ISO 14971 Clause 9 Requirements - Post-Production Monitoring and Risk Management

[Conquer]

In ISO 14971:2009 clause 9 talks about post-production information and review and update of the risk management file.

I am looking for ideas/thoughts on how people meet this requirement. Do you yearly review each product and then create a report that gets added to the risk management file. My company has quite a few products and I am trying to determine an effective but least burdensome way to ensure we are meeting this clause of the standard.

Any feedback or input you have would be appreicated.

 

[pkost]

Re: Post-production monitoring

There are numerous ways to a carry out post market activities; they should all feed back into your risk management system.

1. Customer complaints
2. Other feedback from your customers, probably through sales reps, maybe questionnaires
3. Servicing history
4. Literature review etc.

If your products are CE marked then you should be carrying out clinical evaluations, this is what I would consider the key document that collates all of your post market activities. MEDDEV 2.7.1 offers guidance about how to carry out a clinical evaluation. Essentially it is an objective review of your all available literature regarding your product including that of competitive products and anything else the reviewer considers to be relevant

With regards to timescales to carry out the evaluation I risk assess the product, for instance our class 1 instruments have a review cycle of 3 years (there have never been any complaints regarding them and they have a lot of history). One of our class III products is being reviewed every year, perhaps less if we become aware of any relevent data.

throughout your PMS activities you may come across a reportable incident, this will of course require a more rapid response and cannot wait until your next evaluation!

 

[SteveK]

Re: Post-production monitoring

throughout your PMS activities you may come across a reportable incident, this will of course require a more rapid response and cannot wait until your next evaluation!

A case in point. I recently came across a recall of a class IIa device as part of my PMS (in Italy and Germany) due to a particular mode of failure which I was previously unaware of. Because we produce a similar device, this acted as a trigger for me to update my Risk Management file for this item.

pkost has given a spot on reply by the way!

Steve

 

[Marcelo]

You need an ACTIVE system to gather information regarding your product and similar products, meaning, do not rely only on reactive information such as complaint reports.

The examples mentioned are great, but please remember that you also need internal information (the "production" part).

As mentioned pkost, the new CE marking requirement for post-marketing clinical follow-up is a must, and even if not CE marked, i would suggest that something like that must be done (post market clinical follow-up will problably be required by other regulations in the future because this is exactly the main worry regarding product effectiveness).

 

[Roland Cooke]

My competitor makes an identical product to ours, I heard it killed someone last week. Luckily it wasn't a complaint against us, so there's no need to revisit our risk management documentation.

Joking aside, as Marcelo indicated, this has to be an active system, and you need to think fairly wide. Obviously the amount of effort required will be proportional to the risks and novelty of the device, how it used, and by whom.

For many established low-risk devices, an annual review of complaints etc may indeed be adequate. But for a novel public-use device, perhaps a daily review of social networking sites would be required?

 

[Martin IT]

To be practical, with the aim to monitor your products, you should involve your commercial department (product specialists, vendors, etc.). They are in close contact with the final user so they could see if the final user uses the product in a way that could be unsafe or dangerous. Very often, the product is enough safe, but become dangerous if used in a way that the designer has not thought yet or in conjunction with particular situations. In my opinion is more and more important know how the final user 'understands' and uses your product and is better if yuo have this kind of information before an accident has been occured!

Last point more people are involved in the safety risk monitor and better is it! Regular meetings is a way to keep all the people informed and more important involved in the process.

 

[patmelad]

Can all of these items be reviewed and audited in one form and if so does anyone have a simple template to do so? I am looking to limit the amount of files that need to be maintained in our Risk Management file for our product. We are a very small company and I am the regulatory department...
Any Help would be appreciated.

Thank you

 

[pkost]

I won't say it is impossible to do on a single form, but I think it would be very difficult to capture all of the information.

I suspect it would only really work on a low risk device with an extensive history that is well understood and where the device hasn't changed in years/decades