Ee Bin Liew Thank you Marcelo Antunes, RAC, - to further the point about participating in the development process... that means for the stakeholders of ISO14971 to approach your local standards bodies that officially represent your country in ISO's perspective, and work with them on it. This way, when working drafts are put up, you'd be able to access, and contribute by offering your comments. This is very important. What Marcelo is proposing to be done in Brazil, and for example, what is done in Japan in terms of the appropriate stakeholder engagement, is best practice.

Sleepless in Seattle, Ee Bin

Karen Boyd, ASQ CQA Marcelo - Is it the US version of 14971:2009 undergoing review, or the EN 2012 version?
If it's the US, are they looking to harmonize more with the EN, or are these efforts in relation to the revised 13485:201X?

Marcelo Antunes The international version, ISO 14971:2007. Every ISO standard goes to a systematic review every 5 years. This has nothing to do with anything else, not the EN version, not the 13485 revision.

Karen Boyd, ASQ CQA Thanks Marcelo.

James (Jim) Dent, LSSBB, DTMx2 Thank you also Marcelo.

PRAKASH RANA interesting.

David Lim, Ph.D. RAC, CQA It is currently under review stage (90) and is especially under periodical review (90.20).

Would love to be part of the review process. Marcelo - Send me a link / details on how. Thanks!

David Lim, Ph.D. RAC, CQA Marcelo Antunes, RAC, now I raise an issue whether reviewing the ISO 14971 for every 5 years is sufficiently adequate when global medical device regulatory schemes (including laws, regulations, and requirements) evolve more often. What do you think?

Marcelo Antunes Jon, you can participate by participating in the National Committee and mirror groups of your country (in the case of ISO 14971, the mirror groups are hosted by AAMI), in which the discussions are made and the formal comments are created and managed

Marcelo Antunes David, the systematic review process each five years is a formal rule by ISO (and IEC) that's been in effect for decades. A particular standard can have a systematic review earlier if the related group think it's necessary, but this is very uncommon because standards need to be used and the experience need to be understood before doing anything.

On the other hand, I would disagree with your commment " global medical device regulatory schemes evolve more often". IN fact, regulations and related requirements usually are much more difficult to change. Take into consideration for example the medical devices directives, the requirements ar the same at least since 1990! The GMP requirements from the FDA are from 1996, and they are one the newer requirements. Obviously, some parts of the requirements, or guidance fro them, do change more quickly, but the more general regulatory scheme does not.

Marcelo Antunes In fact, standards are created as a way to enable changes more quickly, as they usually detail ways (the how to) implement requirements (the what), because they can be easily changed more often. On the other hand, standards such as ISO 14971 are right now so intertwined with regulations and other standards, that changing them might be a problem. For example, after discussing the issue with the convener of the ISO JWG 1 working group, he managed to convince me, at least initially, that instead of revising the standard in full, we probably should create an amendment, due to the possible negative impact of a full revision.

David Lim, Ph.D. RAC, CQA Marcelo, thank you for sharing your perspectives. As for my comment "global medical device regulatory schemes evolve more often," I meant to mean that even if statutory/legal/regulatory requirements (hereunder said as "Requirements") may stay unchanged for years, the methods or ways to demonstrate how to meet the requirements evolve faster or dramatically in some areas. An ISO standard (e.g., ISO 14971 or EN ISO 14971:2012)is intended to help industry better address the requirements. Sometimes, industry didn't even realize there are some gaps in languages/provisions per se between MDD in EU and EN ISO 14971:2009, leading to an issuance of EN ISO 14971:2012 for clarification. In other words, in case of EN ISO 14971:2009, it didn't really help the industry meet the MDD ERs other than frustrating the presumption of conformity. Otherwise, EN ISO 14971:2012 wouldn't have been issued for clarification purposes. As new methods evolve, so do the standards with sufficient frequency.

Marcelo Antunes Hello David. Ah, ok, we were talking about the same perspective then. However, the case of EN ISO 14971 is really a different stuff altogether, in my opinion. Usually, standards are created in Europe, thru the Vienna Agreement, together with the ISO original version. Some years ago, the EU Commission noted that some may not fully comply with all the specific ERs that they think the standards would cover. Then there was the need to revise the Annexes Zs.

For most of the standards, it was not a problem, but simply a matter of making things more clear. However, in the case of EN ISO 14971, the reviewer (which was a lawyers and not a technical expert) indicated that he seemed that the standard was totally different from the MDD requirements in some ways, and thus created the 7 deviations.

Marcelo Antunes However, this created more problems than solutions, because most of those deviations are technically incorrect from the perspective of both the engineering/techical side, but also even from the MDD perspective (for example, one of the deviations stated that economical aspects should not be considered, but the MDD text does mention that it needs to be considered, so whoever created this deviation choose to ignore the MDD text :-P).

So, generally standards and regulations are in good terms and there are processes to help create them in synergy. Regulators also have been increasing their participation in standards development, which will also help (for example, ISO TC 210 WG 1 on quality systems have a heavy regulator participation, due to the regulatory nature of the standard).

David Lim, Ph.D. RAC, CQA Marcelo, even FDA/CDRH has paraphrased the statutory requirements for years (little outside the scope) and then the final guidance for traditional 510(k)s was issued, thereby attempting to better align the 510(k) program with the statute. The guidance is at http://fdaguidance.net/devicesivds/the-510k-program-for-evaluating-substantial-equivalence/

Marcelo Antunes You mean, guidance where the interpretation was a little different from what the specific requirement said? Yes, I've seen several small points like this in FDA guidances through the years, but I've never seen one that was totally different (or ignored) what the regulatory/statutory requirements said. If the regulation is wrong, the only way to correct it is to change the regulation, not the guidance, or standards, or any other related document.

David Lim, Ph.D. RAC, CQA Marcelo, my post is not intended to provoke you today in any ways, but to share my views on the issue. As for your statement of "the reviewer (which was a lawyers and not a technical expert)," a lawyer reviewer (even without tech background) was able to identify the gaps between the regulatory provisions under MDD and those under EN ISO 14971:2009, but other professionals with tech background missed the gaps for years, rather trying to embarrass the lawyer reviewer for somewhat lack of tech expertise instead of complimenting him or her. This shouldn't be viewed as "trivial" as I have observed and found a countless number of compliance issues between the statutory/legal requirements and industry's ways of demonstrating to meet the requirements.

Marcelo Antunes Hi David, I'm not feeling provoked. I understand your comment, but I was just trying to illustrate that it's not always black and white. I did not try to embarrass anyone, but tried to pint out that it's a little difficult for someone with only a background in law to try and dabble into a technical problem such as the one related to risk management with only a narrow view of the law. It's my opinion (and the opinion of a lot of other people that I talk to, but I cannot speak for them) that the technical deviations are technically incorrect when we look into them from a perspective of the history of risk management. And for some of the deviations, even people like me which are more technical and have no law background can pinpoint to some inconsistencies when you do revise the regulation.

David Lim, Ph.D. RAC, CQA Marcelo, thank you for your kindness and for sharing your perspectives. Nice weekend!

Marcelo Antunes It's also important to remember that the reviewer, in this case, was not the one to have a final word on the text, as this is passed for review to the countries. And everyone concluded that the technical deviations were ok. But then, when those were reviewed and people begun to try and implement then, a lot of problems were raised.

Karen Boyd, ASQ CQA I think the economical aspects, in view of manufacturers / users of the standard, strikes a note of sensitivity.

David Lim, Ph.D. RAC, CQA Marcelo, the reviewer was a messenger, trying to ensure the applicable provisions in the directive are accurately applied in reference to the EN ISO 14971:2009 as a harmonized standard for EU CE mark purposes. If the EN ISO 14971:2009 wasn't harmonized to confer a presumption of conformity under the MDD, it is totally a different story as it is the case in the US.

Thank you for sharing this post. Very insightful.

Marcelo Antunes David, yes, that's exactly what the CEN consultants (they are usually called like this) do. Hopefully, without bias :-P.

Matthew Martin The Risk Management File procedure and required documentation is a tremendous burden to small medical device companies. The process is in itself good and obviously needed but the compliance requirements are a huge drain on resources.

Marcelo Antunes Hello Matthew

Interesting comment, but I see it on another way. ISO 14971 was created to be extremely open to the the documentation needed to comply with the standard.

The documentation requirements are really something like "document the acitivities you perform to comply with the standard, whatever they may be".

In fact, this lack of deliverables is what create a challenge to verify compliance with the standard. I myself think that the standard should have more clear documentation requirements, not because it needs to, but because it's being used in a way not intended originally - to have it's compliance verified by an external party. The "process"standards such as ISO 14971, IEC 62366 and IEC 62304 were not created with an expectation that compliance to the standard would be verified by an auditor or such.

Marcelo Antunes That's why I'm not sure on your comment, you mean that you feel that the RMF file and required documentation compliance requirements are a burden, but being as open are, how can they be? Unless you mean that auditors are requiring a lot of documentation (if he standard does not explicitly require those). But then it's a problem of understanding the open requirements of the standard.

Karen Boyd, ASQ CQA I agree that the documentation requirements can be somewhat burdensome to small med device companies. However, sometimes the burden is brought by NB oversight that "insists" on a specific method or way a client should demonstrate (document) conformity. Sometimes there's less openness to assessors of technical files. For those clients, I would suggest to be careful in selecting your NB and assessment team.

Interesting comment about risk management file and required documentation being too burdensome.

If this is the case, I suggest revisiting your procedures and ensuring that you have a clear understanding of an efficient and meaningful way to document risk management for your medical device.

I mean we are talking about medical devices used to improve quality of and save lives. We should have clear, objective evidence to ensure we have considered the risks and reduced these risks to acceptable levels.

Karen Boyd, ASQ CQA I wouldn't say it's the RM procedures or processes, in general, but some of the required technical file (design dossier) documents required; particularly if reviewers expect them to replicate the guidance documents - such as from GHTF (IMDRF).
I agree that everyone must have a clear understanding and meaningful way to develop and document their RM, for the benefit of med devices and users.

Marcelo Antunes Another info for US users - this link is for applying for participation in the mirror US group (as mentioned, it's AAMI QM/WG04) http://www.aami.org/standards/content.aspx?ItemNumber=957&navItemNumber=582

Also, for those that cannot or don't want to participate in official standard activities, but want to comment and discuss, I created a topic on a forum I manage for this (I don't guarantee that any comment will be included in any official list of comments, but I will read everything and if I find it value-added, I will consider it when creating comments) : http://www.medicaldevices.expert/forums/topic/iso-14971-under-systematic-review/