Speeding Products to Market Using Risk Analysis

Risk.

This is a four letter word that represents something that many of us prefer to avoid, yet can’t. Every day we are confronted with risks. We analyze risks and make decisions often without even realizing it.

“ Should I leave the windows open? There is a chance of rain.”

“Should I lock the car? I will be only a few minutes.”

“Should I take the highway? It is usually quicker but sometimes it can be much longer.”

The more undesirable the possible outcome the more careful we are in our decision making process. The worst risk we are subjected to is the one we are not aware of or are misinformed about. This is typically where the most harm and damage is done. Modern society recognizes this and as a result we have laws, regulations and standards intended to minimize harm and damage.

In the medical device industry risk analysis is required by many regulatory authorities. Analysis of risks associated with products is taken quite seriously. Many companies have learned the value of conducting thorough risk analyses earlier in the design process. There are many different methods for analyzing risks associated with medical devices. One of the more commonly used methods is Failure Mode Effects Analysis.

BACKGROUND

What is FMEA?

Purpose

Application

Uses

ANALYSIS

Failure modes

Effects

Severity

Probability of occurrence

Current design controls

Probability of detection

Risk priority number

Recommended actions

Questions to ask

TYPES OF HAZARDS

Energy

Biological

Environmental

Usage

Functional/Maintenance

BACKGROUND

What is FMEA?

Failure Mode Effects Analysis (FMEA) and Failure Mode Effects and Criticality Analysis (FMECA) are disciplined methods of analysis intended to identify and minimize unwanted performance or potential failures which have significant consequences affecting a device’s or system's performance in its intended application. FMECA is an extension of FMEA that includes in the analysis a consideration of the severity, or criticality, of the consequences of a failure. Both qualitative and quantitative analysis is required and these compliment one another. FMEA and FMECA can be performed in either a top-down approach or a bottom-up approach. A top-down approach starts with an outcome and works toward the cause(s) at a lower level. A bottom-up approach starts with an event at a low level and works towards the final outcome. There are two main types of FMEA; Design FMEA and Process FMEA. As you may have guessed Design FMEA concerns itself with the design while Process FMEA concerns itself with workflows. This discussion will focus on design FMEA/FMECA. Due to the scope and the multi-disciplinary nature of the FMEA/FMECA, a team effort is needed to produce the desired outcome. There are many different ways to structure an FMEA/FMECA. This discussion is intended only as in introduction to the general process. A good start to learning more on this topic is to read EN 14971 2000 Medical Devices - Application of Risk Management to Medical Devices .

Purpose

The purpose of the design FMEA is to serve as a means for evaluation of the effects and the sequences of events caused by each identified failure mode, from whatever cause, at various levels of a system's functional hierarchy. Through this process a number of observations are made including but not limited to: significance of each failure or its severity, critical component identification, reliability and/or safety of design or process, probability of an event, detectability, diagnoseability and testability. FMEA can be used as a tool to improve safety, increase quality, improve reliability, lower costs, and decrease liability.

Application

The analysis can be applied to new or existing designs and processes. The most gain can be obtained on new design and process analysis. Components, assemblies, systems, and processes can all be subjected. Even service organizations can utilize the techniques in an effort to provide their customers with better service.

Uses

A number of uses that the analysis can produce are:

• determining the need for redundancy

• designing features which increase the probability of "fail safe" operation

• design simplification

• determine demands placed upon materials, components assemblies, and systems

• disclose safety hazard and liability problem areas

• ensure regulatory compliance

• determine safe operating limits and device lifetimes and failure rates

• develop maintenance/service requirements

• prioritize areas for improvement

• establish need for data recording and monitoring during testing and use

• development of troubleshooting guides

• facilitate/support the determination of test criteria/plans/diagnostic procedures

• forum for discussion of alternate designs

• enhance the knowledge and understanding of the behavior of item(s) or process

• facilitate communications

• reduce scrap & increase yield

ANALYSIS

Failure modes

The manner in which a part, assembly, or system could potentially fail to meet its requirements or fail to function. It is also what you may reject the item for.

Effects

The potential non-conformance stated in the terms of the next assembly or system performance (from the customer's perspective).

Causes

The potential reason(s) behind a failure mode, usually stated as an indication of a specific design or process weakness.

Severity

A qualitative assessment of the seriousness of the effect of the potential design failure mode as viewed from the perspective of the customer, system, or government regulation. The severity applies to the effect of a failure mode. The severity ranking can be reduced only through a change in design. The following table is a description of a ten level severity ranking system. The number of levels in a ranking system is not as important as creating an effective strata of severities. Aspects of customer satisfaction are indicated in the table to illustrate the ability of the analysis to be utilized for more than human safety.

Ranking	Effect	Criteria
10	Hazardous	Hazardous effect without warning. Safety related. Regulatory non-compliant.
9	Serious	Potential hazardous effect. Able to stop without mishap. Regulatory compliance in jeopardy.
8	Extreme	Item inoperable but safe. Customer very dissatisfied.
7	Major	Performance severely affected but functional and safe. Customer dissatisfied.
6	Significant	Performance degraded but operable and safe. Non-vital part inoperable. Customer experiences discomfort.
5	Moderate	Performance moderately affected. Fault on non-vital part requires repair. Customer experiences some dissatisfaction.
4	Minor	Minor effect on performance. Fault does not require repair. Non-vital fault always noticed. Customer experiences minor nuisance.
3	Slight	Slight effect on performance. Non-vital fault notice most of the time. Customer is slightly annoyed.
2	Very Slight	Very slight effect on performance. Non-vital fault may be noticed. Customer is not annoyed.
1	None	No effect.

Probability of occurrence

A qualitative or quantitative assessment of how frequently the failure mode is projected to occur as a result of the specific cause. Where possible, probability of occurrence is based on available data on the specific cause.When number of failures due to specific cause cannot be estimated then it is acceptable to examine similar components or systems. If it cannot be estimated, the probability should be considered high. The ranking can be reduced by improving engineering specifications and/or requirements. The following table is a description of a ten level probability of occurrence ranking system. As noted in the severity ranking description, the number of levels in a ranking system is not as important as creating an effective strata.

Ranking	Possible Failure Rates	Probability of Failure
10	> 1 in 2	Almost certain.
9	1 in 3	Very high.
8	1 in 8	High.
7	1 in 20	Moderately high.
6	1 in 80	Medium
5	1 in 400	Low
4	1 in 2,000	Slight
3	1 in 15,000	Very slight.
2	1 in 150,000	Remote.
1	1 in 1,500,000	Almost impossible.

Current design controls

The various design features that are put in place throughout the system to ensure proper performance. Controls can include processing steps, test procedures, characterization tests, detection circuitry or any means that can be used to prevent or detect a potential failure before an undesirable outcome occurs.

Probability of detection

A qualitative assessment of the probability of the design control to detect a potential cause or mechanism of failure.If it cannot be estimated, the ranking should be considered high. The ranking can be reduced by adding or improving design evaluation techniques to increase the ability to detect the potential failure before it results in an undesirable outcome. The following table is a description of a ten level probability of detection rankng system. Some FMEAs do not use a separate probability of detection number. In these analyses the probability of detection is “built into” the probability of failure rating

Ranking	Detection	Likelihood of Detection by Design Control
10	Absolute Uncertainty	No design control or design control will not detect potential cause.
9	Very Remote	Very remote chance design control will detect potential cause.
8	Remote	Remote chance design control will detect potential cause.
7	Very Low	Very low chance design control will detect potential cause.
6	Low	Low chance design control will detect potential cause.
5	Moderate	Moderate chance design control will detect potential cause.
4	Moderately High	Moderately high chance design control will detect potential cause.
3	High	High chance design control will detect potential cause.
2	Very High	Very high chance design control will detect potential cause.
1	Almost Certain	Almost certain that the design control will detect potential cause.

Risk priority number

The risk priority number (RPN) is the product of the severity, occurrence, and detection rankings. The RPN helps to prioritize potential failures and is used to rank potential design deficiencies and/or liability issues. The goal is to reduce RPNs through a reduction in severity, occurrence, and detection rankings. The analysis review team should establish a maximum RPN number. Risks that remain above the maximum RPN number are considered residual risks. Other evaluation criteria may also be used to identify residual risks. Risks that are below the maximum RPN number but meet other criteria such as those having a criticality of Sever or higher may a also be considered residual risks.

Recommended actions

Actions that are suggested to help reduce the RPN and residual risks. There will be times when the RPN and residual risks cannot be reduced by any reasonable means. Recommended actions may still be offered to increase the awareness of the item.

Some Questions to ask

A number of questions to ask yourself when performing an FMEA or FMECA are listed below:

Who is the intended user?

What is the required skill of the user?

What is the required training of the user?

What is the environment it is to be used in?

Who does the installation/setup?

Can the patient influence the use of the device?

Is there any invasive contact?

Are there any contacted parts?

What is the duration of contact?

What is the frequency of contact?

What type of energy is delivered if any?

How is the delivered energy controlled?

What is the quantity of energy delivered?

What is the quality of energy delivered?

What is the time function of the energy delivered?

Are any devices sterilized by the user?

Are there any devices sterilized by the manufacturer?

What type of sterilization is used?

Are there any single use devices?

Can failure be detected before hazard occurs?

Can failure be eliminated by manufacturing controls or preventative maintenance?

Will misuse increase likelihood of failure?

Can alarms be added?

What is the number of multiple uses for the device?

What is the shelf/storage life?

What is measured?

What is accuracy? What is precision?

Is device to be used with other devices or drugs?

Does device produce unwanted radiation?

Is device influenced by unwanted radiation?

Is device influenced by environmental conditions?

What are the essential accessories or consumables associated with the device?

Who calibrates? How often?

Who maintains the device? How often?

Any disposal or by-product issues?

Any long-term cumulative effects?

SOME TYPES OF HAZARDS

Energy

Electricity

Heat

Mechanical force

Ionizing radiation

Non-ionizing radiation

Electromagnetic fields

Moving parts

Suspending masses

Patient support device failure

Pressure vessel rupture

Acoustic pressure

Vibration

Biological

Bio-burden/bio-contamination

Bio-incompatibility

Incorrect formulation

Toxicity

Infection

Pyrogenicity

Hygienic safety

Environmental

Electromagnetic interference

Inadequate supply of power

Likelihood of operation outside prescribed environmental conditions

Incompatibility with other devices

Waste products

Usage

Inadequate labeling, instructions, specifications

Over complicated instructions

Unavailable or separate instructions

Use by unskilled or untrained

Human error

Insufficient warning of side effects

Inadequate warning of hazards likely with reuse of single use devices

Incorrect measurements

Incorrect diagnosis

Erroneous transfer of data

Misrepresentation of results

Functional/Maintenance

Inadequacy of performance characteristics for intended use

Lack of maintenance specifications

Lack of maintenance

Lack of determination of end of device life

Inadequate packaging

Optimum Technologies, Inc. offers regulatory affairs consulting on all aspects of medical device development and manufacturing. Contact us to obtain a quote for services.

Optimum Technologies, Inc. - Optics for Life™

Copyright 2008, Optimum Technologies, Inc., Privacy Policy
68 West Street, Southbridge, MA 01550, USA
Phone: (508) 765-8100 Fax: (508) 765-8101 Email:

Developed by Telesian Technology Inc.