PROMISE: Our kitties will never sit on top of content. Please turn off your ad blocker for our site.
puuuuuuurrrrrrrrrrrr
Jon Speer
Published: Thursday, May 14, 2020 - 11:02 Historically, risk management has been a complex and polarizing subject, with various stakeholders assigning different values on the probability and severity of harm. In the medical device industry, risk management’s high importance has led to the publication of standards such as ISO 14971, offering guiding principles using a universal risk management framework applicable to all types of medical devices and processes throughout the entire product life cycle, from design and development through manufacturing and into post-market activities. In December 2019, an updated version of the standard ISO 14971:2019 was released, bringing impactful changes to the medical device industry. Although many of the changes were minor, there are key updates to processes and best practices that medical device companies should understand and keep top of mind. One example is the updated guidelines for risk assessment. ISO 14971:2019 looks at risk analysis and risk evaluation as individual and separate sets of tasks that together make up a risk assessment. In my experience, I will generally conduct these two sets simultaneously, but to effectively do so, you must understand the tasks involved with each. There are many ways to conduct a risk analysis, and many of these techniques are used across the industry, including failure mode and effects analysis (FMEA), fault-tree analysis, and preliminary hazards analysis. However, it’s critical that as you go through your own risk analysis, you define an approach that allows you to document the entire process easily and effectively. To achieve this, you must clearly outline three aspects of the medical device: Whenever you start a risk analysis, you should work from a documented intended-use statement. This statement helps to define the scope of the device and helps to outline potential hazards that may occur later in the process. The intended-use statement is also useful in identifying foreseeable misuse of the product. An effective strategy to identify hazards is to go through each step required for device use and determine if there are any sources of harm along the way. Identifying these scenarios early on helps to ensure that safety measures are established in order to reduce risk. Once each potential hazard and hazardous situation is outlined, the risk analysis can be completed by estimating risk for each hazard. According to ISO 14971, risk is defined as the probability of occurrence of harm and the severity of said harm. Risk estimation requires manufacturers to outline two things: seriousness and likelihood of occurrence. A common technique used to illustrate these factors is a severity and occurrence table, often referred to as a risk acceptability matrix, which evaluates harm based on levels of severity and also the probability of that occurrence. For example, a life-threatening injury would be considered critical in severity, and if it only occurs once in 1 million times, then the event is also considered improbable. Once risks for each harm have been estimated, it’s time to evaluate each risk to determine if risk reduction is required. Many companies will evaluate risk levels in three “zones”: low, medium, or high. The most common practice for practical risk evaluation is to establish criteria around which risk zones are deemed acceptable and which are not. Manufacturers that sell in the United States often correlate the low zone with acceptable risk and the high zone as unacceptable. The medium zone often fits into what is referred to “as low as reasonably practicable.” That said, many companies place a similar emphasis on the level of risk in the medium zone as they do the high zone when conducting risk reduction. A comprehensive risk assessment is a vital component of the medical device manufacturing process and also a significant requirement found in the updated ISO 14971:2019 risk management standard. Evaluating potential harm and risks, and diligently working to reduce them, helps to ensure patient safety and medical device true quality. Quality Digest does not charge readers for its content. We believe that industry news is important for you to do your job, and Quality Digest supports businesses of all types. However, someone has to pay for this content. And that’s where advertising comes in. Most people consider ads a nuisance, but they do serve a useful function besides allowing media companies to stay afloat. They keep you aware of new products and services relevant to your industry. All ads in Quality Digest apply directly to products and services that most of our readers need. You won’t see automobile or health supplement ads. So please consider turning off your ad blocker for our site. Thanks, Jon Speer is the founder and vice president of quality assurance and regulatory affairs at Greenlight Guru, a software company that produces the only medical device quality management software solution. Device makers in more than 50 countries use Greenlight Guru to get safer products to market faster. Speer has served more than 20 years in the medical device industry and helped dozens of devices get to market. As a thought leader and speaker, he regularly contributes to numerous industry publications. He is also the host of Global Medical Device Podcast. What You Need to Know for an Effective Risk Assessment
Two concepts to ensure patient safety and device quality
Risk analysis tasks
1. Intended use
2. Potential hazards
3. RiskRisk evaluation tasks
Our PROMISE: Quality Digest only displays static ads that never overlay or cover up content. They never get in your way. They are there for you to read, or not.
Quality Digest Discuss
About The Author
Jon Speer
© 2023 Quality Digest. Copyright on content held by Quality Digest or by individual authors. Contact Quality Digest for reprint information.
“Quality Digest" is a trademark owned by Quality Circle Institute, Inc.
Comments
Improbable Medium Risk
Hello,
Thank you for the article.
Often, especially during audits and inspections, potentially life-threatening risks are seen as always of the highest risk level, no matter how improbable they are. And there is a case to make, that just because something is highly unlikely, the consequences remain life-threatening and therefore, the risk should be treated as if it occured more regular and thus be categorized as "high risk".
Assuming all risk managers somewhat use the principle of worst-case, it's hard to grasp how a critical (per articles definition life-threatening) risk can be a low risk, just because you may only harm 1 in a million. I think it would make sense to have any foreseeable permanent damage to be at least "medium" risk and all life-threatining risks as "high" risk category.
That ISO14971 fails to define this, once and for all in its current revision, is a mistake, in my honest opinion. This is, where true standardization in this industry could have happened, but instead some formalities were changed. The request for more Benefit/Risk analyses will never be heard, when even potentially fatal consequences can be a low-risk topic.
br
daniel