Risks to a medical device’s performance can occur at any stage of the product lifecycle, as highlighted at the 2015 Risk Management Summit conducted by AAMI.
Sometimes, changes in a product may be so small that they are hard to detect. Consequently, the perceived importance is considered to be low when the risk could be much higher in reality.
Total Product Lifecycle Approach (TPLC) exploits cross-functional input and all potential data sources. According to experts, organizations can benefit by implementing the TPLC approach in their risk management practices.
In this context, manufacturers can benefit from a systems engineering approach, which encourages them to think of the entire healthcare system as the environment where a device enters. In this approach, manufacturers are expected to expand their scope of analysis further than that specific device and its parts to the bigger world around it.
The new IEC 60601 3rd edition promotes both systems engineering and TPLC perspectives for product safety engineers. This is in line with Amendment 1, which mandates the assessment of the risk management process used by manufacturers for developing medical devices.
This article explains the role of risk management within 60601 Amendment 1 and describes the definition of “Essential Performance”. It also explains that although post-production actions are not discussed by “type examinations”, companies should still implement strong feedback loops that not only tackle FDA QSR requirements, but also assist companies to control risks across the entire product lifecycle.
Two major changes from the 2nd Edition were introduced in the 3rd Edition of IEC 60601:
- An expansion of the Standard from Basic Safety (only) to incorporate ‘Essential Performance’
- Introduction of a requirement to assess the ‘Risk Management’ process implemented by manufacturers while developing their medical devices
These two changes had a far-reaching effect, because the concepts related to mitigating ‘Basic Safety’ risks such as electric shock, fire, and casualty have been properly defined.
For many individuals, the concept of ‘Essential Performance’ was new, making it difficult to mitigate their risks. The situation is further complicated by the fact that the 3rd Edition includes a requirement for conducting a process assessment within the scope of a type examination test standard.
Amendment 1 was mostly focused on explaining the assessment of a ‘Risk Management’ process within the scope of a type examination test standard and the authors’ intention with respect to evaluating the ‘Essential Performance’ of a device (Figure 1).
Figure 1. Risk management practices. © Goran Bogicevic / Shutterstock.com
Medical device manufacturers, however, live in an environment that makes it mandatory to consider regulatory compliance. In view of the changes related to IEC 60601 and its Amendment 1, such manufacturers are also expected to acknowledge and address the regulatory context, particularly considering the anticipation of global regulatory agencies for applying a risk management procedure across the entire product lifecycle.
Based on this background, this article reviews two major changes associated with Amendment 1 – elimination of consideration of Clause 9 (of ISO 14971) on assessment of production, and post-production information and clarification of ‘Essential Performance.’
Elimination of consideration of production and post-production information
The Amendment 1 change to Clause 4.2 of IEC 60601-1, which required ISO 14971 compliance, is the first major change discussed below. This revised requirement was comprehensively reorganized.
The specific requirement that addresses production and post-production information was a general requirement for ‘Risk Management’. A Risk Management process complying with ISO 14971 shall be performed. For compliance with this standard, all elements of the ISO 14971:2007 RISK MANAGEMENT PROCESS shall be applied except:
- Periodic reviews of the suitability of the RISK MANAGEMENT PROCESS (subclause 3.2, fourth dash, of ISO 14971:2007)
- The planning for and execution of production and post-production monitoring (subclause 3.1, fourth dash, subclause 3.4, item f), and Clause 9 of ISO 14971:2007)
Periodic review of the ‘Risk Management’ process was another element that was also excluded from consideration by the Amendment 1 revision. The reason for these exclusions was that the Scope of IEC 60601-1 is a Type Examination standard, which means assessing a device against the requirements of the standard indicates a “snapshot in time.”
In other words, during an assessment, the product’s representative sample should comply with all applicable requirements. if we contrast this with the scope of ISO 14971 that reads, in part: “This International Standard specifies a process for a manufacturer to identify the hazards associated with medical devices, including in vitro diagnostic (IVD) medical devices, to estimate and evaluate the associated risks, to control these risks, and to monitor the effectiveness of the controls."
The requirements of the International Standard are relevant to all stages of the lifecycle of a medical device. Also, risk control requirements, and tracking the effectiveness of the controls, are relevant to the entire lifecycle of a medical device.
On deeper analysis of the requirements, it was observed that risk management is defined by ISO 14971 as “a systematic application of management practices, procedures, and policies to the tasks of evaluating, analyzing, monitoring, and controlling risk”. The definition once again reiterates that management comprises of “monitoring” and “controlling” risk.
In “Essentials of Management, An International Perspective,” Heinz Weihrich and Harold Koontz define controlling as “...the measurement and correction of performance in order to make sure that enterprise objectives and the plans devised to attain them are accomplished.”
That is, a feedback loop must exist to control and manage risk. This is why production and post-production device performance have to be reviewed to ensure both efficacy and safety.
As quoted by regulatory officials to this article’s author: “How do you manage risk without post-production measurement? This query is fully established within the ISO 14971 standard and is indicated in the requirement of clause 3.1 that states “The manufacturer shall establish, document and maintain throughout the lifecycle an ongoing process for identifying hazards associated with a medical device, estimating and evaluating the associated risks, controlling these risks, and monitoring the effectiveness of the controls.”
There are several examples that can be cited in recent episodes, where failure to take proper action and track field performance attracted heavy penalties and considerable costs for the parties involved. Airbags and ignition switches are two such examples from the automobile sector.
In order to continuously review the effectiveness of a risk management process and to ensure that enterprise goals are being fulfilled, it is important to understand whether production and post-production data is being assessed through proper actions implemented based on the feedback.
Most importantly, medical device manufacturers should still perform the production and post-production review tasks even if IEC 60601-1 has eliminated the assessment of the planning for and execution of production and post-production monitoring in type examinations using that specific standard.
Required by Section 820.100 of the FDA Quality System Regulation (QSR), the Corrective and Preventive Action (CAPA) process suitably aligns with the requirements of ISO 14971 and clause 9.
FDA describes its expectations for meeting the Section 820.100 requirements in the Preamble to the QSR, as follows: “FDA...has written...[Sec. 820.100(a)(2)]...to require investigation of the cause of nonconformities relating to process, product, and the quality system....this section requires that nonconforming product discovered before or after distribution be investigated to the degree commensurate with the significance and risk of the nonconformity.”
It would be useful to realize why the combination of two types of standards – process and type examination – made it necessary to exclude the assessment of the planning for and execution of production and post-production monitoring from consideration in type examination test standard in accordance with IEC 60601-1.
Unfortunately, the regulatory imperative is unavoidable, irrespective of whether a certifier assesses the activity or not. At the outset, the risk management monitoring of production and post-production device performance is very important and helps ensure effective and safe devices in the marketplace.
Management action and production and post-production monitoring are essential to ensure the success of a CAPA and Risk Management program.
Clarification of essential performance
The concept of ‘Essential Performance’ is the next critical change in Amendment 1 to the 3rd Edition of IEC 60601-1. Based on this expanded subject in Clause 4.3, a manufacturer is required to:
- Specify performance limits that range from fully functional to total loss in single fault conditions as well as normal conditions
- Identify the device’s clinical performance required to realize the intended use
- Review the resulting risk, and if this is undesirable, identify this as ‘Essential Performance’
- Introduce controls to mitigate risk to a satisfactory level
This requirement is very important, because the basis of any ‘Risk Analysis’, and thus the ‘Risk Management’ effort depends on – Essential Performance, Intended Use, and Needs of the patient and users. The ‘Intended Use’ of the device should be established first prior to determining ‘Essential Performance.’
If the application of a medical device is clearly defined, it becomes obvious that different hazards and possibly different types of hazards will occur during risk identification.
For instance, a dialysis machine meant for a home environment will possess a different set of risks than a dialysis machine meant for use in a clinical setting. Similarly, in a clinical setting, dialysis machine users would be expected to have sound training, education, and licensing that are suitable to the risks related to those devices.
Also, the availability of personnel to respond to alarms and constant professional monitoring would be expected. In comparison to a home setting, where users may have physical or cognitive limitations and may not have a medical background. Also, responses to alarms may not be as timely as in the case of a clinical setting.
While a device manufacturer would be able to address the risks associated with a home setting, a home environment presents certain challenges when compared to a clinical environment.
The second step would be to define what exactly manufacturers anticipate the product to do from a clinical perspective. The product, for instance, can be used to diagnose various disease conditions, or the product may be used in the treatment, cure, prevention or mitigation of a disease.
The body’s function or structure may also be affected by the product. As soon as the product’s clinical function is known, the ‘Essential Performance’ can be defined.
‘Essential Performance’ can also be defined by asking questions like, what would happen to the patient if the product fails to perform the clinical function as specified?, or Is there a risk of harm?
If the answers to these questions are positive, then the patient will be affected by the product’s failure to perform the clinical function as specified, and if the risk of that harm is an undesirable risk as per the acceptance criteria of the manufacturer, then ‘Essential Performance’ is the identified performance.
Keeping these foundational elements in place, all the later Risk Management process steps will follow. The contextual boundaries for risk identification are established by a complete specification of the intended use of a product.
‘Essential Performance’ describes the device functions, which should be maintained under all conditions of both normal and abnormal use. Such steps are important to ensure that all the intrinsic risks related to a device fall within the scope of the later steps of the Risk Management process.
This article has shown how amendment 1 to the 3rd Edition of IEC 60601 addresses and explains the numerous questions that arise from the far-reaching, ambitious 3rd Edition standard.
Device manufacturers are still coming to terms with the effect of all these changes, which are gradually being implemented by regulators worldwide. With proper understanding of the authors’ intent, both patients and manufacturers would benefit from the rapid introduction of new products in the marketplace as well as from more effective and safer devices, which is the intentions of the ISO 1497 and 3rd Edition of IEC 60601-1.
Produced from materials originally authored by Mark Leimbeck, UL Advisory Solutions Consultant and Program Manager.
About UL Compliance to Performance
UL Compliance to Performance provides knowledge and expertise that empowers Life Sciences organizations globally to accelerate growth and move from compliance to performance.
Our solutions help companies enter new markets, manage compliance, optimize quality and elevate performance by supporting processes at every stage of a company’s evolution.
UL provides a powerful combination of advisory solutions with a strong modular SaaS backbone that features ComplianceWire®, our award-winning learning and performance platform.
UL is a premier global independent safety science company that has championed progress for 120 years. It’s more than 12,000 professionals are guided by the UL mission to promote safe working and living environments for all people.
Sponsored Content Policy: News-Medical.net publishes articles and related content that may be derived from sources where we have existing commercial relationships, provided such content adds value to the core editorial ethos of News-Medical.Net which is to educate and inform site visitors interested in medical research, science, medical devices and treatments.