How do you define your Hazards? <a Risk Management discussion>

ThatSinc

Involved In Discussions
#11
You need to document each hazardous situation applicable to your device. You mention at least two hazardous situations above. Since we here don't know the details of what your device does, we can't tell you what to include or not. Just try to go with your gut and keep the patient in mind as you go through this.
Sorry, I appreciate I am being vague - this is most definitely intentional on my part; the reason for the vagueness is I am not looking for the forum to give me an answer that I can just put into my risk file or design file etc. That doesn't actually help me in the long run at all. I'm trying to get a better understanding and clarity of each concept and the requirements, through how other people see the same issue. Give a man a fish... You get the idea.

If you see multiple hazardous situations, which I do too, these need to be documented separately.
The risk control measure is the same for all of them, so should be listed against each one.
The hazard is different for each one as a different source of harm.
The fluid ingress is consistent to all.
I see "device surface becomes live" as one hazardous situation, and "device stops provision of therapy" as another, and the third regarding the device being out of service is being unable to treat the patient.

I think the root of this goes to the reason I started this thread in the first place - "hazard" and "hazardous situation" are so poorly defined in terms of where they sit within the "sequence of risk" that interpretation is wildly different.

And the various other standards that require you to follow the 14971 framework define hazardous situation differently, with 62366 being the worst in my opinion and 60601-1-8 incorporating further elements such as onset of harm.

The standard directly lists "no output" as a hazard (informatively in the annex), yet Tidge feels that no output is not a hazard but a failure to meet essential performance. (Not suggesting Tidge is wrong)

Device (un)availability is not a hazard. This is more appropriately considered in a failure to provide essential performance.
I had written the above before your reply, so will add this in here - that's two sets of failure to provide essential performance from the hypotheticals in this thread, and I agree with you in many respects, but am struggling to get these issues into my risk documentation - how do you align failure to provide essential performance with appropriate hazards and hazardous situations in your risk files?
Would you consider the device being taken out of service as the hazardous situation? Or do you treat essential performance in a different manner?
 
Elsmar Forum Sponsor

Tidge

Involved In Discussions
#12
Would you consider the device being taken out of service as the hazardous situation? Or do you treat essential performance in a different manner?
"Hazardous Situation" is different from "Hazard". A device stopping unexpectedly during intended use could be a Hazardous Situation, but the Hazard to which it is exposing a patient/user must be identified. I don't know your device or what it does, so I can't say what the hazard is. Presumably even though I am not using your device right now I am not exposed to a (mythical) hazard of "device not available".

Reductio ad absurdam: If you think I 'not having my device' is a hazard, I can't believe you are also going to self-report to the authorities when you discover patients don't have access to your device because they didn't buy one.
 

ThatSinc

Involved In Discussions
#13
I don't think I've said that hazardous situation isn't different from hazard... How hazards and hazardous situations are linked is definitely poorly worded, where the annex in some places states a hazard progresses to a hazardous situation, or that hazards transform into a hazardous situation.
Some places say sequences of events lead to hazardous situations that expose the user/patient to a hazard.
I believe those are at odds with each other.

It's hard to read the tone in your message as jovial sarcasm or condescending, I'm hoping the former as I'm not trying to be difficult.
I'm genuinely appreciative of the help.

Reductio ad absurdam: If you think I 'not having my device' is a hazard, I can't believe you are also going to self-report to the authorities when you discover patients don't have access to your device because they didn't buy one.
That makes sense to me, thank you for putting it in such terms.
In itself you are absolutely correct that not having the device is not a hazard, but if you need the device and it's not available then a source of harm likely exists.

---

Lets say the device is a ventilator and was taken out of service due to a critical component failure outside of the maintenance window, a patient requires ventilation but there is no ventilator available.
The potential harm from this could be severe hypoxemia & Organ Failure, with a catastrophic severity "results in permanent impairment or death".

Taking the guidance of the hazard progresses to hazardous situation, and the examples in annex C3, this would be (Hazard) No Ventilator > (Hazardous Situation) No Provision of oxygen > Hypoxemia/Organ Failure.

Unless you would turn it entirely on its head and consider hypoxemia the hazard, the lack of device due to component failure the hazardous situation, and organ failure the harm - again, catastrophic severity.

I worked with ventilators several years ago and hypoxemia was always considered the harm from lack of ventilation, but as a condition it has outcomes such as organ failure / brain damage / death*

*though I'm personally not comfortable with "death" being listed as a harm, but rather a severity of whatever harm has occurred.
 

Tidge

Involved In Discussions
#14
This is much closer to how I would approach the problem:

Unless you would turn it entirely on its head and consider hypoxemia the hazard, the lack of device due to component failure the hazardous situation, and organ failure the harm - again, catastrophic severity.
I wouldn't consider this 'on its head', as it aligns with the commonly accepted implementation of risk controls. For example:

Infection is the hazard, breach of sterile packaging is the hazardous situation, fever is a possible harm.
 

ThatSinc

Involved In Discussions
#15
I'd consider it on its head as it's entirely backwards with regards to hazard and hazardous situation, as per the examples in annex C.

Using your example of infection, within the 2019 edition;
1591047038523.png


Would you consider the example better reworded as inadequate cleaning as the hazardous situation, as the circumstance that leads to the patient exposure to the microbial contamination?

this allows you direct linkage between the hazardous situation and the control mechanism.
And also gets closer to a 1:1 hazardous situation to control mechanism, where with the standard examples there can be a significant number of events that could lead to bacteria being released into the patient airway.
 

Tidge

Involved In Discussions
#16
I could have written "Infectious agent" as the hazard but I was using quick shorthand. The Annexes are informative.

Development teams are supposed to use critical thinking to identify risk controls (and assess the effectiveness) for actual harms.

"Cleaning an infectious (reusable) device" is unlikely to be a hazardous situation to patients (1); users who clean the device may be exposed to infectious agents (and/or sharp edges). An unclean (e.g. non-sterile, or otherwise contaminated) device is a different hazardous situation, presumably with a higher risk to patients (2). The example you provided is more of the latter.

(1) see issues with non-tuberculous mycobacterial infections for a hazardous situation (for patients) that can develop because of the design of a device. The actual harms appear to be specifically linked to the design of a specific heater-cooler used in (e.g.) bypass surgery, no matter what cleaning regimen is implemented.

(2) this is presumably the case with infections due to GI endoscopy. I haven't followed this in a while, but there could have been inferior sterilization of the devices, or certain models of devices may not lend themselves to (at the time) standard sterilization processed.
 
#17
We've struggled with defining Hazards, especially with devices that provide information which must be acted on. For instance, a monitor "lies" to the doctor; the doctor administers the wrong drug; harm occurs. The "lion in the room" (Hazard) is the incorrect drug, but our device's responsibility ended at the information it provided. So, we would list the Hazard as "incorrect measurement", which (I believe) is in the examples in 14971. It helped our team focus on what our device could do to cause Harm.

Speaking of Harm... has anyone considered the newer Harms that 14971:2019 talks about? "Unreasonable psychological stress", or the cybersecurity items, Loss of Confidentiality, Availability or Integrity? We are wondering how to incorporate these into our Master Harms List, since some of them will apply to our device. Of course, we will consult with our clinical expert. But we are wondering, especially, about Loss of Confidentiality... how can that be dropped into the classic 5-scale Severity range?

Has anyone dealt with this yet?
 
Thread starter Similar threads Forum Replies Date
M Define voltage and frequency to perform tests 61010-1 and 61326-1 for CE certification CE Marking (Conformité Européene) / CB Scheme 4
I Sampling processes - Who must define the AQL level? AQL - Acceptable Quality Level 9
V Who should define and own the Design and Development Plan and how to maintain the updates and revisions. ISO 13485:2016 - Medical Device Quality Management Systems 2
S API Spec Q1 - How to define Management Representative competency for QMS Oil and Gas Industry Standards and Regulations 12
M How To Define ISMS (information Security Management System) Scope IEC 27001 - Information Security Management Systems (ISMS) 9
K How to define Expected life service life of medical device Other Medical Device Related Standards 4
S How to Define Importers under EU MDR / Brexit EU Medical Device Regulations 3
MrPhish Should Potential Customer Complaint Outcome Define Registrar NC Rating? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 8
K ISO 9001:2015 clause 9.2.2 a. - Define the audit criteria and scope Internal Auditing 2
Q QI Macro Histogram - Can someone define *sorted data*? Capability, Accuracy and Stability - Processes, Machines, etc. 7
H How to define Root Cause when some points are out of control chart Statistical Analysis Tools, Techniques and SPC 6
I How do you define Risk (Medical Device)? ISO 14971 - Medical Device Risk Management 30
M SOP or template for a study to Define Storage Conditions of Orthopaedic Implants EU Medical Device Regulations 3
D Definition Client - How does the government define their clients? Definitions, Acronyms, Abbreviations and Interpretations Listed Alphabetically 1
alonFAI How to define a Risk Based Approach for Supplier Management per ISO 13485:2016 ISO 13485:2016 - Medical Device Quality Management Systems 1
G How to define the scope of QMS as per ISO 9001:2015 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 21
R How to define QMS certification scope statement? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
R Review of "Key Data" for contract labs, but SOP doesn't define "key data". Problem? Pharmaceuticals (21 CFR Part 210, 21 CFR Part 211 and related Regulations) 2
G Procedure to define Signing Authority for Procurement Limits ISO 13485:2016 - Medical Device Quality Management Systems 2
P Can a company define new quality standards for special industry ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
L Are there any requirements to define barcode requirements ? Misc. Quality Assurance and Business Systems Related Topics 2
X How to define Calibration Acceptance Criteria General Measurement Device and Calibration Topics 3
H ISO 17025 - How to define a "Test Equipment" ? ISO 17025 related Discussions 2
J Where do you define Internal Auditor qualifications? Internal Auditing 9
V Is there an approach to define the "must 'or' should" in supplier audits? US Food and Drug Administration (FDA) 2
T Internal Audit - How to define the Importance of Departments and Processes Internal Auditing 8
T Help me understand how to define Processes ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 40
L How to define R & D Receiving (Incoming) Inspection Plan Design and Development of Products and Processes 18
B How to define and implement Configuration Management Document Control Systems, Procedures, Forms and Templates 5
C How to Define and Document Controls of Outsourced Processes Food Safety - ISO 22000, HACCP (21 CFR 120) 5
S Please help me define training requirements for a Career in Regulatory Affairs 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 2
K How to define the Acceptances Criteria for all equipment? Manufacturing and Related Processes 7
L Definition Program - How do you define Program with regard to ISO 9001? Definitions, Acronyms, Abbreviations and Interpretations Listed Alphabetically 3
A Supplier Evaluation SOP - How do I Define Major and Minor Suppliers? Supplier Quality Assurance and other Supplier Issues 14
Q Where to define Authorities and Responsibilities in Documentation? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
J Define Energy Used/Delivered - Applicable to Electrical or Mechanical Power or both? 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 1
R 820.50 (A) (2)Define the Type and Extent of Control to be exercised over Vendor Misc. Quality Assurance and Business Systems Related Topics 5
A Where to define Process Tailoring Form used in CMMI in the ISO 9001 Quality Manual? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
Q Criteria to define QMS processes in ISO/TS 16949:2009 IATF 16949 - Automotive Quality Systems Standard 23
S How to define New Equipment? Device is Returned, Refurbished or Repaired Misc. Quality Assurance and Business Systems Related Topics 3
C Controlling Documents: Beyond the standard, how do we truly define what to control ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
C How to define Process Special Characteristics (SC) FMEA and Control Plans 4
kedarg6500 What is the meaning of "define/defined" in ISO 9001? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 19
Crusader Local Control Document procedure....define it or not? Document Control Systems, Procedures, Forms and Templates 24
M Excel Templates for Plan & Define Phase in NPI Process for Tire Manufacturer Excel .xls Spreadsheet Templates and Tools 1
R Define Data from Taguchi to Response Surface Methodology in Minitab Using Minitab Software 2
K How to define PVC Pellet Quality Manufacturing and Related Processes 8
J How to define a Product's Realization Process and Scope ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 8
S How to define Permissible Error for Measurement and Test Equipment? Measurement Uncertainty (MU) 3
I Any Ideas To Define The Root Cause of Corrosion Issue? Manufacturing and Related Processes 12
Similar threads


















































Top Bottom