Software user interface - definition of hazards

TomQA

Starting to get Involved
#1
Hi,

I am working on the risk (hazard) analysis of a Software as Medical Device (SaMD). The SaMD is basically a webapp (website) where you planify therapy plans, give suggestion of therapy exercises depending on the patient's evolution etc.

Most of the hazards are therefore linked to the usability / user interface. For exemple, one of the risk identified was that "the therapist edits the wrong patient profile" due to a misuse / misunderstanding of user interface "not user friendly" which creates a modification in a patient's therapy plan (and therefore the patient does the wrong exercises).
My question is, what is the HAZARD for risks linked to usability of user interface ? Does it have to be something Generic ? The ISO14971:2019 (see below) gives examples of relationship between HAZARD -> Hazardous situation -> Harm, so in our case would the HASARD simply be "Misuse" ?

And finally, what could be a risk control ? Can we simply put for example : "User-friendly User interface" ? Does that make any sense ?
Thank you very much !

Screenshot 2022-05-12 at 10.58.42.png
 
Elsmar Forum Sponsor

Tidge

Trusted Information Resource
#2
I find it easiest to stick with HAZARDS as things that physically exist in the world that are recognized as a direct source of harm. "Direct" is not explicitly in the definition in 14971, but if it isn't direct then it means that something else is actually the source of harm.

"Misuse" does not exist in the physical world, misuse only has context in the circumstances for use.
 

TomQA

Starting to get Involved
#3
Hi, thank you for your response !
Yes but how would you therefore name the hazard for a software user interface?
 

Tidge

Trusted Information Resource
#4
Perhaps I am revealing some personal attitudes: I think in the general situation you describe, the harms are coming from the physical therapist and not the software. The hazards, in my imagination, would be kinetic (or possibly potential, depending on the exercise) energy, such as comes from direct manipulation by the therapist or patient.

I'd also explore the risks of "delaying treatment" (by recommending incorrect PT) but that is more akin to the device being ineffective than introducing a new harm.
 

ThatSinc

Involved In Discussions
#5
For your risk controls, you'll want to explicitly state what part about the user interface will control the risk.
In the example you have given, the hazardous situation being the instruction to perform an inappropriate exercise (as a result of selecting the wrong patient profile).
Assuming that this is used by a professional and then sent to the user, including the patient name in a larger font and having a confirmation screen of all input data prior to sending to the patient as potential options to reduce the probability that they will get sent the instruction.
Including the patient name on the report that gets sent to them for instruction on exercises, to reduce the probability that they will perform the exercises.

That's potential options for reducing both P1 and P2 from the in-use error of selecting the wrong patient profile.
 

Al_Z1

Starting to get Involved
#6
I guess, IEC 62366-1 and 62366-2 would be useful in your case, cause these documents adress user interface requirtements and guidelines.
 

Tidge

Trusted Information Resource
#8
I guess, IEC 62366-1 and 62366-2 would be useful in your case, cause these documents adress user interface requirtements and guidelines.
I would also recommend AAMI HE75, as it has several chapters relevant to software implementations, and at least one chapter explicitly devoted to it.

One of the best (free) resources on the subject of Usability and Human Factors is the US Department of Energy's Handbook 1028 (especially volume 1, chapter 2). You have read that volume with the attitude that the knowledge within is applicable across multiple disciplines. I found that handbook to be the best source (for myself) to understand and appreciate many of the concepts that were (IMO, casually) referenced in the original version (single volume version) of 62366.... such as "Mental Models".
 

Hi_Its_Matt

Involved In Discussions
#9
@TomQA I don’t think you can talk about HAZARDS without first having agreement on what the HARM is. And it looks to me like you haven’t clearly articulated what the specific HARM is.

In situations like this, I very often find myself going back to the definitions of the relevant terms.
HARM – injury or damage to the health of people, or damage to property or the environment
HAZARD - potential source of harm
HAZAROUS SITUATION - circumstance in which people, property or the environment is/are exposed to one or more hazards
I also find it useful to ask “what is the initiating event?” and “what subsequent series of events has to take place for the hazardous situation to occur?”

Having said all that, my initial thought (after giving this ~5 minutes of thought, so… perhaps take it with a grain of salt) is:
  • HARM is something like “Delayed patient recovery time.”
  • HAZARD feels something like “Incorrect or incomplete information given to patient.”
  • And HAZARDOUS SITUATION is something like “Therapist saves treatment plan to incorrect patient account."
I think it would probably be in a lower-level risk analysis document (such as a DFMEA or UFMEA), or in a "sequence of events" field, if you're using one, that the user-interface related cause of the HAZARDOUS SITUATION is described.
 

Tidge

Trusted Information Resource
#10
Mmmm salt, nom nom...

Having said all that, my initial thought (after giving this ~5 minutes of thought, so… perhaps take it with a grain of salt) is:
  • HARM is something like “Delayed patient recovery time.”
  • HAZARD feels something like “Incorrect or incomplete information given to patient.”
  • And HAZARDOUS SITUATION is something like “Therapist saves treatment plan to incorrect patient account."
I don't like the above suggestions for HARM or HAZARD. Re: harm... "Delay in treatment" is either (a) an ineffective medical procedure or (b) must be the cause of some sort of actual injury, i.e. "infection", "blood loss". Re: hazard... as I wrote above, if a thing cannot exist without context, I have trouble seeing it as a hazard. Humans are not directly injured by "information", no matter the correctness or completeness.
 
Thread starter Similar threads Forum Replies Date
D Software User Interface Languages for LVD and IVD CE Marking (Conformité Européene) / CB Scheme 2
R Medical device software without user interface Other Medical Device and Orthopedic Related Topics 5
A Software Medical Devices without User Interface EU Medical Device Regulations 5
thisby_ Medical Device Software - User Interface Language - 93/42 CE ISO 13485:2016 - Medical Device Quality Management Systems 15
S Recommendation for user friendly Gaga R&R and Cpk software Gage R&R (GR&R) and MSA (Measurement Systems Analysis) 10
E Micro-Vu Inspec Software User Manual Needed Quality Assurance and Compliance Software Tools and Solutions 1
W User access to all new workmen employees for Training software Design and Development of Products and Processes 2
K Labeling Requirements for Software - No User Manuals? Other US Medical Device Regulations 1
N Is it compulsory to print the CE mark on our software & user manual CD-ROM EU Medical Device Regulations 3
D Looking for a "User Friendly" calibration system software package Calibration and Metrology Software and Hardware 18
M Software User Requirement Specifications Coffee Break and Water Cooler Discussions 3
J User Requirement Specification (URS) for off the shelf software Qualification and Validation (including 21 CFR Part 11) 7
J User Friendly SPC (statistical process control) Software Quality Assurance and Compliance Software Tools and Solutions 14
S Seeking: Good, User Friendly, Cheap SPC Software for the Shop Floor Quality Assurance and Compliance Software Tools and Solutions 23
P Computer Software Assurance Software Quality Assurance 2
P Software validation for FPGA Software Quality Assurance 1
R IVD Software FDA/CLIA doubts Medical Device and FDA Regulations and Standards News 0
R IVD software FDA and CLIA US Food and Drug Administration (FDA) 0
G Software verification vs. system verification IEC 62304 - Medical Device Software Life Cycle Processes 3
S Process Monitoring using SPC software Quality Assurance and Compliance Software Tools and Solutions 6
J Megger MIT520/2 adjustment software? Calibration and Metrology Software and Hardware 0
M Product Acceptance Software (PAS) PROCEDURE (BOEING D6-51991) AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 3
M 3D Scanner Software validation ISO 13485:2016 - Medical Device Quality Management Systems 7
Y Software to Manage IEC 62304 Traceability Requirement IEC 62304 - Medical Device Software Life Cycle Processes 3
T Software item classification and Detailed Design IEC 62304 - Medical Device Software Life Cycle Processes 4
T Software Unit definition - IEC 62304 - Medical Device Software Life Cycle Processes 3
T Classification Accessory Software medical device EU Medical Device Regulations 4
G Software Medical Device Classification EU Medical Device Regulations 7
D Software Validation Question ISO 13485:2016 - Medical Device Quality Management Systems 10
C. Tejeda Computer system validation approach for Minitab Statistical software Software Quality Assurance 7
B Can a software that receive data from a MD be classified as Class I?or is not a MD? EU Medical Device Regulations 5
A What JIRA Software workflows you use for your software lifecycle? IEC 62304 - Medical Device Software Life Cycle Processes 4
G Software change management Design and Development of Products and Processes 2
G IATF 7.1.5.2.1 Calibration/verification records :Program/software verification IATF 16949 - Automotive Quality Systems Standard 7
John C. Abnet ...validation of computer software ISO 13485:2016 - Medical Device Quality Management Systems 14
N Free statistical software Reliability Analysis - Predictions, Testing and Standards 7
T ISO quality system software such as MQ1 (which is what we currently use) Document Control Systems, Procedures, Forms and Templates 8
X Looking for 17025 auditor to perform internal audit on IT software testing laboratory ISO 17025 related Discussions 3
B ERP software validation - risk assessment vs validation scope ISO 13485:2016 - Medical Device Quality Management Systems 11
D Guidance for Medical records software/template ISO 13485:2016 - Medical Device Quality Management Systems 1
M MDSW Software importer distributor CE Marking (Conformité Européene) / CB Scheme 2
B Software as a Medical Device - Language Requirements EU Medical Device Regulations 6
B Software as a NON-medical device Medical Information Technology, Medical Software and Health Informatics 23
qualprod 8.3 for software development. ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
S Software design document NMPA guidance and consultant China Medical Device Regulations 4
C How to place software version for SaMD product in HIBC secondary data structure (UDI-PI)? Other US Medical Device Regulations 4
L Acquiring software from 3rd party company IEC 62304 - Medical Device Software Life Cycle Processes 8
R Validation of Software used in Verification Testing ISO 13485:2016 - Medical Device Quality Management Systems 2
A FMEA Software IATF 16949 - Automotive Quality Systems Standard 6
A Medical Device Software POC Medical Device and FDA Regulations and Standards News 6

Similar threads

Top Bottom