A risk management file is an integral part of any medical devices’ technical documentation because it details the hazards and risks linked to the use of a device and how the manufacturer handled them in order to optimize its safety and performances. Manufacturers usually construct the risk management file by continuously analyzing the risks of their devices throughout the devices’ design and development stages.
For devices bound for Europe, EN ISO 14971 provides tools and methods that manufacturers can use to analyze and manage the risks associated with their devices. This harmonized standard, which may be adopted on a voluntary basis, can consistently help a manufacturer clarify and implement the regulatory requirements of the Medical Devices Directives. The latest update to EN ISO 14971, published and harmonized in 2012, clarifies some language discrepancies between the standard and the Directives in the informative “Z” annexes in the European foreword. The core text of the standard is not modified. This update is an opportunity for manufacturers to review their global risks management process focusing on the European approach.
The Importance of Risk Management
The inherently risky nature of medical devices, especially those that come into contact with critical systems, means that manufacturers must thoroughly analyze their devices’ risks against many factors. Before analyzing risks, manufacturers make a risk management plan to implement the risk management process throughout the lifecycle of their device. This process will help manufacturers identify hazards and foreseeable misuse, and estimate the risks for each hazard. For each hazard, manufacturers evaluate and analyze the risks to better control and minimize them. This analysis is incorporated into the devices’ risk management file, part of the devices’ technical documentation.
In addition to identifying hazards and estimating the risks for each hazard, manufacturers use the different risk management methods to actually reduce these risks and hazards, potentially making their devices safer for users and patients alike. Applying the methods to the device’s complete life cycle, from the conception to final disposal and decommissioning, will give a manufacturer a complete look at all of the device’s risks. This view gives a unique learning opportunity to the manufacturer because it can continually evolve and adapt its device to ensure its constant safety and efficacy.
Revisions and Clarifications in the Informative Annexes
Many manufacturers rely on the European Harmonized Standards to guide them in fulfilling their regulatory compliance duties. However, the EN ISO 14971 standard’s text is a bit different with the risk management requirements explicitly found in the Directives, including the criteria for acceptable risks and risk control options. As a result, some in the industry were confused as to how far their risk analysis and evaluation should go. The revisions in the informative “Z” annexes clarify what manufacturers should look to when analyzing the risks of their devices and how they can show they controlled their devices’ risks, in a European perspective.
Treatment of Negligible Risks and Acceptability of Risks
Two points included the newly-revised informative annexes are the treatment of negligible risks and the manufacturer’s discretion for risk acceptability. EN ISO 14971 Annex D.8.2 states that if a risk is estimated to be negligible, “…there is no need to investigate the risk reduction options.” Additionally, Annex D introduces the idea of an acceptable risk based on the benefits conferred to the patient. These points are reasonable: if a risk is negligible a manufacturer may waste time in investigating how to further reduce it; in conducting risk-benefit analyses a manufacturer can determine what risks are acceptable. The Directives, however, don’t refer to negligible or acceptable risks at all. Instead they refer to risks generally, stating that they should be reduced “…as far as possible.”1 Without qualifiers of which risks and which risks considering reducing, the regulatory requirement of reducing risks as far as possible extends to all risks.
In the commentary from the revisions included in EN ISO 14971:2012, many medical, scientific, quality and regulatory staff wondered how far they would have to take their analysis. To determine which risks are negligible, however, manufacturers already identify and analyze them according to their risk management plan. Additionally, the new “Z” annexes mention that the manufacturer may not apply its acceptability criteria before applying the Essential Requirements of the Directives. In other words, the manufacturer could apply acceptability criteria, as long as the Directives’ Essential Requirements are fulfilled. Regardless, it is important that all applicable Essential Requirements are considered in the manufacturer’s risk management. As a result, medical device manufacturers may not need to start from scratch to see how deep their analysis could be.
A necessary and important part of a device’s risk evaluation is the risk-benefit analysis. This analysis weighs the device’s risks against its benefits to determine if the risk is too great to patients and users. Comparing the risks against the benefits is mostly a judgment call within the confines of the manufacturer’s risk management plan taking into account any external applicable data, in particular clinical data. EN ISO 14971 §7 states that the manufacturer “…may gather and review data…to determine if the medical benefits of the intended use outweigh the overall residual risk.” The standard also states that the manufacturer need not analyze the risks and benefits for every risk.2
Like the other textual differences between the Medical Devices Directive and the standard, however, the Directive does not qualify when manufacturers perform this analysis. The first Essential Requirement in Directive 93/42/EEC states that the risks “…which may be associated with their intended use constitute acceptable risks when weighed against the benefits to the patient.…” Read literally, this means that the manufacturer must weigh all acceptable residual risks against the benefit to the patient. It may seem a new risk/benefits approach to manufacturers to consider each and every acceptable residual risk with respect to the benefits of the device. However, the current regulatory texts make it an essential requirement for manufacturers to perform the risk-benefit analysis for all individual and overall residual risks.
Reducing Risk “as Far as Possible”
The third point of clarification in the informative “Z” annexes is the difference between reducing risks “as far as possible,” which is required in the Directives, and “as low as reasonably practicable,” as in the standard. The standard contains the concept of reducing risks as low as reasonably practicable (ALARP), introducing economics into the manufacturers risk management analysis. A common concept in product liability law, it was upheld in the European Courts,3 and is used as a measurement of potential liability for many companies in the U.S.
The Directives lack a qualifier here as well for how much a manufacturer should reduce risks. Instead, the MDD states that the manufacturer should reduce risks “…as far as possible.”4 According to the Directives, economic considerations should not prevent manufacturers from reducing dangers. This also seems like an insurmountable task to determine the acceptable boundaries – how can one reduce risks as far as possible in an inherently risky product? The risk management plan also comes into play here because the manufacturer can use the already-created criteria for evaluating risk and processes for reducing risks to further reduce any risks. Reducing risks “…as far as possible” doesn’t mean that all risks must be reduced to nothing. Consequently, manufacturers and notified bodies may not apply the ALARP concept to economic considerations. Manufacturers should be able to justify that they have reduced the risks as far as possible as part of their risk management plan, included in their technical documentation.
Risk Control Options
EN ISO 14971 gives three options to manufacturers for how to reduce and control risks for their devices:
• Design an inherently safe device;
• Use “…protective measures in the device itself or in the manufacturing process;”
• Supply “…information for safety.”5
These options are presented as options, and the standard indicates that the manufacturer is able to use its discretion in applying the options and accepting the residual risk.
Similar principles are included in 93/42/EEC, Annex 1.2. Unlike the standard, the Directive requires the combination of these risk control “options.” In this sense, the principles in the Directive are not options and a manufacturer “…must apply [all] the following principles in…order…” unless the additional options don’t improve security. This textual difference makes a difference to manufacturers because, unlike other changes arising from other revisions, the manufacturer’s risk management plan must change to accommodate all the principles in the Directive. This includes designing an inherently safe device, ensuring the device itself is properly protected from becoming hazardous in the manufacturing process, as well as supplying safety information to users about the hazards. The Directives require eliminating or reducing risks as far as possible through inherent safety in the design and manufacture of a device. These steps, applied in order, are tools to comply with this requirement. Another clarification in EN ISO 14971:2012 European foreword is that manufacturers cannot use safety information for users as a way to reduce the residual risk. In other words, a manufacturer cannot assume that a user knowing about the residual risks will necessarily reduce those risks.
The clarifications in EN ISO 14971:2012 European foreword have major implications for medical device manufacturers. The textual differences between the standard and the Directives caused confusion when implementing the Directives’ essential requirements: when to perform a risk-benefit analysis, which risk reduction options to choose, and how far to go when reducing risk. Clarifying how EN ISO 14971 and the Directives interact will clear up this confusion and help manufacturers manage their devices’ risks with respect to the Directives’ requirements.
LNE/G-MED can lend its expertise as a notified body to medical device manufacturers in performing the gap analysis between a manufacturer’s current risk management file and the clarifications included in EN ISO 14971:2012. For more information about how LNE/G-MED can help you, contact us.
1 93/42/EEC Ann. 1.1-2, 90/385/EEC Ann. 1.8.
2 EN ISO 14971 Annex D.6.1.
3 Case C-127/05.
4 93/42/EEC Ann. 1.1.
5 EN ISO 14971 §6.2.