Thanks Peter. So to record effectiveness once verification that the risk mitigator are implemented, can it be as simple as a stating in a design review that there is agreement that the risk mitigators are effective?
Thanks Peter. So to record effectiveness once verification that the risk mitigator are implemented, can it be as simple as a stating in a design review that there is agreement that the risk mitigators are effective?
Great discussion! For some controls, it may be possible to have objective evidence of effectiveness before going to the field, particularly those that are 'inherent safety by design' (e.g., controls to prevent free-flow when opening the door on an infusion pump can be readily demonstrated as effective through verification testing). It certainly gets cloudier with protective measures and completely impossible with information for safety (even a summative study is just limited in terms of study subjects and conditions).
Seems like, before release, when no clinicals were required, you can conclude they're believed to be effective based on existing test evidence, reviewers' opinions, and maybe some expert feedback. Continual assessment of postmarket data is then needed to substantiate the claim.
Seems like, before release, when no clinicals were required, you can conclude they're believed to be effective based on existing test evidence, reviewers' opinions, and maybe some expert feedback. Continual assessment of postmarket data is then needed to substantiate the claim.
I guess my question is what is the most practical way of recording the risk mitigators are effective and how much effort needs to go into this. For example, if we follow a particular standard do we just assume it is effective or do we have to explicitly state it is effective based on the assumption the particular standard is effective (even if it may not be recognised by the FDA)? Alternatively what approach do we take if we rely on the expertise of the risk management team as it is difficult to objectively demonstrate effectiveness. For example, a moving part represents a crush hazard to a users hand so the risk management team decides adding a hydraulic shock absorber to slow down the moving part down to specific speed would reduce the risk to an acceptable level. We can verify the shock absorber reduces the speed appropriately but the hazard is still there even if there is sufficient time for the user to remove their hand, how would we document the risk control is effective in this case and how much effort should we put in?
Thanks
Thanks
Most risk management tables have "pre" and "post" values for the estimated probability/severity/risk. The "post" values act as the formal record that the risk control was effective (since the numbers there are usually below the criteria for acceptable risk).
Keep in mind this is the minimum requirements from ISO 14971 which has to cover a huge variety of situations.
In the case of critical situations or borderline it makes sense to keep some more records, especially to make a clear record of who is really taking responsibility. Ironically though, those are the very cases where manufacturer tends to keep a hidden folder under the desk
Keep in mind this is the minimum requirements from ISO 14971 which has to cover a huge variety of situations.
In the case of critical situations or borderline it makes sense to keep some more records, especially to make a clear record of who is really taking responsibility. Ironically though, those are the very cases where manufacturer tends to keep a hidden folder under the desk
