This may be stating the obvious, but engineers are generally very analytical.
One of the areas where engineers are analytical is in evaluating all the ways things can go wrong. This includes exposure and use of tools like FMEA.
As an engineer, there is a good chance you first got introduced to FMEA (Failure Mode and Effects Analysis) in college, along with several other tools for looking at and analyzing failures.
So it makes sense that when you start working on medical device product development and you’re told to address risks that you’re going to fall back on what you learned once upon a time.
Out comes your trusty FMEA template spreadsheet, you begin to fill it out…and things can quickly grind to a halt.
You start asking yourself a bunch of questions like...
Are you creating an application (or use) FMEA (AFMEA) or a design FMEA (DFMEA)? (And what exactly is the difference between them?)
How do I link the AFMEA and DFMEA together? (Do I need to link them together?)
What do I put for the potential effect of the failure? Is it the effect on the patient? Or the device? Or peripheral devices?
And do I need to include detection as part of the failure analysis?
Before long, you’re lost and confused.
Even worse, after you make it through design verification and design validation, chances are you identified recommended actions to lower and mitigate risks within the AFMEA and DFMEA that you forgot about--actions that were good ideas yet never got implemented.
It can be hard enough to make sure you’re adequately handling risk management.
You have to think out of the box to make sure you’re identifying all of the potential things that might go wrong with your device or all of the potential ways it might be used incorrectly.
With all of that, the last thing you need is to make risk management harder by using FMEAs.
Fortunately for all of us, there’s an easier way to address risk and that’s ISO 14971.
I know, I know, you’re wondering how an ISO standard could ever make risk easier. After all, standards can be hard to understand sometimes.
Believe it or not, ISO 14971 makes addressing risk so much easier than an FMEA.
Greenlight Guru founder and VP QA/RA, Jon Speer, already explained ISO 14971 to you in his post “Understanding ISO 14971 Medical Device Risk Management” and there’s even a Definitive Guide to ISO 14971 Risk Management for Medical Devices, so I’ll just refresh your memory on a few key points.
ISO 14971 has 4 main definitions, Hazards, Foreseeable Events, Hazardous Situations, and Harms, that can be compared to column headers in FMEAs.
The rough definitions are below:
HAZARD -potential source of harm
FORESEEABLE EVENT- event that can easily be imagined or known about before it happens (that leads to the hazardous situation)
HAZARDOUS SITUATION - circumstance in which people, property, or the environment are exposed to one or more hazard(s)
HARM - physical injury or damage to the health of people, or damage to property or the environment
These can be loosely connected to the FMEA columns:
Foreseeable Event -> Potential Causes of Failure
Hazardous Situation -> Potential Failure Mode
Harm -> Potential Failure Effect
In an FMEA, filling in the columns from left to right, you identify Potential Failure Mode, then Potential Failure Effect, and then Potential Causes. In ISO 14971 terminology, Hazardous Situation, Harm, and then Foreseeable Event.
No wonder filling out an FMEA is difficult.
You’re forced to mentally jump around instead of logically stepping through it.
It’s much easier to think about the series of events (foreseeable events) that lead to circumstances where people, property, or the environment is exposed to a potential source of harm, and then what is the harm that results.
Another key reason why ISO 14971 is easier than FMEAs, is that with FMEAs, you typically have multiple spreadsheets, one for Application (Use) and one for Design, during the design and development process.
You have to make sure that these two documents relate to each other and any time you change one, you’re likely going to be making changes in the other.
With ISO 14971, it’s all combined in one place. It doesn’t matter if the foreseeable event is due to the use of the device or the design of the device. It is much easier to manage risk when it’s all in one spot.
We’ve gone through all of the reasons why following ISO 14971 is much easier than FMEAs for risk. It’s a more logical progression, it’s one document instead of multiple, and it’s in general more comprehensive.
But the biggest reason to use ISO 14971 instead of FMEAs?
Because FMEA is out of date. FMEA is very much focused on analyzing only failures and failure modes. Medical device risk management, however, is focused on analyzing hazards and hazardous situations.