Ensure Medical Device Safety
A comprehensive risk management process is required
by Les Schnoll
A safe medical device is one that does not injure a patient, user or caregiver. Processes and procedures that ensure the manufacture of safe and effective products should be inherent in a medical device manufacturer's quality system. This premise--ensuring public safety--is the backbone of most regulatory agencies' reasons for being.
Safety is defined as "freedom from unacceptable risk." Risk is defined as "the combination of the probability of occurrence of harm and the severity of that harm." Harm is defined as "physical injury or damage to the health of people or damage to property or the environment" in ISO 14971:2000, Medical Devices--Application of Risk Management to Medical Devices.
To address these concerns and thereby achieve compliance with one of the key components of national and international regulatory requirements, companies must develop, implement and maintain an effective risk management process that identifies potential hazards associated with the use of their medical devices. A hazard is "a potential source of harm" and may stem from energy, biological and environmental sources, functional failure, aging of the device and use.
In addition to ensuring proper sanitary conditions, sterilization (when appropriate) and general cleanliness, a risk management program is a critical necessity to a robust regulatory compliance program. In the medical device world, such a program should be based on an accepted set of principles and guidelines, such as ISO 14971. This international standard, published in 2000, is a valuable tool that helps a manufacturer determine the safety of its products.
Changes to devices that affect or may affect the safety, effectiveness, operability or packaging of the devices (for example, design, materials, use or application, manufacturing process and methods and suppliers) require re-evaluation of risk.
Risk management is the systematic process of identifying the hazards posed by a medical device or its associated production and development systems, estimating the risks of the hazards and evaluating, mitigating and managing the risks. The risk management process consists of the following steps:
Qualitative and quantitative identification of characteristics.
Preliminary hazard identification.
Assessment of risks, causes and mitigation.
Mitigation (including verification and validation).
Periodic review and update.
Development of a risk management plan to describe the activities to be carried out during the course of the design development and change process.
Risk management is a requirement of the European Commission's Medical Device Directive and the U.S. Food and Drug Administration's Quality System Regulation. The process consists of five activities: risk analysis, risk evaluation, risk control, evaluation of overall residual risk and review of postproduction information.
Results of the activities associated with the process should be placed into a risk management file that contains, at minimum, the description and identification of the medical device (or accessory), the identification of personnel who performed the risk assessment, the dates of the activities and the results of all risk management activities.
The risk management file is prepared or updated throughout the development process and product life cycle.
Risk analysis consists of the identification of intended uses and purposes of the product, identification of hazards and estimation of risk. The device or system is defined with the detail required to perform the analysis. The definition includes a description of the device and accessories, the use of the device, environmental conditions under which it is used and the typical operator skills. These comprise the qualitative and quantitative characteristics of the device or system that could potentially impact safety.
The intended use or purpose of the product undergoing risk analysis is documented. This process includes the identification of characteristics related to safety and a review of clinical literature. Known or foreseeable hazards are documented in both the normal (intended use) and fault (reasonably anticipated misuse) conditions.
Known hazards include complaint investigation results and any vigilance or medical device report analysis. Foreseeable sequences of events that may result in a hazard are considered and recorded.
Risks for each identified hazard in both normal and fault conditions are estimated, and the estimation is documented in the risk management file. Data for estimation of risks are obtained, for example, from published standards, technical and field data, usability tests by typical users, clinical evidence, results of investigations, expert opinion and external quality assessments. The severity and likelihood of risk associated with each hazard are classified.
Risk evaluation results in a decision regarding risk classification (risk index) and is based on the severity and likelihood classifications. One method that can be used for interpretation of the risk level is:
Intolerable: The risk is unacceptable.
ALARP (as low as reasonably practical): But effort should be made to reduce the risk.
Acceptable: The risk is broadly acceptable.
Risk control is the process of reducing risk to an acceptable level. It includes option analysis, implementation of risk control measures, residual risk evaluation, risk and benefit analysis, determination of other generated hazards and completeness of risk evaluation.
Option analysis is performed as an integrated approach using one or more of the following in priority order:
1. Design changes.
2. Protective measures and information in the device itself or in the manufacturing process.
Any risk classified as intolerable should be addressed through redesign efforts to reduce the severity or likelihood. Risk mitigation is verified and validated.
Risk control measures selected in the option analysis phase are typically implemented, and the effectiveness and implementation of these measures are verified. After risk control measures have been applied, any remaining or residual risks are evaluated following the criteria defined in the risk management plan.
If required by the plan, residual risk is reduced by the application of additional risk control measures. If risks cannot be reduced, a risk/benefit analysis of the residual risk is conducted. Risk control measures are then reviewed to determine if other hazards have been introduced as a result of the risk control process. Any new hazards introduced are assessed and addressed.
If the residual risk is judged unacceptable using criteria in the risk management plan and further risk control is impractical, a risk/benefit analysis is conducted. The team should gather medical expert opinion by reviewing data and literature about the medical benefits of the intended use of the product and then determine whether the medical benefits outweigh the risks.
An independent assessment of the risks from all identified hazards is carried out. This assessment should review the residual risk posed by the product to determine whether it is acceptable.
If the data gathered and reviewed do not support the conclusion that the benefits of the product outweigh the risks, the risk remains unacceptable and the team is required to find risk control measures to reduce the risk to an acceptable level before proceeding.
This stage in the risk management process includes the review of postproduction and risk management experiences. During this phase, complaints and proposed changes to the product are reviewed to aid in evaluating the performance of the product for potential safety issues. Questions to answer include:
Are any previously unidentified hazards present?
Is the estimated risk no longer acceptable?
Is the original risk assessment invalid?
If any of the answers are affirmative, the risk management process should be repeated to update the assessment and initiate any required new control measures.
While the risk assessment process sounds fairly simple on the surface, it can be onerous and definitely requires participation only of trained personnel. Excellent analytical skills are useful in performing an adequate and effective risk assessment.
A company must be willing to invest in the resources to ensure its risk management program is functioning properly, has adequate oversight with respect to product development and that the medical devices it markets are, indeed, safe and effective.
LES SCHNOLL is executive director, corporate regulatory, Hill-Rom Co., Batesville, IN. He is a member of ISO/TC 176 and ISO/TC 210. Schnoll is the author of two books published by Paton Press: The Regulatory Compliance Almanac--A Guide to Good Manufacturing, Clinical and Laboratory Practices and The CE Mark: Understanding the Medical Device Directive. He is a member of ASQ and a certified quality manager.