Risk Management in Medical Devices Industry 2017

Overview:

Gaps, incorrect or incomplete implementation of software can delay or make the certification/approval of medical products impossible. Most activities cannot be retroactively performed since they are closely linked into the development lifecycle. Diligent, complete and correct implementation of risk management from the start of product development is therefore imperative. This course will introduce all necessary steps to design, implement and test critical medical device software in a regulatory compliant environment. Software risk management has to be embedded into the bigger scope of overall risk management. Therefore this course will additionally address the system level risk management and the resulting interfaces to software.

To comprehensively summarize all risk related activities and to demonstrate the safe properties of a device the 'Safety Case' or 'Assurance Case' document is a well-established method to collect all safety related information together in one place. This documentation will most likely become mandatory for all devices (currently only required for FDA infusion pump submissions). This course will introduce the basic concepts and content of safety assurance cases and will illustrate the usefulness for internal and external review of safety related information.

Who Will Benefit:

The course will introduce the main elements of risk management with emphasis on software issues and the application of risk management principles and requirements to the medical device development cycle. Risk management has become the method of choice to ensure an effective and safety oriented device development. International consensus, reflected in globally applicable standard requirements, has led to risk management being a mandatory component of almost any activity in the medical device industry.

The course will emphasize the implementation of risk management into the development and maintenance process. It will use real-life examples and proven tips and tricks to make the application of risk management a practical and beneficial undertaking. This seminar will address the system level issues of risk management as well as the increasingly important software related issues of critical systems. It will help to comply with regulatory requirements with minimized overhead and resource burden. To make the combines effort to design, implement and verify a safe device transparent the concept of an assurance case will be introduced.

The course is mainly based on international consensus requirements such as ISO14971 and IEC62304.

Following personnel will benefit from the course:

·         Senior Quality Managers

·         Quality Professionals

·         Regulatory Professionals

·         Compliance Professionals

·         Project Managers

·         Design Engineers

·         Software Engineers

·         Process Owners

·         Quality Engineers

·         Quality Auditors

·         Medical Affairs

·         Legal Professionals

Agenda:

Day 1 Schedule

Lecture 1:

Introduction into Risk Management and Quality System Integration

• Why risk management?
  • Historical perspective
  • International regulatory / statutory requirements
• Risk Management Lifecycle and stakeholders
  • Over-reaching concept
  • Integration into ISO13485
  • Lifecycle steps
• Risk Management Benefits
  • Liability issues
  • Streamlining product development
  • Improving product safety and quality
• How to Implement Risk Management into ISO13485
  • SOP framework
  • Planning and execution
  • Monitoring and control
• Tips and tricks

Lecture 2:

Risk Management to ISO 14971:2012

• Risk Management Planning
• Risk Management Life Cycle
• Hazard Identification
  • Hazard Domains
  • Hazard Latency Issues
  • Risk Rating Methods
• Initial (unmitigated) Risk Assessment
• Mitigation Strategies and Priorities
• Mitigation Architectures
  • Alarm Systems as Mitigations
  • Risk Control Bundles
• Post Mitigation Risk
• Residual Risk
  • Safety Integrity Levels
• European special requirements (Z-Annexes)
• Safety Requirements
• Hazard Mitigation Traceability
• Verification Planning
• Architectures, Redundancy and Diversity
• Failure Mode and Effect Analysis
• Tips and Tricks
• Q&A

Day 2 Schedule

Lecture 1:

Software Risk Management (IEC62304 / FDA software reviewers' guidance):

• Critical Software Issues
• Software Hazard Mitigation Strategies
• Software Item, Unit and System Definition
• Software Failures as Hazard Sources
• Software Requirements and Design Specification
• Software Tools and Development Environment
• Software Unit and Integration Testing
• Real-Time System Challenges
• Software Verification and Validation
• Mitigation Traceability and Effectiveness
• Software Maintenance and Configuration Control
• Software Risk Management Process integration into ISO14971
• Legacy Software issues
• FDA documentation requirements
• Upcoming changes in IEC62304:2014
• Tips and Tricks
• Q&A

Lecture 2:

Safety / Assurance case

• Safety classes
  • Basic Safety / Environment
  • Essential performance
• Documentation of Basic Safety
  • Electrical Safety
  • Mechanical Safety
  • EMC / RFI safety
  • Safety margins
• Documentation of essential performance
  • What is essential performance?
  • Device architectures and mitigation allocation
  • Device specific mitigations
  • Software mitigations
• External safety
  • User intervention and alarms
  • Organizational measures
  • Levels of protection concept
• Verification of safety properties
  • Type testing
  • Sample testing
  • Software verification testing
  • Inspections
  • Analyses
• Assurance case vs. Risk Management Report
  • General safety and hazard avoidance
  • Device / application specific issues
• Tips and Tricks
• Q&A

Speaker

Principal Consultant, System Safety Inc.