Risk control through Information for safety

sriramsl

Involved In Discussions
#1
Hi all
Recently we had the audit, the auditor mentioned that as per 2019 version Risk control measures through "Information for user" can not be taken as a risk reduction either in probability or severity. However I am unable to find any reference to this in either the Standard or in TR24971-2020.
I will appreciate if the experts can advice me.

Regards
Sriram
 
Elsmar Forum Sponsor

Hi_Its_Matt

Involved In Discussions
#2
I am certainly interested in hearing other people's opinion about this as well.

According to 14971/24971, providing "information for safety" is absolutely an appropriate Risk Control measure, and it should absolutely be considered when figuring out ways to reduce risk. In this context, information for safety could be things like warning labels, instructions, contra-indications, etc.

Having said that, the effectiveness of this information for safety has to be verified. If a company attributes a reduction in either the severity of a harm or the probability of the harm occurring to "information for safety," then they have to have the data to support it. I think historically companies have been quick to list IFU's or warning labels as a Risk Control, without having any data to support their claim that these things actually reduce risk.

Separately from information for safety, companies are required to disclose information related to residual risk. I would agree that disclosing and providing information related to residual risks is NOT an acceptable form of risk control.
 

yodon

Leader
Super Moderator
#3
isk control measures through "Information for user" can not be taken as a risk reduction
This probably comes from the EN 14971:2012 'content deviations.' (I believe there is an EN version of 14971:2019 but haven't seen if the same content deviation is provided there.)

Personally, I agree with that sentiment and as @Hi_Its_Matt points out, it would need to be demonstrated as effective. That, to me, would be very hard to rely on given how many people don't even read the IFUs and even if they did (once), it's likely the IFU wouldn't be picked up again for subsequent uses of the device.
 

Tidge

Trusted Information Resource
#4
From memory, certain NBs started making a fuss about Information for Safety (IFS) not being "allowed" to reduce risk because of some subtle differences between EN 14971:2012 and ISO 14971:2007.

Some assorted comments on Information for Safety (IFS) at the risks level:
  • IFS can't eliminate/reduce a harm,
  • IFS can't reduce p2 (the probability that a hazardous situation leads to a harm)
I suppose it is possible to try to make an argument that the probability of being exposed to a hazardous situation (p1) could be reduced by IFS, but that is an uphill climb. I would expect the risk file to have rather detailed explanation of the user classes (including mental models, cognition frameworks, etc.), the nature of the IFS... and have the validation to demonstrate/justify the reduction in p1.

If the risk files are set up like failure modes effects and analyses, I think the circumstances are even worse:
  • As with risks, the Severity ratings of Harms can't be lowered because of IFS (fire still burns people)
  • The Occurrence of a failure mode isn't reduced because of IFS
  • "Detectability" of a failure mode is a bit of a can-of-worms (for medical device manufacturers)... many are recommending the rejection of this as a metric in Design FMEA.... and (my opinion) those who would reject it at the DFMEA probably can't make a coherent argument in favor of it in a Use FMEA either.... Personally I think IFS has the possibility to improve a detectability rating in an FMEA... but I need to bluntly assert that a study of failure modes are not the same as risk analysis so I wouldn't try to defend IFS as reducing risk (at an FMEA level).
There is a LOT of text in the consensus standard and guidance dedicated to the differences between IFS risk controls and disclosure of residual risk; I don't feel particularly comfortable to offer specific advice on that subject.

There is a possible 'escape hatch' relating to the potential to use IFS to reduce risks that I don't like to recommend. 14971 (2019) is explicit that "Relevant Standards should be applied as part of the risk control option analysis" and 24971 (7.1.3) discusses the presumption of compliance with certain (the word "particular" is used, but it is not obviously used in the 60601-1 sense of the term) standards via identified IBD, PMD, and IFS controls CAN allow for the presumption of safety (freedom from unacceptable risk). This is a very subtle point that I know from experience is not easy to make. This point is tied up with risk control option analysis (in 14971) which by itself is an area that I know both manufacturers and 3rd parties get tripped up in.

Sidebar that doesn't strictly apply to 'labels' or 'user manuals', because I can't help myself:

If a person wants to go looking for trouble, there are further complications in the consensus that once existed (circa 2013), but I must admit that I long ago stopped trying to track these inconsistencies. One area of confusion was that elements of an alarm system was recognized as "protective measures" in 14971 (and 24971) but referred to as IFS in 60601-1-8, 62366-2 (6.5.3)... see also the discussion in 60601-1-8 (A.1.2). From memory, 62304 is slightly more blunt that "alarms" (not capitalized in the 'standards' sense) are implemented design details, which IMO makes them more obviously PMD risk controls than typical IFS controls. Not all alarm systems are implemented in software, of course.

The sidebar above is a subtlety that I don't believe a majority of 3rd parties would flag as non-conformities, but could become 'sharp edges' in a sloppy risk management file. I do believe it is possible to construct a coherent approach to alarm systems such that it is possible to (obviously) claim a reduction in risks in medical devices without running afoul of a 3rd party reviewer, just that the design team has to recognize that the implemented behavior of an alarm system is a PMD, but that the informational content of an alarm signal may be more like IFS.
 

Igor Guba

Starting to get Involved
#5
ISO 14971:2019, 7.1 Risk control option analysis
The manufacturer shall determine risk control measures that are appropriate for reducing the risks to
an acceptable level.
The manufacturer shall use one or more of the following risk control options in the priority order listed:
a) inherently safe design and manufacture;
b) protective measures in the medical device itself or in the manufacturing process;
c) information for safety and, where appropriate, training to users.


Even if 14971 hadn't specified the information for safety as one of the main applicable risk control options, it would have been an inevitable choice for some of the risks, especially those associated with misuse / use errors.
 

ThatSinc

Quite Involved in Discussions
#6
<Deep Breath>

I've had this argument with auditors at BSI, Intertek/Amtac, LRQA, TUV SUD, and SGS, and all have relented and either not raised NCs or closed out NCs.
From basic Class I devices, to complex Class IIb electromed devices.
I've even had discussions with a former program manager at BSI regarding this topic and it's understood that the content deviations were written based on a misunderstanding of the essential requirements and how risk control options were referenced there, and cross referenced in the risk control options documented in 14971.

There ended up being confusion between IFS and Residual Risk.

The NBMed position paper on this was accepted by several NBs, but some kept pushing for IFS to be ignored.

Information for Safety can, and does, reduce risk.
Disclosing residual risk, does not.

On a piece of equipment that uses UV, Lasers, or X-Rays, a warning sign, a picture of safety equipment and further details in the instructions for use regarding what safety equipment you must wear when in proximity, can have a demonstrable effect on safety. Readily shown through usability studies.

Stating "Exposure to UV may cause cancer" is disclosing residual risk, and does nothing to instruct on how to prevent this.


How this affects the risk file? In my opinion, if the residual risk is as you state it - and your post production data supports it. amend your pre-controls risks to reflect this value.
If the IFS cannot contribute to reduce risk, then it was already at your residual level.
 

Al_Z1

Starting to get Involved
#7
Information for Safety can, and does, reduce risk.
Disclosing residual risk, does not.
This was my argument for SGS auditor, regarding to NC in the RMF. He did not accept it, so I had to provide some extended data about design and protection measures taken to lower the risks, which I guessed to be needless to say, as they were described in technical data.
Also, as i remember from old EN 14971:2007/2012, deviation from it directly prohibits to use IFS as risk control option. But I used ISO 14971:2019, as state of the art standard (and it was ok for SGS), but still auditor raised NC.
 
Last edited:

ThatSinc

Quite Involved in Discussions
#8
This was my argument for SGS auditor, regarding to NC in the RMF. He did not accept it, so I had to provide some extended data about design and protection measures taken to lower the risks, which I guessed to be needless to say, as they were described in technical data.
Also, as i remember from old EN 14971:2007/2012, deviation from it directly prohibits to use IFS as risk control option. But I used ISO 14971:2019, as state of the art standard (and it was ok for SGS), but still auditor raised NC.
I'd ensure you get specifics about the requirement that the finding is raised against, they should be able to provide you with a regulatory requirement.

Don't forget that all standards are voluntary, and the NBs duty is to ensure you are compliant with the regulation, not the standard*, so if you're stating compliance with 14971:2019 as a means to comply with the MDR, they should be able to point to a requirement in the MDR that you're not meeting.

If you then still have issues, depending on how far you'd like to take it - raise a formal complaint.

* if you state that you're complying with a standard as a means of presumptive conformity and then aren't meeting the standard they can pick you up on this - but only insofar as that you're using the standard to comply with the ERs / GSPRs and you're not meeting the standard, therefore not meeting the ER / GSPR.
 

Enternationalist

Involved In Discussions
#9
Yeah, your auditor is wrong. Disclosure of residual risk is not a control, but information certainly can be - but only if you have evidence that it actually works. Be very careful and think thoroughly about if risk probability could actually be reduced by information.
 
#10
As a couple others have noted its the disclosure of a residual risk that can not be attributed as a risk control. The best way to demonstrate information for safety does mitigate risk is to ask someone 'if I have a physician that has read the IFU and one that has not, who would you like to operate on you?'. If its physician #1, ask them, I thought information for safety can't reduce risk?' Instructions on proper and safe use is a necessary risk control option.
 
Thread starter Similar threads Forum Replies Date
E Do anyone have document of automotive production risk and control of risk? Lean in Manufacturing and Service Industries 1
T IEC 62304 : Risk control for SaMD IEC 62304 - Medical Device Software Life Cycle Processes 8
M Does 4.5 - Alternative RISK CONTROL apply to the Particular Standards? IEC 60601 - Medical Electrical Equipment Safety Standards Series 3
D Use Error Risk Controls and Control Verification ISO 14971 - Medical Device Risk Management 6
K Defining risk control measures IEC 62304 - Medical Device Software Life Cycle Processes 14
M ISO14971:2019 - Verification of implementation and effectiveness of risk control ISO 14971 - Medical Device Risk Management 14
R Risk control measures as per ISO 14971 ISO 14971 - Medical Device Risk Management 6
adir88 Documenting Risk Control Option Analysis ISO 14971 - Medical Device Risk Management 8
D IEC 62304 Risk Classification - With and without hardware control IEC 62304 - Medical Device Software Life Cycle Processes 2
D Performance specification as a Risk Control Measure, EN 14971 ISO 14971 - Medical Device Risk Management 7
Ashok sunder Is it possible to reduce Risk likelihood and impact Post control Ranking after corrective action taken for risk? FMEA and Control Plans 1
D Software as risk control - Confused on one aspect of IEC 62304 IEC 62304 - Medical Device Software Life Cycle Processes 20
qualprod ISO 9001 Risk control method - What could be the better way to control risks? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
M Can Scope of Equipment Control be Tied to Risk? 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 3
Y Training as a risk control for ISO 14971 ISO 14971 - Medical Device Risk Management 13
Q How to Analyze Risk if is out of your control ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
F Medical Device HACCP (Hazard Analysis and Critical Control Point) Risk Management ISO 14971 - Medical Device Risk Management 2
Y Risk Control Implemented in Software IEC 60601 - Medical Electrical Equipment Safety Standards Series 6
K Risk Reduction by Risk Control: IEC:62304-Class C ISO 14971 - Medical Device Risk Management 15
A 5.5.3 - Software Unit Acceptance Criteria (Risk Control Measures) IEC 62304 - Medical Device Software Life Cycle Processes 3
A Effectiveness of Risk Control Measures ISO 14971 - Medical Device Risk Management 4
M Control Measures for Hazards already deemed Low Risk ISO 14971 - Medical Device Risk Management 6
M ISO 14971:2012 - Verification of Implementation of Risk Control Measures ISO 14971 - Medical Device Risk Management 12
Q Applying Risk to the Medical Device Document Control Program Document Control Systems, Procedures, Forms and Templates 3
S What to do if no further control possible to reduce the OHS risk? Occupational Health & Safety Management Standards 16
S What does "Operational Review" mean as tool - Effectiveness of Internal Control Risk Management Review Meetings and related Processes 3
S Risk Management and Revision Control ISO 14971 - Medical Device Risk Management 1
Marc Millions of Ford vehicles have fire risk part - Cruise-control deactivation switch World News 0
A Maturity Model of Organisations - Administrative Risk Control And CI Misc. Quality Assurance and Business Systems Related Topics 0
T AS9100D Risk-Based Internal Audit Schedule AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 10
thisby_ Installation Related Issues and Risk Management ISO 14971 - Medical Device Risk Management 5
W Reconciling FMEA RPN ratings with Risk Acceptability ISO 14971 - Medical Device Risk Management 11
D How to address the content deviation of 'cannot apply criteria of risk acceptability prior to...' ISO 14971 - Medical Device Risk Management 1
Doninina Risk management file according MDR or ISO 14971:P2019 ? EU Medical Device Regulations 2
T Risk based CA AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
T IVD Risk - destruction of patient samples - Harm to property? ISO 14971 - Medical Device Risk Management 5
R Using RPN to Confirm Risk Reduced to an Acceptable Level Risk Management Principles and Generic Guidelines 12
T IVD Device Software - Risk Classification IEC 62304 - Medical Device Software Life Cycle Processes 16
G Help:Risk Management - Accessories US Food and Drug Administration (FDA) 1
N Writing Risk Management procedure for small manufacturing and we don't know where to start. Manufacturing and Related Processes 9
E How to risk assess tooling? For a medical device and is it needed??? Manufacturing and Related Processes 2
M Clinical evaluation interface with the risk management process EU Medical Device Regulations 9
L Risk analysis Manufacturing and Related Processes 4
J Risk Analysis for Proficiency Testing Reliability Analysis - Predictions, Testing and Standards 1
J ISO 10993-1:2018 Format to Perform Risk Management Process US Food and Drug Administration (FDA) 1
B Risk Management Procedure updates needed for 14971:2019 ISO 14971 - Medical Device Risk Management 11
M What is the Risk of Using Obsolete Versions of C=0 & ANSI/ ASQ Z1.4 Sampling Plans? ISO 13485:2016 - Medical Device Quality Management Systems 8
D AS9100D 8.4.2 Note 2 Significant Operational Risk AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 1
A Calculating Risk Estimation ISO 14971 - Medical Device Risk Management 29
M Intended Use vs Actual Use and Scope of Risk Management EU Medical Device Regulations 8

Similar threads

Top Bottom