FMEA should not be used in medical device design

FMEA should not be used in the design of medical devices

Among the clients with whom the author provides consultation, a small number use FMEA (Failure Mode Effective Analysis: Failure Mode Effects Analysis) in the design of medical devices. =”_blank”>FMEA (Failure Mode Effective Analysis) is used in the design of medical devices.

FMEA (IEC-60812) is not referenced in medical device regulations (basic requirements standard in Japan, harmonized standard in MDR).
A unique feature of FMEA is that it multiplies risk by detectability. This is called Risk Priority Number (RPN).

RPN (risk priority) = probability of occurrence of harm x severity x detectability.

FMEA should not be used in the design of medical devices. More precisely, detectability must not be used in medical device design. This is because risk priority is irrelevant to the patient and user.
In accordance with ISO 14971, risk management for medical devices must reduce risk (severity x probability of occurrence) to an acceptable level. In other words, regardless of detectability, risk control is necessary in medical device design.
FMEA should be used in process design.

Let us list and explain some of the reasons why FMEA should not be used in the design of medical devices.

1.FMEA multiplies detectability.

The hallmark of FMEA is that the probability of occurrence of harm multiplied by severity is further multiplied by detectability is to multiply the
As you have indicated, risk is defined as the probability of occurrence of harm multiplied by severity. (Definition of Risk)
Risk is further multiplied by detectability, which is called the Risk Priority Number (RPN).
This generally calls for a ranking of risks to be controlled in design and manufacturing.
This prioritizes economic efficiency. Some risks may be cost-prohibitive to reduce through controls. Even in such cases, the objective is to lower the priority for risks with high detectability, since the occurrence of defects (exposure to the hazard) is easy to detect.
However, in medical device risk management, detectability should not be used (or more accurately, nowhere is it stated that it may be used), and only whether the risk is acceptable or unacceptable is the decision to implement risk control measures.

Example. Let severity (S), probability of occurrence (P), and detectability (D).
【Case 1】If S: 3, P: 5, D: 8, RPN: 120.
【Case 2】If S: 7, P: 3, D: 3, RPN: 63.
Suppose that the company defines risk control as unnecessary if the RPN is less than 100. Also, the acceptable range is defined as S x P less than 20.
In this case, Case 1 (RPN: 120) requires risk control and Case 2 (RPN: 63) does not.
However, in Case 1, S x P = 15, which is an acceptable range. On the other hand, in Case 2, S × P = 21, which is unacceptable.
Multiplying by detectability causes this kind of inversion.
In medical device design, in principle, risk must be reduced to an acceptable level

2.Basic Requirement Standards

Regarding “Article 2 Risk Management” of the Standard for Basic Requirements for Medical Devices, The authority requires compliance with JIS T 14971 or ISO 14971 in the notice.
Never FMEA (IEC 60812) is not stated as acceptable.

3.ISO 14971:2007 Annex G

In ISO 14971:2007, Annex G, “Information on risk management methods”, there was a reference to FMEA. After the revision to ISO 14971:2019, Annex G was discontinued and moved to ISO/TR 24971 Annex B.

G.1 general

This annex provides guidance on some of the methods available for risk analysis in 4.3.
Failure Mode and Effects Analysis: (FMEA) and Failure Mode, Effects and Criticality Analysis or consequences of individual components in a systematic manner, and are suitable for use at a more complete design stage.

It is important to note that only 4.3 “Risk Analysis” of the processes specified in ISO 14971 are described here.
In other words, 4.4 Risk Assessment (Probability of Occurrence x Severity) and beyond are not cited and it is not stated that detectability is used.
In medical device design, this means that FMEA may be used in part with respect to risk analysis.
For example, it is useful to consider risk scenarios such as failure => failure mode => impact on function.

4.ISO/TR 24971:2020

In ISO/TR 24971:2020, FMEA is also introduced as Annex B (reference) “Techniques to support risk analysis. It is still limited to risk analysis and is described as only one of the risk management processes.

It should be emphasized that risk analysis is only one step in the JIS T 14971:2020 risk management process.
Furthermore, the techniques described in this Annex do not address all elements of risk analysis, but only provide supplemental information. (omitted).
– Failure Mode and Effects Analysis (FMEA)] is a technique for systematically identifying the effects or consequences of individual components and is more appropriate when the design is complete and failure modes are well understood.
There is also a statement here that FMEA can only be used for risk analysis. There is no mention of using risk priorities.

5.FMEA is used in process design

As mentioned above, FMEA is a risk analysis method that prioritizes economic efficiency. Companies need to reduce manufacturing costs.
ISO/TR 24971:2020 Annex B (reference) “Techniques to support risk analysis” contains the following

ISO/TR 24971:2020

B.5 Failure Mode and Effects Analysis (FMEA)
FMEA is a technique for systematically identifying and evaluating the consequences of individual failure modes. It is an inductive technique using the question “What would happen if…? Components are analyzed one at a time, typically down to a single failure state. This is done in a “bottom-up” fashion. This is done in a “bottom-up” fashion, i.e., one step at a time up to a higher functional system level as the procedure progresses.
FMEA is not limited to failures in the design of components, but can also include failures in the manufacture and assembly of components (process FMEA) and failures in the use or misuse of the product by the end user (use FMEA).
FMEA can be expanded to integrate the results of the investigation of individual component failure modes, their probability of occurrence and detectability (limited in JIS T 14971:2020 to the extent that detection allows preventive measures to be taken), and the severity of the consequences. In order to perform FMEA, it is necessary to know the structure of the medical device in some detail.

Weaknesses of this technique are that it may be difficult to handle redundancy, it may be difficult to incorporate repair or preventive maintenance activities, and it is limited to a single fault condition.
For a detailed FMEA procedure, the reader is referred to IEC 60812 [10].

Detectability (in JIS T 14971:2020, detectability is limited to the extent to which preventive measures are possible). As stated in the section “Detectability (in JIS T 14971:2020, limited to the extent to which detection enables preventive measures),” it was added that detectability may be used if detectability leads to preventive measures (prevention) against the occurrence of harm to patients or users when a defect in product quality occurs in the manufacturing process or other processes.
In process design (manufacturing), FMEA is an effective risk management tool.

related product

[blogcard url=”” title=”QMS(手順書)ひな形 医療機器関連” ]


Related post


There are no comment yet.