overview of iso 14971 webinar, issue 4, 06-20-07applicability of iso 14971:2007 • iec 60601-1:2005...

Overview of ISO 14971:2007 Presentation Slides

Issue 4: – 06/20/07 ©2007 BSI Management Systems 1

Issue 4: 062007-BSI

Welcome …

To login to the audio portion of the web conference, dial 1-866-740-1260† on your phone and use the access code

provided to you when prompted.

†If you are calling from Mexico, dial 0018005148716

When you arrive, please type the phone number from which you are calling into the chat field.

We will begin the web conference shortly.

Issue 4: 062007-BSI

Overview of ISO 14971:2007

Application of Risk Management to Medical Devices



3

Learning Objectives

• Understand the importance of top management involvement with ISO 14971:2007

• Understand the impact of ISO 14971:2007 implementation on medical device organizations

• Discuss recent changes in definitions and the impact of new areas of emphasis

• Consider the life-cycle concept as it impacts medical device design, manufacturing, and post-production information

Issue 4: 062007-BSI

Risk Management

Introduction



5

Why Perform Risk Analysis?

• All regulatory agencies require it:the FDA views 14971 as improvementthe EU, Canada and Japan require risk management

• Risk analysis allows for matching of regulatory controls to level of risk of the device, i.e. higher classification implies more controls

• ALL devices must be judged safe by the manufacturer and risk management ensures that manufacturer documents safety before going to market

6

Cost of an Unacceptable Risk

• Before design $5,000• After design $50,000 • After production $500,000 • After vigilance $3,000,000• After litigation $20,000,000

More importantly, the cost to the PATIENT!



7

ISO 14971:2007 Risk Management

• Increasingly, the importance of a safety review is being recognized as an important risk management tool

• Failure to identify risks to safety, and the inability to address or control these risks, can result in massive costs, both human and economic

• Risk management defined in ISO 14971:2007 is a tool to help the manufacturer control the risks to humans

8

ISO 14971:2007 Requirements Top Management Support

Demonstrate commitment by:

• Defining policy for determining acceptable risk

• Providing adequate resources• Ensuring trained/qualified personnel

(medical device and risk management techniques)

• Reviewing results of risk management to ensure continuing suitability and effectiveness

Note: See 3.2, ISO 14971:2007



9

ISO 14971:2007 Requirements Risk Management ProcessRisk AnalysisRisk Analysis

Risk EvaluationRisk Evaluation

Risk ControlRisk Control

Acceptable Residual Risk?Final Report

Acceptable Residual Risk?Final Report

Note: See Figure 1, ISO 14971:2007

Production and Post-production informationProduction and Post-

production information

10

ISO 14971:2007 RequirementsRisk Management Plan

Risk management plan for each medical device or accessory:

• The scope of the plan• Verification plan• Allocation of responsibilities• Requirements for the review of

risk management activities• Criteria for risk acceptability• Plan for production and post-

production information gathering

Note: See 3.4, ISO 14971:2007



11

Product Safety

• Control measures can reduce the risk to a level which is acceptable to the current values of society

• If all the residual risks have been reduced to an acceptable level, the product can be considered safe (in other words, there is freedom from unacceptable risk)

• The manufacturer makes….and documents this decision

12

ISO 14971:2007 RequirementsRisk Management File

Risk management file includes:• Risk management plan • Results of all risk

management activities• Maintained records• Traceability for each identified hazard

Note: See 3.5, ISO 14971:2007



Issue 4: 062007-BSI

Statements of Applicability

14

Applicability of ISO 14971:2007

The standard can be used to develop a process:

• To identify the hazards associated with medical devices

• To estimate and evaluate the risks • To control these risks• To monitor the effectiveness of the control• Which can be applied to all stages of the life

cycle of a medical device • Which can be an integral part of a quality system



15

Meeting ISO 14971:2007 Requirements• The risk management process can be

a subset of another process, but must be defined, documented, and maintained

• The risk management file can be a subset of the design history file (DHF), but must provide traceability to identified hazards

• Post-market risk management reviews can be an update tab to the DHF or part of the complaint file

• Use cross-functional teams from existing organization to identify hazards

16


ISO 14971:2007 will:

• Provide a model for a risk management plan• Give guidance for safety and information about

residual risk• Ensure that the options for risk management

tools are understood, including:PHA [preliminary hazard analysis]FTA [Fault tree analysis]FMEA [failure mode effects analysis]HAZOP [hazard and operability studies]HACCP [hazard analysis and critical control point]



17


The standard does not:

• Apply to clinical judgments relating to the use of a medical device

• Specify acceptable risk levels• Require that the manufacturer have a formal

quality system in place

18


• IEC 60601-1:2005• ISO TS 20993• ISO 14155• IEC TS 80002• IEC 62304• TEC TS 80001• IEC 62366• ISO 13485

• IEC 60812• ISO 14969• IEC 61025• ISO 9000-3• IEC 60300-3-9• IEC/TR 60513• EN 12442-1

International Standards related to risk management:

In 2003, there were about 8 technical or QS standards which had incorporated

risk analysis into the process.



Issue 4: 062007-BSI

Application of ISO 14971:2007 to ISO 13485:2003

20

ISO 14971:2007 and ISO 13485:2003

• “The organization shall establish documented requirements for risk management throughout product realization. Records arising from risk management shall be maintained.”(ISO 13485:2003, 7.1)

• Note the concept of life-cycle, e.g. throughout product realization [all phases from initial concept to final decommissioning]

• Product realization = planning, customer-related processes, design control, purchasing, production, traceability, control of monitoring and measuring equipment



21

ISO 14971:2007 and ISO 13485:2003

• “Inputs relating to product requirements shall be determined and record maintained. These inputs shall include…output(s) of risk management.”(ISO 13485:2003, 7.3.2)

• There is a Reference to ISO 14971 in note 3 under clause 7.1

• Consider risk related to installation and servicing

Issue 4: 062007-BSI

Definitions and Terms



23

ISO 14971:2007 Definitions

• Medical devices are products intended for:Diagnosis, prevention, monitoring, treatment, or alleviation of diseaseDiagnosis, monitoring, treatment, alleviation of, or compensation for, an injury or handicapInvestigation, replacement, or modification of the anatomy or of a physiological processControl of conception

• ISO 14971 is a standard a manufacturer may use to identify hazards associated with medical devices, and to estimate, evaluate, control, and monitor the effectiveness of the process

24

ISO 14971:2007 Keywords

• Hazardous situation• Risk• Risk analysis • Risk evaluation• Risk assessment • Risk control• Residual risk• Risk management• Risk Estimation (new)• Life Cycle (new)



25


Overall process comprising a risk analysis and a risk evaluationRisk Assessment

Process of comparing the estimated risk against given risk criteria to determine the acceptability of risk

Risk Evaluation

Circumstance in which people, property, or the environment are exposed to one or more hazard(s)

Hazardous Situation (new area of focus)

Probability of the occurrence of harm and the severity of that harmRisk

Systematic use of available information to identify hazards and estimate riskRisk Analysis

Potential source of harmHazard

26


Risk remaining after protective measures have been takenResidual Risk

Systematic application of management policies, procedures, and practices toward analyzing, evaluating, controlling and monitoring risk

Risk Management

Process in which decisions are made and measures implemented by which risk are reduced to, or maintained within specified levels

Risk Control



27


Risk Management file must include outputs from the steps of the risk management process. In addition, it shall provide traceability for each identified hazard to the solutions adopted (2.23 and 3.5)

Risk Management File (modified)

Process used to assign values to the probability of occurrence of harm and the severity of that harm

Risk Estimation

All phases in the life of a medical device, from the initial conception to final decommissioning and disposal

Life Cycle

Definitions in 14971:2007 are also now in alphabetical orderNew Definitions

Issue 4: 062007-BSI

The Risk Management Process



29

ISO 14971:2007 Risk Management Process

• Intended use/purpose• Hazard identification• Risk estimation each hazardous situation

Risk Evaluation

Ris

k As

sess

men

t

Ris

k M

anag

emen

t

Risk management report

Production and post-production

Risk Analysis

• Option analysis• Implementation• Residual risk evaluation• Risk/benefit analysis• Consequential risks• Completeness of control

Risk Control

Evaluation of overall risk acceptability

30

Planning is Essential Before Conducting Risk Management

Evidence of Top ManagementCommitment Demonstrated (3.2)Evidence of Top Management

Commitment Demonstrated (3.2)

Qualification of personnel (3.3)Qualification of personnel (3.3)

The Plan (3.4)The Plan (3.4)

RiskManagement

Process

RiskManagement

Records

Process must be establisheddocumented, maintained,

consider life-cycle, analysis, evaluation, control, production

and post-production

Process must be establisheddocumented, maintained,

consider life-cycle, analysis, evaluation, control, production

and post-production

Assignment of qualified personnelDefine acceptability policy

Periodically review the processMeasure effectiveness

Assignment of qualified personnelDefine acceptability policy

Periodically review the processMeasure effectiveness

The File (3.5)The File (3.5)

Define Process (3.1)Define Process (3.1)



31

Risk Management Process (4.1)

StartStart

Identified use/intended purposeIdentify characteristics (4.2)

Identified use/intended purposeIdentify characteristics (4.2)

Identify known and/or foreseeable hazards (4.3)Identify known and/or

foreseeable hazards (4.3)

Estimate risk(s) for each hazardous situation (4.4)Estimate risk(s) for each hazardous situation (4.4)

RiskAnalysis

RiskEvaluation

If no, proceed to 6.7If no, proceed to 6.7

If yes, apply control (6.1)If yes, apply control (6.1)

Is riskreduction necessary?

(5)

Is riskreduction necessary?

(5)

32

Risk Management Process Control

Identify appropriate risk control measure(s), record risk control

requirements (6.2)

Identify appropriate risk control measure(s), record risk control

requirements (6.2)

Implement, record and verifyappropriate measures (6.3)

Implement, record and verifyappropriate measures (6.3)

Is the residualrisk acceptable?

(6.4)

Is the residualrisk acceptable?

(6.4)

RiskControl

If not practicable, perform risk/benefit analysis(6.5)

If not practicable, perform risk/benefit analysis(6.5)

Is the risk reducible?

If Yes

Is the risk reducible?

If Yes



33

Risk Management Process Control

Are other hazardsgenerated?

(6.6)

Are other hazardsgenerated?

(6.6)

Completeness of risk control

(6.7)

Completeness of risk control

(6.7)

Risk/Benefit analysis(6.5)

Risk/Benefit analysis(6.5)

RiskControl

34

Risk Management Process Evaluate, Report, Produce, Monitor

Overallresidual

riskevaluation

Complete risk managementreport (clause 8)

Complete risk managementreport (clause 8)

Begin Production (clause 9)Begin Production (clause 9)

Is reassessmentof risk necessary?

(clause 9)

Is reassessmentof risk necessary?

(clause 9)

Post-productioninformation

Review post-productioninformation (clause 9)

Review post-productioninformation (clause 9)

If unacceptable, further data may be relevant. For

overall residual, decide which to disclose

If unacceptable, further data may be relevant. For

overall residual, decide which to disclose

Is overallresidual risk acceptable?

(clause 7)

Is overallresidual risk acceptable?

(clause 7)



Issue 4: 062007-BSI

Risk Management

Application of Risk Management to Medical Devices

Issue 4: 062007-BSI

Risk Analysis

ISO 14971:2007, Clauses 4.1-4.4



37

4.1 - 4.2 Risk Analysis

• Determine which tools the team will use to fulfill the requirements

• Describe intended use/intended purpose and any reasonably foreseeable misuse

• List all qualitative and quantitative characteristics that could affect safety and determine limits

• Maintain records• Check compliance

38

4.1 - 4.2 Risk Analysis

Information on Risk Management TechniquesAnnex G

Questions to help identify medical device characteristics that could impact safety

Annex C



39

4.3 Risk AnalysisHazard Identification

• List known or foreseeable hazards in both normal and fault conditions

• Identify previously recognized hazards • Consider and record foreseeable sequences of

events that may result in a hazardous situation

40

4.3 Risk AnalysisHazard identification

Identification of known and foreseeable hazardsAnnex H.2.4

Examples of initiating events and circumstancesTable E.2

Examples of hazardsTable E.1



41


• Hazards not previously recognized can be identified by systematic methods:

Failure Mode Effect Analysis (FMEA) Failure Mode Effect and Criticality Analysis (FMECA)Fault Tree Analysis (FTA)Hazard and Operability Study (HAZOP)Hazard Analysis and Critical Control Point (HACCP)

• Maintain records • Check compliance

Note: See Annex G for information on risk analysis techniques/tools to consider

42


The importance of choosing tools:

• Brainstorming can only take the team so far• Component level failures, system level failures,

impact of sequences of events are sometimes best analyzed with different tools

• Different tools can be put to best use at different periods on the life-cycle

• Some tools are better adapted to hardware and some to software



43

Hazard

• There is a risk that a patient may come to some harm if they are exposed to a hazard

• The 2007 version of the standard emphasizes ‘hazardous situation’ leading to the questions:

For the hazards we have identified, what circumstances would lead to exposure to one or more of these hazards? How could the hazard impact the patient, care giver or environment?

• Risk is a combination of the probability of occurrence and the severity of the harm which would occur, so hazards lead to hazardous situations which lead to risks

44

ISO 14971:2007 Requirements Risk Management Concept

Intended UseIntended Use

HazardHazard

Hazardous SituationHazardous Situation

RisksRisks

Note: See Figure 1, ISO 14971:2007



45

4.4 Risk AnalysisEstimation of the Risk

• Estimate the risks in both normal and fault conditions

• Consider sequences of events that can lead to a hazardous situation

• List possible consequences (severity) for hazards even when the probability of the occurrence of harm cannot be estimated


46


• Examine initiating events or circumstances• Consider any mitigating features already

designed-in, or proven in the market



47


Information for estimating risks can be obtained from:

• Published standards• Scientific technical data• Field data from similar medical devices• Usability tests with typical users• Clinical evidence• Results of relevant investigations• Expert opinions• External quality assessment schemes

48


Relationship between hazards, foreseeable sequences of events, hazardous situations and harm that can occur

Table E.3

Risk Concepts applied to medical devices. Guidance on hazards, risk estimation, risk acceptability, risk control, risk/benefit analysis (with examples), and overall risk evaluation

Annex D



49


S0Inconvenience or temporary discomfortNegligible

S1Temporary injury or impairment not requiring professional medical intervention

Minor

S2Injury or impairment requiring professional medical interventionSerious

S3Permanent impairment or life-threatening injuryCritical

S4Results in patient deathCatastrophic

RankingCriteria: Severity of EffectEffect

50


P0Very unlikely to occur1:10,000

P1Remote chance of occurring1:1,000

P2Occasionally occurs1:100

P3Frequently occurs1:10

P4Certain to occur1:1

RankingCriteria: Probability of EffectProbability



Issue 4: 062007-BSI

Risk Analysis-FMEA

FMEA is one of the tools for risk analysis

52

FMEA, FTA, HAZOP, PHA and HACCPInformative Annex G in the risk management standard provides excellent guidance on choice of tool options:

For this course, we will study and perform FMEA on the design of a medical device, sometimes known as a ‘design FMEA’ or DFMEAA process FMEA can also be conducted using the same tool

Note: BS EN 60812 FMEA Procedure



53

FMEA in Design Control

• Perform early in design cycle so that removal or mitigation of failure mode is most cost effective

• FMEA should be an iterative process, particularly when considering other generated hazards

• FMEA results in a team composed of individuals qualified to recognize consequence and magnitude of hazards

54

FMEA in Design Control

Design FMEA:

• assumes the product will be manufactured to meet the design

• does not rely on process controls to overcome potential design weaknesses

• examines technical and physical limits of a manufacturing or assembly and test process

• if successful, involves representatives from all areas of the organization



55

FMEA Activities

• Assign a rating for severity and probability for each hazard

• Calculate risk• Determine the most appropriate corrective/

preventive actions based on the risk acceptability policy

• Carry out the recommended action• Recalculate risk• Document any other generated hazards

56

FMEA - Risk

A general relation regarding a measure of a potential risk, R, in a FMEA can be expressed as:

R = S x P

Where S = Severity and P = Probability



57

What FMEA Can Do

• Identify failure modes• Determine their probability• Help prioritize actions to be taken • Allow for mitigation of failure modes• Provide mitigation status• Help increase system/item reliability• Complement FTA

58

What FMEA Cannot Do

• Model interaction of failure modes (each failure mode is considered independent; especially an issue in software/hardware interactions)

• Predict/assess system/item reliability over the life-cycle

• Monitor and evaluate reliability improvements and final product reliability



59

FMEA: Follow-Up Actions

• FMEAs are living documents• FMEAs should always reflect latest design levels• Focus should always be on

improving safety of medical device before placing it on the market

Issue 4: 062007-BSI

Risk Evaluation

ISO 14971:2007, Clause 5



61

5 Risk Evaluation

• For each identified hazard:Q: When is risk reduction NOT required?A: Factors to consider:

• If risks are identified as “acceptable”• If estimated risk is so low that risk

controls are not necessary• Criteria defined in the risk management plan

and requirements in relevant technical standards• Maintain records• Check compliance

Note: If no further risk control is necessary, proceed to 6.7

62

5 Risk Evaluation

Identify hazardEstimate risk

Is risk high enough to warrant

risk reduction?

ACCEPTDESIGN

Reduce Risk

Does benefitoutweigh risk

after reduction?

DENYDESIGN

YES

YES NO

NO



Issue 4: 062007-BSI

Risk Control

ISO 14971:2007 – Clauses 6.1-6.7

64

6 Risk Control

When risk reduction is indicated, the organization must follow the processes as noted:

• Option analysis• Implementation of risk control measures• Residual risk evaluation• Risk/benefit analysis• Review of other generated hazards• Evaluation of completeness of risk control



65

6.1 - 6.2 Risk Control Option Analysis

• Identify measures to reduce risk to an acceptable level by priority:

Inherently safe designProtective measuresInformation on safety

• Select risk control measures based on relevant product standards


66

6.1 - 6.2 Risk Control Option Analysis

Information for safety and residual risk information and disclosureAnnex J

Guidance on situations where the probability of harm cannot be estimated

Annex D.3.2.3



67

6.3 Risk Control Implement Measures

• Implement and verify risk control measures by priority

• Verify implementation of control measures• Verify effectiveness of control measures• Maintain records• Check compliance

68

6.4 Risk Control Residual Risk Evaluation

• Evaluate residual risks using criteria defined in the risk management plan

• For any residual risk that doesn’t meet plan criteria, implement further risk control measures

• Decide on which information to disclose to explain residual risk in the appropriate accompanying documents supplied by the manufacturer




69

6.5 Risk ControlRisk/Benefit Analysis

If benefits DO NOToutweigh risk

If benefits DO NOToutweigh risk

If benefits DO outweigh riskIf benefits DO outweigh risk

Risk is UNACCEPTABLE

Risk is UNACCEPTABLE

Proceed to6.6

Proceed to6.6

Further risk control is not practicable

Further risk control is not practicable

YESNO

Determine if benefits outweigh the residual risk

70

6.5 Risk ControlRisk/Benefit Analysis

• The manufacturer will decide which residual risks are relevant to explain in accompanying documents


Note: See Annex D.6.1-D6.5



71

6.6 Risk Control Other Generated Hazards

• Review risk control measures to identify if other hazards or hazardous situations are introduced by risk control measures

• Assess estimated risks for impact on hazards previously identified


72

6.7 Risk Control Completeness of Risk Evaluation• Ensure that risks from all identified hazards have

been evaluated• Maintain records• Check compliance

Traceability is not required in the final report, but it now is required in the risk management file to ensure that all identified hazards have been addressed



Issue 4: 062007-BSI

Evaluation of Overall Risk AcceptabilityISO 14971:2007, Clause 7

74

7 Overall Risk Evaluation

• Determine if the overall residual risk of the device is acceptable after all measures have been implemented and verified

• If judged unacceptable, determine if additional proof supporting medical benefits supports a conclusion in favor of the product

Final conclusion after the study must support benefitsoutweighing any residual risk or product cannot be taken to market

Risk MedicalBenefits



75

7 Overall Risk Evaluation

Guidance on how residual risks can be disclosedAnnex J

Guidance on overall residual risk evaluation

Annex D.7.1-D.7.8

Issue 4: 062007-BSI

Risk Management Report

ISO 14971:2007, Clause 8



77

8 Risk Management Report

• Prior to commercial distribution, the report must be reviewed to ensure that:

Risk management plan has been appropriately implementedOverall residual risk is acceptableMethods in place for production and surveillance

• Check compliance• Review conducted in accordance with plan and

properly authorized in accordance with the plan

78

8 Risk Management Report

• The risk management report should address all hazards known or reasonably foreseeable for the particular product types and technologies involved

• The report must address likelihood andconsequences of occurrence of harm and measures taken to reduce the residual risks to acceptable levels



Issue 4: 062007-BSI

Production and Post-Production InformationISO 14971:2007, Clause 9

80

9 Production

The manufacturer shall gather and review information during production processes:

• Consider production, operators, and users• Consider installation and maintenance• Consider impact of new or revised standards

Production considerations were not clearly addressedin the previous version of the standard as it went from the reportto post-production information. The requirement now makesit clear that the expectation is that the report andconclusions are fully completed before production begins



81

9 Post-Production Information

• Establish, document, and maintain a system to review information gained about the medical device or similar devices in the post-production phase

• Evaluate the information for possible relevance to safety, especially the following:

If previously unrecognized hazards are presentIf the estimated risk arising from a hazard is no longer acceptableIf the original assessment is otherwise invalidated (by post-market data)

• Evaluate the effectiveness of the risk management process

82

9 Post-Production Information

• Post-production information will come from complaints, but should not be limited to complaints

• For ease of analysis, data should be coded• Consider coding by hazards generated, including

user error from misuse (whether accidental, or intentional if the information implies misuse on other products)

• Review data at defined intervals• Ensure management is informed of the

post-production review (e.g., as an agenda item to management review)



Issue 4: 062007-BSI

Variables Driving the Cost and Duration of Implementation

84

Implementation: Cost and Time

• Start with top management support for the process, policy, and training [in tools and in expertise for MD usage]

• Develop a good risk management plan with defined criteria for acceptability

• Get management acceptance of the plan and determine when their approval is needed or not needed

• Involve risk management team in plan so they understand the criteria



85


• Invest more time in determining intended use and foreseeable misuses

• Decide which tools are most appropriate at which stages of the life-cycle

• Invest a lot more time in listing hazards early on in the program. It is much better to identify 900 hazards and mitigate 100, than to identify 100 hazards and mitigate 50

86


• Train personnel on risk management techniques ahead of time

• Train personnel on intended use of the device as well as intended environment of use and consider ‘hands-on’ activities

• Utilize relevant standards• Leverage existing systems



87

Next Steps

For further guidance on medical devices go to:www.bsiamericas.com

or call1-800-862-4977 (USA)

1-800-862-6752 (Canada)

88

Questions/Final Thoughts

If you have any further questions, comments, or suggestions, please email us:

[email protected]



Issue 4: 062007-BSI

Thank You for Participating!

overview of iso 14971 webinar, issue 4, 06-20-07applicability of iso 14971:2007 • iec 60601-1:2005...

Documents