Risk management is a relatively young management concept. During the last ten to 15 years, it has evolved from a technical economic discipline with roots in insurance, finance and engineering into a central theorem that has permeated regulatory and management domains. Increasingly, it is becoming one of the main topics of conversation, and marketplace catalyst, within the life science and medtech industries.
The rationale is quite simple – risk management is becoming the essential driver for safer and more effective innovative medical devices and their associated therapies. With quickly progressing scientific technologies in hardware and software, nano materials and new drug/device combinations, it is more and more difficult to effectively regulate an industry that demands very high expectations related to safety and performance.
State-of-the-art regulatory frameworks depend on risk-based regulations that provide a dynamic framework of rules and decisions rather than a set of static requirements. A simple search for references pertaining to risk in older, current and new European regulatory frameworks appear to support this statement (see Table 1 below).
| AIMDD | IVD | MDD:M5 | EU MDR: 2017/745 |
| 14 | 34 | 55 | 83 |
Table 1: Risk References by EU Regulatory Standard
The Active Implantable Medical Device Directive (AIMDD), 90/383/EEC, was introduced in 1990 for high-risk devices such as pacemakers, and refers to risk in only 14 occurrences. The current Medical Device Directive (MDD), 93/42/EEC, introduced in 1993 and in in its current edition as amended, includes more than 50 references to risk. The MDD: M5 will be succeeded in 2020 by the recently released EU Medical Device Regulation (MDR), 2017/745/EEC, with over 80 references to risk.
While these directives and the new EU regulation are written in a complex legislative language, the content reflects major regulatory concepts of checks and balances. More specific and defined language for risk-based general requirements is provided pertaining to device-specific safety and performance processes and standards.
For reference purposes, the broadly implemented Quality Management System (QMS) Standard for Medical Devices, ISO:13485, was included in the below comparison chart (Table 2) to demonstrate that risk management significantly drives regulations and requirements. From broader legislative mandates, through regulatory concepts – and, all the way to specific safety and performance requirements for lifecycle-based product development processes – risk-based approaches are apparent.
| ISO 13485: 2003 | ISO 13485: 2016 | IEC 62344 (Usability Engineering) | IEC 60601-1 (3rd Edition) | IEC 62304 (Medical Device Software Life Cycle Process) |
| 16 | 32 | 144 | 153 | 266 |
Table 2: Risk References by FDA/EU Regulatory Standard
Risk management frameworks such as those proposed in ISO:14971, Medical Devices Application of Risk Management, enable medical device manufacturers and innovators to better understand, manage and mitigate the growing uncertainties in pre- and post-market regulatory environments.
However, risk management does not solve the growing concerns of a fragmented European regulatory framework for medical devices. Various stakeholders and decision makers may have different approaches to risk mitigation strategies.
Risk management approaches are sometimes a result of process rationality, a course whereby decisions become meaningful due to process, rather than preset or past expectations. This is indeed a relevant argument if risk management is intended to promote a high level of safety, and allow for innovation within the life science and medtech industries. As such, risk management may involve the delivery of a firm rational related to regulatory compliance, even in a world of growing complexity and uncertainty.
How can your organization better address device risk?
As risk increasingly becomes the main driver for safer and more effective medical devices, product manufacturers must consider regulatory and approval strategies that address all end-user risks.
NAMSA’s global experts throughout North America, Latin America, Europe, Japan, China and the Middle East, are intimately familiar with the quickly changing world of regulations, including the most efficient and effective approaches to adequately address all stakeholder risks.
If you would like to discuss your device development project, and optimal regulatory pathways to market, please contact us at communications@namsa.com or visit our regulatory consulting webpage here to learn about our services, or to schedule a complimentary consultation.
Stephan Buttron
Stephan Buttron currently serves as NAMSA’s Senior Product Development Strategist. Mr. Buttron has over 20 years’ experience in achieving EU, U.S. FDA and other international regulatory medical device approvals and registrations. He has provided global consulting services on regulatory strategy development to medical device manufacturers regarding least burdensome pathways for 510(k)/PMA and MMD-CE mark applications. He has successfully managed FDA pre-submission meetings for Investigational Device Exemption (IDE) pathways with multiple FDA specialty branches. Stephan is considered a key industry thought leader on risk management, and has provided multiple training sessions to medical device manufacturers on structured risk management process per EN ISO 14971 & EU MDD 93/42 as amended with directive 2007/ 47. Mr. Buttron has also provided countless educational opportunities to international organizations regarding medical device design and development issues related to ISO 13485 & EU MDD 2007/47 compliance.