Hello,
When determining essential performance, the guidance in 60601-1 is to assume with 100% certainty that a device's performance has degraded beyond some limit (determined by the manufacturer) which results in unacceptable risk. In reality if this was to happen, since a patient is getting treatment from said medical devices, there is a very high probability that this will result in harm due to loss of treatment. The manufacturer is then required to put risk controls in place to make the risk acceptable. A lot of the time this seems to default to adding alarms. What happens when a manufacture assumes performance has degrade but cannot make the risk acceptable? For example, if one was to assume that a critical care ventilator failures with 100% probability its very difficult to imagine that adding alarms will make the risk acceptable. In reality there should be significant risk controls to prevent the ventilator from failing in the first place... especially if it is failing due to reliability problems or software bugs, etc. You can't say its OK for a critical care ventilator to fail to deliver therapy as long as you have suitable alarms. This doesn't make sense to me. Have I miss understood the concept of essential performance?
Thanks
When determining essential performance, the guidance in 60601-1 is to assume with 100% certainty that a device's performance has degraded beyond some limit (determined by the manufacturer) which results in unacceptable risk. In reality if this was to happen, since a patient is getting treatment from said medical devices, there is a very high probability that this will result in harm due to loss of treatment. The manufacturer is then required to put risk controls in place to make the risk acceptable. A lot of the time this seems to default to adding alarms. What happens when a manufacture assumes performance has degrade but cannot make the risk acceptable? For example, if one was to assume that a critical care ventilator failures with 100% probability its very difficult to imagine that adding alarms will make the risk acceptable. In reality there should be significant risk controls to prevent the ventilator from failing in the first place... especially if it is failing due to reliability problems or software bugs, etc. You can't say its OK for a critical care ventilator to fail to deliver therapy as long as you have suitable alarms. This doesn't make sense to me. Have I miss understood the concept of essential performance?
Thanks