Bringing Legacy Medical Devices into Usability Compliance. Shannon Clark 4/29/2015

Similar documents
RISK MANAGEMENT POLICY

2015. All rights reserved.

Edwin Lindsay Principal Consultant. Compliance Solutions (Life Sciences) Ltd, Tel: + 44 (0) elindsay@blueyonder.co.

Guidance for Industry: Quality Risk Management

ISO 14971: Overview of the standard

Risk Assessment for Medical Devices. Linda Braddon, Ph.D. Bring your medical device to market faster 1

Information Security Team

Quality Assurance. Disclosure for Lilli Møller Andersen. No relevant financial relationships exist for any issue mentioned in this presentation

Software-based medical devices from defibrillators

Title: Basic Principles of Risk Management for Medical Device Design

Medical Software Development. International standards requirements and practice

Introduction into IEC Software life cycle for medical devices

identify hazards, analyze or evaluate the risk associated with that hazard, and determine appropriate ways to eliminate or control the hazard.

FDA Perspectives on Human Factors in Device Development

Guidance Notes for Applicants of the Certificate for Clinical Trial on Medical Device

Overview of International Medical Device Human Factors Standards. Ed Israelski PhD, Director of Human Factors Abbott Abbott Park, IL, USA

QMS for Software as a Medical Device [SaMD] Lessons Learned from a Quality Perspective

Taking Information Security Risk Management Beyond Smoke & Mirrors

FINAL DOCUMENT. Implementation of risk management principles and activities within a Quality Management System. The Global Harmonization Task Force

a Medical Device Privacy Consortium White Paper

Supplier Performance Management Guide

SEMETS3-70 Performing engineering software safety assessments

Medical Device Reporting (MDR) 21 CFR Part 803

Risk Management and the Impact of EN ISO 14971:2012 Annex Z

Vigilance Reporting. Vicky Medley - Head of QMS, Medical Devices. September Copyright 2015 BSI. All rights reserved.

Medical Device Software Standards for Safety and Regulatory Compliance

Healthcare risk assessment made easy

Hazard Identification, Risk Assessment and Management Procedure. Documentation Control

Introduction to Risk Management for Software Projects. Peter Kolb. Distributed and Outsourced Software Engineering, ETH Zurich

Nova Scotia EMO. Hazard Risk Vulnerability Assessment (HRVA) Model. Guidelines for Use. October, 2010

WHITEPAPER: SOFTWARE APPS AS MEDICAL DEVICES THE REGULATORY LANDSCAPE

How to Use the Design Process to Manage Risk: Elements of Design Controls and Why It Matters

CAPA Issues and Pitfalls

How To Manage Safety Risk In Aviation

8 Critical Success Factors When Planning a CMS Data Migration

MODEL REGULATION SAFETY MANAGEMENT SYSTEM REGULATION. International Civil Aviation Organisation

The Lowitja Institute Risk Management Plan

Quality Risk Management - The Medical Device Experience. Niamh Nolan Principal Design Assurance Engineer Boston Scientific

Risk Methodology. Contents. Introduction The Risk Management Structure The Risk Management Cycle Methodology...

Second Clinical Safety Review of the Personally Controlled Electronic Health Record (PCEHR) June 2013

BSI Road Show: September 8 th to 15 th, 2014

Risk Mitigation, Monitoring and Management Plan

Usability of Medical Applications Ved Line Kagenow Svenstrup,

FUNBIO PROJECT RISK MANAGEMENT GUIDELINES

OH&S Management Systems Audit Checklist (NAT, E3)

Space project management

IT Project Management Methodology. Project Risk Management Guide. Version 0.3

Corporate risk register

DRAFT RESEARCH SUPPORT BUILDING AND INFRASTRUCTURE MODERNIZATION RISK MANAGEMENT PLAN. April 2009 SLAC I

Network Risk Assessment Guideline

Media fills Periodic performance qualification (Re-Validation)

How To Write Software

Step 4. Monitor / Review Control Measures

Technical Support Policies

OVERVIEW. In all, this report makes recommendations in 14 areas, such as. Page iii

Risk Management. Policy

Risk Assessment Worksheet and Management Plan

Rulemaking Directorate. Preliminary Regulatory Impact Assessment Explanatory Note 2012/2013

Poten&al Impact of FDA Regula&on of EMRs. October 27, 2010

Health Informatics Application of clinical risk management to the manufacture of health software Formerly ISO/TS 29321:2008(E) DSCN14/2009

Core Infrastructure Risk Management Plan

Internal Audit Report Disaster Recovery / Business Continuity Planning

Contractor Performance Report Scoring Guide

Document issued on: May 11, 2005

Risk Management in IEC rd Edition. Presented by Alberto Paduanelli Medical Devices Lead Auditor, MHS-UK, TÜV SÜD Product Service

RISK MANAGEMENT IN THE NATIONAL SYSTEM A PRACTICAL GUIDE

STAINLESS STEEL TANK TABLE OF CONTENTS TROUBLESHOOTING... 1 TESTING WATER TEMPERATURE... 3 TANK & JACKET ASSEMBLY... 4.

Transition Guidelines: Managing legacy data and information. November 2013 v.1.0

REQUIREMENTS OF SAFETY MANAGEMENT SYSTEM

Open call for tenders No 01/2102/12

FINAL DOCUMENT. Global Harmonization Task Force

RISK MANAGEMENT FOR INFRASTRUCTURE

Risk Management & Assessment at UQ

The FDA Perspective on Human Factors in Medical Device Software Development

SCHEDULE 25. Business Continuity

Risk Management Strategy and Policy. The policy provides the framework for the management and control of risk within the GOC

Incident Reporting Procedure

Board of Directors Meeting 12/04/2010. Operational Risk Management Charter

Risk Management Policy

Medical Device Software Do You Understand How Software is Regulated?

Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Four

Basic Fundamentals Of Safety Instrumented Systems

Procenter Delivery System* Troubleshooting Charts

INTRODUCTION. This book offers a systematic, ten-step approach, from the decision to validate to

Integrating System Safety and Software Assurance

The document you download is the copyright of ISO, and may not be stored, reproduced, transferred or resold by any means, except as follows.

CONTRACTOR AND SUPPLIER INSURANCE REQUIREMENTS

Inform II. Quick Reference Guide. for Healthcare Professionals BLOOD GLUCOSE MONITORING SYSTEM

ASK THE EXPERT: Burner Troubleshooting Information & Maintenance

Guide for Custom-Made Dental Device Manufacturers on Compliance with European Communities (Medical Devices) Regulations, 1994

Civil & Environmental Engineering

SEMETS3-68 Performing engineering software configuration management

Smart Meters Programme Schedule 8.6. (Business Continuity and Disaster Recovery Plan) (CSP North version)

Application of Quality Risk Management to Pharmaceutical Operations. Eldon Henson, Vice President, Quality Operations

IT Security Risk Management Model for Cloud Computing: A Need for a New Escalation Approach.

RISK MANAGEMENT POLICY. Version 3

Transcription:

Bringing Legacy Medical Devices into Usability Compliance Shannon Clark 4/29/2015

Agenda What is a legacy device? Background on Usability Engineering Standards What is the roadmap for bringing legacy devices into compliance? How do I actually follow the roadmap?

What is a Legacy Medical Device? A Legacy medical device is a device that was developed without following the Usability Engineering Process

Example 1: Existing Device Image source: http://www.troymedia.com/2015/01/22/howto-eliminate-mri-wait-lists-in-the-alberta-health-system/

Example 2: Modified Hardware Image source: http://www.eastbourneeyeclinic.co.uk/ cataract-surgery/phacoemusification-cataract-surgery

Example 3: Modified Software Image Source: http://www.angieslist.com/files/styles/nodimensions/public/null/ultrasound.jpg?itok=j8ckrxfh

Usability Engineering Process Standard, IEC 62366 Application of usability engineering to medical devices

History of IEC 62366 2012 2013 2014 Present IEC 62366:2007 IEC 62366:2014 IEC 62366-1:2015

History of IEC 62366 2012 2013 2014 Present IEC 62366:2007 IEC 62366:2014 IEC 62366-1:2015 Annex K Usability Engineering Process for Legacy Devices

IEC 62366:2014, Annex K: Usability of Unknown Provenance (UOUP)

Usability Engineering File

Usability Engineering File for legacy device

Summary of Known Use Errors Identify, record, and evaluate hazard-related use scenarios from the field

Use-Related Risk Analysis Review Risk Analyses to ensure that hazards and hazardous situations associated with Usability have been identified and documented Prepare a FULL Use- Related Risk Analysis

Incomplete Use-Related Risk Analysis: Hazard Harm Severity Likelihood RPN User Error led to device malfunc3on Pa3ent injury 5 1 5 User uses device past expira3on Pa3ent injury 9 1 9

Incomplete Use-Related Risk Analysis: Hazard Harm Severity Likelihood RPN User Error led to device malfunc3on Pa3ent injury 5 1 5 User uses device past expira3on Pa3ent injury 9 1 9

Primary Operating Functions Document the Primary Operating Functions

Application Specification (Use Specification) Record the Application Specification Ensure its contents are in the Instructions for Use

Usability Engineering File List document part numbers in a record

Recommended Project Workflow Review existing Risk Analyses Identify Primary Operating Functions, Users, and Use Environments Draft Use-Related Risk Analysis Research Complaints and Draft Summary of Known Use Errors Finalize Use-Related Risk Analysis & Summary of Known Use Errors Is Residual Risk Acceptable?

Recommendations Use the user manual as a starting point Add Application Specification to the User Manual Requirements Document Update Usability Engineering Standard Operating Procedure to address Legacy products

Recommendations Legacy Device Known Use Error Summary Design Input

Proposed Outline for a Known Use Error Summary I. Introduction II. Methodology III. Field Actions/Recalls related to use error IV. CAPAs related to use error V. Use-related MDRs VI. Use-related General Complaints (if needed) VII. Conclusion as to whether product is safe with respect to usability

The Question

The Question Is our on-market product safe enough?

Post-Market Surveillance Process Complaint Tracking and Trending Escalation Meeting CAPA? Field Action? Continue to Monitor?

Post Market Surveillance If we adequately capture, process, and track use-related complaints,

Post Market Surveillance If we adequately capture, process, and track use-related complaints, then we know that our products present acceptable usability risk profiles to patients and users

Classic Post-Market Pitfall Malfunction replicated Take Action Yes Complaint Device Returned for Evaluation? Malfunction not replicated No Complaint is Unconfirmed/No Trouble Found No Further Action

Known Use Error Summary Retrospectively try to find the events that were previously missed The ultimate question here is, Was there a complaint trend that we missed, which should have led to a CAPA or Escalation, but then it did not?

Complaint Hierarchy Complaints Non-safety-related complaints MDRs Product Malfunctions Adverse Events Harm occurred

Complaints Risk Analysis Complaints N/A MDRs Hazardous Situations (including near-misses) Adverse Events Harm

Use-Related Risk Analysis Adverse events inform likelihood of occurrence for risks # Instances of harm # Instances of use # Adverse Events # Instances of use

Example Use-Related Risk Analysis Task Use Error Hazardous Situa;on Harm Severity Likelihood Risk Index Tubing falls out Insert Yellow Tubing Yellow Tubing and tube Significant in the receptacle and confirm insufficiently outputs do not seated in the provide delay as the the Moderate Improbable 3 - Tolerable situa3on is properly seated receptacle adequate flow resolved. Press the Yellow Tubing valves into the outer receptacles User unable to push valves into receptacles and installs incorrect por3on of tubing instead Flow is Loss of restricted, func3onality leading to lower leads to minor flow rate and devia3on in lack of effect. workflow. # Adverse Events # Instances of use Negligible Remote 4 - Broadly Acceptable

Drawbacks Complaints can be under-reported Complaints can be vague, incomplete, and inaccurate

Addressing Vague Complaints ORIGINAL RISK: NEW RISK: Use Error Hazardous Situa;on Harm Severity Likelihood Risk Index Tubing falls out Yellow Tubing and tube insufficiently outputs do not seated in the provide Significant delay as the the Moderate Improbable 3 - Tolerable situa3on is receptacle adequate flow resolved. Hazardous Situa;on Harm Severity Likelihood Risk Index Inadequate flow leads to delay. May occur due to: - Insufficiently sea3ng the tubing - Damage to the port due to Moderate Remote 3 - Tolerable - - dropping Use of the incorrect disinfectant wipe during cleaning Tubing is kinked Significant delay as the the situa3on is resolved.

Residual Risk Acceptability If # Adverse Events # Instances of use UNACCEPTABLE then we know that our product presents UNACCEPTABLE usability risk profiles to patients/users

Residual Risk Acceptability If # Adverse Events # Instances of use UNACCEPTABLE then re-design the device.* *If re-design is not possible, updating the IFU (if such a change would be effective in mitigating the risk). If addressing the use error is not possible, perform a Risk/Benefit Analysis

Conclusion Legacy medical devices should conform to IEC 62366 The Post-Market Surveillance process is essential for confirming product safety

Questions? Shannon E. Clark, P. E. (650) 996-7480 shannonelizabethclark@gmail.com www.userwiseconsulting.com

BACKUP SLIDES

THE FUTURE: IEC 62366-1:2015, Annex C Usability of Unknown Provenance (UOUP) No longer have to update Accompanying document No longer have to record Primary Operating Functions