Risk and Risk Management

This column will appear occasionally in Sound Waves and will discuss topics concerning the International Electrotechnical Commission (IEC), the International Standards Organization (ISO), and international standards and how they affect the ultrasound community.

The topic of medical device safety cannot be raised without including the concepts of risk and risk management in the discussion. With the upcoming publication of IEC 60601-1 ed3: Medical electrical equipment- Part 1: General requirements for basic safety and essential performance, risk and safety have become closely tied via the inclusion of ISO 14971: Medical devices- Application of risk management to medical devices: One result is that manufacturers shall now also use risk management as one means for demonstrating the safety of their products. Hazard, risk, risk management, and safety are key terms and are defined in ISO 14971:

Hazard: "possible source of harm"

Risk: "combination of the probability of occurrence of harm and the severity of that harm"

Risk management: "systematic application of management policies, procedures, and practices to the tasks of analyzing, evaluating, and controlling risk"

Safety: "freedom from unacceptable risk"

In this approach to safety, the organization responsible for the risk management plan, typically the manufacturer in the case of diagnostic medical devices such as ultrasound, must identify, in a systematic and defined fashion, all possible hazards, the severity of the related harm, and the probability of occurrence of that harm. From that analysis, the manufacturer determines and documents whether the product is safe, that is, whether the risks associated with the application of the device are considered to be acceptable. The resulting risk management "file" must be made available for review by regulatory agencies and notified bodies to ensure that a robust analysis was made.

The manufacturer shall establish a risk management process and therefore must perform a number of very specific steps as outlined in ISO 14971:

1. Identify intended use and characteristics related to safety of the medical device.
2. Identify known or foreseeable hazards.
3. Estimate unacceptability/acceptability of the risks for each hazard.
4. Determine if risk reduction is necessary. If yes, then implement risk reduction and determine if the residual risk is acceptable. Also, make sure no new risks have resulted from the reduction strategy. If the resulting risk is still unacceptable and no further steps can be taken to reduce it, determine if the medical benefits outweigh the residual risk.
5. Once the individual hazards are evaluated, determine if the overall combined risk is acceptable. If yes, then complete the risk management report and proceed with production. If no, then the product must be reevaluated as necessary. This could result in a redesign, altered intended use, or even termination of the project.
6. This, however, is not the end of the process. Risk management requires periodic and continual postproduction reassessment to determine if previously unrecognized hazards exist or have become evident, if the estimated risk arising from a hazard is no longer acceptable, or if the original assessment has otherwise been invalidated.

The ISO 14971 standard, first edition published in 2000, does provide some informative guidance on estimating risk and suggests means for evaluating that risk. The standard does not mandate any particular protocol for implementing risk management other than the steps listed above. Even more guidance is given in the upcoming second edition of the risk management standard (expected to be published in 2006).

Risk management thus places the responsibility for defining and establishing the safety of medical devices squarely in the hands of the organization best suited to know the potential hazards of the product and provides a well-managed process for ensuring product safety.

Questions may be directed to the author at iec_iso@aium.org.

- John Abbott, PhD,
IEC Liaison for the AIUM