Standards and laws require medical device manufacturers to take measures to control and minimize risks.
Content
This page briefly introduces this topic and links to further articles with practical tips.
Manufacturers must not only control the risks but also minimize them to such an extent (see Fig. 1) that the residual risks are acceptable.
Fig. 1: Risk minimization measures reduce possible harm’s probability and/or severity.
The obligation to minimize risks applies to all risks, not just risks the manufacturer has assessed as unacceptable according to its acceptance criteria (red area in Fig. 1).
The laws and standards distinguish between three classes of risk minimization measures:
| Measure | Explanation | Examples |
| Inherent safety | A device or process is designed to prevent risk from occurring. | A device containing no allergic substances cannot trigger allergic reactions.
No one can get an “electric shock” from a device that is powered by a battery instead of mains power. |
| Means of protection | Measures that reduce the probability or severity of possible harm | A suspension that can carry eight times the required weight will rarely break.
A heterogeneous, two-channel architecture is less likely to cause harm if a component fails. |
| Information | Guidance on the correct use of the device on the user interface, in the instructions for use, or during training courses | A pop-up warning that two of the prescribed medications reinforce each other |
Tab. 1: The different types of measures
Standards and laws require manufacturers to implement the above measures in the order listed, i.e., to strive for inherent safety first (see Fig. 1).
Fig. 2: The standards and laws fix the order in which risk-minimizing measures are implemented.
It is wrong that information may no longer be used as a risk-minimizing measure. Read more about it in this article.
Legislation in all markets and all relevant standards require risk control. Examples are
Manufacturers must document the implemented measures and proof of their effectiveness in the risk management report.
The obligation to minimize and control risks is not limited to the development of devices but also applies to their production and operation, i.e., all phases of the product life cycle.
| Phases in the product life cycle | Possible measures |
| Defining the intended purpose and identifying stakeholder requirements | Restricting the intended purpose (e.g., the intended indications or patient and user groups) |
| Specification of the system requirements | Specifications for the use of materials
Formative evaluation to minimize usability risks Definition of a development process |
| Systems engineering and system architecture | Use of components with characteristics of high safety (terminology of IEC 60601-1)
Functionally safe architecture (e.g., multi-channel architecture) Use of established software libraries Segregation of components A system that goes into a safety state in the event of a malfunction |
| Production | Specifications for the use of auxiliary materials
Restriction of production processes (e.g., components milled from solid materials are less likely to contain air bubbles than injection-molded parts) ESD workstation for the assembly of circuit boards |
| Maintenance, servicing, operation | Use only by the manufacturer’s trained service technicians
Regular cleaning of the device Timely replacement of wearing parts |
Tab. 2: Phases in the product life cycle and possible risk control measures
Manufacturers are obliged to check (e.g., verify and validate) the risk-minimizing measures in several respects:
Fig. 3: The measures must be planned (in blue) and checked for existence and effectiveness (in red).
Safety assurance cases serve to prove the effectiveness of the measures and, thus, the safety of the devices.
Many manufacturers list tests in the “risk table” as risk-minimizing measures. However, tests do not reduce the probability or severity of harm.
However, they help identify and eliminate errors (during development and production). These corrections and corrective actions reduce the risks.
Tests do not lead to inherent safety, nor are they means of protection or information to minimize risk. Instead, tests make it possible to estimate the probability better and justify why it is as low as possible. This is because tests correspond to experiments or samples.
The task of tests is also to review the implementation and effectiveness of risk minimization measures.
Information is permitted as a risk-minimizing measure, as this article explains.
The contrary assessment is due to a misleading formulation in the “Z Annex” of ISO 14971:2012, which is harmonized under the EU directives.
Do you still have questions about risk-minimizing measures? You can get answers in our free micro-consulting.
In the risk management and 14971 seminar, you will learn about the regulatory requirements and how to implement them.
Benefit from the know-how of the experts at the Johner Institute to
Contact us right away to discuss the next steps. In this way, you can achieve safety devices quickly, without unnecessary effort, and promptly obtain approval.
The EU Medical Devices Regulation (MDR) regulates not only medical devices but also devices without an intended medical purpose, e.g., liposuction devices, breast implants, and colored contact lenses. In December 2022 – four and a half years after the MDR was published – the EU regulated the necessary details with two Commission Implementing Regulations (2022/2346 and…
DetailsIEC 80001-1 has the long title “Application of risk management for IT-networks containing medical devices – Part 1: Tasks, responsibilities and activities“. This article reveals what the standard requires and why manufacturers should also consider it. 1. About DIN EN IEC 80001-1 a) Objectives of DIN EN IEC 80001-1 The standard aims to help minimize…
DetailsWhether risk mitigation through information is permitted regularly leads to discussions. The answer to this question is important because it determines the conformity and non-conformity of medical devices. This article provides the answer and thus resolves a “historical misunderstanding.” 1. Regulatory framework All manufacturers are obliged to minimize the risks posed by their medical devices.…
DetailsThis article identifies the seven most common risk management errors that Johner Institute and its auditors encounter most often. It also offers advice on how to avoid these errors. Risk management is among the most important requirements medical device manufacturers must meet. Therefore, it is important that they avoid risk management errors. 1st error class:…
DetailsLaws and standards require organizations to prepare a risk management report. Notified bodies and authorities examine these reports intensively because risk management is a key regulatory requirement. Therefore, it is important (not only) for manufacturers to prepare precise, complete, and correct risk management reports. This article provides assistance in this regard. 1. What is a…
DetailsSoftware risk analysis depends on the following: Software itself cannot cause harm. It always happens via hardware or people. However, this does not mean there is no need for risk analysis in software. The opposite is the case! What distinguishes risk analysis for software from other medical devices In the case of (standalone) software, harm…
DetailsThe system architecture describes how a (medical) device is composed of components and how the components are related to each other via interfaces. In standalone software system architecture and software architecture fall together. Documentation of the system architecture The documentation should reveal the individual components and their interaction. We recommend that you use standard notations…
Details