Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

ISO 14971 Risk Management Medical Device


Published on

Published in: Business, Technology
  • Hey I pick up great truck. Saved a lot, thanks. ➢➢➢
    Are you sure you want to  Yes  No
    Your message goes here

ISO 14971 Risk Management Medical Device

  1. 1. THE RIGHT INSTRUMENTS Risk Management for the Medical Devices Industry ISO 14971:2007 Medical Devices Risk Management raising standards worldwideTM HealthcareHealthcare
  2. 2. BSI Product Services Medical Devices Risk Management Risk Management The international standard ISO 14971:2007, Medical devices - Application of risk management to medical devices, is designed to help manufacturers introduce reliable medical device products into the market. The manufacturer is responsible for identifying and controlling not only the risks accociated with their medical device, but evaluating interactions with other devices. ISO 14971:2007 specifies a process through which medical device manufacturers can identify hazards and risks associated with their medical devices and accessories. The requirements of ISO 14971:2007 are applicable to all stages of the lifecycle of a medical device but do not apply to clinical judgments relating to the use of a medical device. ISO 14971:2007 does not specify acceptable risk levels, this is the responsibility of the manufacturer. Using ISO 14971:2007 will allow a manufacturer to: • Identify the hazards associated with their products • Estimate and evaluate risks • Control risks • Monitor the effectiveness of controls • Establish a process based approach to managing risk • Determine acceptable risk levels • Provide adequate resources and personnel to manage risk This guide will help manufacturers to implement a process approach to risk management using the ISO 14971:2007 standard. International Standards Organization (ISO) and British Standards (BS) both created a version of 14971:2007 in the year 2007. The content of both versions are identical. This brochure will simply address both versions as ISO 14971.
  3. 3. RiskManagement RiskAssessment • Option analysis • Implementation • Residual risk evaluation • Risk/benefit analysis • Intended use/ intended purpose • Hazard identification • Risk estimation Risk Analysis Risk Evaluation Risk Control risk management report OVERALL RISK ACCEPTANCE • Production information and market surveillance POST-PRODUCTION INFORMATION BSI Product Services Medical Devices Risk Management Overview of the risk management process Risk management starts at product conception, extends through research and development, production, post-market surveillance, and ends with product decommissioning and safe disposal. Despite risk mitigations, there will always be residual risks associated with the use of a medical device - manufacturers must determine the acceptability of that risk level before going to market. Risks are either ‘acceptable’ or ‘unacceptable’ under the new standard. Acknowledgement of residual risk and final determination of disclosure of remaining residual risks is the manufacturer’s responsibility. Post-production experience can be used to trigger Corrective And Preventive Action (CAPA) in addition to providing valuable information about the accuracy and appropriateness of the past risk management activities. This feedback can be used to enhance future risk management processes.
  4. 4. BSI Product Services Medical Devices Risk Management Requirements for risk management ISO 14971:2007 Glossary of terms Risk management is a process that encompasses all the activities of a company, not just the development and manufacturing. When applied to products, the process begins at product conception, extends through research and development, production, post-market surveillance, and ends with product decommissioning and safe disposal. Risk management is a requirement of ISO 13485:2003: • The last paragraph of Section 7.1, Planning of product realization requires: “The organization shall establish documented requirements for risk management throughout product realization. Records arising from risk management shall be maintained.” • NOTE 3 of Section 7.1 refers to ISO 14971 directly: “See ISO 14971 for guidance related to risk management.” • A rationale for NOTE 3 is given in Appendix B of ISO 13485:2003 “Risk management is a key activity that determines the nature and amount of activity in many of the areas addressed by the medical device organization’s quality management system.” Risk management is a required part of the COUNCIL DIRECTIVE 93/42/EEC of June 14th, 1993 concerning medical devices (commonly known as the Medical Devices Directive). Risk management is referred to in the Directive, or MDD sections listed below: • Within 3 of the “recitals” (the preamble where every section begins with “whereas”) • Annex I Essential Requirements: ER 1, ER 2 • Annex II EC Declaration of Conformity: Section 3.2 Harm: Physical injury or damage to the health of people, or damage to property or the environment Hazard: Potential source of harm Severity: Measure of the possible consequences of a hazard Risk: Combination of the probability of occurrence of harm and the severity of that harm Residual risk: Risk remaining after risk control measures have been taken Risk analysis: Systematic use of available information to identify hazards and to estimate risk Safety: Freedom from unacceptable risk Risk management: Systematic application of management policies, procedures, and practices to the tasks of analyzing, evaluating, controlling and monitoring risk Life cycle: All phases in the life of a medical device, from initial concept to final decommissioning and disposal
  5. 5. BSI Product Services Medical Devices Risk Management The worldwide leader in medical devices quality BSI Product Services-Healthcare contributes to our clients’ success in the global medical device industry by accelerating access to international markets. As a world class Notified Body, BSI provides rigorous quality system reviews and product certification, delivering confidence to regulators, manufacturers and consumers. Our responsive team includes product specialists, engineers, microbiologists and regulatory affairs experts, enabling us to speak your language all over the world. With operations in over 100 countries and over 100 years of experience, BSI is a respected partner that understands your challenges, offers flexible solutions and earns your trust. BSI ISO 14971:2007 Certification Program ISO 14971:2007 is recognized as an International state-of-the- art standard for risk management in the life-cycle of medical devices. While medical devices are never without some level of risk, this BSI Certification Program helps to ensure that medical manufacturers minimize risks so product benefits clearly outweigh risks. Certification Benefits include: • First Certification Program developed to ISO 14971:2007 standard • Provides independent 3rd party validation and objective evidence of compliance • Suppliers can gain a competitive advantage which is recognized by manufacturers and regulatory authorities • Demonstrates that risk process conforms to ISO 13485:2003 and IEC 60601-1 for electromedical devices • Increase speed-to-market with the establishment of robust risk management processes for new product development Risk analysis techniques applicable to medical devices ISO 14971:2007 describes techniques for Risk Analysis in Annex G. These techniques include: Preliminary Hazard Analysis (PHA), Fault Tree Analysis (FTA), Failure Mode and Effects Analysis (FMEA), Hazard and Operability study (HAZOP), and Hazard Analysis and Critical Control Point (HACCP). Fault tree analysis FTA is a top-down, deductive process starting from an undesired condition called the TOP event (such as death or injury to the patient, caregiver or personnel responsible for manufacturing, disposing of or decommissioning the device). Possible fault modes that could cause these higher level, undesired conditions are identified at the next lower functional level. This process is repeated in ever finer detail until component or module level is reached. The results are represented pictorially in the form of a tree of fault modes. At each level in the tree, combinations of fault modes are combined using logical operators (such as AND and OR). Failure mode and effects analysis FMEA is a bottom-up, inductive process in which the effects, at the next highest level, of a component failure are systematically evaluated. FMEA attempts to answer the question, “What happens to the output if component ‘X’ fails in a given way?” Failure Modes, Effects and Criticality Analysis (FMECA) is an enhancement of the FMEA methodology in which a criticality analysis is performed. Criticality analysis involves assigning a probability to each failure mode and a severity to each failure effect. Risk analysis efficiency tips: • Use FTA to guide FMECA/FMEA • Use FTA from the TOP down to identify critical modules • Use FMEA from the BOTTOM up on the critical modules
  6. 6. BSI Product Services Medical Devices Risk Management BSI Product Services Medical Devices Risk Management 5. Determined level of risk and action The manufacturer must determine what action to take and when to take it. This action and the level of risk must be defined. We check that methods for considering the severity, occurrence, and/or detection (if appropriate) is being implemented. BSI also looks to see if an RPN number is being calculated for each risk item. Action on a defined RPN is very subjective. To implement “best practice”, we recommend taking action on your company’s highest RPN risk items. The RPN should then be recalculated allowing for further assessment of appropriate action. 6. Reduction of risk The manufacturer must recalculate the RPN or risk after action has been taken to show risk reduction. This is the main purpose of risk analysis pertaining to the design clause. Risk analysis should be applied to several other areas outside of the design process. 7. Risk assessment application Risk assessment should be used in determining: • Which complaints or non-conformities to address within the CAPA system (ISO 13485 Sections 8.5.2 8.5.3) • If the controls of subcontractors are adequate for the risks that may be encountered (ISO 13485 Section 7.4.1) • The disposition of non-conforming material — used to determine the risks if product is reworked, used as is, or is scrapped 1. Documented requirements for risk analysis Product realization encompasses much more than just the design of the process (e.g. purchasing, production, etc). If risk analysis is required throughout product realization, the manufacturer must do more than just risk analysis on the product design. If the manufacturer claims compliance to ISO 14971:2007, they are subject to being audited to this standard and documentation must be provided. 2. Outputs of risk management The manufacturer is required to include the outputs of risk management as design and development inputs. This is a requirement of ISO 13485:2003 (Section 7.3.2.e). 3. Risk consideration The manufacturer must consider any and all risks associated with their medical device, including, but not limited to the: • Patient • Caregivers • Environment • Design of product • Manufacturing delivery process 4. Appropriate action Appropriate actions must be taken on all high risk items. We look to see if error-proofing methods have been employed and that all actions are appropriate to the risks encountered. THE 7 KEYS TO SUCCESS What we look for when assessing risk management...
  7. 7. BSI Product Services Medical Devices Risk Management BSI Product Services Medical Devices Risk Management Training We offer a comprehensive program of training courses for ISO 14971:2007, ISO 13485:2003, CE Marking and much more. Understanding ISO 14971:2007 This course is designed to provide participants with a greater knowledge of ISO 14971:2007. Professionals gain an understanding of how ISO 14971:2007 can improve their business and risk management efforts and will also understand how ISO 14971:2007 applies to ISO 13485:2003. Implementing 13485:2003 This course introduces the concepts needed to understand, develop, and implement a quality management system as outlined in the medical devices standard ISO 13485:2003. This course also discusses the use of ISO 14971:2007, which contains key principles and guidance for risk management. Understanding ISO 13485:2003 An ideal introduction to the ISO 13485:2003 including the proposed revisions to the standard. ISO 13485:2003 Internal Auditor Provides the knowledge and skills required to conduct ISO 13485:2003 Quality Management Systems Internal Audits. ISO 9001:2000 Lead Auditor Course with Emphasis on ISO 13485:2003 This course begins with a review of ISO 13485:2003 and continues to teach the principles of process auditing in accordance with quality management system standards and ISO 19011:2002. In addition, the concepts of risk management are introduced. Medical Devices CE Marking Through our CE Marking course students will gain knowledge of the Medical Device Directive and CE Marking approach to provide leadership for their organizations when placing medical devices on the market in the European Union. Webinars BSI also offers a selection of Webinars – interactive online presentations that allow participants to hear the instructor through a telephone conference call while following the presentation element via a webpage. The following are some of the offered classes in our Webinar suite: • Overview of ISO 14971:2007 • Overview of CE Marking • Overview of ISO 13485:2003 • Overview of CMDR and CMDCAS • Recorded Webinar: Japan - New Regulations for Medical Devices Manufacturers Visit our medical devices public training pages for more details on who should attend, the benefits of each course, and course dates and locations at:
  8. 8. BSI/USA/78/MS/0707/E BSI Group: Standards • CE Marking • Training • Inspection • Testing • Assessment • Certification BSI Management Systems 12110 Sunset Hills Road, Suite 200 Reston, VA 20190-5902 USA Tel: 1 800 862 4977 Fax: 1 703 437 9001 Email: BSI Management Systems Canada 6205 Airport Road, Suite 102 Mississauga, ON L4V 1E1 Canada Tel: 1 800 862 6752 Fax: 416 620 9911 Email: BSI Management Systems - Brazil Avenida Eng Luis Berrini N.° 1400 – 1° Andar – CEP: 04571-000 Brookline, Sao Paulo SP Brasil Tel: +55 13 3223 5770 Fax: +55 13 3223 3851 Email: BSI Management Systems - México Torre Mayor Av. Paseo de la Reforma No. 505 Piso 41 -Suite C- Col. Cuauhtemoc, C.P. 06500 México, D.F. México Tel: +52 55 5241 1370 Fax: +52 55 5241 1374 Email: The BSI certification mark can be used on your stationery, literature and vehicles when you have successfully achieved certification.