From a regulatory standpoint the differences between IEC 62366:2007 and IEC 62366 -1:2015 are minimal, with all the same boxes needing to be ticked. However, it is clear from reading the documentation that the whole process has been streamlined, using more familiar language and on the whole a more usable standard. Probably a good thing from a usability document, I guess! The biggest unknown was Fig. 5.10 User Interface of Unknown Provenance (UOUP).

 What is UOUP?

In essence UOUP is a backdoor to help grandfather in older user interfaces that have already been commercialized prior to the 2015 publication and any other products that have not undergone the IEC 62366 critique.

Many medical device manufacturers utilize components in their systems, such as a computer mouse, which obviously has not passed a “Usability Engineering Process” according to IEC 62366, or they have existing products without problems in the market for decades and would like certification, or they would like to make a minor change to the UI of something more recent. Until 2015 these user interfaces would have to go through the entire IEC 62366 process as part of the standard approval process. Now they are allowed to go through a shortened, simplified usability engineering process in which the risks associated with the usability of the component are assessed, as part of this assessment the manufacturer must also rely on information already available from the market such as adverse event reports or consumer review boards.

This simplified process can be applied to three scenarios:

  1. Legacy medical devices that are already on the market and have not been developed using the process according to IEC 62366:2007
  2. Legacy medical devices that require only minor changes and were not originally developed using IEC 62366:2007
  3. Medical devices containing a commercially available component which was not developed in accordance with IEC 62366: 2007. One example was the above-mentioned mouse.

What is the simplified process?

The simplifications are essentially that some of the steps of the usability engineering process, as required by IEC 62366, can be omitted. These steps are:

  • The usability specification
  • The usability verification
  • The usability validation plan
  • The usability validation itself

To this end, the feedback must be evaluated in every form as to whether it contains information on risks due to lack of usability. Sources of information include, but are not limited to:

  • Reports from the service
  • Customer complaints
  • Notification by authorities
  • Calls to hotlines
  • Observations

Manufacturers are not allowed to omit the so-called “application specification”, i.e. the purpose of the function as well as the main operating functions.

What is the UOUP process?

  1. A Use Specification (like in 5.1 of the new standard) needs to be established.
  2. A review of post-production information is required. The review looks particularly at use errors, hazardous situations and any other risk and safety related incidents or near incidents. Think of it as an analogous device or predicate device review with a focus on safety.
  3. Hazards and hazardous situations related to usability need to be reviewed. This is done by reviewing the risk analysis of the device with the UOUP, identifying and documenting all hazards.
  4. Using the hazards and hazardous situations identified in point 3, risk control measures need to be implemented to insure all risks are mitigated to an acceptable level as indicated by the risk assessment. If this means making changes to the UOUP or the user interface being developed, so be it.
  5. A residual risk evaluation protocol must then be established based on ISO 14971 6.4.

What happens if the UI fails ANY part of 5 step UOUP process?

If any part of the UOUP process is unattainable OR if it is determined that changes to any part of the user interface are required to reduce risk to an acceptable level, those changes shall not be considered UOUP and shall be subject to the requirements of sections 5.1 through 5.9 of the 2015 standard.

In essence, UOUP only applies if the user interface is going to remain exactly the same. If even one new risk is established, the user interface will have to undergo the entire process of the sections 5.1 to 5.9 of the 2015 standard.

Why is it called UOUP and not UIUP?

I have no idea!

Niall Redmond is a StarFish Medical Industrial Designer.  He brings 15 years of cross industry experience and a sense of humor to a wide variety of medical device projects. He is picky about the acronym format.

Image credit: Microsoft


Share on Facebook10Share on LinkedIn44Tweet about this on Twitter

2 responses to “Understanding the UOUP (User Interface of Unknown Provenance) section of IEC 62366 -1:2015”

  1. Philomena Redmond says:

    Why is it called UOUP? What is UIUP?

  2. Hey Mum,
    UOUP is the acronym for User Interface Of Unknown Provenance. Although I don’t have a solid answer to the question; why it is UOUP instead of UIUP? my best guess is the entire document IEC 62366 is about Usability and User Interfaces and so they highlighted “Of Unknown Provenance” and bundled the User Interface into 1 letter.
    As a side bar I personally feel UIUP would have been a more intuitive acronym. Perhaps it’s a usability fail from their usability document ha ha ha.

Leave a Reply

Your email address will not be published. Required fields are marked *