Risk Management for Medical Device Manufacturers: [MD and IVD]
By Joe W. Simon
()
About this ebook
This book can help you build a bulletproof, risk process. You will learn how:
Designing product and manufacturing processes controls risks
Using consistent language in a holistic, closed-loop risk management system leads to greater efficiency
Creating useable and audit-ready risk documents can support verification/validation (V/V) sampling plans
Developing labels and instructions can help end-users and patients clearly understand the pertinent risks
Creating post-market surveillance (PMS) processes is essential to determine if additional clinical/performance studies are necessary
Joe Simon holds an MBA and has been a member of ASQ since 2008. Over his nearly 30-year career, he worked with numerous companies as an employee and a consultant to build or improve complaint analysis, trending, post-market surveillance (PMS), nonconformance (NC), corrective action/preventive action (CAPA), stewardship, and risk management processes.
Joe W. Simon
Growing up in International Falls, Minnesota (“the icebox of the nation”), Joe started his studies at St. Olaf College but transferred to Bemidji State University where he earned his bachelor of science degree in chemistry (with honors). He later earned a master of business administration (MBA) degree through Jones International University. He has been a member of the American Society of Quality (ASQ) since 2008. Starting out as a bench chemist performing environmental and nutritional labeling testing, Joe rewrote almost every analytical method he touched and developed a few new ones. It was during this time that he learned the importance of accuracy, linearity, range, and (especially) system suitability (for example, reagent blanks, matrix blanks, duplicate samples, blank-spikes, matrix spikes, check samples, etc.) for a test method. He also performed minimum detectable limit (MDL) studies for a battery of herbicides and pesticides. This also introduced him to the concepts of good laboratory practice (GLP) and FDA requirements. He eventually transitioned into pharmaceutical quality assurance and quality control. Working for five years at a pharmaceutical company that was under the FDA’s Application Integrity Policy (AIP), he learned the importance of being transparent with your quality problems and your processes. During his time in pharma, he became familiar with AQL sampling tables and started developing quality trending and metrics. In 2005, Joe started consulting, and his first project was helping a large, multinational medical device manufacturer build process FMEAs for all its products. In the intervening years, he worked with numerous companies to build or improve their complaint analysis, trending, postmarket surveillance (PMS), nonconformance (NC), corrective action/preventive action (CAPA), stewardship, and risk management processes. With more than 25 years of experience, Joe recently retired from consulting. As a manager, he was responsible for direct management of the consulting personnel as well as ensuring the competency, quality, experience, project management, and service excellence of the engagement teams. He helped many companies by teaching them how to be more compliant and efficient. Now that he’s retired, he gets to enjoy spending more time with his family.
Related to Risk Management for Medical Device Manufacturers
Related ebooks
Medical Device: A Primer Based on Best Practices Rating: 0 out of 5 stars0 ratingsMedical Device Reporting A Complete Guide - 2019 Edition Rating: 0 out of 5 stars0 ratingsMedical Device Reporting A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsValidation Master Plan A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsISO 14971 A Complete Guide - 2021 Edition Rating: 1 out of 5 stars1/5ISO 13485 A Complete Guide - 2019 Edition Rating: 0 out of 5 stars0 ratingsValidation Master Plan A Complete Guide - 2019 Edition Rating: 0 out of 5 stars0 ratingsStatistical Methods for Evaluating Safety in Medical Product Development Rating: 0 out of 5 stars0 ratingsValidation A Complete Guide - 2019 Edition Rating: 0 out of 5 stars0 ratingsThe ASQ Certified Quality Improvement Associate Handbook Rating: 0 out of 5 stars0 ratingsData Integrity and Compliance: A Primer for Medical Product Manufacturers Rating: 0 out of 5 stars0 ratingsBasic Statistical Tools for Improving Quality Rating: 0 out of 5 stars0 ratingsQuality Risk Management in the FDA-Regulated Industry Rating: 0 out of 5 stars0 ratingsSoftware Validation A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsComputerized system validation A Complete Guide Rating: 0 out of 5 stars0 ratingsISO 9000: 2000 Auditing Using the Process Approach Rating: 0 out of 5 stars0 ratingsValidation Master Plan A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsValidation master plan Complete Self-Assessment Guide Rating: 0 out of 5 stars0 ratingsCost-Contained Regulatory Compliance: For the Pharmaceutical, Biologics, and Medical Device Industries Rating: 0 out of 5 stars0 ratingsISO 14155 A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsProduction of Plasma Proteins for Therapeutic Use Rating: 3 out of 5 stars3/5ISO 13408 A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsISO 13485 Second Edition Rating: 4 out of 5 stars4/5ISO 14971 A Complete Guide - 2020 Edition Rating: 2 out of 5 stars2/5A History of a cGMP Medical Event Investigation Rating: 0 out of 5 stars0 ratingsLIMS A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsGood Distribution Practices A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsGood Manufacturing Practices A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsChange Control A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsClinical Quality Management System A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratings
Industries For You
Excellence Wins: A No-Nonsense Guide to Becoming the Best in a World of Compromise Rating: 5 out of 5 stars5/5Weird Things Customers Say in Bookstores Rating: 5 out of 5 stars5/5Uncanny Valley: A Memoir Rating: 4 out of 5 stars4/5All the Beauty in the World: The Metropolitan Museum of Art and Me Rating: 4 out of 5 stars4/5YouTube Secrets: The Ultimate Guide to Growing Your Following and Making Money as a Video I Rating: 5 out of 5 stars5/5Setting the Table: The Transforming Power of Hospitality in Business Rating: 5 out of 5 stars5/5Becoming Trader Joe: How I Did Business My Way and Still Beat the Big Guys Rating: 5 out of 5 stars5/5Artpreneur: The Step-by-Step Guide to Making a Sustainable Living From Your Creativity Rating: 2 out of 5 stars2/5YouTube 101: The Ultimate Guide to Start a Successful YouTube channel Rating: 5 out of 5 stars5/5INSPIRED: How to Create Tech Products Customers Love Rating: 5 out of 5 stars5/5Music Law: How to Run Your Band's Business Rating: 0 out of 5 stars0 ratingsGrocery: The Buying and Selling of Food in America Rating: 4 out of 5 stars4/5Pharma: Greed, Lies, and the Poisoning of America Rating: 5 out of 5 stars5/5Sweet Success: A Simple Recipe to Turn your Passion into Profit Rating: 5 out of 5 stars5/5Bad Pharma: How Drug Companies Mislead Doctors and Harm Patients Rating: 4 out of 5 stars4/5Fast Food Nation: The Dark Side of the All-American Meal Rating: 0 out of 5 stars0 ratingsHow We Do Harm: A Doctor Breaks Ranks About Being Sick in America Rating: 4 out of 5 stars4/5The Best Story Wins: How to Leverage Hollywood Storytelling in Business & Beyond Rating: 5 out of 5 stars5/5The House of Gucci: A True Story of Murder, Madness, Glamour, and Greed Rating: 4 out of 5 stars4/5Shopify For Dummies Rating: 0 out of 5 stars0 ratingsSummary and Analysis of The Omnivore's Dilemma: A Natural History of Four Meals 1: Based on the Book by Michael Pollan Rating: 0 out of 5 stars0 ratingsDisney's Land: Walt Disney and the Invention of the Amusement Park That Changed the World Rating: 4 out of 5 stars4/5
Reviews for Risk Management for Medical Device Manufacturers
0 ratings0 reviews
Book preview
Risk Management for Medical Device Manufacturers - Joe W. Simon
Risk Management for Medical Device Manufacturers
● ● ●
Joe Simon
Quality Press Milwaukee, Wisconsin
American Society for Quality, Quality Press, Milwaukee, WI, 53203 All rights reserved. Published 2022.
© 2022 by Joe Simon
No part of this book may be reproduced in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of the publisher.
Publisher’s Cataloging-in-Publication data
Names: Simon, Joe W., author.Title: Risk management for medical device manufacturers / Joe Simon.Description: Includes bibliographical references and index. | Milwaukee, WI: ASQ Quality Press, 2022.Identifiers: LCCN: 2021951458 | ISBN: 978-1-63694-013-7 (paperback) | 978-1-63694-014-4 (epub)Subjects: LCSH Medical instruments and apparatus industry—Risk management. | Medical instruments and apparatus—Quality control. | Medical instruments and apparatus—Safety measures. | BISAC BUSINESS & ECONOMICS / Industries / Manufacturing | BUSINESS & ECONOMICS / Industries / Healthcare | MEDICAL / Instruments & Supplies Classification: LCC R856.6 S56 2022 | DDC 610.284—dc23
ASQ advances individual, organizational, and community excellence worldwide through learning, quality improvement, and knowledge exchange.
Bookstores, wholesalers, schools, libraries, businesses, and organizations: Quality Press books are available at quantity discounts for bulk purchases for business, trade, or educational uses. For more information, please contact Quality Press at 800-248-1946 or books@asq.org.
To place orders or browse the selection of all Quality Press titles, visit our website at: http://www.asq.org/quality-press.
Printed in the United States of America.
26 25 24 23 22 SWY 7 6 5 4 3 2 1
Table of Contents
Cover
Simon_titlepg
Simon_cip
Simon_dedication
Simon_acknowledgments
Simon_preface
Simon_listofabbreviations
01_Simon_Sec1Ch1
02_Simon_Ch2
03_Simon_Ch3
04_Simon_Ch4
05_Simon_Ch5
06_Simon_Ch6
07_Simon_Ch7
08_Simon_Ch8
09_Simon_Sec2Ch9
10_Simon_Ch10
11_Simon_Ch11
12_Simon_Ch12
13_Simon_Ch13
14_Simon_Ch14
15_Simon_Ch15
16_Simon_Sec3Ch16
17_Simon_Ch17
18_Simon_Ch18
19_Simon_Sec4Ch19
20_Simon_Ch20
21_Simon_Ch21
22_Simon_Ch22
23_Simon_Sec5Ch23
24_Simon_Ch24
25_Simon_Ch25
26_Simon_Ch26
27_Simon_Ch27
28_Simon_Ch28
29_Simon_Ch29
30_Simon_End
Dedication
This book is dedicated to my parents, Bette and Orin Simon. Their continuous support and love made my life, education, work, and this book possible.
Acknowledgments
● ● ●
To Ravi Bhullar (a genuine Indian Guru), without whom this book would not have happened.
To Steve Stegmeier, who provided the epiphany for the mustache curve (and, as I recall, had a pretty good mustache himself).
To an old supervisor, who said validation was too complicated for me—challenge accepted and obliterated.
Preface
● ● ●
You may be asking, Why do I need to read this book? What makes this different from all the risk books, articles, and presentations I’ve been exposed to in the past?
The short answer is…that there is no short answer. You’re reading this book because the ISO 14971 standard is not geared toward manufacturers. As a result, your risk documents have been collecting dust in a corner while your teams do the best they can to get product out the door and not hurt people in the process. Your systems are likely disconnected, and your people are aimlessly guessing how to design, validate, monitor, and update your products.
This book will help you fix all that. It will show you how to properly build and connect your risk documents, so you can have an efficient, effective, and compliant risk process that supports (rather than hinders) your people and your processes. The concepts in this book will help you make better products without all the guesswork and help you respond to issues faster and more effectively. As a bonus, when your people see how the work they do connects and helps improve the product (and, by extension, the lives of your users and patients), they will enjoy their jobs more and take better ownership of their work.
After finishing this book, you will understand that risk management really is simple and intuitive when done right. Yes, it’s broad in scope—but it doesn’t have to be so difficult, confusing, and convoluted. If you only take one thing from this book, I hope it’s that the occurrence rates in your risk documents need to be meaningful. They need to connect directly to your verification/validations and be the thresholds for your nonconformance (NC) and complaint processes (Chapters 3-4, 8, 12, and 16-17). If the only change you are able to make at your company is to implement the concepts in Chapters 3-4 (i.e., to capture your NC
rates in your risk documents), much of the rest of the changes may happen organically.
The information presented in this book assumes the reader has at least a basic understanding of risk management—specifically, familiarity with the concepts in ISO 14971, hands-on experience with risk tools (for example, fault tree analysis and failure mode and effects analysis), and knowledge of the applicable regulations that apply to their products and to risk (for example, 21 CFR 809, 21 CFR 820, and the EU Medical Device Regulation [MDR] and/or the In Vitro Diagnostic Regulation [IVDR]). Hopefully, you are open to fixing some of the issues you have been struggling with for years. (If you are new to risk management, read through the regulations and standards, and consider taking an introductory-level course prior to reading further.)
As someone experienced with risk management, you already know that there are numerous inputs and outputs for each step in the risk process. Additionally, the process is very iterative. In other words, sometimes you need to begin the process before you’re able to clearly define your criteria. For example, if you are building a risk management process for your company’s first product, you won’t have similar products from which to define a master harms list.
Because of this variety of inputs/outputs and the iterative nature of the process, it’s not very linear. This made it difficult to write a book and still address all the necessary background before digging into each topic. As a result, some topics may rely on information that is presented later in the book. I have made every effort to minimize this and present the information in as linear a fashion as possible, but the reader should be aware that this is a broad and interdependent process.
The information presented here is based on my knowledge and experience gained over many years of working and consulting in various areas of risk management. The information is also based on the regulations and standards that were available at the time this text was being written. As regulations and standards are updated, the information and references presented here will undoubtedly become outdated. Therefore, it is recommended that the reader not only assess how best to implement the concepts in this text, but also assess whether any changes have occurred to the referenced regulations and standards that would alter the implementation of the concepts.
Some of the concepts presented here were developed and honed while assisting a medical device company that was dealing with thousands of lawsuits for its trans-vaginal mesh products (you may remember the lawyers’ commercials). We were asked to help the company make its risk processes and labeling bulletproof
(their words)—specifically, to ensure the benefits of its products objectively outweighed the risks (so the company could defend keeping its products on the market) and to properly disclose the risks to minimize the company’s future liability. While not all of these concepts were developed during that project, it emphasized for me the importance of the risk management process and started an effort to develop more meaningful and applicable risk documents. With the advent of the EU MDR and IVDR, there has been a focus to make sure risk management processes have the necessary procedural relationships to ensure the proper data are flowing in and the proper decisions are flowing out to drive necessary changes.
If you follow the steps laid out in this book:
✔ Your risk documents will have meaningful criteria and thresholds.
✔ Your products and manufacturing processes will be designed to control risks.
✔ You will have validated and verified your risks (initial and ongoing testing).
✔ Your verification/validation (V/V) sampling plans and sample sizes will be based on risk.
✔ Your V/V sampling plans will be adjusted based on where the variation is in your process.
✔ Your test method validations will be based on risk.
✔ Your NCs and complaints will use the risk thresholds to determine when a corrective action/preventive action (CAPA) is needed.
✔ Your NC process will work for product, process, and quality system
nonconformances.
✔ Your risks will be properly communicated to the users and patients through labeling, instructions for use (IFU), training, etc.
✔ You will have an efficient closed-loop
risk management system.
And,
• Your post-market surveillance (PMS) process can feed into the risk management system to determine if you need additional clinical/performance studies.
• Your risk documents will be audit ready.
These bulletproof
strategies have been used at large, multinational manufacturers with hundreds of products and various departments working collaboratively. They have also been used at a small dental company with a single quality engineer tasked to do it all herself for a handful of products. They have been used in medical device companies as well as in vitro diagnostic medical device companies. Because the concepts rely heavily on ISO 14971 and ISO 13485, which are medical device standards, they are not specifically tailored to the pharmaceutical industry (though they could be, but I’ll leave that for someone else to write).
Some of the concepts presented involve or rely heavily on statistics. While my degrees are not in statistics, I was blessed to have mathematicians for parents. I have also worked with several statisticians, and much of my career has involved hands-on work with large piles of data, spreadsheets, trending, etc. Most of the formulas presented here reference the source; however, some were created by me or by my coworkers. All formulas should be vetted for your company before applying them to your processes and products.
List of Abbreviations
● ● ●
5W2H Who, What, When, Where, Why, How, and How Much
8D Eight Disciplines Problem-Solving Process
AAMI Association for the Advancement of Medical Instrumentation
AFAP As Far as Possible
ALARP As Low as Reasonably Practicable
ANOVA Analysis of Variance
ANSI American National Standards Institute
AQL Acceptance Quality Limit
ASQ American Society for Quality
BOM Bill of Materials
BS British Standard
CAPA Corrective Action/Preventive Action or Corrective and Preventive Action
CEN European Committee for Standardization
CENELEC European Committee for Electrotechnical Standardization
CEP/PEP Clinical Evaluation Plan/Performance Evaluation Plan
CER/PER Clinical Evaluation Report/Performance Evaluation Report
CFR Code of Federal Regulations
CGMP Current Good Manufacturing Practice
CNC Computer Numerical Control
Cpk Process Capability Index
CPSP Clinical Performance Study Plan
CPSR Clinical Performance Study Report
CQE Certified Quality Engineer
CS Common Specification
CTQ Critical to Quality
dFMEA See FMEA.
DFU Directions for Use
DMR Device Master Record
DOE Design of Experiments
DV&V Design Verification and Validation
EC European Commission
EMA European Medicines Agency
EN European Standard (from Europäische Norm)
ERC Essential Requirements Checklist
ETSI European Telecommunications Standards Institute
EU IVDR European Union In Vitro Diagnostic Medical Device Regulation 2017/746
EU MDR European Union Medical Device Regulation 2017/745
Eudamed European database on medical devices
FDA Food and Drug Administration
FD&C Act Federal Food, Drug, and Cosmetic Act
FMEA Failure Mode and Effects Analysis (aka FMECA, Failure Mode and Criticality Effects Analysis); may include use, design, and process variations
FTA Fault Tree Analysis
GR&R Gage Repeatability and Reproducibility
GSPR General Safety and Performance Requirements (checklist)
ICH International Council for Harmonization of Technical Requirements for Pharmaceuticals for Human Use
ICS International Classification for Standards
IEC International Electrotechnical Commission
IFU Instructions for Use
IQ Installation Qualification
IOQ Installation and Operational Qualification
ISO International Organization for Standardization
ISO/FDIS International Organization for Standardization/Final Draft International Standard
ISO/TR International Organization for Standardization/Technical Report
IT Information Technology
IUS Intended Use Statement
IVD In Vitro Medical Device
IVDR See EU IVDR.
LOD Limit of Detection (aka Detection Limit or MDL)
LOQ Limit of Quantitation
LTPD Lot Tolerance Percent Defective
MAUDE Manufacturer and User Facility Device Experience
MD Medical Device
MDL Method Detection Limit or Minimum Detection Limit (aka LOD)
MDR See EU MDR.
MDR/MDV Medical Device Reporting/Medical Device Vigilance
NB Notified Body
NC Nonconformance
NCEA Nonconformance Effect Analysis (may include use, design, and process variations)
NCi Initial Probability of Occurrence of the Nonconformance
NCr Residual Probability of Occurrence of the Nonconformance
NCR Nonconformance Report
NIST National Institute of Standards and Technology
OC Operating Characteristic
OOS Out of Specification
OQ Operational Qualification
ORA Office of Regulatory Affairs
OSHA Occupational Safety and Health Administration
OUS Outside of the United States
P (including (Initial and residual) Probability of occurrence of the
Pi and Pr) harm
Px (including Probability of occurrence of one of the events leading
P0, P1, P2, PE, PF) to harm
PDP Product Development Process
PEP See CEP/PEP.
pFMEA See FMEA.
PMS Post-Market Surveillance
Ppk Process Performance Index
PPM Part Per Million
PPQ Process Performance Qualification
PQ Process Qualification
P/T Ratio of the precision