Risk Management in an FDA Context - Extended definition of "harm"

M

MIREGMGR

Those of you who manufacture devices for worldwide markets, and have a QMS that is intended to simultaneously comply with FDA and EC / MDD requirements:

My conclusion from reviewing various FDA 483s, PMN review comments and other actions is that the FDA regards the failure of a device to technically perform as expected as a "harm" outcome, even if it does not result in specifically identifiable "physical injury or damage to the health of people, or damage to property or the use environment."

(That is, a failure by inaction, rather than a failure by wrong action.)

Do you use an extended definition of "harm" in your ISO 14971:2007 implementation, to take this broader expectation of device risk into account?

And a second question: do you use modified wording in your Scope statement to take into account the inclusion of animals within some devices' permissible uses within FDA jurisdiction, but the exclusion of animals elsewhere?
 

yodon

Leader
Super Moderator
Re: Risk Management in an FDA Context

We generally include any potential failure in our hazard analyses. In those cases where there is no harm, severity is close to, or 0.

Second question is interesting. We've never used any modified wording in the scope and I do believe we've done some devices that could be used on animals. I guess we figured harm is harm. If it makes sense and is justifiable, I don't see why it wouldn't be acceptable to do so. Note: we have, in many cases, mitigated risks by saying, where applicable, that the device is operated by a trained care professional.
 

Marcelo

Inactive Registered Visitor
FDA regards the failure of a device to technically perform as expected as a "harm" outcome, even if it does not result in specifically identifiable "physical injury or damage to the health of people, or damage to property or the use environment." (That is, a failure by inaction, rather than a failure by wrong action.)

This is the principle behind the "essential performance" of devices, the best example being a defibrillator which does not deliver when expected, resulting in patient death. Please note that, in these cases, there´s harm (as defined).

It´s the same thing on ISO 14971, so i didn´t understand when you said "extanded" issue.

Action or inaction, failure or normal use, it does not matter. From a risk management perspective, you need to take them all into account, and all regarding the possible hazardous situations.
 
M

MIREGMGR

This is the principle behind the "essential performance" of devices (...) It´s the same thing on ISO 14971 (...)

My copy of EN ISO 14971:2007 defines "harm" as "physical injury or damage to the health of people, or damage to property or the environment".

Is this term alternately defined elsewhere in 14971 to include failure to provide "essential performance" as harm, even if physical injury or damage to health does not result from a particular instance?
 

Marcelo

Inactive Registered Visitor
Essential performance is defined in IEC 60601, not ISO 14971 (Performance necessary to achieve freedom from unacceptable RISK").

Anyway, the point here is that there´s physical risk in the hazardous situation of the device not performing as expected - in the defibrillator case i cited, the resulting harm of the hazardous situation of the equipment not performing is the patient death.
 
M

MIREGMGR

My response above was only intended to note that, while in other standards the term "harm" is better defined, there is an issue with the definition provided within 14971 itself, and that can be a problem when another standard does not supply a contending definition...particularly because the FDA pretty much references 14971 on a freestanding basis, not as an element within an array of interrelated standards.

As to your defibrillator example...yes, if someone is injured or dies as a first-order result of non-performance, I agree that's harm per 14971. I'm aware of existing legalistic interpretations that the terms "injure" and "damage", used as verbs, infer action and therefore do not establish responsibility for the outcome of inaction or failure to act, but I'm not arguing legalisms in this forum.

My more serious perception, though, is that the FDA wants "harm" to additionally reflect the general requirement that devices be both safe and effective, by including in the "harm" definition something like "failure to meet reasonable performance expectations, applicable performance standards and/or general requirements for safety and effectiveness".

The OP was an inquiry as to whether any other participants here share this latter perspective and have used an extended harm definition within their own QMSs.
 
C

CluPhone

Sorry for not responding earlier so I hope this discussion is still alive (even if not in Elsmar)... I was just in Elsmar looking for a similar dialogue.

I agree with the defibrilator example... but that is a no-brainer... the harm to the end user is a huge issue and the device should not be considered EFFECTIVE... (but highly safe:lmao:).

But what about devices that are typically considered more "Risk averse"? I'll use a tongue depresser as an example.

Hazard Analysis - Proper documentation of how to use... would most likely not have anything near "death" or even "moderate injury" assigned for the Hazard.

For the DFMEA... similar to the Hazard Analysis.... (unless someone else outside of the producer made a shiv):mg:.

For the PFMEA... if we use a saws and a planer in the process, we would want to ensure controls were in place to prevent the user (assembly line worker or similar) from being injured.:bonk:

However... if the depressors were made too "flimsy", they would not be EFFECTIVE... the patient harm is perhaps even too low to calculate... BUT the risk to maintaining that account (or the truckload of accounts that now have cases of flimsy tongue depressors) is HUGE and would under other industries practices be considered career limiting.

Now, when you have a number of the above events... eventually you have to prioritize them and demonstrate occurrences, detections and controls (if not for the "14971:2007" flavour) for the ability to demonstrate you can make these relatively reliably (else you end up no longer making much).

So does anyone have any ideas on how to manage those details... ideally within the PFMEA without losing the momentum and the synergy of the group of experts gathered performing the PFMEA? OR.. should we have to relagate this to yet another document???
 
M

MIREGMGR

As long as this thread has magically come back to life...a further thought:

How is "harm" managed in instances where the "physical injury or damage to the health of people, or damage to property or the environment" is a matter of controversy or objective disagreement?

Suppose one doctor says that X may be significantly harmful, but another says it won't be? Instances of that are easy to find.

What about controversial environmental risks? It's easy to find authoritative opinions that Y is harmful, and others that it's not.

Regarding in this latter issue, national legal stances don't agree. I can point to a number of significant differences between the legal definitions of environmental harmfulness among different nations to which this standard is relevant. I think eventually the FDA will recognize that they screwed up badly from a legal perspective in moving toward ISO 14971 harmonization, without addressing the fundamental definition problems first.

My opinion is that ISO 14971 is the hardest of the broadly applicable medical device standards to apply, and the weakest from the perspective of utilizing its requirements as the basis for a responsible compliance program, because of this fundamental lack of clarity in its core definitions.

I think eventually the FDA will recognize that they screwed up in beginning to utilize ISO 14971 as a step toward harmonization, without first dealing with the legal definitional inconsistencies.
 
Last edited by a moderator:
C

CluPhone

I agree.

As far as harm (environment or safety), you go with the conservative approatch... Sometimes I've dealt with harm due to environment as a seperate FMEA item (whether it is recyclability of some byproduct in manuf or end of life of product). If it is environment or operating personnel, I look to the ACGIH data... and check it against any OSHA or EPA / EU regs as well.

If it is patient harm, I try to obtain the study or paper. If it is a peer reviewed Journal, I stop there... if not, then I take the liberty of contacting the author. If they are willing to make the claim, the discussion of their data should be welcome... and... there may be a reason that it wasn't published in a peer reviewed publication (like it didn't pass critical examination).

Most of the time, I believe FDA only wants the focus of the FMEAs to be solely on patient safety... Unfortunately this only girdles the power of FMEAs under most circumstances.

Anyhow... That's why I'm asking if there have been any changes in paradigms for execution of FMEAs since we all now have been beaten with the 14971 stick.
 
Last edited by a moderator:

Marcelo

Inactive Registered Visitor
Just as a general comment, these diverences in harms, even controversial ones, would need to be included in the development of the risk acceptability criteria, if using ISO 14971.

This is because it´s the responsibility of the manufactureer to take these into accoount.
 
Top Bottom