Risk Register - Same hazardous situation, different severity of harms

#1
Hello,

I tried to read the faq and first two pages, but I could not find an answer to a probably basic question about the Risk Register.

My company is a manufacturer of imaging SaMD, used to prepare surgical plans.
One of the hazards considered in our Risk Register is the possibility for the clinician to overestimate the precision of our computer guided treatment system, thinking that if the plan is safe he cannot damage the patient. Hazardous situation: the clinician touches with his instruments a nerve of the patient (hazardous situation). The problem here is that two different harms are possible (or the same harm, with different severity): paralyzed muscle (severity: 4) or muscle temporary weakness/tingling (severity: 3).

Case 1:
p1 (probability of occurrence of hazardous situation) = 2
p2 (probability of hazardous situation leading to harm - paralyzed muscle) = 2
SE (severity of harm - paralyzed muscle) = 4

Case 2:
p1 (probability of occurrence of hazardous situation) = 2 (the same as case 1)
p2 (probability of hazardous situation leading to harm - muscle temporary weakness/tingling) = 3
SE (severity of harm - muscle temporary weakness/tingling) = 3

Same hazardous situation, but different probability for consequent possible harms.
Should we include both cases in the Risk Register, or only the second one with the highest severity harm?
I am also thinking about even more extreme cases (for instance, a hospital gas patient-delivery equipment, where the probability p2 decreases with the severity of the caused harm - headache p2=4, loss of balance p2=3, coma p2=2, death p2=1)... how to deal with this kind of situation?
 
#2
Generally, it's good to list all the hazards that are associated with the device in some document or across multiple documents. This helps in a few things:
  1. Demonstrates to the reader/reviewer that the team has methodically evaluated all the risks associated with the device.
  2. Provides a more complete view of the need to apply stricter risk controls/mitigation.
  3. Assists in the evaluation of the risk acceptability of the entire product, considering all hazards (not just the most harmful ones).
  4. Enables a more complete assessment of post market surveillance data after product launch.
Structure of documentation is generally up to the manufacturer, but should follow SOPs and/or risk management plan.
 

Marcelo Antunes

Addicted to standards
Staff member
Admin
#3
Please note that ISO 14971 does not require that you record all the sequence or combination of event (although I disagree with that, because I think they should be recorded).

Anyway, yes, you should include different risks for the same hazards and hazardous situations. For example, the risk control measure for them could be different.
 
#4
Please note that ISO 14971 does not require that you record all the sequence or combination of event (although I disagree with that, because I think they should be recorded).

Anyway, yes, you should include different risks for the same hazards and hazardous situations. For example, the risk control measure for them could be different.
Thank you Marcelo, that is what I suspected, although I have never seen this implemented in my (limited) experience.
What if the risk control measure is unique for all risks? Where is the value of listing all the risks/hazardous situations in this case?
 

Marcelo Antunes

Addicted to standards
Staff member
Admin
#5
People tend to try and "reduce" the burden by saying that they will focus only in some part, usually the highest severity ones, but this does not make sense.

For a starter, risk (unless a special case) is not severity only, which means that a better justification (which still does not make sense) would be to focus in higher risks (probability/severity).

Second, most expectations (including regulatory) are that all risk are identified and evaluated. in the case for example of a hazardous situation with different harms, we have different risks. So all of them should be included.

Third, as I mentioned, for different risks (even from the same hazardous situation), different risk controls might be required, so it's important to have them all and analyze them all.
 
#6
People tend to try and "reduce" the burden by saying that they will focus only in some part, usually the highest severity ones, but this does not make sense.

For a starter, risk (unless a special case) is not severity only, which means that a better justification (which still does not make sense) would be to focus in higher risks (probability/severity).

Second, most expectations (including regulatory) are that all risk are identified and evaluated. in the case for example of a hazardous situation with different harms, we have different risks. So all of them should be included.

Third, as I mentioned, for different risks (even from the same hazardous situation), different risk controls might be required, so it's important to have them all and analyze them all.
Thank you Marcelo, very valuable answer as usual...
 

Top Bottom