Page 205 - Safety Risk Management for Medical Devices
P. 205

184   Safety Risk Management for Medical Devices


                   Whether attribute or variable testing is chosen, it is best if the selected sample size
                for testing is based on the safety risks. Sections 21.2 21.4 provide details about risk-
                based sample size selection.



                22.1 VERIFICATION OF IMPLEMENTATION

                Verification of implementation means providing objective evidence that the Risk
                Control is implemented. It can be in the form of test, inspection, demonstration, or
                analysis. Ensure that the subject of the test represents the final design. Otherwise,
                you’ll have to repeat your test when the final form is available.
                   Include in your test protocols, any preconditioning, configuration, and adaptation
                if applicable. The protocol must include pass/fail criteria and the test method must be
                validated. The test report should include:

                   • The date on which the test was executed
                   • The names of individuals who performed the test
                   • The test protocol and methods used
                   • Any equipment/tooling used in the test including calibration and qualification
                      evidence. If software is used as part of test equipment, refer to evidence of vali-
                      dation of that software
                   • Collected data or reference to it
                   • The test results and pass/fail declarations
                   • Any additional observations or deviations from the test protocol

                   Be sure to retain all test subjects, raw data, and anything else that you would need
                in case of an audit, to be able to defend or replicate your test results.
                   Let’s take the example of an implantable medical device. A potential Harm from
                this device is infection; the Hazard would be microbial contamination. The Risk
                Control is sterilization. This Risk Control would be found as a safety requirement in
                the System Requirements Specifications. Through requirements flow-down and trace-
                ability, we can find design outputs, e.g., a packaging that serves as a sterile barrier, and
                process specifications that include a sterilization step. The IFU also mentions that the
                product is sterilized, by what method, and any special handling requirements.
                   To verify the implementation of this Risk Control, we’d look for design outputs
                such as drawing that show the product is protected by a sterile barrier. This would be
                by inspection. We’d look for test data that shows the sterile barrier meets its require-
                ments. We’d also examine the manufacturing process design and identify the steriliza-
                tion process step. We’d look for evidence of validation of the manufacturing process.
                Additionally, we’d inspect the IFU to find mentions of the fact that the product is
                sterile, by what method and any special handling requirements. This only verifies that
   200   201   202   203   204   205   206   207   208   209   210