Risk assessment & Product development - All products - Medical device or not?

[Denis]

Hi, I need some advice can you help? I seem to be swimming against the tide here!

We have a product development team which bring new products to the market place. Some of these products are not medical devices, but they are used by customers who work to GMP and expect a high degree of conformance to all relevant standards and GMP.

I say, that we need to perform risk analysis for all products brought to the market place irrespective of whether it is a medical device or not.

I have read the standard, I believe that this is the intent of the document, others in the organisation believe I am just trying to slow down the process. I say it is a requirement (and good business practice), and I'm just trying to eliminate potential problems.

I would welcome a healthy discussion / debate - if I'm wrong - then that's ok, but why?

 

[Jon Griver]

I have read the standard, I believe that this is the intent of the document, others in the organisation believe I am just trying to slow down the process. I say it is a requirement (and good business practice), and I'm just trying to eliminate potential problems.

Denis,

Standards are not necessarily mandated regulatory requirements. While risk analysis is a regulatory requirement for medical equipment, I do not believe this to be the case for non-medical equipment.

Even when not legally required, performance of risk analysis is certainly good business practice and could be helpful as part of a defense in a product liability case.


Jon Griver

 

[mitsu11]

Risk Analysis = FMEA

When I first shifted into the medical device industry, I was thrown a lot of terms that seemed really specific to medical devices. (Overwelmed at first. Now I know better.) Risk analysis is one of those terms. Well, when I finally sat down to do one of these fancy evaluations, I realized that it is identical to an FMEA, which I had a lot of experience with in previous positions.

Now, FMEA/risk analysis is not required by ISO-9001 or some other standards, but isn't it a good idea? You are taking your product, your system, your process, and evaluating how it will affect other people/things/whatever. Engineers only know so much, and they can't consider every possible impact of a new product during design. This offers an organized, "step back and look at the forest" kind of approach that can really improve a design even more.

I would really question the output of a process that doesn't try something like this, even if it is on an informal basis. Have a meeting with design, manufacturing, sales, and service. Ask "how can this hurt someone? or break? or be done better?". Write down the answers, and you got it. You don't need a form per se to successfully manage your risk.

... Unless you manufacture medical devices. Then you need a form.

 

[qualitygoddess - 2010]

Denis:

I agree that risk analysis is a great tool for product development. I have seen risk analysis for medical devices be quite labor-intensive, and wonder if you could support a less stringent approach for the non-medical products. You would still get the benefit of something like FMEA, but without some of the extras for a full risk analysis as described in 13485, and promulgated by the regulatory agencies?

--J

 

[Al Rosen]

Risk analysis is one of those terms. Well, when I finally sat down to do one of these fancy evaluations, I realized that it is identical to an FMEA, which I had a lot of experience with in previous positions.

Risk analysis goes beyond Failure Mode Effects Analysis. It takes into account the risks associated with normal use as well as the risks associated with failure of the product to perform properly.

 

[mitsu11]

Risk analysis goes beyond Failure Mode Effects Analysis. It takes into account the risks associated with normal use as well as the risks associated with failure of the product to perform properly.

The FMEA I learned did incorporate those things. It may have helped that I originally learned from an anal frenchman (that is a compliment to him, really).

 

[Denis]

Thanks for the feedback, but here lies my main concern.

Risk analysis is a cornerstone element of 13485, and as such if we as a company comply to this standard we should be performing some form of Risk Analysis.

13485 even points you in the right direction to 14971 Risk analysis.

I don't see that you can jump in and out of the standard to suit you, you either conform to 13485 requirements (in full) or you don't. As I said previously, there is an expectation (unstated customer requirements) that our products will be used in clean rooms for contamination control purposes, plus some medical devices.

Any thoughts?

 

[Vincnet]

Thanks for the feedback, but here lies my main concern.

Risk analysis is a cornerstone element of 13485, and as such if we as a company comply to this standard we should be performing some form of Risk Analysis.

13485 even points you in the right direction to 14971 Risk analysis.

I don't see that you can jump in and out of the standard to suit you, you either conform to 13485 requirements (in full) or you don't. As I said previously, there is an expectation (unstated customer requirements) that our products will be used in clean rooms for contamination control purposes, plus some medical devices.

Any thoughts?

My interpretation here is that 13485 is a standard for regulatory compliance which means that it sets rules to comply with regulations. Within your organisation you might have products requiring full compliance with regulation and products that are not regulated. So as I see it nothing forbids you to define somewhere in you QMS that for non regulated products the rules are slitghtly different part of this difference beeing the absence of Risk Analysis.

Having said that, iIagree with you on the fact that Risk Anal should be sound business practice, but I heard exactly the same comments in my company : "I am trying to slow down the process".
If you can find a good convincing real story where it shows that risk analysis could have help avoiding a real (economic) disaster for the concerned company. I am fairly sure that everyone will then listen to you ))

Vincent

 

[Denis]

Yes, I dare say I am trying to conform to the requirements with a Quality professionals view point. But, this is only for the sake of good business practice.

I will compromise my view in the light of the arguments put forward - if only to move the business along (for the present).

But I do know that at some point in the future this lack of risk assessment will come back and bite us.

The point I have been trying to raise in our organisation is that I am voicing genuine concern for best business practice.

Hey ho.

 

[Jim Howe]

Thanks for the feedback, but here lies my main concern.

Risk analysis is a cornerstone element of 13485, and as such if we as a company comply to this standard we should be performing some form of Risk Analysis.

13485 even points you in the right direction to 14971 Risk analysis.

I don't see that you can jump in and out of the standard to suit you, you either conform to 13485 requirements (in full) or you don't. As I said previously, there is an expectation (unstated customer requirements) that our products will be used in clean rooms for contamination control purposes, plus some medical devices.

Any thoughts?

Consider a business that uses several standards based on the requirements of each of its customers. For example; government vs. commercial (at one time they were two different solder standards).

In my experience we would wave solder government PC boards using rosin flux with vapor degrease clean but the commercial PC Boards were acid flux with water clean. So yes a company can and does jump in and out of standards depending on customer.

That having been said, I am currently employed by a company that has absolutely nothing to do with the medical field and we perform the following, as a minimum, on all new product development:

4.1.3 Risk assessment is based on:

1) Product safety analysis
2) Manufacturability analysis
3) Business risk analysis​

I cannot imagine that any company would pursue a new product and not perform at least a safety analysis! I agree with you that it may come back to bite, but not because of some standard requirement, rather common sense.