R
Hi,
Can anyone suggest good resources or principles concerning the application of ISO 14971 to very broadly defined stand-alone clinical information systems, such as "general purpose" clinical decision support systems, which can be constantly extended by adding new rules, even by the end users themselves? I know of IEC/TR 80002-1:2009 but I'm looking for something more specific to stand-alone software that interprets very heterogeneous data (that may often be unreliable to start with) by applying very heterogeneous clinically based rules, and gives messages to the user based on the interpretations.
For example, an obvious hazard could be "unreliable / incorrect / missing input data". But given the almost unlimited variations of relevant input data to each rule, and the equally vast amount of combinations of different "fault conditions" in the input data, it would seem like an intractable problem to list all of them in a hazard assesment matrix.
Also, it would seem all but impossible to estimate with meaningful accuracy the probability and severity of the harm that could occur, as actual treatment decisions are made and executed several ill-defined steps downstream from the user getting e.g. an erroneous message from a desicion support system.
Basically, it seems these kinds of CISs pose significant challenges from a risk analysis perspective because of two broad reasons: 1) they typically depend on (but cannot control) the quality of a large set of very heterogeneous input data (making systematic and comprehensive hazard identification hard), and 2) their final output occurs relatively far upstream from actual point of risk realization (making accurate risk estimation hard). The existing guidance and standards seem to be crafted with physical devices in mind, where the device is typically applied to the patient much more directly, and process inputs are much more controllable.
Best regards,
Rasmus
Can anyone suggest good resources or principles concerning the application of ISO 14971 to very broadly defined stand-alone clinical information systems, such as "general purpose" clinical decision support systems, which can be constantly extended by adding new rules, even by the end users themselves? I know of IEC/TR 80002-1:2009 but I'm looking for something more specific to stand-alone software that interprets very heterogeneous data (that may often be unreliable to start with) by applying very heterogeneous clinically based rules, and gives messages to the user based on the interpretations.
For example, an obvious hazard could be "unreliable / incorrect / missing input data". But given the almost unlimited variations of relevant input data to each rule, and the equally vast amount of combinations of different "fault conditions" in the input data, it would seem like an intractable problem to list all of them in a hazard assesment matrix.
Also, it would seem all but impossible to estimate with meaningful accuracy the probability and severity of the harm that could occur, as actual treatment decisions are made and executed several ill-defined steps downstream from the user getting e.g. an erroneous message from a desicion support system.
Basically, it seems these kinds of CISs pose significant challenges from a risk analysis perspective because of two broad reasons: 1) they typically depend on (but cannot control) the quality of a large set of very heterogeneous input data (making systematic and comprehensive hazard identification hard), and 2) their final output occurs relatively far upstream from actual point of risk realization (making accurate risk estimation hard). The existing guidance and standards seem to be crafted with physical devices in mind, where the device is typically applied to the patient much more directly, and process inputs are much more controllable.
Best regards,
Rasmus