New version BS EN ISO 14971:2012 released - July 2012

B

BigManP

#21
I'm relatively new to all of this, so I feel like I'm missing something. My company makes medical devices and we have ISO 13485 and CE certificates. We aren't certified to 14971, but we refer to it and use it for risk analysis. If I'm understanding the threads properly, the 2012 update to 14971 only apply to the EU and conform to the existing requirements of the MDD. Assuming that this is all true, then since we were previously CE marked and conforming to the MDD therefore we were already doing these things. Is this right or am I still missing it?

I appreciate the help.
 
Elsmar Forum Sponsor

Ronen E

Problem Solver
Staff member
Moderator
#22
I'm relatively new to all of this, so I feel like I'm missing something. My company makes medical devices and we have ISO 13485 and CE certificates. We aren't certified to 14971, but we refer to it and use it for risk analysis. If I'm understanding the threads properly, the 2012 update to 14971 only apply to the EU and conform to the existing requirements of the MDD. Assuming that this is all true, then since we were previously CE marked and conforming to the MDD therefore we were already doing these things. Is this right or am I still missing it?

I appreciate the help.
Hello and welcome to the Cove :bigwave:

The MDD requires a "state of the art" approach, i.e. you can only rely on the latest harmonized standards for presumption of conformity. The meaning is that when a new requirement is harmonized (as in the harmonization of EN ISO 14971:2012), then to continue relying on the standard you must upgrade, even for products that are already EC certified / on the market.

BTW, relying on harmonized standards for MDD (ER) compliance is voluntary.

Cheers,
Ronen.
 

Sam Lazzara

Trusted Information Resource
#23
It is apparent that EN ISO 14971:2012 "Z" Annex deviations would lead to an overhaul of the ISO 14971:2007 Annex B flowchart showing "Overview of the risk management process for medical devices". Fyi, the attached flowchart I found is more or less consistent with that flowchart.

I will be working on creating a new flowchart that is consistent with the EN ISO 14971:2012 deviations. Has anybody else done this? Willing to share what you have?
 

Attachments

sagai

Quite Involved in Discussions
#24
I think most of the deviations are explicitly saying that the interpretation is up to the manufacturer and/or NB's discretion, I suspect in overall there will be a variety of such kind of flowchart rather than a universal one.
Cheers!
 

Ronen E

Problem Solver
Staff member
Moderator
#26
Re: New version EN ISO 14971:2012 released - July 2012

Brief Team-NB position paper for EN ISO 14971:2012 was published on 16 April 2013.

http://www.team-nb.org/documents/2013/TEAM-NB-PositionPaper-ENISO14971-2012.pdf

Link to home page here.
Thank you Sam for sharing.

It's good intel to know that this is what NBs agree upon, but at the same time it's very sad that this is the best they could come up with. :(

First:

2. Have manufacturers shown that risks have been reduced as much as possible?
3. Have manufacturers conducted a risk benefit analysis for all risks?
IMO, these 2 contradict each other. What's the point of looking at the risk-benefit balance if risk is required to be reduced "as much as possible" anyway?!... The risk-benefit analysis was supposed to be a tool in making an informed and responsible decision that although the risk can be reduced further, it's already acceptable, so no-more-mitigation is also acceptable.

Second:

4. As publication of residual risks in the information given to the user does not reduce the risk, but publication of residual risks and warnings used as risk control measure may be beneficial, ... and have manufacturers evaluated whether those warnings are effective...
If publication of residual risks does not reduce the risk, then how may it be beneficial as a risk control measure?!... And further, if it does not reduce the risk, how can it be effective? If something can't be effective, no one can verify that it is...

Third:

Please be ready at your next Notified Body QMS or Technical File Assessment to share evidence to show that EN ISO 14971:2012 Annex Z has been considered in your compliance to the Essential Requirements for newer devices and to share your plans for evaluating and addressing the impact of EN ISO 14971:2012 Annex Z on older and legacy devices that will continue to have CE Marking applied.
This is in contradiction with the MDD spirit. Harmonized standards as a means to comply with the ERs are voluntary. There should have been a mention of that, or at least this instruction should have been conditional, along the lines of "if you wish to benefit a harmonized standard presumption of conformity in this context."

In summary: At least 3 major problems in a document as short as that!

:(
Ronen.
 
Last edited:

Sam Lazzara

Trusted Information Resource
#27
Here is the flowchart I came up with. Curious to hear what people think about it.
https://medicaldevicequality.egnyte.com/h-s/20130509/6dfaee92c36646fa

I personally don't believe in assigning a Probability (P) of occurrence of harm value before risk controls are implemented. I think it is bizarre and meaningless since I know I will always have risk control measures. So, for my pre-risk control "risk evaluation" I only have a Severity (S) value. Section 4.4 of the standard acknowledges this possibility.

Another characteristic for my approach (and perhaps a deviation from one of the EN deviations) has to do with not trying to perform a risk/benefit analysis for each individual risk in isolation of other risks. That seems preposterous to me. I do understand and believe in the importance of performing an overall risk/benefit analysis as part of overall residual risk evaluation.
 
Last edited:
#28
Here is the flowchart I came up with. Curious to hear what people think about it.
Interesting chart, thanks Sam.
We are reviewing our risk management process currently and I hope to use input from the chart to shape things.

I personally don't believe in assigning a Probability (P) of occurrence of harm value before risk controls are implemented. I think it is bizarre and meaningless since I know I will always have risk control measures. So, for my pre-risk control "risk evaluation" I only have a Severity (S) value. Section 4.4 of the standard acknowledges this possibility.
I am not sure that I would agree with this approach.

We have been trying to incorporate a form of FMEA into our process, with a spreadsheet to show:

Hazard - Risk before mitigation - mitigation - risk after mitigation

One of our people then suggested that the severity rating stays the same before and after mitigation. I disagreed and have created an example that shows that the mitigation can equally reduce severity or probability (or both).

Section 4.4 does mention "..hazardous situations for which the probability...cannot be estimated..." (Paragraph 2) but I believe that this is in reference to "systemic" failures such as software failure.

Note the same paragraph states "For each hazardous situation the associated risks shall be estimated..." and in the definitions risk is defined as being "combination of the probability of occurrence of harm and the severity of that harm"
 
Thread starter Similar threads Forum Replies Date
J Overall Residual Risk Procedure based on the 2007 version of ISO 14971 ISO 14971 - Medical Device Risk Management 4
N Which EN ISO 17664 version compliance to EU MDR? Elsmar Cove Forum Suggestions, Complaints, Problems and Bug Reports 3
D I heard that there is no new version of ISO 18001 OHSAS after 2017 version Occupational Health & Safety Management Standards 3
I ISO 22001 and ISO 22003 French version Food Safety - ISO 22000, HACCP (21 CFR 120) 2
Y Which version of ISO 13485 would be considered for MDSAP certificate? Canada Medical Device Regulations 8
C Registration to the 2015 Version of ISO 9001 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
S Queries of new version ISO 9001 2015 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
P What is the latest version of ISO 10021 used for Certification purpose? Other ISO and International Standards and European Regulations 3
N Using ISO document number, version number in Software based solution. ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
U ISO vs. ASQ version of the ISO 9001 Standard - Differences? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
AnaMariaVR2 GMP News: New Version of ISO 19011 on Auditing published Pharmaceuticals (21 CFR Part 210, 21 CFR Part 211 and related Regulations) 2
J ISO 20000 Revisions for 2011 Standard Version IT (Information Technology) Service Management 2
T ISO 10993-10: 2002 vs 2010 version - What are the Major Changes? ISO 13485:2016 - Medical Device Quality Management Systems 2
2 Next Version of ISO 27001 and Likely Areas with Changes? IEC 27001 - Information Security Management Systems (ISMS) 7
E Is there a summary of changes from a withdrawn ISO standard to the current version Other ISO and International Standards and European Regulations 5
C What is the latest version of ISO 14001? ISO 14001:2015 Specific Discussions 8
T What is the status of the next version of ISO 14001? ISO 14001:2015 Specific Discussions 72
S Where can I buy a PDF version of ISO 9001-2008 that I can print? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
N ISO 9001:2000 version to ISO 9001:2008 - Necessary Document Revisions ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
Y Which version of ISO 9004 would you recommend to read today? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 8
J Where to Purchase an MS Word version of ISO 9001 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 28
J Is Version Change needed for ammending ISO 9001:2000 to 2008 Document Control Systems, Procedures, Forms and Templates 1
A Is ISO 9001 Transition (from 2000 to 2008 version) Training Required? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 24
howste ANSI/ISO/ASQ QE19011S-2008 - information on 2008 version? General Auditing Discussions 6
D Upcoming FDA ISO 13485 audit guidance (draft version) ISO 13485:2016 - Medical Device Quality Management Systems 19
K Draft ISO 9001:2008 (Feb 08 version) & Summary of Changes ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 60
S ISO 9000:2000 Electronic Version - Word or Pdf Format? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 20
W When will the new ISO 9001:2008 version be issued? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 17
C The Next version of ISO 9001 (2008 version) - Any news? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 368
S Tracking Down ISO 9002:1994 version ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
M Which Version of ISO 9001 2000 Standard? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 26
S Do I need to change my SOPs? Transitioning to ISO 9001:2000 from the 1994 version ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
R ISO 9126-1,2,3 What is the latest version? Software Product Evaluation Software Quality Assurance 1
R Where can I buy ISO 14001 - The Electronic Version ISO 14001:2015 Specific Discussions 12
CarolX Surveillance Audits under the ISO 9001:2000 version Registrars and Notified Bodies 8
Z Where can I get an electronic version of ISO 9001:1994? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
D Is ISO 9001:2000 (9k2k) HARDER than the 1994 Version? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 8
Casana ISO part of QS certificate - upgrade to version 2000? QS-9000 - American Automotive Manufacturers Standard 10
M ISO 9001:2000 comparado con la version del 1994 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
J UDI-DI how should we interpret Device version or model to determine if a new UDI-DI is needed? EU Medical Device Regulations 0
K IEC 60601-1:2005/AMD2:2020, Why this standard version is 3.0? IEC 60601 - Medical Electrical Equipment Safety Standards Series 2
B Struggling with using the 5.6 version Ford Capacity Analysis Report APQP and PPAP 5
S API Spec.Q1 Standards Version in Purchasing Information Oil and Gas Industry Standards and Regulations 1
Q Version/Revision Control of CAD files Document Control Systems, Procedures, Forms and Templates 2
R Shall a new UDI-DI be required when stand-alone software device's version is updated? EU Medical Device Regulations 1
M When is EN 62133-1 (new version i.e. IEC 62133:2017) mandatory in EU Other ISO and International Standards and European Regulations 3
I Reissuing documents due to missing version / issue numbers Document Control Systems, Procedures, Forms and Templates 3
M Can someone share a scrubbed version of Clinical Evaluation Plan (CEP) EU Medical Device Regulations 8
F Management of Software version while NB reviews Technical file CE Marking (Conformité Européene) / CB Scheme 7
M Harmonised RED Standard ETSI EN 440 - Which Version? Other ISO and International Standards and European Regulations 0

Similar threads

Top Bottom