A Hazard analysis is a part of the risk analysis, which is a part of the risks management process as whole (in fact, a "hazardous situation analysis" would be best, after the clarification of the 2007 edition )
The risk managemente file (defined as "set of records and other documents that are produced by risk management") must contain everything that is an output to the risk management process...basically, everything that the standard requires has to be in the RMF (not necessarilyphisically).
Besides that, 3.5 has the traceability requirement my advise would have to have this traceability phisically in the RMF to help in assessments (for example, on the new IEC 60601 seris).
The risk managemente file (defined as "set of records and other documents that are produced by risk management") must contain everything that is an output to the risk management process...basically, everything that the standard requires has to be in the RMF (not necessarilyphisically).
Besides that, 3.5 has the traceability requirement my advise would have to have this traceability phisically in the RMF to help in assessments (for example, on the new IEC 60601 seris).