Medical Device Risk Management: A Case Study

Risk is the combination of two factors: the probability of occurrence of failure and the severity of the failure. Risk management is the application of various tools, techniques, and management practices to analyze/evaluate, control, and monitor the risk. Risk Management is a mandatory regulatory requirement. ISO 14971 is a global standard for medical device risk management.

ISO 14971 in brief

ISO 14971 has 9 clauses. Some of the major features of the ISO 14971 are:

  1. Risk Analysis (ISO 14971 2.17): Identify the hazards
  2. Risk Estimation (ISO 14971 2.20): Assign values to the severity and probability of occurrence.
  3. Risk Assessment (ISO 14971 2.18): Prepare a risk acceptability matrix and check if all the risks are critical.
  4. Risk Evaluation (ISO 14971 2.21):
  5. Risk Control
  6. Risk Acceptability
  7. Risk Management Report

Risk Management Process

Here are the basic steps in the Medical Device risk management process.

Medical Device risk management
Steps in medical device risk management

FDA 21 CFR Part 860 classifies devices based on their potential risks. Class I devices are simple to manufacture and have less regulatory hurdles for clearance. These devices are subjected to general controls like adulteration and misbranding. Class II devices are riskier and require FDA 510 (k) clearance. Examples of class II devices are X-ray machines, insulin pumps, condoms, and surgical drapes. Class III devices are the riskiest of all and include devices like a stent, artificial heart valves, and breast implants. These devices require Pre Market Approval (PMA) as well as 510(k) clearance before commercial release.

Here is a generic step-by-step process for performing the risk assessment of an exoskeleton for lower limb rehabilitation. Hazard identification: The wearable exoskeleton has several hazards

1. Hazard Identification or Risk Analysis

Here is a preliminary hazard identification sample for the exoskeleton.

Hazard CategoryHazardHazard IDComments/Examples
Physical (P)Suspended MassP1
Stored mechanical energy in dampersP2
Stored electrical energyP3
Sharp edgesP4
Loosening of velcrosP5
A sample hazard identification documentation according to ISO 14971 Annex E

2. Risk Estimation

Risk=Severity X Occurrence

One can use the following risk estimation table to categorize the identified hazard based on their severity.

3. Risk Assessment

Risk assessment has 2 steps:

  • Identify risk controls
  • Implement verification and validation

Design controls are developed in this step. For an example, the design risk control for the P4 hazard of sharp edges is to provide fillets in the design or replace the sharp parts if possible. This is sometimes inherently included in safe design and construction.

4. Risk Management Report

This step includes several important documentation and analysis like the risk/benefit analysis.

SurajPanigrahi

Leave a Reply

Your email address will not be published. Required fields are marked *