Risk Management approach for IVDs

in light of ISO 14971 Ed.3 and IVDR

Emilia Berg, Design Quality Assurance Manager,
Roche Diagnostics
Agenda

What’s new – ISO 14971 Ed. 3

What’s new - IVDR

Holistic approach for IVD Risk management

Closure

3
What’s new – ISO 14971 Ed. 3

What’s new - IVDR

Holistic approach for IVD Risk management

Closure

4
What’s new – ISO 14971 Ed. 3
Overall risk management approach
unchanged

Two types of Harm of an IVD:

• Direct Harm to Operator;
Voltage, Pressure,
Infection…
• Indirect Harm to Patient;
False information 
Wrong or Delayed
treatment
What’s new – ISO 14971 Ed. 3
Clarification, Explanation, Elaboration

• Scope:
– Includes data and system security

• New / Updated definitions

– Reasonably foreseeable misuse (≠ ‘Abnormal use’ per IEC 62366-1:2015)
– Benefit
– State of the art
– Harm (physical injury …) E.g.
• Use of expired or unqualified
 Increased focus on: reagents or consumables
• Negligence of quality control,
– Evaluation of overall residual risk
calibration or maintenance tasks
– Benefit-risk assessment • Use outside specified environmental
– Production and post production activities conditions
What’s new – ISO 14971 Ed. 3

What’s new - IVDR

Holistic approach for IVD Risk management

Closure

7
What’s new - IVDR
Increased focus on Risk Management

IVDD IVDR
Nr. of pages 37 157
Mention of «Risk» 34 152
Mention of «Risk management» 0 32
Mention of «Benefit» 1 38

…starting with risk based device classification A,B,C,D

What’s new - IVDR
Increased focus on risk management
What’s new - IVDR
Risk Management System must be
interdependent Risk Management
Annex I; Chapter 1(1-5)

Benefit-
Risk

Performance Post-market
evaluation surveillance
Article 56, Article 78-81,
Annex XIII Part A Annex XIII Part B
 What’s new - IVDR
Essential Requirements (IVDD)
vs. General Safety and Performance Requirements (IVDR)*

New Hazards to consider per GSPR

- Particles and debris

- Unintentional ingress of substances
- Negative interaction between software and the IT environment
- Incorrect identification of specimens
- Foreseeable interference with other devices
- Fitting or refitting parts
- Etc…

*Annex I, Chapter II
What’s new - ISO 14971 Ed. 3

What’s new - IVDR

Holistic approach for IVD Risk Management

Closure

12
Holistic approach for IVD Risk Management
The new approach…
Holistic approach for IVD Risk Management
A first example

14
Holistic Approach for Product Risk Management
Some more examples

Wrong P1 P2
Wrong result Harm to patient
calibration
Electrical P1 P2
Wrong result Harm to patient
interference
P1 P2
Use Error Wrong result Harm to patient

15
Holistic Approach for Product Risk Management
Inner and outer chain risk analysis

16
Holistic Approach for Product Risk Management
Grouping the hazardous situations

Wrong P1 P2
Wrong result Harm to patient
calibration
Electrical P1 P2
Wrong result Harm to patient
interference
P1 P2
Use Error Wrong result Harm to patient

17
Holistic Approach for Product Risk Management
Grouping the hazardous situations

Wrong
calibration
P2
Electrical
interference  P1 Wrong result Harm to patient
Delayed result
Use Error Voltage exposure
Infectious exposure
Data breach
Noise
Etc… 18
Holistic approach for IVD Risk Management
Example – Technical Risk Assessment (inner chain)

Hazardous Risk Control Probability of

Risk Cause Condition Hazard
situation Measures Occurrence

Nearby electrical Normal Biased signal due to Wrong result Measure 1

equipment electromagnetic Measure 2
A interference Measure 3 PA

Neglected Foreseeable Wrong signal due to Wrong Result Measure 1

maintenance Misuse wrong calibration Measure 2
B Measure 3 PB

Wrong sample Use Error Air bubbles in sample Wrong Result Measure 1
treatement path leads to Measure 2
C interference on signal PC

Total probability of “Wrong Result”

P1 =  PA PB PC
Holistic Approach for Product Risk Management
Example – Medical Risk Assessment (outer chain)

Hazardous situation Wrong result

Potential harm Wrong treatment may lead to cardiac arrest

Severity of harm S

Probability that wrong result P2

leads to harm

Rationale for probability Wrong treatment can only occur when additional diagnostics fail and the
(based on chain of events leading patients presents atypical symptoms.
to harm and clinical practice)

20
Holistic approach for IVD Risk Management
Example – Risk management report

Probability of Probability of
Severity of Total Probability of
Hazardous situation Hazardous Potential harm Hazardous Situation Final Risk rating
harm harm
Situation Occurring leading to harm

Wrong result Wrong treatment

P1 leads to cardiac arrest S P2 P = P1 x P2 SxP

Delayed result
Voltage exposure

Infection exposure

Data breach

Noise
Holistic approach for IVD Risk Management
Summary

Inner Chain Outer Chain PI x P2 = P Risk Management

Assessment PI Assessment Report
Technical Medical Benefit-risk ratio
S

Clinical Benefit

State of the art

Hazards, P1

Harm, P2, S
Foreseeable
Intended use
misuse

IT security GSPR

Design Usability
review engineering Performance evaluation and Post-market surveillance

pFMEA dFMEA

22
What’s new - ISO 14971 Ed. 3

What’s new - IVDR

A holistic approach for IVD Risk Management

Closure

23
Doing now what patients need next
Appendix
Risk management and performance evaluation (IVDR)
IVDR Deliverable Interface to risk management Update Device Part of
requirement class.
Performance Evaluation As a general rule, the performance evaluation plan shall include at least: […] as necessary all QMS
Plan - An indication and specification of parameters to be used to determine, based on the state of Assessment
the art in medicine, the acceptability of the benefit-risk ratio for the intended purpose or
purposes and for the analytical and clinical performance of the device
Performance Evaluation The performance evaluation report shall in particular include: […] Class C, D: all Tech. File***
Report - The clinical evidence* as the acceptable performances against the state of the art in Annually
medicine

Post-Market The PMPF plan shall specify the methods and procedures for proactively collecting and as necessary all QMS
Performance evaluating safety, performance and scientific data with the aim of: Assessment
Follow-up Plan (a) confirming the safety and performance of the device throughout its expected lifetime,
(b)identifying previously unknown risks or limits to performance and contra-indications,
(c) identifying and analyzing emergent risks on the basis of factual evidence,
(d) ensuring the continued acceptability of the clinical evidence and of the benefit-risk ratio
referred to in Sections 1 and 8 of Chapter I of Annex I, and
(e)identifying possible systematic misuse.
The PMPF plan shall include at least: […] a reference to the relevant parts of the performance
evaluation report referred to in Section 1.3 of this Annex and to the risk management referred to
in Section 3 of Annex I

Post-Market The conclusions of the PMPF evaluation report shall be taken into account for the performance Class C, D: all Tech file
Performance evaluation referred to in Article 56 and Part A of this Annex and in the risk management Annually
Follow-Up evaluation referred to in Section 3 of Annex I.
Report
Appendix
Risk management and post-market surveillance (IVDR)
IVDR Deliverable Relation to risk management Update Device Part of
requireme class
nt
Post market The post-market surveillance plan shall cover at least […] As all Tech. File
surveillance plan - suitable indicators and threshold values that shall be used in the continuous necessary
reassessment of the benefit-risk analysis and of the risk management as referred
to in Section 3 of Annex I

Post market […] summarizing the results and conclusions of the analyses of the post-market As A, B Tech. File
surveillance report surveillance data gathered as a result of the post-market surveillance plan. necessary

Periodic safety update Throughout the lifetime of the device concerned, that PSUR shall set out: Annually C, D Tech File
report (PSUR) (a) the conclusions of the benefit-risk determination; Class D:
Elec. Sys.

Trend report Manufacturers shall report […] any statistically significant increase in the frequency As all Elec. Sys.
or severity of incidents that are not serious incidents that could have a significant necessary
impact on the benefit-risk analysis referred to in Sections 1 and 5 of Annex I and which
have led or may lead to unacceptable risks to the health or safety of patients, users or
other persons
The manufacturer shall specify how to manage the incidents referred to in the first
subparagraph and the methodology used for determining any statistically
significant increase in the frequency or severity of such events or change in
performance, as well as the observation period, in the post-market surveillance plan
referred to in Article 79.