Risk Analysis
68
1 To err is human Pete Davis VP of Research & Development Neomend a subsidiary of Bard Davol
-
Upload
ubmcanon -
Category
Technology
-
view
356 -
download
0
description
Pete Davis, VP Research & Development Neomend
Transcript of Risk Analysis
1
To err is human
Pete Davis
VP of Research & Development
Neomend a subsidiary of Bard Davol
2
Really – an R&D guy
presenting risk
analyses??
Risks exist because perfection doesn’t!
3
Communicating to
Management the Value of
Risk Management
4
5
Risk Analysis Steps
• Why Risk Management
• Why ―Communicate‖
• Doing a Hazard Analysis...quickly
• How to ―Communicate‖ to ―Them‖
6
What is important
• It’s about the Specs!
• “A problem well defined is a
problem half solved.”
• John Dewey
7
What does Quality ―control‖?
8
Quality
• Does not Design.
• Does not Manufacture.
• Does not Distribute.
• Use? Possibly.
• Words – No.
• Control? Yes.
9
Again, what does quality
―control‖?
10
Think about these?
11
Any impact on
•Customers
•Patients
•Business
•Environment
12
Thoughts?
13
• ISO 11540:1993 - Caps for writing and marking instruments
intended for use by children up to 14 years of age -- Safety
requirements
• Specifies safety requirements for cap size, ventilated caps
(vent area, air flow) and marking. Annex A describes the
test for air flow. Caps which do not comply should have
the instrument or its packaging labelled with a warning as
to the dangers of asphyxiation from pen caps.
• ASTM D4236 - 94(2005) Standard Practice for Labeling Art
Materials for Chronic Health Hazards
• Scope 1, 1.1... chronic health hazards known to be
associated with a product or product component(s), when
the component(s) is present in a physical form, volume, or
concentration that in the opinion of a toxicologist (see
2.1.11) has the potential to produce a chronic adverse
health effect(s).
Writing Instrument Standards
H
i
g
h
l
i
g
h
t
e
r
14
Importance of Risk Management
• Prepare and respond to your Customers!
• Business strategy
• Business security
• Provide a Competitive advantage
• Communicate information
• Good news
• Bad news
• Not counting everything else
– Regulatory requirement
15
Evolving Process
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
Feasiblity
and Research
Prototyping Development Clincal Trial Distribution Post-Market
Survellance
Known Unknown = Risk
Risk needs a multi-functional approach!
16
New requirements
• Medical Device Directive 93/42/EEC (M5)
• Add’s Usability - See Annex I, 1st paragraph
• Subset of Risk Management
• EC 62366 - Medical devices -- Application
of usability engineering to medical devices
17
Structure
Design (ISO
14971)
Process (ISO
14971)
Usability (EC
62366)
New Risks?
Risk Analysis
process
Mitigation & Control
What is Usability
• Usability is a characteristic of the User Interface that
establishes Effectiveness, Efficiency, ease of User learning and
User satisfaction.
• Medical practice is increasingly using Medical Devices for
observations and treatment of patients. Use Errors caused by
inadequate Medical Device Usability have become an
increasing concern. Many of the Medical Devices developed
without applying a Usability Engineering Process are non-
intuitive, difficult to learn and to use.
• The Usability Engineering Process is intended to achieve
reasonable Usability, which in turn is intended to minimize Use
Errors and to minimize use-associated Risks.
18
What is Usability
• The Usability standard specifies a Process for a Manufacturer
to analyze, specify, design, Verify and Validate Usability, as it
relates to Safety of a Medical Device. The Engineering
Process assesses and mitigates Risks caused by Usability
problems associated with Correct Use.
• If the Usability Engineering Process has been complied with
and the acceptance criteria documented in the Usability
Validation plan have been met then the Residual Risks are
presumed to be acceptable.
19
What is Usability?
20
21
Risk Management System
• ISO 14971: Medical devices — Application of risk
management to medical devices
• Selected definitions
• Risk Management Sections
• Areas that feed into Risk Management
• Performing a Risk Analysis
22
Risk
• Risk has two components:
• a) the probability of occurrence of harm;
• b) the consequences of that harm, that is, how
severe it might be.
23
Definitions
• Risk (as defined by dictionary.com) –
• exposure to the chance of injury or loss; a
hazard or dangerous chance
• harm -
• physical injury or damage to the health of
people,
• or damage to property or the environment
• hazard - potential source of harm
24
Definitions Cont’d
• hazardous situation - circumstance in
which people, property, or the environment
are exposed to one or more hazard(s)
• New consideration
• residual risk - risk remaining after risk
control measures have been taken
• Note: not mitigation
25
Definitions Cont’d
• risk - combination of the probability of occurrence
of harm and the severity of that harm
• risk analysis - systematic use of available
information to identify hazards and to estimate the
risk
• NOTE Risk analysis includes examination of
different sequences of events that can produce
hazardous situations and harm.
26
Do you want more definitions?
• Pressure is identifying a problem before launch!
• Yes
• No
27
More
• risk assessment - overall process comprising a
risk analysis and a risk evaluation
• Risk analysis + Risk evaluation
• risk control - process in which decisions are made
and measures implemented by which risks are
reduced to, or maintained within, specified levels
28
More
• risk estimation - process used to assign values to
the probability of occurrence of harm and the
severity of that harm
• risk evaluation - process of comparing the
estimated risk against given risk criteria to
determine the acceptability of the risk
29
More
• risk management - systematic application of
management policies, procedures and practices
to the tasks of analyzing, evaluating, controlling
and monitoring risk
• risk management file - set of records and other
documents that are produced by risk
management
• safety - freedom from unacceptable risk
30
5 Steps
1. Risk analysis
2. Risk evaluation
3. Risk control
4. Overall residual risk evaluation
5. Production and post-production information
31
Risk Control Order
• ―...risk control options in the priority order listed...‖
a) inherent safety by design;
b) protective measures in the medical device itself
or in the manufacturing process;
c) information for safety.
32
Structure
Design (ISO
14971)
Process (ISO
14971)
Usability (EC
62366)
New Risks?
Risk Analysis
process
Mitigation & Control
33
ISO 14971 Flow Chart
• Do you want to see them?
• Yes
• No
34
Risk Analysis
35
Risk Analysis
36
Risk control
37
Overall residual
risk evaluation
37
38
Production and post-production information
39
Risk Management Report
• Prior to release for commercial distribution
• ―Audit‖ the risk management process.
• Ensure that:
• the risk management plan has been
appropriately implemented;
• the overall residual risk is acceptable;
• appropriate methods are in place to obtain
relevant production and post-production
information.
40
Risk Management Report Cont’d
• The results of this review shall be recorded as the
risk management report and included in the risk
management file.
• The responsibility for review should be assigned
in the risk management plan to persons having
the appropriate authority.
• Compliance is checked by inspection of the risk
management file.
41
Pre control?
Occurrence = 100%
42
Risk: Combination of
Occurrence and Severity
Severity
Neither of the
others
Medical
Intervention Death
ALARP
Acceptable
Acceptable
Reduce
Acceptable
ALARP
Reduce
ALARP
Reduce
Low
Med
High
Occurrence
43
Sources of information
Risk
Mgt
Design
Customers
Competitive Products
Monitoring Feed
back
Patent filings
Internal experience
44
At your company?
•Risk Management Procedure
•Risk File
45
The Risk/Hazard Analysis Process
• Fun & Challenging
• Exciting & Tense
• Fulfilling & Thorough
• Better than climbing Everest
• Memorable
• More?
46
An Alternative Risk ―Analysis‖
Activity People Duration
Risk analysis Team 1-2 days
Risk evaluation 1-2 (max) 1 day
Risk control Team via email TBD
Overall residual risk
evaluation Team 1 day
Review and approve entire
document Team TBD
47
Consider the following order
• Usability Risk Analysis • Only focus is Use, User, and Hazardous Situations
• Design Risk Analysis • Only focus is Design
• Usability is Input to Design
• Process Risk Analysis • Only focus is Processes
• IFU/Labels • Perform Usability Design Review
48
Which is ―Best‖
• Do what is
• Effective
• Efficient
• Increases information
49
Part 1 - Risk Analysis
• Address only
• Harm
• Severity
• Hazardous situations
• No numbers!
• 1 day typical
• 2 days if absolutely necessary
• Very complex product?
• Break into smaller chunks
50
Part 2 - The ―Numbers‖
Severity Likelihood of Occurrence
3 - Death or Medical Intervention,
Malfunction (reported to
authorities)
ALARP Reduce Reduce
2 - Product Specification,
Packaging, Labeling(reportable to
authorities)
Acceptable ALARP Reduce
1 - No or little (trivial) harm Acceptable Acceptable ALARP
Occurrence > 1 - Low 2 - Medium 3 - High [1]
ALARP = As low as reasonably practicable
51
Part 2 - Risk Evaluation Phase
• Addressed by select subset of the Team
• The ―others‖ will be able to comment on later.
• Skill set
• Product use
• Human impact (clinical / safety issues)
52
Part 3 - Risk Control
• This is where the work begins.
• How is Risk controlled?
• How is risk control demonstrated?
53
Populate the list in these phases
• Design (show how risk is controlled by the design)
• Documents
• Procedures, reports...
• Return to ―Control person(s)‖
54
Part 4 - Post-control Numbers
• Back to the ―2‖ people.
• They fill-in the numbers.
55
Next
• Production (show how risk is controlled)
• Documents
• Procedures and reports
• No inspection references
• Return to ―Control person(s)‖
56
Next
• Labeling (show how risk is controlled)
• Reference the IFU/DFU ....
• Identify the specifics
• Labeling is the risk control point of last resort
• Return to ―Control person(s)‖
57
Part 4 - Post-control Numbers
• Back to the ―2‖ people.
• They fill-in the numbers.
• Draft the ―final‖ version
58
Part 5 - Overall Risk Phase
• Team regroups
• Reviews and comments
• Do a red-face test on the numbers
• Hopefully little adjustment
• Confirm the post control numbers
• Agree that the overall risk is acceptable
59
Summary Risk Statement
• Risk Analysis: Product name (version?)
• Performed per ISO 14971 (2007)
• The overall risk is acceptable using the criteria
defined in the Risk Management Plan (Procedure
???, Rev. ?)
60
Risk analysis = Done!
61
Doing a Risk ―Analysis‖
Activity People Duration
Risk analysis Team 1-2 days
Risk evaluation 1-2 (max) 1 day
Risk control Team via email TBD
Overall residual risk
evaluation Team 1 day
Review and approve entire
document Team TBD
62
Communicating
• Telling good news is easy!
• Keeping bad news quiet is easy!
• Telling bad news is the hard!
63
What I Look For
• Facts...not Fiction
• Solutions...not the problem(s)
• Remember one of the 1st slides?
• Timing, $$, resources
• Impact on the Business.
• Recovery strategy & solutions
64
Example
1. A ―clearly defined‖ problem statement
2. Action plan
• Containment + Corrective + Preventive
3. Solution (or high likelihood options)
4. Non-people resources (Est. $$’s)
5. People resources needed for success
6. Timing - estimated completion date
7. Impact of the ―do nothing‖ option
• Without mentioning regulations or agencies?
65
―How‖ is the Risk standard set?
• Who
• How / Where
• When
• Why
66
Who ―sets‖ the standard?
• Management (Them...careful We are Them)
• By approval of the Risk Management
Procedure
• By review of information provided at
Management Review
• Assumes information is being provided
• By supporting and implementing related
change
67
Is complacency an option?
68
Questions & Answers
