The Crosswalk

    IEC / ISO

    IEC 81001-5-1

    Source

    Health software & health IT systems safety, effectiveness and security, secure development

    Last updated ·

    What it is

    Process standard derived from IEC 62443-4-1, tailored for health software. Defines a secure development lifecycle (requirements, design, implementation, verification, release, post-release).

    Why it matters

    Cited or adopted by the EU (via MDCG 2019-16), Japan (JIS), UK (BS EN), Singapore and TGA. Complying with it satisfies most jurisdictions' SDLC expectations.

    Adopted or referenced by

    EU MDR Swissmedic MHRA PMDA (JIS T) TGA HSA

    Key clauses

    Activities mapped to IEC 62304

    Aligns directly with the medical software lifecycle standard.

    SBOM

    Requires identification and management of third-party components.

    Vulnerability handling

    Defines coordinated disclosure and patching expectations.