Application of risk management to medical devices with ISO ...

APEC 2021, Korea – SCH Medical Device Center of Excellence Training – Application of risk management to medical devices1

Application of risk managementto medical devices with

ISO 14971 and ISO/TR 24971

Dr. Jos van VroonhovenPhilips, The Netherlands, Global Regulations & StandardsAPEC 2021 Medical Device Center of Excellence Training WebinarSoon Chun Hyang University, Korea, September 2021


• Philips, The Netherlands, 15 years in R&D, 15+ years in Healthcare

• Active in international standardizationo IEC/TC 62, Electrical equipment in medical practiceo ISO/TC 210, Quality management and corresponding general aspects for medical devices

• Chair of NEN/TC 62, national mirror committee for IEC/TC 62 and CENELEC/TC 62

• Convener of ISO/TC 210 – IEC/SC 62A Joint Working Group 1o ISO 14971:2019, Medical devices – Application of risk management to medical deviceso ISO/TR 24971:2020, Medical devices – Guidance on the application of ISO 14971o ISO/IEC Guide 63, Guide to the inclusion of safety aspects in standards for medical devices

Jos van Vroonhoven


Overview

1. Introduction, terminology

2. Risk management policyCriteria for risk acceptability

3. Risk management processspecified in ISO 14971

4. Guidance in ISO/TR 24971Use of other standards


1. Introduction, terminology


Risk management for medical devices

• There are many questions in medical device development:

o Why do risk management?

o What is “risk management”?

o What is “risk”?

o How to “manage” risks?

o What is meant by “safety”?

• Medical devices must be safe and effectiveo Patients are already in a vulnerable positiono Medical devices deliver benefits to the patiento But medical devices also involve some level of risk

• Risks are everywhere and always thereo Risks do not always lead to harm Probabilityo Harm is not always the same Severity

• Safety = freedom from unacceptable risko We deal with risks every day and everywhere (e.g. traffic)o Risks are not zero, but “sufficiently low”o We find those risks “acceptable” (even without realizing)o We accept “adequate protection” from harm


Terminology – Fundamental concepts

• HAZARD: Potential source of harmo Electricity, temperature, moving parts,

pressure, radiation, biocompatibility, …o Usability, data and systems security, …

• HAZARDOUS SITUATION: Circumstancein which people, property or the environment is/are exposed to one or more hazardso Short circuit, live parts, fire, hot surface,

trapping, collision, exposure, bacteria, leakage, …

o Loss of functionality, unauthorized access, corrupted data/images, …

Hazard

Hazardous situation

Harm


Terminology – Fundamental concepts

• HARM:Injury or damage to the health of people,or damage to property or the environment o Discomfort, pain, scratch, bruise, infection,

broken bones, bleeding, allergic reaction, embolism, organ damage, coma, death, …

o Unwanted pregnancy, loss of data/images, environmental contamination,high stress after false positive diagnosis, …

Hazard

Hazardous situation

Harm


Terminology – Risk in ISO 14971

• RISK is the combination ofo the probability of occurrence of harmo the severity of that harm

• What is the probability of occurrence of harm?o Probability P can be decomposed into P1 and P2o Decomposition can be useful, but is not mandatory

• What is the severity of possible harm?o Consider the immediate consequences,

not what could happen without treatmento Personal injury, damage to property/environment

Harm

Risk

Probability of occurrence

Severity of harm+


2. Risk management policy

Criteria for risk acceptability


Risk management & ISO 14971

Risk management in ISO 14971 is:• a systematic approach to identify, assess, control and monitor• all risks associated with the medical device• throughout its life cycle:

o from initial conception, design, developmento to production, distribution, installation, use, service, maintenanceo to post-production (after market introduction), decommissioning, disposal

http://www.google.nl/imgres?imgurl=http://3.bp.blogspot.com/_NoKb20E-na4/SLcX81m-IVI/AAAAAAAAAVM/E2ximdozPEc/s320/iso_logo.gif&imgrefurl=http://isolease.blogspot.com/2008_08_01_archive.html&h=205&w=223&sz=5&tbnid=xAcsF2kvNuq21M:&tbnh=98&tbnw=107&prev=/search?q=iso+logo&tbm=isch&tbo=u&zoom=1&q=iso+logo&hl=nl&usg=__cQoTazyxs2LV-mXXmJzpzrGQAR8=&sa=X&ei=ogvNTsyOKZGXhQeoxbXFDQ&ved=0CC4Q9QEwBw


Risk management – Top management

• Commitment of top management is essential and critical for effective risk management!

• Top management shall provide evidence of its commitment by ensuringo the provision of adequate resourceso the assignment of qualified personnel

• Top management shall define and document a policyfor establishing criteria for risk acceptability(more information on next slides)

• Top management shall review the suitabilityof the risk management process,at planned intervals, to ensurecontinuing effectiveness of the process



Risk management – Policy

• Top management shall define and document a policy for establishing criteria for risk acceptability

• The criteria for risk acceptability shall be based ono applicable national/regional regulationso relevant international standardsand take into accounto the generally acknowledged state of the arto known stakeholder concerns

• Therefore, when regulations require reducing riskso as far as possible,o as far as practicable, oro as low as reasonably achievable (ALARA),

then the criteria for risk acceptability must reflect these concepts

What is possible? What not?Apply state of the art andinternational standards!

Guidance in ISO/TR 24971



Risk management – Criteria for risk acceptability

• The criteria for risk acceptability should includeo specific regulatory requirementso specific technical requirements from the latest editions of international standards,

to apply the generally acknowledged state of the art

• In cases where international/national/regional standards do not exist,it is recommended too reduce risks as far as possible, ando use a “risk matrix” to evaluate

the probability and severity of harm

• Please be aware thatthe policy and the criteria aremuch more than only a risk matrix!

Probability of occurrence

Severity of harm

Negligible Minor Serious Critical

Frequent

Probable

Occasional

Remote

Improbable



3. Risk management processspecified in ISO 14971


Risk management process in ISO 14971

1. Risk management

plan

2. Riskassessment

3. Riskcontrol

4. Evaluationof overall

residual risk

5. Risk management

review

6. Production & post-production

activities

Remark: Numbers of process steps in this diagram do not correspond to Clauses in ISO 14971:2019


1. Risk management plan

• ISO 14971 requires that all risk management activities are plannedo An organized approach is essential for good risk management and encourages objectivityo Planning helps to prevent forgetting essential activities

• The Risk Management Plan (RMP) shall includeo Scope of the planned activities, identifying and describing the medical device

and the life-cycle phases to which each element of the plan applieso Assignment of responsibilities and authoritieso Requirements for review of risk management activitieso Criteria for risk acceptability, based on the manufacturer’s policy,

including criteria when probability of occurrence of harm cannot be estimatedo Method to evaluate overall residual risk and criteria for acceptability of overall residual risko Activities for verification of implementation and effectiveness of risk control measureso Activities for collection and review of relevant production and post-production information

New in ISO 14971:2019


2. Risk assessment – Analysis of hazards and use/misuse

• Determine the intended use of the medical device (“What should the device do?”)o Medical indication, medical purpose, intended patients, user profile, environment of use, …

• Determine the reasonably foreseeable misuse (“What could someone do wrong?”)o Use error (slip, lapse, mistake), use for other non-approved purposes, intentional or unintentional

• Determine the characteristics related to safety (also consider defects and fault conditions)o Operating principle, typical features and properties, qualitative or quantitative, limits, …o Security aspects, USB ports, wifi, malicious attacks, defects, faults, …

• Determine the (reasonably foreseeable) sequences or combinations of eventsthat can result in a hazardous situation (“What could go wrong?”)


Use/misuse of medical devices

Risk management, ISO 14971

Usability engineering, IEC 62366-1

Reasonably foreseeable use/misuse

Normal use

Correct use:• Intended use• Other use (maintenance,

transport, stand-by, etc.)

Not reasonably foreseeable use/misuse

Use error (part of reasonably foreseeable misuse)

Abnormal use(part of reasonably foreseeable misuse)

Part of abnormal use,but not reasonably foreseeable, therefore out of scope


2. Risk assessment – Analysis and evaluation

• Risk analysiso Identify and document all hazards and

hazardous situations (see previous slide)o Estimate the risks associated

with each hazardous situation(determine probability & severity of harm)

• Risk evaluationo Evaluate each risk against

the criteria for risk acceptability(is the risk acceptable, or not?)

o Document all results and conclusionsin the risk management file


3. Risk control

• Select appropriate risk control options, in order of priority:1. Inherently safe design and manufacture2. Protective measures in the medical device or in the manufacturing process3. Information for safety and, where appropriate, training

(instructions on actions to take or avoid to prevent occurrence of harm)

• Implement the selected risk control measures & verify implementation and effectiveness• Evaluate the residual risks (if needed, apply more risk control until risk is acceptable)• If further risk control is not possible, perform a benefit-risk analysis for an individual high risk

• Review for new/increased risks arising from risk control measures,e.g. screen-lock/log-in/password versus easy access to the medical device

• Check for completeness to ensure thatall hazardous situations have been considered


4. Evaluation of overall residual risk – ISO 14971

• By now, all risks are assessed individually and controlled separately and are judged acceptable• It’s time to step back and look at the proposed medical device as a whole

• “Many small risks combined can be one big risk”

• Evaluate the overall residual risk posed by the medical device,taking into account the contributions of all residual risks,in relation to the benefits of the intended use,using the method and criteria defined in the RM plano Method can include gathering and reviewing data and literature (or clinical evaluation)

for the medical device and similar medical devices on the marketo Typically done by expert judgment, i.e. by a cross-functional team

with application knowledge & clinical expertise

Overall residual risk

Benefits

Guidance inISO/TR 24971


4. Evaluation of overall residual risk – ISO/TR 24971

• Include method and acceptability criteria in risk mngt plan; no standardized approach; no preferred method• Inputs and other considerations:

o Event/Fault Tree Analyses (ETA, FTA) of sequences of events and combined probabilities for particular harmo Conflicting requirements; conflicting risk control measures; trade-offs between opposing/dependent riskso Large number of warnings, safety signs, safety instructions can be less effectiveo Review of operating instructions (consistent, concise, easy to understand)o Results of design validation, usability studies, clinical investigation, clinical evaluationo All benefit-risk analyses for individual risks

• Possible approaches:o Describe benefits in magnitude, extent, probability of experiencing, duration and frequency of effecto Visual representation of all individual risks in a risk matrix; analyze risks that are close to non-acceptableo Compare with similar medical devices on the market; analyze known adverse events; scientific literatureo Independent experts from a variety of disciplines with clinical or application experience


4. Disclosure of residual risks

• The manufacturer shall inform users of significant residual risks (side/after-effects) and includenecessary information in the accompanying documentation to disclose those residual riskso Those residual risks are inherent to the use of the medical device and cannot be avoidedo Disclosure information differs from information for safety (risk control, instructions to prevent harm)

• The information should enable the user and the patient to make informed decisionsthat weigh the residual risks against the benefits of using the medical device,choosing one medical device or another, also taking into account the condition of the patient

• Examples of residual risks (side-effects, after-effects):o Patients can suffer from erythema or epilation after radiotherapy treatmento After lithotripsy, 10% of patients have blood in their urine or feel pain in their kidneyso Ophthalmic laser surgery can lead to swelling or pain in the eye until 6 weeks after surgery

Guidance, clarificationin ISO/TR 24971:2020


5. Risk management review

• “Ready to go? First a final check!”

• Prior to release for commercial distribution of the medical device,the manufacturer shall review the execution of the risk management plan

• This review shall at least ensure thato the risk mngt. plan is appropriately implemented,o the overall residual risk is acceptable, ando methods to collect and review production

and post-production information are in place

• The results shall be recorded and maintained asthe Risk Management Report (RMR)and shall be included in the Risk Management File


6. Production and post-production activities

• Clause in ISO 14971:2019 is elaborated with more detail and divided into 4 subclauses

• Establish, document and maintain a system to actively collect and review informationo Do not wait passively until information becomes available (e.g. complaints, adverse events)o Actively search for relevant information & reach out to users, installers, distributors, etc.o Consider appropriate methods for collecting and processing data (which can be voluminous)

• List of possible information sources is giveno Production, supply chain, installation, use, maintenance, etc.o Publicly available information, or related to generally acknowledged to state of the arto Similar medical devices, other (non-medical) products with similar operating principleo Activities can include Post-Market Clinical Follow-up (PMCF) studies

Guidance inISO/TR 24971



• Review the collected information for relevance to safetyo Previously unrecognised hazard or hazardous situationo Estimated risk is no longer acceptableo Overall residual risk is no longer acceptable in relation to benefits of intended use

‒ For example, overall residual risk could be larger than estimated‒ Benefits in practice could be smaller than anticipated

o Changes in generally acknowledged state of the art

• Document the review results in the risk management file (RMF)

New in ISO 14971:2019



• If collected information is relevant to safety, the following actions apply

• For the medical device:o Review risk management file, assess new risk, re-assess existing risko Evaluate impact on previous risk control measureso Consider actions for medical devices on the marketo Record all decisions and actions in the risk mngt. file

• For the risk management process:o Evaluate impact on previous risk management activitieso Communicate the results to top managemento Consider results as input for review of

the suitability of risk management process


4. Guidance in ISO/TR 24971

Use of other standards


Guidance in ISO/TR 24971:2020

• Same structure and clause numbering as ISO 14971:2019o Clause-by-clause guidance on normative requirements in the standardo Standard and guidance are intended to be read and applied togethero Several informative annexes of ISO 14971:2007, revised, supplemented with additional guidance

• Informative annexes on special topicsA. Identification of hazards and characteristics related to safetyB. Techniques that support risk analysisC. Relation between the policy, criteria, risk control, evaluationD. Information for safety and information on residual riskE. Role of international standards in risk managementF. Guidance on risks related to securityG. Components and devices designed without using ISO 14971H. Guidance for in vitro diagnostic medical devices



Use of other standards together with ISO 14971

• ISO 14971 provides the fundamental process for risk managementas the basis of the medical device design and development process

• Dedicated standards build upon ISO 14971 and provide additional technical requirementsfor specific devices / risks / applications / software / security / usability / biocompatibility / … to ensure the safety of the medical device

ISO 14971: the fundamental risk management process

IEC 62304IEC

62366-1ISO 27000

seriesand many

more…ISO

109

93

serie

sIEC 82304-1

ISO/IEC80001 and

81001 series

IEC 60601 series


Recognition of ISO 14971:2019

• ANSI/AAMI/ISO 14971:2019 was published and recognized immediatelyo Standard is recognized by US FDA with 3-year transition period until December 2022

• EN ISO 14971:2019 was published simultaneously, but not yet harmonizedo New edition has no content deviations and supersedes EN ISO 14971:2012o Publication without Annex Z (relationship with Directives and Regulations)o Discussions with European Commission and their consultants are still ongoingo No harmonization under Medical Device Directives (MDD, IVDMDD, AIMDD)o European-only amendment A11 with Annex ZA-ZB is expected to be published in 2021 or 2022,

and cited in OJEU as a harmonized standard under the Medical Device Regulations (MDR, IVDR)


Thank you!

Application of risk management to medical devices with ISO ...

Documents

Transcript of Application of risk management to medical devices with ISO ...