1 / 27

What’s New, What’s current in ISO 14971: Application of Risk Management to Medical Devices.

What’s New, What’s current in ISO 14971: Application of Risk Management to Medical Devices. . Paul McDaniel ASQ CQM/OE Executive VP Operations and QA Sicel Technologies. Background. Medical device risk management activities came about primarily because of their regulated nature

nerys
Download Presentation

What’s New, What’s current in ISO 14971: Application of Risk Management to Medical Devices.

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. What’s New, What’s current in ISO 14971: Application of Risk Management to Medical Devices. Paul McDaniel ASQ CQM/OE Executive VP Operations and QA Sicel Technologies

  2. Background • Medical device risk management activities came about primarily because of their regulated nature • In the most general sense, using the FDA as an example, the US population, by way of their representatives, determined that someone must look after the manufacturer’s to make sure products are safe and effective • As the industry matured, it became apparent that in many cases, the manufacturer’s were best able to determine safety so the regulatory bodies asked for generally accepted practices to be performed by all • But leave and objective evidence trail to follow!

  3. ISO 14971 • The standards community determined it was time for a harmonized approach to risk management processes. • For many of the regular reasons • level the playing field • allow market introduction to be more predictable • describe the state of the art • For some of the unique reasons • To save a life, some times you have to introduce a risk of harm, medical devices are somewhat unique • the consumer should be able to trust that the risk is outweighed by the potential benefit

  4. ISO 14971 • The first edition was issued in 2000 • Follows a quality systems model • Processed focused • was a compilation of industry practices, and the thoughts of technical experts and regulatory agencies as the “right” requirements • After a minor amendment in 2003, the second edition was issued in 2007.

  5. What’s it all about? • Risk: combination of the probability of harm and the severity of that harm • Harm: physical injury or damage to the health of people, property, or the environment • Hazard: a potential source of harm • Hazardous situation: circumstance in which people, property or the environment are exposed to one our more hazards

  6. Standard Overview • General requirements • Risk management process • Mgmt responsibilities • Qualification of personnel • Risk management plan • Risk management file • Feeling a little ISO 9000–ish? • Definitely a little ISO 13485–ish? • Medical devices – quality management systems, requirements for regulatory purposes

  7. ISO 14971 Main Body • Risk Analysis • Risk Evaluation • Risk Control • Evaluation of overall residual risk acceptability • Risk Management Report* • Production* and Post Production Information * Changes in 2007 edition

  8. Risk Analysis -Intended use and Id of Char related to safety of the device -Id hazards -Est risk for each hazardous situation Risk Assessment Risk Management Risk evaluation Risk Control -Option analysis -Implement controls -Residual risk evaluation -Risk/benefit analysis -Risks arising from control measures -Completeness of risk control Evaluation of overall residual risk acceptability Risk Management Report Production and post-production information Adapted from ISO 14971:2007 Figure 1

  9. 8 Risk Management Report • Prior to release for commercial distribution of the medical device, the manufacturer shall carry out a review of the risk management process. • RM Plan was implemented • Overall residual risk is acceptable • Appropriate methods for production and post-production data collection are in place

  10. 9 Production & Post Production Information • Establish, document and maintain a system to collect and review information about the device… • The system should concider • Operator, user, installation, use and maintenance feedback is collected and processes • New or revised standards • Publicly available information about similar devices

  11. 9 Production & Post Production Information (cont) • Evaluate this information for relevance to safety • Are previously unrecognized hazards or hazardous situations present? • Are the estimated risks no longer acceptable? • Feedback any “yes” answers into the risk assessment and controls processes for action.

  12. Risk Analysis in Production • Non-conforming material and Material Review Board Processes? • Can they effectively consider risks on each occurrence? • Control charts, acceptance data • Are risk controls part of acceptance testing? • Frequency of occurrence suggesting anything • “Risk of failure was ranked as remote yet we’ve had three catastrophic hot-pot test failures this month!”

  13. Informative annexes • A Rationale for requirements • B Process overview • C Questions that can be used to identify medical device characteristics that could impact safety • D Risk concepts applied to medical devices • E Examples of hazards, foreseeable sequences of events and hazardous situations • F Risk management plan • G Information on risk management techniques • H Guidance for in-vitro diagnostic hazards • I Guidance for Biological hazards • J Information for safety and information about residual risk • BIBLIOGRAPHY • 37 very useful references

  14. Preliminary Hazard Analysis Fault Tree Analysis FMEA HAZOP HACCP Failure consequences and liability management Product safety and liability FMEA/FMECA in design FTA in design Reliability modeling and prediction Information on Techniques Sample keywords from ASQ Certified Reliability Engineer BOK ISO 14971 Annex G

  15. Developing Risk Measures • There is more and more indication that “quantitative” risk assessment is preferred over qualitative. • Consider the products liability landscape in the US when you decide to transverse that path. • The standard requires management set a policy for determining risk acceptability, not 3 deaths per million is ok

  16. Risk Acceptance • For those lawyers out there: define the scope of your process • The records produced will be subject to second guessing if harm occurs: don’t allow hindsight to change the rules • Document your information sources!!!!!!! • When you made your risk acceptability decision, what information was available and used? • We can only be diligent, not psychic

  17. Risk Acceptability • Once you start applying the process, you must maintain diligence • most risks represent “smoking guns” • if you thought a risk could only be realized once in a device lifetime and you have two reports, revisiting your mitigation decision would be very prudent! • what society accepts today will probably be too great a risk tomorrow • The term is a little stale, but “state of the art” is the concept

  18. Key to Success • No engineer, clinician, production associate, marketeer, president, janitor, wants to make and sell unsafe products • Risk management process and techniques, when applied early and often gives everyone the ability to do the right stuff • Applied late in the game, it makes most involved feel poorly about any potential risks remaining • The ISO 14971 Standard is really applicable to all industries as a best practice

  19. IEC 60601-1 General Requirements for Basic Safety and Essential Performance of Medical Electrical Equipment Influences of Risk Management on the Third Edition

  20. Terms • Basic Safety • Freedom from unacceptable risk directly caused by physical hazards when ME equip is used under normal and single fault conditions • Essential Performance • Performance necessary to achieve freedom from unacceptable risk • Note: is most easily understood by considering whether its absence or degradation would result in an unacceptable risk • 139 defined terms to “apply 60601-1!!!!!

  21. Key Risk Related Concepts • Basic Safety and Essential Performance required for normal use, reasonably foreseeable mis-use, in normal condition and single fault conditions. • Thankfully, Medical equipment is presumed to be operated under the jurisdiction of qualified or liscensed persons and the operator has the skill required for a medical application and acts according to the instructions for use. • No lawn mowers as hedge trimmers

  22. Medical Equipment Risk Criticality • 8 key differentiators for medical equipment as compared to other electrical equipment are mentioned: • Non-detectable hazards (radiation) • Patient may not be able to react to hazards • ill, unconscious, impaired functioning • Multiple equipment connections • Electrical circuits are applied directly to the body • ……. • These make ISO 14971 a medical device requried practice as compared to general industry.

  23. 60601-1 Risk Management? • 4.2 Risk Management process for Med Elect equipment or Systems • A Risk Management Process complying with ISO 14971 shall be performed • 4.7 Single Fault for ME Equipment • The results of risk analysis shall be used to determine which failures shall be tested. • Probably will need an FMEA or similar detailed analysis to support this requirement!

  24. Good clarifications • Annex A Risk Management Process • Compliance with the clauses of this standard that contains specific, verifiable requirements is presumed to reduce the associated risk(s) to an acceptable level. • Other than these specific requirements, and single fault compliance, the manufacturer’s responsibility is to set acceptable risk levels and explain the rationale in the risk management file.

  25. Risk Management Conformity • There is a bell sounding in the compliance community • With the normative reference of ISO 14971 in IEC 60601-1, we may need third party certification of risk management “systems”

  26. 3rd Party Certification • The intent of the standards working group was to have a standalone risk management process if no quality system existed. • We tried hard to recommend that if a Quality system existed, risk management should be integrated into it. • Fight this trend to transfer money from medical device development to systems conformity companies! • Integrate the processes with your quality system • Look for standards work item proposals related to this concept and vote them down. • Get another certification body if you get a quote for ISO 14971 compliance assessments/audits/certification

  27. What’s next • From the ISO 14971:2007 Forward • For the purposes of future IEC maintenance, Subcommittee 62A has decided that the contents of this publication will remain unchanged until the maintenance result date (2014) • A search of IEC subcommittee 62A and ISO Technical Committee 210 show no work item proposals for ISO 14971

More Related