Hi_Its_Matt
Involved In Discussions
I suspect this is one of those scenarios where different companies do things differently, but I figured what better way to confirm suspicion than to put it out to the cove.
At what "level" (i.e. hazard, harm, hazardous situation, or sequence of events) is risk estimated and evaluated for acceptability?
(I want to acknowledge that:
Context:
The definition of Risk, per 14971:2019, is "the combination of the probability of occurrence of harm and the severity of that harm."
The standard states, in Section 5.5 Risk Estimation, "For each identified hazardous situation, the manufacturer shall estimate the associated risk(s) using
available information or data."
I interpret this to mean that the manufacturer must estimate the probability of each hazardous situation occurring (P1), so that they can estimate the risk associated with that particular hazardous situation. (To further simplify this discussion, I'm going to assume that P2=100%; that is, when any particular hazardous situation occurs, it will always result in occurrence of a harm. I know this is an invalid and dangerous assumption is real life).
Practically speaking, this means that if there are theoretically only 2 harms that are associated with a particular device, and only 4 unique hazardous situations in which harm can occur, that the risk associated with each of the 4 situations must be analyzed independently. (See top table in the attached image).
However, it also seems highly beneficial (and I think this is what the Overall Residual Risk section is getting at) to consider the combined probability of a specific harm occurring given all the different hazardous situations in which it can occur. (Bottom table in image). Analyzing risk at this level seems more in line with the definition of risk, but yet seems at odds with the requirement in Section 5.5.
Lastly, it seems to me that the latter approach would make analysis of post-market surveillance data much easier than the former approach, as PM data and investigations will almost certainly contain information related to whether or not a particular harm occurred, and what type of harm occurred, but may not always specify what actually caused the harm.
So, given all that, I return to actual question, what is your interpretation and approach for estimating and evaluating risks?
At what "level" (i.e. hazard, harm, hazardous situation, or sequence of events) is risk estimated and evaluated for acceptability?
(I want to acknowledge that:
- This question is basically a repeat of this one, but that was from 2017, and I'm curious to see if anything about the changes in the 2019 version of the standard or its guidance document has caused any changes in thought/approach.
- There seems to be differences in interpretation as to what qualifies as a harm, a hazard, a hazardous situation, or a particular sequence of events (as evidenced by this thread) and
- It can be difficult to discuss these topics in the abstract, without intimate knowledge of the particulars of a specific device or use scenario/context
Context:
The definition of Risk, per 14971:2019, is "the combination of the probability of occurrence of harm and the severity of that harm."
The standard states, in Section 5.5 Risk Estimation, "For each identified hazardous situation, the manufacturer shall estimate the associated risk(s) using
available information or data."
I interpret this to mean that the manufacturer must estimate the probability of each hazardous situation occurring (P1), so that they can estimate the risk associated with that particular hazardous situation. (To further simplify this discussion, I'm going to assume that P2=100%; that is, when any particular hazardous situation occurs, it will always result in occurrence of a harm. I know this is an invalid and dangerous assumption is real life).
Practically speaking, this means that if there are theoretically only 2 harms that are associated with a particular device, and only 4 unique hazardous situations in which harm can occur, that the risk associated with each of the 4 situations must be analyzed independently. (See top table in the attached image).
However, it also seems highly beneficial (and I think this is what the Overall Residual Risk section is getting at) to consider the combined probability of a specific harm occurring given all the different hazardous situations in which it can occur. (Bottom table in image). Analyzing risk at this level seems more in line with the definition of risk, but yet seems at odds with the requirement in Section 5.5.
Lastly, it seems to me that the latter approach would make analysis of post-market surveillance data much easier than the former approach, as PM data and investigations will almost certainly contain information related to whether or not a particular harm occurred, and what type of harm occurred, but may not always specify what actually caused the harm.
So, given all that, I return to actual question, what is your interpretation and approach for estimating and evaluating risks?