Dissecting the Details
- Εμφανίσεις: 5502
Risk mitigation always has been a salient requirement for the design, development and manufacture of medical devices that are safe and effective for their intended use. The tools employed in the pursuit of effective risk management, however, have varied significantly.
EN ISO 14971:2012 Medical Devices. Application of risk to medical devices is categorized as a consensus standard by the U.S. Food and Drug Administration (FDA). Since July 31, 2012, it’s also been considered a harmonized standard in Europe.
With the advent of EN ISO 14971:2012, the device industry now has well-defined guidelines to assist in its pursuit of effective risk management. Although the application of risk management tools will vary depending on organizational structure, the underlying purpose for applying risk management is patient and user safety, driven by medical devices that are safe and effective for their intended use.
One additional concept relevant to understanding risk management is that the "as low as reasonably practical" (ALARP) approach is no longer an acceptable approach to risk management due to financial implications associated with the ALARP concept.
Importance of risk management
It is the goal of medical device manufacturers to design, develop and introduce medical devices into the marketplace that are safe and effective for their intended use. One of the most significant influences associated with safe and effective medical devices is the identification of risk and the application of risk management tools to mitigate it.
In the device industry, risk is viewed as having multiple facets:
• Product risk.
• Patient and user risk.
• Regulatory risk.
ISO 14971 was written to assist medical device manufacturers in understanding and applying tools needed for effective risk management. In fact, it is an insurmountable task to have regulatory bodies approve device applications without documented evidence of compliance with ISO 14971.
FDA warning letter
In April 2014, the FDA inspected a manufacturer of polytetrafluoroethylene (PTFE)-coated guide wires used in cardiovascular and urological procedures. PTFE, better known as Teflon, is a synthetic fluoropolymer used in many industrial applications, including the manufacture of medical devices.
In the context of the warning letter, the word "risk" was used six times (see part of the letter in the sidebar "Warning Letter—Observation 1").
The first observation noted in the warning letter, however, criticized this organization’s approach to risk analysis. In fact, the agency said that the offending organization’s approach to risk analysis was inadequate.
Changes in 2012 version
One of the most common questions asked by industry relates to the differences between EN ISO 14971:2007 and the 2012 version. According to the European Association for Medical Devices of Notified Bodies’ (Team-NB) position paper, there have been no changes to the normative text of EN ISO 14971.
The Team-NB position paper was written in April 2013 and delineates the way notified bodies in Europe will verify their clients’ compliance to EN ISO 14971:2012 requirements.
Annex Z has changed, however. Annex Z delineates gaps associated with EN ISO 14971 and areas in which EN ISO 14971 fails to comply with the three European medical device directives:
1. The active implantable medical device directive—90/385/European Economic Community (EEC).
2. The in-vitro medical device directive—98/79/EC.
3. The medical device directive (MDD)—93/42/EEC.
Consider this an advanced warning: Proposed changes are going to force the migration of these three directives into regulations in about three years. Additionally, notified bodies will be tasked with complying with EN ISO 14971 during the assessment of a device manufacturer’s technical files and design dossiers.
It is imperative to understand that when deviations from the three European medical device directives (driven by a thorough review of Annex Z requirements as they relate to finished medical devices) are noted, formal corrective action will be required to address the deviations.
Furthermore, the underlying goal of notified body reviews of EN ISO 14971 compliance will determine whether clinical benefits outweigh patient and user risk.
Moreover, many device organizations that have fully complied with EN ISO 14971:2007 will find their technical documentation is in excellent shape if a robust approach to risk management has been pursued.
Finally, the Team-NB position paper recommends organizations ask four questions to help determine their overall level of compliance to risk management:
1. Do all design solutions conform to the safety principles given in the essential requirements and EN ISO 14971 (inherent safe design > protection measures > information)?
2. Have manufacturers shown that risks have been reduced as much as possible?
3. Have manufacturers conducted a risk-benefit analysis for all risks?
4. Because publication of residual risks in the information given to the user doesn’t reduce the risk, but publication of residual risks and warnings used as risk-control measures may be beneficial, have residual risks been correctly placed in the instructions for use (IFU) or provided in training? Have manufacturers evaluated whether those warnings are effective (refer to International Electrotechnical Commission [IEC] 62366)?
It will be the responsibility of medical device manufacturers to ensure these questions are adequately addressed as part of their design and development processes. Failure to do so will result in a delay in device application approvals in the European Union (EU).
Additionally, failure to bring legacy files into compliance with EN ISO 14971:2012 will result in the issuance of nonconformances from notified bodies and potential Form 483 observations from the FDA.
Prudent path for compliance
It is incumbent on medical device manufacturers to demonstrate ongoing compliance with essential requirements. In the EU, after all, compliance with harmonized standards equates to a presumption of conformity with the applicable directive.
Employment of harmonized standards, however, continues to be voluntary and not mandated by regulation in the EU. Pragmatic advice is to simply comply with the wishes of notified bodies and employ harmonized standards, including EN ISO 14971:2012, whenever and wherever possible.
Elements for an effective approach
It is imperative for the management team of each device organization to be fully committed to the pursuit of effective risk management and successful implementation of EN ISO 14971:2012 principles. After all, it is the management team that will be responsible for:
• Defining the organization’s policies for risk management and acceptability of risk.
• Assessing the ongoing effectiveness of the risk management program.
• Ensuring qualified personnel are on staff to perform risk management activities.
If the management team is fully committed, the first thing to keep in mind when writing a standard operating procedure for risk management is a basic understanding that any approach to risk management and compliance with EN ISO 14971:2012 must address three essential elements:
1. Clause 4—Risk analysis.
2. Clause 5—Risk evaluation.
3. Clause 6—Risk control, including key deliverables such as Clause 3.4—Risk management plan (RMP); Clause 8—Risk management report (RMR); and Clause 3.5—Risk management file (RMF).
Clause 4: Risk analysis
For starters, the risk analysis process, in accordance with EN ISO 14971:2012, shall be documented in the RMF. Practices currently employed by industry include creating a standalone RMF or using the design history file as the receptacle for risk management documentation.
As part of the risk analysis element, intended use, identification of hazards and estimation of risk must occur. With respect to the estimation of risk, information necessary for estimating risk can be found in:
• Published standards.
• Scientific data.
• Technical data.
• Field and postmarket surveillance data from
complaints and medical device reports (MDR) from similar devices.
• Clinical trials.
• Opinions from device experts.
• External quality assessments.
• Deliverables requiring consideration in support of risk analysis and inclusion in the RMF include:
• A detailed description and identification of the device being analyzed for risk.
• The scope of the risk analysis performed.
• The dates the risk analysis activities were performed.
• The identification of the persons or organizations that performed the risk analysis.
• Additionally, intended use deliverables required in the RMF are:
• Intended use of the device (clause 4.2).
• Potential device misuse (clause 4.2).
• Quantitative and qualitative characteristics that influence device safety and efficacy (clause 4.2).
Furthermore, identification of hazards information required in the RMF is:
• A compilation of documentation on known hazards associated with the device (clause 4.3).
• A compilation of documentation on foreseeable hazards associated with the device (clause 4.3).
• The identification of all normal and fault conditions associated with the device (clause 4.3).
Finally the "estimation of risk" information required in the RMF is:
• The documentation of all hazardous situations relating to a device (clause 4.4).
• The estimation of risk for each hazardous situation identified (clause 4.4).
• The probability of occurrence for each hazardous situation (clause 4.4). For hazardous situations in which the probability of occurrence for harm cannot be estimated, the consequences associated with the potential harm must be documented.
Clause 5: Risk evaluation
As part of the risk evaluation, it is incumbent on device establishments to decide what level of risk mitigation is warranted and the subsequent reduction in risk required for each hazardous situation. If a device establishment can determine risk mitigation and reduction is not warranted, risk evaluation and control activities need not be pursued.
All decisions made relating to not pursuing risk mitigation and reduction, however, require written rationale to support the decision. In accordance with EN ISO 14971:2012, clause 5 requirements, the written rationale will be retained in the RMF.
Clause 6: Risk control
The third element associated with an effective approach to risk management—in accordance with EN ISO 14971:2012, clause 6—is multifaceted risk control. As part of risk control, the device establishment must address their approaches to:
1. Clause 6.1—Risk reduction.
2. Clause 6.2—Risk-control options.
3. Clause 6.3—Implementation of risk-control measures.
4. Clause 6.4—Evaluation of residual risk.
5. Clause 6.5—Risk/benefit analysis.
6. Clause 6.6—Risks that are byproducts of the application of risk control.
7. Clause 6.7—Overall completeness of risk control.
Device establishments are required to identify and document all risk-control measures employed as part of risk management. Acceptable risk-control options that can be considered for use are:
• Inherent safety by design.
• Protective measures designed into the device.
• Protective measures built into the manufacturing process.
• Information for product safety.
After they’re implemented, the effectiveness of risk-control measures must be verified. The question that must be asked is, "Do the risk-control methods implemented actually reduce the risk?" If the answer is no, incorrect control measures have been identified and implemented.
Additionally, residual risk must be assessed against the original criteria identified in the RMP. If it has been determined that the level of residual risk is unacceptable, additional risk controls must be identified, implemented and monitored for effectiveness.
If the residual risks are reviewed and deemed acceptable, however, the device establishment is asked to decide which risks will be publicly disclosed, typically in the IFU. Note that the IFU contains important information about the proper use of medical devices, including warning statements.
Furthermore, if the residual risk is unacceptable and the application of risk controls is not possible, the execution of a risk-benefit analysis will quickly become a necessity. As part of the risk-benefit analysis, the establishment must decide whether the medical and clinical benefit of the finished medical device outweighs the device risk.
If it is clear that a device’s medical and clinical benefits outweigh the device’s risk, the device establishment must decide which risks are to be disclosed. The device establishment is required to document all risk-benefit analysis activities and place the documentation into the RMF. Additional effects of risk-control measures that require review are:
• The introduction of new hazards.
• The introduction of hazardous situations.
• Previously identified hazardous situations, including the assessment of potential impact made to these situations as a result of the introduction of risk-control measures.
Completeness of risk control
Finally, the completeness of risk control must be thoroughly assessed as part of the overall risk-management process. For example, EN ISO 14971:2012, clause 6.7 requires device establishments to:
• Consider all risk-associated hazardous situations that have been identified.
• Ensure all risk-mitigation activities have been appropriately identified.
• Determine whether the acceptability of risk has been appropriately evaluated.
• Assess the risk-benefit analysis for each device.
Only after all risk-control measures have been implemented and verified and the overall risk for each finished medical device has been determined to be acceptable (including the disclosure of risks) can a device establishment feel secure claiming its approach to risk management was successful.
One additional salient point that must be reinforced is that as part of Clause 7—Evaluation of risk acceptability, the medical and clinical benefit of the finished medical device must outweigh the risk if the overall risk is deemed to be unacceptable.
Document the review
Prior to the commercial release of a medical device, device establishments must review the entire risk management process pursued and document the review in the RMR. Elements of risk management required to be reviewed, all in clause 8, are:
• The RMP to ensure the plan has been fully executed and supported by documented evidence of compliance.
• Whether the level of risk is determined to be acceptable following performance of an assessment of the overall residual risk.
• Whether appropriate tools have been available and deployed to monitor, collect and analyze production and postproduction data (for example, postmarket surveillance).
Production and post-production activities
Risk management does not end with the initial introduction of finished medical devices into the market. In fact, effective risk management never ends because it is tied to the product life cycle.
After a product has been cleared, approved and successfully launched into the U.S. marketplace or device markets outside of the United States, device manufacturers are tasked with collecting and analyzing a great deal of device performance-related information.
Some of the device information regulators expect to be collected and analyzed, for example, are operator and user data, installation data, maintenance data, servicing data and device performance data (such as complaints, MDRs, vigilance reports and literature reviews).
Manufacturers also are expected to collect and evaluate information relating to previously unknown hazards and previously unknown hazardous situations. This includes determining whether device risk remains acceptable.
Details, details, details
Regulators consider the application of effective risk management to be a salient requirement needed in the design, development and manufacture of finished medical devices that are safe and effective for their intended use.
The fundamental application of risk management has not changed the normative text of EN ISO 14971:2012 compared to previous editions.
Annex Z changes, however, result in the need for device manufacturers to revisit and correct documentation placed into RMFs, driven by new deviations identified as part of remediating the content of existing risk-management documentation.
Remember, the concept of ALARP is no longer an acceptable approach due to the financial implications associated with the ALARP concept.
Risk management is not that daunting of a task, but as the old saying goes, "The devil is in the details."
Article Reference: QP