I have seen buyers lose money from missed standards. I do not want you to repeat that mistake.
To assess compliance fast, confirm IEC 60601 safety parts, EMC per IEC 60601-1-2, device-specific IEC part, software per IEC 62304, biocompatibility per ISO 10993, and risk file per ISO 14971. Then verify FDA or CE status, plus ISO 13485 QMS.
I use a simple path. I check what standards apply, then I request proofs. I cross-check model numbers, report dates, and lab accreditation. I only proceed when the paperwork and labels match the device in hand.
Which IEC 60601 parts apply to shockwave devices?
I often get half answers like “we passed 60601.” That is not enough. I need the exact parts and editions, or I walk away.
For shockwave devices, start with IEC 60601-1 for basic safety and essential performance, add IEC 60601-1-2 for EMC, include the relevant particular part (e.g., IEC 60601-2-36 for lithotripters or the applicable shockwave particular), and map software to IEC 62304 with risks under ISO 14971.
I keep my IEC map simple and strict. I start from the general safety base, IEC 60601-1 general safety and essential performance 1. It covers electrical shock, mechanical hazards, temperature limits, creepage, clearance, leakage current, and essential performance. I make sure the test report lists the latest valid edition and any amendments used by the lab. I read the summary of clauses for failed items and applied risk controls. Next, I confirm electromagnetic compatibility under IEC 60601-1-2 electromagnetic compatibility 2. I look for emissions, immunity, ESD levels, radiated immunity, conducted immunity, surge, voltage dips, and harmonics. A real report includes test levels, modes, setup photos, and pass/fail notes.
Then I check the device-specific “particular” standard. For extracorporeal shockwave devices aimed at tissue or stones, the particular standard addresses acoustic output, energy controls, applicator safety, and accessories. I confirm the exact part and edition the lab used, such as IEC 60601-2-36 for extracorporeal lithotripsy 3. Different shockwave types, like focused, radial, or piezo, may fall under different particular requirements or guidance, so I ask the supplier to state the exact device class and intended use. If the device has any software control, I tie it to IEC 62304 software lifecycle processes 4. I also verify the risk file per ISO 14971 risk management 5. It should link hazards (electrical, mechanical, acoustic overdose, misfire, UI error) to controls, and show verification of each control.
IEC Standards Map I Request
| Safety Area | Standard / Part | What I check | Needed evidence |
|---|---|---|---|
| Basic electrical safety | IEC 60601-1 | Edition and amendments; leakage current; dielectric; essential performance | Full test report + CB certificate |
| EMC | IEC 60601-1-2 | Test levels; setup photos; pass/fail | EMC test report from accredited lab |
| Particular (shockwave) | IEC 60601-2-36 or applicable particular | Acoustic safety; controls; labeling | Particular test report with pass statements |
| Software lifecycle | IEC 62304 | Class A/B/C; validation; change control | Software file with traceability matrix |
| Risk management | ISO 14971 | Hazard analysis; risk controls; verification | Risk management report linked to tests |
I do not accept a one-page “certificate.” I only trust a complete report and, when possible, a CB Test Certificate with the CB Test Report. I also verify that the lab is ISO/IEC 17025 laboratory accredited 6. If the product label or rating plate does not match the report model, I stop the purchase.
Is the device FDA cleared or CE marked?
I do not rely on sales claims for “FDA approved.” I verify the exact route, product code, and intended use.
In the U.S., I look for 510(k) clearance that matches the intended use and device type. In the EU, I confirm CE marking under MDR with a valid Declaration of Conformity and, for higher class devices, a Notified Body certificate referencing the correct standards and the exact model.
I start with the United States. Most non-invasive shockwave devices fall under Class II with 510(k) clearance, but I read the 510(k) summary to see the exact indications and the predicate device. I check the product code, the performance testing, and whether the labeling matches the model I will buy. If a supplier says “registered only,” that is not a clearance. I require the 510(k) number and the summary from the FDA 510(k) database 7 that lists electrical safety and EMC testing against IEC 60601 parts. If the device was only “listed” without a cleared indication, I treat it as a risk and do not import it for clinical use.
In Europe, I check the CE mark under EU Medical Device Regulation (MDR) 2017/745 8. I ask for the Declaration of Conformity and the Notified Body certificate if the device class requires it. I make sure the scope covers the device type and the exact model range. I confirm the Notified Body number on the label matches the certificate. I read the General Safety and Performance Requirements (GSPR) checklist 9. It should link each requirement to evidence, such as the IEC reports, clinical evaluation, and risk file. If the CE is under the legacy MDD with a valid transition, I confirm the timeline and any conditions. If the supplier sells into the UK, I also ask about UKCA, but I keep my main focus on CE and FDA because those are what my buyers ask for.
Quick Regulatory Cross-Check
| Region | Evidence I ask | What must match |
|---|---|---|
| USA (FDA) | 510(k) number and summary | Model, indications, testing references |
| EU (CE) | Declaration of Conformity; NB certificate (if applicable) | Model, MDR class, standards, NB number |
| Labeling | Rating plate photos | Model code, power rating, CE/FDA identifiers |
If any document lists a different model code than the label, I pause the deal and request a corrected file or a new test.
What testing and reports should suppliers provide?
I do not accept vague “passed lab test” claims. I ask for a document set, with dates, signatures, and page counts.
Ask for CB/IEC 60601-1 safety report, IEC 60601-1-2 EMC report, the device-specific particular report, acoustic output measurements, biocompatibility for patient-contact parts (ISO 10993), software validation (IEC 62304), risk management (ISO 14971), and usability evidence if applicable.
I build a clean checklist and I do not skip steps. For electrical safety, I ask for the full IEC 60601-1 report and the CB certificate. The report should show clause-by-clause results, test equipment lists, and photos. For EMC, I want the IEC 60601-1-2 report with emissions and immunity sections. It should include ESD, radiated, conducted, EFT, surge, dips, harmonics, and flicker. For the particular standard, I check acoustic energy limits, output control accuracy, applicator identification, and interlocks. I request a dedicated acoustic output report that lists energy flux density, peak pressure, pulse count, focal size, and reproducibility. I compare those numbers with the user manual settings to see if the UI ranges match test values.
If the device has skin-contact parts, gels, or applicator covers, I request ISO 10993 biocompatibility testing 10 for cytotoxicity, irritation, and sensitization. If the contact is longer or invasive, I ask for more parts of 10993 as risk dictates. For software, I want a software development plan, risk classification, requirements, test cases, and validation summary per IEC 62304. I also request a cybersecurity note if the device has any network feature. For risk management, I look for a full ISO 14971 file with hazard analysis, FMEA or similar, risk controls, and evidence of verification.
I also ask for usability engineering if the UI can cause misuse. IEC 62366-1 usability engineering 11 style files help reduce use errors. Finally, I check packaging tests, transport tests, and sterilization validation if any sterile accessories exist.
Supplier Document Checklist (What I request)
| Document | Why I need it | What I verify |
|---|---|---|
| IEC 60601-1 CB report + certificate | Proves basic safety | Edition, model, photos, failures addressed |
| IEC 60601-1-2 EMC report | Proves EMC safety | Levels, setup photos, pass/fail |
| Particular standard report | Device-specific safety | Acoustic/energy limits, interlocks |
| Acoustic output report | Real performance | Peak pressure, EFD, focal volume |
| ISO 10993 tests | Patient safety | Contact type vs test scope |
| IEC 62304 software file | Software reliability | Class, validation, traceability |
| ISO 14971 risk file | System safety | Hazards, controls, verification |
| Labeling + IFU | Legal use | Indications, warnings, symbols |
| DoC / CE cert or 510(k) | Market access | Model, scope, validity |
If the supplier cannot provide two or more of these, I assume the device is not ready for regulated markets. I would then pause and re-scope the project or switch suppliers.
How do ISO 13485 and QMS audits verify quality?
I have seen nice reports paired with weak factories. I do not rely on reports alone. I check the system that makes the product.
ISO 13485 proves the manufacturer runs a medical device QMS that covers design, production, complaint handling, CAPA, and post-market activities. Third-party audits and supplier QMS checks reduce delivery delays, field failures, and hidden costs.
I always request the ISO 13485 certificate. I confirm the legal manufacturer name, the scope (for design and manufacture of medical devices), and the validity dates. I ask for the last audit summary or the nonconformity list if they can share it. I want proof that they close issues on time. I check if the QMS includes design controls. If I plan custom features (OEM/ODM), I ask to see design plans, reviews, verification, and validation procedures.
I also perform my own supplier audit, even if it is remote. I review incoming inspection records for critical parts like capacitors, transformers, and applicators. I check calibration logs for test equipment that measured leakage current and acoustic output. I read CAPA records for repeated defects. I ask to see complaint logs and field corrective actions, if any. I verify traceability back to lots and serial numbers. For production control, I look at torque settings, potting processes, ESD protection, and final inspection sheets. I also review training records for operators who assemble high-voltage modules.
Post-market is another key area. I ask how they collect feedback and how they trend failure rates. I ask for sample service reports. If they cannot show a PMS plan, I treat that as a red flag. I also check that they can support door-to-door logistics and can pack units to survive long routes. Good QMS practice cuts lead time risk and quality drift. It also makes changes controlled when I need a new UI layout or a new applicator material.
QMS Audit Evidence I Like to See
| Process | Evidence | What I look for |
|---|---|---|
| Design control | Design plan, reviews, V\&V | Clear inputs/outputs, test records |
| Purchasing | Approved vendor list, IQC logs | Critical parts checks, acceptance criteria |
| Production | Work instructions, final test sheets | Traceability, calibrated tools |
| CAPA | CAPA forms with root cause | Real corrective actions, closure dates |
| PMS | Complaint logs, trending | Low repeat issues, field action process |
A strong QMS does not replace IEC reports, but it keeps quality stable. It reduces delays and reduces the chance of rework after shipment. It also gives me confidence during private labeling and custom development.
Conclusion
Verify the right IEC parts, confirm FDA or CE, demand full reports, and audit ISO 13485 QMS. Only then place the order.
Footnotes
1. Official IEC 60601-1 details core electrical safety requirements. ↩︎
2. IEC 60601-1-2 sets EMC emission and immunity criteria. ↩︎
3. Particular standard for extracorporeal lithotripsy safety. ↩︎
4. IEC 62304 defines software lifecycle processes for devices. ↩︎
5. ISO 14971 framework for medical device risk management. ↩︎
6. ILAC list verifies ISO/IEC 17025-accredited test labs. ↩︎
7. FDA 510(k) database to confirm U.S. clearances. ↩︎
8. EU MDR 2017/745 overview and guidance portal. ↩︎
9. MDR Annex I source for the GSPR checklist. ↩︎
10. ISO 10993 guidance on biocompatibility test selection. ↩︎
11. IEC 62366-1 usability engineering requirements to reduce use error. ↩︎
English 
Español de México 
Deutsch 
Français 
العربية 
Русский 