 – Sub-function TASK example . 53
Table D.4 – Example 2 – Effect of DOA on the RISK MANAGEMENT PROCESS . 55
Table D.5 – Example 3 – Comparison of instrument exchange design implementations . 57
Table D.6 – Example 3 – Effect of DOA on the RISK MANAGEMENT PROCESS . 57
Table D.7 – Example 4 – Effect of DOA on the RISK MANAGEMENT PROCESS . 58
Table D.8 – Example 5 – Descriptive classification of DOA for IGRT MEE . 60
Table D.9 – Example 5 – Binary classification of DOA for IGRT MEE . 60
Table D.10 – Example 5 – Effect of DOA on the RISK MANAGEMENT PROCESS . 62
Table D.11 – Example 6 – Descriptive method classification of DOA in external
defibrillators . 63
Table D.12 – Example 6 – Effect of DOA on the RISK MANAGEMENT PROCESS . 64
Table G.1 – Examples of distributed ESSENTIAL PERFORMANCE (1 of 3) . 72

INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
MEDICAL ELECTRICAL EQUIPMENT –

Part 4-1: Guidance and interpretation –
Medical electrical equipment and medical
electrical systems employing a degree of autonomy

FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote
international co-operation on all questions concerning standardization in the electrical and electronic fields. To
this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,
Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC
Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested
in the subject dealt with may participate in this preparatory work. International, governmental and non-
governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely
with the International Organization for Standardization (ISO) in accordance with conditions determined by
agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence
between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in
the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC
Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of
patent rights. IEC shall not be held responsible for identifying any or all such patent rights.
The main task of IEC technical committees is to prepare International Standards. However, a
technical committee may propose the publication of a technical report when it has collected
data of a different kind from that which is normally published as an International Standard, for
example "state of the art".
IEC 60601-4-1, which is a technical report, has been prepared by a Joint Working Group of
IEC subcommittee 62A: Common aspects of electrical equipment used in medical practice, of
IEC technical committee 62: Electrical equipment in medical practice, and ISO technical
committee 299: Robotics.
It is published as a double logo standard.

– 6 – IEC TR 60601-4-1:2017 © IEC 2017
The text of this technical report is based on the following documents:
Enquiry draft Report on voting
62A/1099/DTR 62A/1129A/RVDTR
Full information on the voting for the approval of this technical report can be found in the
report on voting indicated in the above table.
This document has been drafted in accordance with the ISO/IEC Directives, Part 2.
In this technical report, the following print types are used:
– recommendations and definitions: roman type.
– test instructions: italic type.
– informative material appearing outside of tables, such as notes, examples and references: in smaller type.
Normative text of tables is also in a smaller type.
– TERMS DEFINED IN CLAUSE 3 OF THIS TECHNICAL REPORT OR AS NOTED: SMALL CAPITALS.
A list of all parts of the IEC 60601 series, published under the general title Medical electrical
equipment, can be found on the IEC website.
The committee has decided that the contents of this document will remain unchanged until the
stability date indicated on the IEC website under "http://webstore.iec.ch" in the data related to
the specific document. At this date, the document will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.
A bilingual version of this publication may be issued at a later date.

IMPORTANT – The 'colour inside' logo on the cover page of this publication indicates
that it contains colours which are considered to be useful for the correct
understanding of its contents. Users should therefore print this document using a
colour printer.
INTRODUCTION
This Technical Report is the result of work that began in ISO/TC 184/SC 2/WG 7 in October
2006 on personal care ROBOTS, to address an emerging type of ROBOT that was used outside
of an industrial environment. That group was working on a new standard, ISO 13482, which
was published as an International Standard (IS) in 2014. While initially focused on non-
medical applications, WG 7 recognized that work was likely to be needed on medical devices
utilizing robotic technology. In September 2009, ISO/TC 184/SC 2 established a WG 7, Study
Group (SG) on Medical care robots, comprised of experts from Canada, France, Germany,
Japan, Korea, Romania, Switzerland, UK and USA.

The work of ISO/TC 184/SC 2/WG 7 SG cumulated in a proposal to form a Joint Working
Group with IEC/SC 62A to develop general requirements and guidance related to the SAFETY
of MEDICAL ELECTRICAL EQUIPMENT and MEDICAL ELECTRICAL SYSTEMS that utilize robotic
technology. The work would include medical applications (including aids for the disabled)
covering invasive and non-invasive procedures such as surgery, rehabilitation therapy,
imaging and other ROBOTS for medical diagnosis and treatment. The proposal was approved,
resulting in the formation of Joint Working Group (JWG) 9 (Medical electrical equipment and
systems using robotic technology) and the first meeting was held in Los Angeles in June
2011.
JWG 9 examined the definition of a ROBOT from ISO 8373:2012 (which was later modified to a
“programmed actuated mechanism with a DEGREE OF AUTONOMY (DOA), moving within its
environment, to perform intended TASKS”) and AUTONOMY (the “ability to perform intended
TASKS based on current state and sensing, without human intervention”). It was recognized by
JWG 9 that these definitions could need further refinement to establish the appropriate
boundaries for future standardisation work. AUTONOMY and DEGREE OF AUTONOMY (DOA) were
felt to be key ingredients in distinguishing a “MEDICAL ROBOT” from other types of MEDICAL
ELECTRICAL EQUIPMENT and MEDICAL ELECTRICAL SYSTEMs.
However, JWG 9 came to realize that there are currently standardized MEDICAL ELECTRICAL
EQUIPMENT and MEDICAL ELECTRICAL SYSTEMS that exhibit a DOA. Therefore, DOA by itself is not
a unique characteristic of a MEDICAL ROBOT. This can be stated more clearly as follows:
– not all MEDICAL ELECTRICAL EQUIPMENT and MEDICAL ELECTRICAL SYSTEMS that exhibit a DOA
are MEDICAL ROBOTS; but
– all MEDICAL ROBOTS exhibit a DOA.
Hence a MEDICAL ROBOT can be a MEDICAL ELECTRICAL EQUIPMENT or part of a MEDICAL
ELECTRICAL SYSTEM, but not all MEDICAL ELECTRICAL EQUIPMENT are MEDICAL ROBOTS.
NOTE The majority of existing MEDICAL ELECTRICAL EQUIPMENT are not considered as MEDICAL ROBOTs.
The MANUFACTURER states clearly the type of MEDICAL ELECTRICAL EQUIPMENT and MEDICAL
ELECTRICAL SYSTEM through the INTENDED USE of their product. For this INTENDED USE, a
definition of MEDICAL ROBOT would be helpful to have a common understanding if this MEDICAL
ELECTRICAL EQUIPMENT or MEDICAL ELECTRICAL SYSTEM can be tagged as a MEDICAL ROBOT
MEDICAL ROBOT system. The definition of MEDICAL ROBOT is therefore helpful to
equipment or
distinguish if the MEDICAL ELECTRICAL EQUIPMENT or MEDICAL ELECTRICAL SYSTEM is a MEDICAL
ROBOT and the INTENDED USE as indicated by the MANUFACTURER. This distinction is clarified in
Annex A.
DOA is normally considered for adoption into MEDICAL ELECTRICAL EQUIPMENT and MEDICAL
ELECTRICAL SYSTEMS for the following reasons:
– DOA could give benefits to CLINICAL FUNCTION outcomes;
___________
1)
ISO TC 184/SC 2 was reformed to ISO TC 299 in January 2016.

– 8 – IEC TR 60601-4-1:2017  IEC 2017
– DOA could give economic value to MEDICAL ELECTRICAL EQUIPMENT;
– DOA could improve the consistency of medical procedures;
– DOA could handle more complex data;
– DOA could lead to faster reaction times;
– DOA could optimise medical procedure times or duration;
– DOA could make it easier to integrate MEDICAL ELECTRICAL SYSTEMS;
– DOA could decrease the overall level of RISK; and
– DOA could change the role of an OPERATOR to a more supervisory than active (hands on)
function.
In order to progress the work of JWG 9, it was agreed to focus on the IEC 60601-1 standard
family and see how specific clauses could be extended to cover the additional DOA issues in a
possible new Technical Report once fully developed. JWG 9 looked at existing MEDICAL
ELECTRICAL EQUIPMENT and MEDICAL ELECTRICAL SYSTEMS that had characteristics of a ROBOT
based on the definition, and investigated the suitability of the existing standards to address
the HAZARDS associated with their use. As a result of this investigation, it was acknowledged
that IEC 60601 (all parts), ISO 14971, IEC 62366-1 and IEC 62304 provide appropriate
general requirements and guidance on how to address the HAZARDS; however, emerging
functionality associated with increased DOA on MEDICAL ELECTRICAL EQUIPMENT and MEDICAL
ELECTRICAL SYSTEMS, whether a ROBOT or not, could result in situations where BASIC SAFETY
and ESSENTIAL PERFORMANCE are considered again by the MANUFACTURER.
Current MEDICAL ELECTRICAL EQUIPMENT standards do not fully address higher DOA modes of
operation, and this document is intended to provide guidance for MANUFACTURERS and others
in this field on how DOA could be introduced into MEDICAL ELECTRICAL EQUIPMENT and MEDICAL
ELECTRICAL SYSTEMS. Incorporation of higher levels of AUTONOMY in MEDICAL ELECTRICAL
EQUIPMENT and MEDICAL ELECTRICAL SYSTEMS is still new and rapidly evolving, and at the time
of writing this document does not lend itself to general standardization.
The importance of understanding DOA can be illustrated by examining its effects in other
industries. The airline industry is one example in which increasing DOA has often been
implemented as a RISK CONTROL measure. However, there are numerous examples in the
airline industry in which increased DOA was found to have been a major contributor to a fatal
accident [70]. To avoid similar mistakes in the field of MEDICAL ELECTRICAL EQUIPMENT and
MEDICAL ELECTRICAL SYSTEMS, MANUFACTURERS learn from these other fields and not only
characterize DOA but also understand its potential for unintentionally increasing RISK.
It is important to point out that this IEC document is an informative document as are all IEC
Technical Reports (ISO/IEC Guide 2 [61]). The concept and approach stated in the STATE OF
are not intended to be addressed through this informative document. This document
THE ART
is not used as a normative requirement as per the claimed STATE OF THE ART by any country or
community. This document is an informative document, which is intended to provide existing
and future designers of MEDICAL ELECTRICAL EQUIPMENT or MEDICAL ELECTRICAL SYSTEMS some
guidance and direction concerning the adoption of DOA. This document is not applicable as a
base for a testing procedure or writing a test protocol template.

___________
Numbers in square brackets refer to the bibliography.

MEDICAL ELECTRICAL EQUIPMENT –

Part 4-1: Guidance and interpretation –
Medical electrical equipment and medical
electrical systems employing a degree of autonomy

1 Scope
This Part of IEC 60601 is intended to help a MANUFACTURER through the key decisions and
steps to be taken to perform a detailed RISK MANAGEMENT and USABILITY ENGINEERING
PROCESSES for MEDICAL ELECTRICAL EQUIPMENT or a MEDICAL ELECTRICAL SYSTEM, hereafter
referred to as MEE or MES, employing a DEGREE OF AUTONOMY (DOA).
This document provides a definition of DOA of MEE or MES and a MEDICAL ROBOT, and also
provides guidance on:
– methodologies to perform the RISK MANAGEMENT PROCESS and USABILITY ENGINEERING for an
MEE or MES with a DOA;
– considerations of BASIC SAFETY and ESSENTIAL PERFORMANCE for an MEE and MES with a
DOA; and
– identifying the use of DOA, and similar concepts in existing ISO/IEC standards dealing with
MEE or MES with the goal to facilitate alignment of standards by consistent use of the
concept of DOA; and
– distinguishing between MEDICAL ROBOTS, and other MEE and MES.
Unless specified otherwise, this document considers MEE and MES together.
The MANUFACTURER of an MEE or MES with a DOA is expected to design and manufacture an
MEE or MES that fulfils its INTENDED USE and does not have unacceptable RISK throughout its
LIFE-CYCLE.
This document provides guidance to help the MANUFACTURER in complying with the
requirements of IEC 60601-1:2005 and IEC 60601-1:2005/AMD1:2012 for MEE and MES with
DOA. The document is also intended as guidance for future standard writers.
There are no prerequisites to this document.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their
content constitutes requirements of this document. For dated references, only the edition
cited applies. For undated references, the latest edition of the referenced document (including
any amendments) applies.
IEC 60601-1:2005, Medical electrical equipment – Part 1: General requirements for basic
safety and essential performance
IEC 60601-1:2005/AMD1:2012
___________
There exists a consolidated edition 3.1, including IEC 60601-1:2005 and its Amendment 1:2012.

– 10 – IEC TR 60601-4-1:2017  IEC 2017
IEC 62304:2006, Medical device software – Software life cycle processes
IEC 62304:2006/AMD1:2015
IEC 62366-1:2015, Medical devices – Part 1: Application of usability engineering to medical
devices
IEC 80001-1:2010, Application of risk management for IT-networks incorporating medical
devices – Part 1: Roles, responsibilities and activities
ISO 14971:2007, Medical devices – Application of risk management to medical devices
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminological databases for use in standardization at the following
addresses:
• IEC Electropedia: available at http://www.electropedia.org/
• ISO Online browsing platform: available at http://www.iso.org/obp.
3.1
APPLIED PART
part of MEE that in normal use necessarily comes into physical contact with the PATIENT for
MEE or an MES to perform its function
Note 1 to entry: See Figure 3, Figure 4 and Figure A.1 to Figure A.7 (inclusive) [of IEC 60601-1:2005].
Note 2 to entry: See also 4.6 [of IEC 60601-1/AMD1:2012] regarding the treatment of parts that do not fall within
the definition of APPLIED PARTS but need to be treated as APPLIED PARTS as a result of applying the RISK
MANAGEMENT PROCESS.
Note 3 to entry: See also 3.78 [of IEC 60601-1:2005] for the definition of the associated term “PATIENT
CONNECTION”.
[SOURCE: IEC 60601-1:2005, 3.8]
3.2
AUTOMATIC
referring to capabilities that, under specified conditions, function without OPERATOR
intervention
Note 1 to entry: Some, but not all MEE and MES have functions with certain DOA stated as AUTOMATIC. Because of
possible confusion, it is recommended that the term AUTOMATIC not be used when referring to DOA of MEE or MES.
Note 2 to entry: Definition derived from IEC 62443-3-3:2013, 3.1.7.
3.3
AUTONOMOUS
having full AUTONOMY
Note 1 to entry: The term AUTONOMOUS in common language has been used to indicate ‘having high DOA’ without
specifying what degree is ‘high’. It is recommended that the term AUTONOMOUS be used carefully.
Note 2 to entry: This definition of the term AUTONOMOUS was developed taking into account the definition in
IEC TR 61850-90-7:2013, 3.1. The rationale for the modification is given in Clause A.2.
___________
There exists a consolidated edition 1.1, including IEC 62304:2006 and its Amendment 1:2015.

3.4
AUTONOMY
capacity to MONITOR, GENERATE, SELECT and EXECUTE to perform a CLINICAL FUNCTION with no
or limited OPERATOR intervention
Note 1 to entry: The term AUTONOMY in common language has been used to indicate ‘null DOA’ or ‘full DOA’ without
allowing intermediate capability. It is recommended that the term AUTONOMY be used carefully, and whenever
possible, to use the term DOA instead.
Note 2 to entry: The terms ‘null (no, zero) AUTONOMY’ and ‘full AUTONOMY’ can be used to mean ‘null DOA’ and ‘full
DOA’ without confusion.
Note 3 to entry: This definition of the term AUTONOMY was developed taking into account the definition in
ISO 8373:2012, 2.2. The rationale for the modification is given in Clause A.2.
3.5
BASIC SAFETY
freedom from unacceptable RISK directly caused by physical HAZARDS when MEE is used under
NORMAL CONDITION and SINGLE FAULT CONDITION
[SOURCE: IEC 60601-1:2005, 3.10]
3.6
CLINICAL FUNCTION
medical operation that the MEE or MES is intended to perform
Note 1 to entry: CLINICAL FUNCTION is generally a subset of the INTENDED USE of the MEE or MES related to the
PATIENT.
3.7
DEGREE OF AUTONOMY
DOA
taxonomy based on the properties and capabilities of the MEE or MES related to AUTONOMY
3.8
ESSENTIAL PERFORMANCE
performance of a CLINICAL FUNCTION, other than that related to BASIC SAFETY, where loss or
degradation beyond the limits specified by the MANUFACTURER results in an unacceptable RISK
[SOURCE: IEC 60601-1:2005/AMD1:2012, 3.27, modified – Note deleted]
3.9
EXECUTE, verb
carry out the selected OPTION
Note 1 to entry: Derived from Kaber and Endsley [70], which originally used ‘implementing’ instead of EXECUTE.
3.10
EXPECTED SERVICE LIFE
time period specified by the MANUFACTURER during which the ME EQUIPMENT or ME SYSTEM is
expected to remain safe for use (i.e. maintain BASIC SAFETY and ESSENTIAL PERFORMANCE)
Note 1 to entry: Maintenance can be necessary during the EXPECTED SERVICE LIFE.
[SOURCE: IEC 60601-1/AMD1:2012, 3.28]
3.11
GENERATE, verb
to formulate possible OPTIONS, based on the result of the MONITOR TASK, for achieving
predefined goals
– 12 – IEC TR 60601-4-1:2017  IEC 2017

Note 1 to entry: Derived from Kaber and Endsley [70], which defined the term as 'formulating options or TASK
strategies for achieving goals'.
3.12
HARM
physical injury or damage to the health of people or animals, or damage to property or the
environment
[SOURCE: IEC 60601-1:2005/AMD1:2012, 3.38]
3.13
HAZARD
potential source of HARM
[SOURCE: IEC 60601-1:2005/AMD1:2012, 3.39]
3.14
HAZARDOUS SITUATION
circumstance in which people, property, or the environment are exposed to one or more
HAZARD(S)
[SOURCE: IEC 60601-1:2005/AMD1:2012, 3.40]
3.15
INTENDED USE
use for which a product, PROCESS or service is intended according to the specifications,
instructions and information provided by the MANUFACTURER
[SOURCE: IEC 60601-1:2005/AMD1:2012, 3.44, modified – Deletion of the term "INTENDED
PURPOSE".]
3.16
LIFE-CYCLE
all phases in the life of a MEE or MES, from the initial conception to final decommissioning and
disposal
[SOURCE: ISO 14971:2007, 2.7, modified – "Medical device" replaced by "MEE or MES".]
3.17
MANUFACTURER
natural or legal person with responsibility for the design, manufacture, packaging, or labelling
of MEE, assembling an MES, or adapting MEE or an MES, regardless of whether these
operations are performed by that person or on that person's behalf by a third party
[SOURCE: IEC 60601-1:2005/AMD1:2012, 3.55]
3.18
MEDICAL ELECTRICAL EQUIPMENT
MEE
electrical equipment having an APPLIED PART or transferring energy to or from the PATIENT or
detecting such energy transfer to or from the PATIENT and which is:
a) provided with not more than one connection to a particular SUPPLY MAINS; and
b) intended by its MANUFACTURER to be used:
1) in the diagnosis, treatment, or monitoring of a PATIENT; or
2) for compensation or alleviation of disease, injury or disability
[SOURCE: IEC 60601-1:2005/AMD1:2012, 3.63, modified – Notes deleted.]

3.19
MEDICAL ELECTRICAL SYSTEM
MES
combination, as specified by its MANUFACTURER, of items of equipment, at least one of which
is MEE to be inter-connected by functional connection or by use of a multiple socket-outlet
[SOURCE: IEC 60601-1:2005/AMD1:2012, 3.64, modified – Note deleted.]
3.20
MEDICAL ROBOT
ROBOT intended to be used as MEE or MES
3.21
MISUSE
MEE or an MES not intended by the MANUFACTURER
use of
Note 1 to entry: Includes reasonably foreseeable MISUSE and not foreseeable MISUSE.
3.22
MOBILE
term referring to TRANSPORTABLE equipment that, once installed and placed into service, is
intended to be moved from one location to another while supported by its own wheels or
equivalent means
[SOURCE: IEC 60601-1:2005/AMD1:2012, 3.65, modified – Note deleted.]
3.23
MONITOR, verb
to collect and interpret necessary information to perceive the status of MEE or MES, PATIENT,
OPERATOR, or environment
Note 1 to entry: Derived from Kaber and Endsley [70], which defined the term as 'which includes taking in all
information relevant to perceiving system status (e.g. scanning visual displays)'.
3.24
NORMAL CONDITION
condition in which all means provided for protection against HAZARDS are intact
[SOURCE: IEC 60601-1:2005, 3.70]
3.25
OPERATOR
person handling equipment
[SOURCE: IEC 60601-1:2005, 3.73, modified – Note deleted.]
3.26
OPTION
TASK strategy able to achieve the desired CLINICAL FUNCTION
3.27
PATIENT
living being (person or animal) undergoing a medical, surgical or dental procedure
Note 1 to entry: A PATIENT can be an OPERATOR.
[SOURCE: IEC 60601-1:2005, 3.76]

– 14 – IEC TR 60601-4-1:2017  IEC 2017
3.28
PHYSIOLOGIC CLOSED-LOOP CONTROLLER
element of a physiologic closed-loop control system in which a feedback variable is compared
with a reference variable, and their difference is transformed to set the controller output
variable
[SOURCE: IEC 60601-1-10:2007, 3.20, modified – Definition simplified to remove variable
notation and informative reference to Figure 1 of IEC 60601-1-10:2007.]
3.29
PHYSIOLOGIC VARIABLE
quantity or condition from a PATIENT whose value is subject to change and can usually be
measured
[SOURCE: IEC 60601-1-10:2007, 3.21, modified – Note deleted]
3.30
PROCESS
set of interrelated or interacting activities which transform inputs into outputs
[SOURCE: IEC 60601-1:2005/AMD1:2012, 3.89]
3.31
PROCESS STANDARD
standard that establishes a framework within which the MANUFACTURER is able to design and
develop MEE or MES of consistent SAFETY and effectiveness
Note 1 to entry: Definition modified from ISO/IEC Guide 63:2012, 3.3.2.
3.32
PROGRAMMABLE ELECTRICAL MEDICAL SYSTEM
PEMS
MEE or an MES containing one or more PROGRAMMABLE ELECTRONIC SUBSYSTEMS (PESS)
[SOURCE: IEC 60601-1:2005, 3.90]
3.33
PROGRAMMABLE ELECTRONIC SUBSYSTEM
PESS
system based on one or more central processing units, including their software and interfaces
[SOURCE: IEC 60601-1:2005, 3.91]
3.34
RISK
combination of the probability of occurrence of HARM and the SEVERITY of that HARM
[SOURCE: IEC 60601-1:2005/AMD1:2012, 3.102]
3.35
RISK ANALYSIS
systematic use of available information to identify HAZARDS and to estimate the RISK
[SOURCE: IEC 60601-1:2005/AMD1:2012, 3.103]

3.36
RISK ASSESSMENT
overall PROCESS comprising a RISK ANALYSIS and a RISK EVALUATION
[SOURCE: ISO 14971:2007, 2.18]
3.37
RISK CONTROL
PROCESS in which decisions are made and measures implemented by which RISKS are reduced
to, or maintained within, specified levels
[SOURCE: ISO 14971:2007, 2.19]
3.38
RISK EVALUATION
PROCESS of comparing the estimated RISK against given RISK criteria to determine the
acceptability of the RISK
[SOURCE: IEC 60601-1:2005/AMD1:2012, 3.106]
3.39
RISK MANAGEMENT
systematic application of management policies, PROCEDURES and practices to the TASKS of
RISK
analysing, evaluating and controlling
[SOURCE: IEC 60601-1:2005/AMD1:2012, 3.107]
3.40
ROBOT
programmed actuated mechanism with a DEGREE OF AUTONOMY, moving within its environment,
to perform intended TASKS
[SOURCE: ISO 8373:2012, 2.6, modified (based on Stuttgart June 2015 Resolution) – The
phrase "actuated mechanism programmab
...