Are we spending enough time and resources on effective Preventive Actions?

Zero_yield

"You can observe a lot by just watching."
Huh. Our corporate procedure allows no EC required for PA. I suppose I should count myself lucky.

I'll also chime in agreeing with the idea that a lot of the best preventative actions end up under "projects" like validation and change control. They don't necessarily end up in a CAPA system, but they provide the same benefits to the business.
 

Randy

Super Moderator
Our corporate procedure allows no EC required for PA.

Quick lesson for your highers............Challenge your policy making guru--whiz bang-wizards to start scheduling their personal commercial flights only on airlines that don't practice PA. (called PM in this case)
 

Tidge

Trusted Information Resource
Quick lesson for your highers............Challenge your policy making guru--whiz bang-wizards to start scheduling their personal commercial flights only on airlines that don't practice PA. (called PM in this case)

I feel obligated to repeat this chestnut: (Most?) commercial flightcraft are not medical devices.

I recognize I am being a bit of a pendant, but in the context of medical devices (where injury to the user is possible), Preventive Maintenance is almost certainly recognized as a Risk Control and not as a Quality System PA.... and risk controls intended to "mean something" (i.e. reduce risk) are required to be shown to be effective.
 

Bev D

Heretical Statistician
Leader
Super Moderator
Sorry - as a moderator I won’t let this go Either. Airplanes KILL people when things go wrong. They are complex, under high stress and used for decades. There are a TON of preventive measures that are proven to be effective. The design cycle for planes is long but effectiveness of preventive measures to reduce risk death injury whatever are also required to be proven. Period. The process and product design are highly regulated (now I will grant that lately some manufacturers like Boeing have subverted some of these systems and are in deep doo-doo for it. Regulators are moving strongly to fix that…The 777max design didn‘t incorporate KNOWN preventive measures when they incorporated the software. The use of the software itself was a weak solution to a PHYSICS problem that the lack of regulation and prior Boeing engineering expertise would have never allowed to happen. But I’m old enough to Remeber that both medical devices and pharmacueticals weren’t as highly regulated and they killed people too…it’s just that the medical device industry is now in a high cycle of attention to quality and safety while some others are in the low cycle.

And from personal knowledge I know that preventive maintenance IS in fact a risk reduction method In medical devices.

Your use of risk reduction and preventive actions are simply pedantic semantics. In other industries there is NO difference just different words. In other words you aren’t better than them.

This isn’t a contest. Medical devices aren’t anymore complex or potentially deadly than many industries.
 

Tidge

Trusted Information Resource
Sorry - as a moderator I won’t let this go Either.

Your use of risk reduction and preventive actions are simply pedantic semantics. In other industries there is NO difference just different words. In other words you aren’t better than them.

This isn’t a contest. Medical devices aren’t anymore complex or potentially deadly than many industries.

Except that this thread is in the Medical Devices subforum. It's all well and good to apply general quality concepts and broad language that has wide appeal, but when the discussion is in a 13485-related forum, it doesn't help at all to confuse terminology. I've made the same comment time and again in the 13485 sub-forum; I've NOT done the same outside this forum. PA and CA are different than Risk Controls in the context of medical devices.

EDIT: For example; see a recent reply of mine relating to general questions about risk management outside of 13485 context. My reply there is applicable with no appeal to medical device standards, despite my decades of direct experience there. I'm capable of understanding context; all I am asking is that we participants don't forget the area where we are having discussions.
 
Last edited:

Bill Levinson

Industrial Statistician and Trainer
A PA of course has actions, but they are not corrective since there was no nonconformity. You become aware of an issue that could cause a nonconformity, so you take action to ensure that nonconformity will not occur in the future.

My take on this is that preventive action is the same as corrective action, except there is no containment step because there is no poor quality to contain. In addition, any gap between the current state of performance and desired state of performance can probably be addressed with a good CAPA process such as AIAG's CQI-20, Effective Problem Solving. The gap need not involve quality noting that poor quality is only one of Toyota's Seven Wastes.
 

Bev D

Heretical Statistician
Leader
Super Moderator
Although this thread is in the Medical Devices sub forum, many members at the cove either don’t really look at the sub forum when the question is general in nature or don’t care as there is always something to learn from all industries. The laws of physics and human behavior are not different in different industries or companies even if certain words are. Preventive Maintenance as described by Randy is covered under proscriptive risk reduction types of requirements for aerospace and not just in the ‘weaker’ Preventive Action sections of many standards. And it is certainly as heavily regulated in Aerospace as in Medical Devices.

There are two types of processes: physics and people.
Physics processes are electrical mechanical, chemical, biological, nuclear, etc. systems that transform inputs to outputs. People systems are those that require human actions and behavior to accomplish something. Physics processes are often unique and novel. People processes are rarely novel.

Proving effectiveness takes two separate forms: one is general and the other is specific. Proving effectiveness in general is futile while proving effectiveness for specific situations is dependent on several factors as explained below.

In general Randy’s point is well taken: preventive actions when properly done are a good thing and will cost less in total dollars than not taking preventive action. This is why preventive actions including risk assessment and reduction are a large part of industry regulations and quality standards. In Randy’s example, of course Preventive Maintenance on an airplane is a ‘no brainer’. The specific preventive maintenance procedures and intervals that are used are - and must be - proven effective prior to implementation to ensure that the method works and is done soon enough to prevent failure. There is also analysis to ensure that PM is not done too soon as it is quite expensive and disruptive to flight operations. Extensive training is also required as improper PMs on an aircraft can introduce new hazards. This is heavily regulated by the FAA outside of the base quality standard.

Steve Prevette’s point regarding the financial budget bean counter’s perspective on successful preventive action is also well taken and is included in Randy’s example: there are many business and engineering people who are blind to the value of preventing something. History is rife with examples of the fallacy of this whistling in the graveyard and it’s results. (Amaco Cadiz, 777Max, COVID, Apollo 1…and of course millions of examples with less serious effect hidden in the history of almost every company). Having to prove the (cost) effectiveness of a preventive action to bean counter managers is futile. They will only look at the effectiveness through the lens of accounting rules and the hope that nothing bad will happen because the “probability is low”. Regulations are in place to guard against this of course but as the 777max and COVID most recently demonstrated, the science denying, bean counting, ‘give me the money’ business people will subvert the regulations if they think they can get away with it and personally make a little more money. Hope is a terrible business strategy.

In specific, proving effectiveness is well advised and often required for unique and novel creations; mostly related to physical processes. These requirements are often regulated in various industries and are often documented outside the base quality standard. Depending on the industry, a company may be subject to several very rigorous regulations and standards that cover preventive actions to assess risk and reduce it. These are almost always focused on physics processes but can include - to a lesser amount - people processes.

Calling out Preventive Action and now ‘risk based thinking’ in a base standard is a way of ensuring that preventive action is taken on ‘smaller’ or less risky activities than those covered specifically in design and change control requirements that tend to deal with mostly physics processes. The need for proving the effectiveness of a preventive action (no matter what words you assign to that activity) is based on several factors that require critical and knowledgable human thought.

Do we need to spend more on proving the effectiveness of preventive actions? It depends.
Some preventive actions (1) have self evident logical effectiveness checks such that there is no real need to prove effectiveness prior to implementation, (2) some have been proven over and over again such that it is a waste of time and energy to prove it’s effectiveness prior to implementation, (3) some are novel enough and the severity of a failure are high enough that effectiveness must be proven prior to implementation. (4) some are novel enough and the severity is low enough that effectiveness should be proven prior to implementation but doesn’t rise to the formality and documentation level of (3).
Some examples:
(1). Aircraft engines have a set of very small parts that look similar but if assembled in the wrong place can be catastrophic to engine function. In some engines there are 3 unique sets and so the parts are painted a different color. Let’s say it’s red, blue and yellow. Very different colors unlikely to be confused (except for the color blind but there are other error proofing actions that make this a non-issue) and the correct - or incorrect - assembly is obviously evident. There is no real effectiveness proof required prior to implementation.
(2) Bar codes and bar code readers. Why would that require prior effectiveness testing? If someone doesn’t get this there is no amount of evidence that will convince them. They work. We have years of proof that they work. Human behavior is rarely novel. The same applies to things like single piece flow, 5S…
(3) already covered ad nauseum.
(4) ‘counting’ sensors and weigh counting methods. While in general these are well proven as being more effective than human counting, the specifics of an implementation are critical to it’s effectiveness. Sensor alignment and sensitivity should be proven prior to or at implementation. Weigh counting only works when the weight variation of the things do not overlap, including the weight of the container they are put in. However, the specific effectiveness of these kinds of things can be done quickly and in many cases there are no requirements or need to formally document that effectiveness.

Are we spending enough trim and resources on effective preventive actions? Not in many companies even when required by regulations.

All of this takes me back to my previous posting on the futility of a “PA” form administered by an out of touch QA group and treating all preventive actions like we do Corrective Actions.
 

Tidge

Trusted Information Resource
With respect: I specifically disagree with the desire to try to bring examples from other industries into specific discussion for the regulated medical device industry. There may be echoes, but it is dangerous (certainly in the compliance sense) to try to apply analogies from other industries like aircraft manufacturing (which I have to assume has implied commercial use by the general public, as opposed to military uses as military aircraft can be specifically designed to injure people) to a highly regulated industry like medical devices that has orders of magnitude more manufacturers (than commercial aircraft) as well as a much wider field of applications (than commercial aircraft).

I do feel like some of the conversation is further influenced by a (possibly?) assumed direct link between PA and marketed product. PAs can (an often do) apply to a Quality System and not to any specific product. In medical device manufacturing there exist specific and particular regulatory requirements (13485, 21 CFR 820) for a Quality System. Of course there is a (generally assumed, occasionally stated... see Preambles, informative annexes) that a well-implemented Quality System is predicate for safe and effective medical devices, but the focus is on the Quality System because there exists consensus (among regulators and industry) on this point. Contrast this with the rather wide-open approach to the implementation of medical devices. Medical Device manufacturing is also in an interesting place because it explicitly has additional consensus standards on risk management and software development that are not device specific yet expected by regulators... and again, in the case of 14971 and 62304 those are both process standards and do not prescribe particular methods for implementation.

The "failure mode" I am concerned with: A medical device manufacturer who relies on analogies from non-medical device industries (e.g. aerospace, automotive, pharmaceutical, metal-plating, blah blah blah fishcakes) risks confusing themselves and others... with possible endpoints of regulatory non-compliance as well as unsafe or ineffective medical devices.
 

Randy

Super Moderator
The "failure mode" I am concerned with: A medical device manufacturer who relies on analogies from non-medical device industries (e.g. aerospace, automotive, pharmaceutical, metal-plating, blah blah blah fishcakes) risks confusing themselves and others... with possible endpoints of regulatory non-compliance as well as unsafe or ineffective medical devices.
You might be on to something, it may be better to make it up as you go, hit & miss, instead of looking at similarities in helping to determine an effective course of action
 

Jean_B

Trusted Information Resource
On vacation so short. Risk controls end up in a technical file. A preventive action generally does not.
The impact of misunderstanding on approval, time to market and design changes is substantial, especially for the many (start-up) SME for whom Elsmar is the library they're not afforded, and which may cease operations if it goes wrong one time too many.
I say do both, but at least once such a thread note that context must be confirmed prior to use. Free advice comes without guarantees, but not necessarily without service.
 
Top Bottom