Benefits of IEC 80001-1 and introduction into new EN 14971:2012 Dr. Jürgen Stettin CEO Prosystem AG / Prosystem USA LLC
Software Recalls in the US (03/06/2012) Prof. Dr. Jürgen Stettin
Is this a medical device?
Who is responsible for the components? Telecommunications -provider Manufacturer ? Telecommunications -provider Manufacturer Hospital Manufacturer
Examples for the benefits of an IEC 80001 compliant network Change Management Event Management Managing Responsibilities Increased Performance Verification & Validation Evidence Process-oriented Management 28.04.2019 info@prosystem-ag.com
Change Management – Planing bevor doing Changes are well planned and will not effect the Key Porperties of the network E.g. Network switch need an upgrade prior to the change Patient Monitor Digital X-ray Without Change Management With Change Management PACS - Server 28.04.2019 info@prosystem-ag.com
Event Management - Proactive response to Events × × Workstation Workstation Hospital IT-Network × × × HIS- Server PACS - Server Diagnostic Workstation 28.04.2019 info@prosystem-ag.com
Clearly defined responsibilities Responsible organisation IT engineering Medical engineering Purchase & contract management Service & maintenance Manufacturer 28.04.2019 info@prosystem-ag.com
Networks with improved performance · ¹ º » ¼ ¸ Radiology - Network Ambulance Network Digital X-ray Workstation 28.04.2019 info@prosystem-ag.com
Verified & Validated Medical IT-Networks before after Test Specification Digital X-ray ü PACS - Server Test Report Diagnostic Workstation 28.04.2019 info@prosystem-ag.com
Process-oriented Management of Networks Network Properties Change Management Risk Management Configuration Management Continous Monitoring Contract Management Event management 28.04.2019 info@prosystem-ag.com
New Standard: IEC 82304 IEC 82304-1 Healthcare Software Systems IEC 60601-1 Medical electrical equip. IEC 60601-1 Medical electrical equip IEC 60601-1 Medical electrical equip IEC 60601-1 Medical electrical equip IEC 62304 Medical device software life cycle processes ISO 14708 Active implantables Prof. Dr. Jürgen Stettin
Changes in EN 14971:2012 Prof. Dr. Jürgen Stettin
The European Commission has released a list of Harmonized Standards on 08/30/2012. In this list are EN 14971:2012 und EN 13485:2012 The European approach that the assumption is that you fulfill the „Essential Requirements“ is limited in the amendments ZA, ZB und ZC EN 14971 und EN 13485. There is no transition period. The changes are in effect from 09/01/2012 Prof. Dr. Jürgen Stettin
Risk reduction "as far as possible" versus "as low as reasonably practicable" a) ISO 14971 contains the concept of reducing risks "as low as reasonably practicable" (ALARP concept). The ALARP concept contains an element of economic consideration. b) However, the Directive 93/42/EEC and various particular Essential Requirements require risks to be reduced "as far as possible" without there being room for economic considerations. c) Accordingly, manufacturers and Notified Bodies may not apply the ALARP concept with regard to economic considerations. Prof. Dr. Jürgen Stettin
The Riskgraph non-acceptable risk Probability of occurence high Probability of occurence low Severity low Severity high non-acceptable risk ALARP (As Low As Reasonable Practicable) acceptable risk
The Riskgraph non-acceptable risk Probability of occurence high Probability of occurence low Severity low Severity high non-acceptable risk ALARP (As Low As Reasonable Practicable) acceptable risk
Discretionary power of manufacturers as to the acceptability of risks ISO 14971 seems to imply that manufacturers have the freedom to decide upon the threshold for risk acceptability and that only non-acceptable risks have to be integrated into the overall risk-benefit analysis. b) However, Medical Device Directive requires that all risks have to be reduced as far as possible. c) Accordingly, the manufacturer may not apply any criteria of risk acceptability prior to applying MDD Prof. Dr. Jürgen Stettin
The Riskgraph non-acceptable risk Probability of occurence high Probability of occurence low Severity low Severity high non-acceptable risk ALARP (As Low As Reasonable Practicable) acceptable risk
Treatment of negligible risks: According to ISO 14971, the manufacturer may discard negligible risks However, Directive 93/42/EEC requires that all risks, regardless of their dimension, need to be reduced as much as possible and need to be balanced, together with all other risks, against the benefit of the device. Accordingly, the manufacturer must take all risks into account when assessing Directive 93/42/EEC. Prof. Dr. Jürgen Stettin
The Riskgraph non-acceptable risk Probability of occurence high Probability of occurence low Severity low Severity high non-acceptable risk ALARP (As Low As Reasonable Practicable) acceptable risk
Deviation as to the first risk control option ISO 14971 obliges the manufacturer to "use one or more of the following risk control options in the priority order listed: (a) inherent safety by design …" without determining what is meant by this term. However, Directive 93/42/EEC requires to "eliminate or reduce risks as far as possible (inherently safe design and construction)". Accordingly, as the Directive is more precise than the standard, manufacturers must apply the former and cannot rely purely on the application of the standard. Prof. Dr. Jürgen Stettin
Information of the users influencing the residual risk The residual risk is in ISO 14971 defined as the risk remaining after application of the risk control measures. However, Directive 93/42/EEC says that users shall be informed about the residual risks. This indicates that, according to Directive 93/42/EEC and contrary to the concept of the standard, the information given to the users does not reduce the (residual) risk any further. Accordingly, manufacturers shall not attribute any additional risk reduction to the information given to the users. Prof. Dr. Jürgen Stettin
Thank you for your attention Questions?