For medical device manufacturers, patient safety is always paramount, but right now, in light of the COVID-19 pandemic, it is definitively top of mind.

As such, implementation of an effective risk management program is critical to helping manufacturers determine the safety of their medical devices throughout the product lifecycle. And while risk management activities are paramount to patient safety, they are also required by regulatory and other quality management standards.

Regulatory Requirements

These requirements are reflected in EU MDR, FDA QSR, ISO 14971:2019, and ISO 13485:2016.  The regulations and standards have a lot in common. In all regulations and standards:

• Products are required to achieve the performance intended and must be designed and manufactured to fulfill their intended purpose. The product must not compromise safety and the individual and cumulative risks must be outweighed by the clinical benefit.
• Risk management is emphasized  as an iterative process to be applied throughout the entire lifecycle of a product.
• The identification of the hazards, hazardous situations, and harms is required.
• Risk control and the risk control measures taken as well as the determination of risk acceptability is core to the process.

Complexity of Risk Management

Risk management, on the surface, is a simple process. It is defined as the systematic application of management policies, procedures and practices needed to analyze, control and monitor risk. This process begins by identifying and analyzing potential product risks and includes the evaluation of risk severity. Next, an organization must take steps to mitigate or control those risks. Finally, those controls must be monitored over time.

The complexity of risk management comes from the fact that it is an iterative process, whether you’re developing a new product or updating an existing product. It is very likely that the tasks of the identification and analysis of risk, the evaluation of risk severity, and the development of risk controls will be recurring activities. For example, the introduction of risk controls can, and often do, introduce new risks. These new risks need to be evaluated and controlled if needed.

A second complexity of risk management is that it is very data intensive in nature, and often organizations do not have enough data to accurately quantify risk, especially for new devices. However, gathering all the data needed to properly monitor risks once a product has gone into production can also be a challenge. The fact that the assessment of severity and probability can be subjective, based on the individual bias of the assessor, adds to this challenge.

Risk in the Quality Ecosystem

Effective product risk management requires a systematic, process-driven approach that is a function  of a larger, enterprise Quality Management ecosystem. Including risk management in the overall Quality Management System (QMS) will ensure that a consistent, yet flexible, process is in place aiding in the achievement of a robust, accurate product risk assessment. It will also aid in identification of all Quality Records that are pertinent to the risk monitoring process as all product nonconformances, CAPAs, deviations, audit findings, material inspections, and complaints are part of that ecosystem. 

Defensive Strategy for Risk Minimization

When selecting an automated product risk management solution, medical device manufacturers and other life sciences organizations would best be served by one that enables them to streamline their existing product risk management process. Features to look for in an effective solution would include, at the ground level, a compliant, policy-driven workflow based on ISO 14971 that simplifies the process of managing risk by unifying all risk information in a single location. It should also provide control “gates” to ensure that each step of the risk management process is correctly completed, documented, and approved before proceeding through to the next stage of the process. It also should ensure that tasks are completed and reviewed by individuals that have been suitably trained and have the right experience.

In the post-market phase, that risk management system will permit easy access to the original risk management records, allowing simple updating where risk parameters have changed through additional post-market use and/or design changes to the product.

Through a single integrated system that collects and manages all risk-related activities in these manners, inconsistent risk assessments are no longer an issue. By defining specific risk policies and thresholds through the ISO 14971 policy-driven workflow, such a product risk solution ensures that consistent documentation is generated and saved through the product risk assessment.

SmartSolve® QMS – A Proven Solution

IQVIA SmartSolve® Risk Management features all of those features out of the box, allowing manufacturers to obtain a complete and accurate picture of risk across product lines, enabling the identification, mitigation, and prevention of potential risk as early as possible. Traceability of the Risk Management process within SmartSolve Risk Management is easily achieved as the process ensures that all the necessary supporting documents are referenced and accessible through the eQMS.

By integrating product risk management into the greater Quality ecosystem, medical device makers can break down data silos and avoid costly and time-consuming errors, helping to drive quality improvement and improve overall quality system effectiveness.

Patient Safety Today and Tomorrow

As the fight against COVID-19 forges on, IQVIA is mobilizing its capabilities and resources to help governments, patients, healthcare providers, life sciences, and others understand what’s happening and how we can reduce the impact of this virus, together.

Above all, we are committed to helping everyone in healthcare to do what needs to be done to keep things moving forward in this new reality. This includes reinforcing patient safety in any scenario.