Thomas is an expert in Supply Chain and Manufacturing Optimization with more than 10 years of experience originating from Medical Device and High-Tech & Electronic Industries. He comes with a background as an Electronics engineer, complemented with a Master in Technology Management. Thomas has held positions in multinational corporations such as Nilfisk, heading the internal optimization program as well as the supply chain organization.
Implementing an effective Risk Management process
Risk Management with Minerva Medical Device PLM
Medical device manufacturers operate in an increasingly regulated, safety-critical environment, and frequently have many variants of parts, products, and product lines. It is, therefore, necessary to identify, estimate, evaluate your device risks at the right time to increase the quality and safety of the device, and to motivate the project members.
Having an effective risk management process add value by decreasing the project risks and avoiding costly late-stage changes. Furthermore, a risk management process is also mandated by regulatory authorities in the US through the FDA CFR 21 Part 820, the updated European EU MDR/EU IVDR and the MDSAP, which covers markets such as Canada, Brazil, Australia and Japan.
There are several aspects of implementing an effective risk management process. A recommended first step would be to establish a risk management process including useable and operational templates so that the process complies with ISO 14971:2012 for the European market and ISO 14971:2007 for the rest of the world.
This article will provide you with some tips on implementing – or improving – your risk management process.
No. 1 – allocate the right resources
The essential part of a value-adding risk management process is due diligence and the involvement of the right competencies to ensure that risk management is used as design input and not rationalizing after the device has been designed and developed. Resources should be allocated to ensure an effective risk management process.
Remember, successful risk management is a team effort, and therefore risk assessments should be carried out in workshops where relevant competencies participate to enable a common understanding and insight in the identified risks and the device.
No. 2 – establish a Medical Harm list
To avoid late-stage changes and ongoing discussions on how to evaluate harm, it is recommended to establish a Medical Harm list including severity classifications. This constitutes a baseline for the risk management of the device. By establishing a project-specific Medical Harm List, you will ensure that the project team members use the correct harm defined and agreed on by a clinical specialist.
No. 3 – allow for sorting your risks
Designing the organization’s risk template allows the project team to sort the risks by their severity of potential harm or another relevant category. Sorting your risks by e.g. severity of potential harm allows your project team to focus on the most critical risks and create the most impact early in the development process.
No. 4 – think in module
Assigning a specific module or device component to each risk will allow the project team to ensure that risks related to all modules or device components have been identified.
Remember to define the modules or device components of your device to enable identification of risks related to all modules and device components.
No. 5 – allow for filtering risks
Allowing the user of the risk template to filter on risks related to a specific component of the device or another relevant category will enable relevant stakeholders to efficiently identify risks related to their responsibility.
Filtering the use-related risks associated with the risk of serious harm allows your usability engineer or human factors specialist to efficiently identify the critical tasks that must be tested in the summative evaluation/human factors validation test.
No. 6 – identify risks throughout the whole medical device lifecycle
As a user-centric development team, the thought is often focused on the device use as the “operation” step of the lifecycle. However, it is important to also design for – and minimize risks related to – e.g., storage, repair, and disposal.
In your templates, consider assisting the project in identifying risks in all lifecycle steps by adding a column to your template called “lifecycle step”.
No. 7 – remember, risk management is an iterative process
Risk management is an iterative process and you should review your identified risks and assumptions throughout the development process. Early in the process, your focus may be mostly identification of risks – later, the focus may be on the effectiveness of your risk control measures. Remember to update your risk management file throughout the project.
If you are seeking a comprehensive solution - one that can manage risk, ensures complete coverage of all requirements, design specifications, and software components, and provides easily navigable links to verification and validation tests to demonstrate both process and product quality. Minerva Medical Device PLM offers a complete single-solution approach where product design, risk management as well as verification and validation activities, and artefacts are all managed in a single platform.