Risk management needs to be embraced as a crucial and valuable component of product development and support in healthcare technology—instead of being seen as only a box to check to satisfy regulatory requirements. That was the view expressed by several panelists at the AAMI/FDA Risk Management Summit held recently in Herndon, Va. More than 200 risk management experts, regulators, educators, medical device industry executives, healthcare technology professionals, and clinicians convened at the two-day summit to build a shared perspective on risk management and identify existing challenges and barriers to effective practices.
While panelists often confessed they had more questions for the group than answers, one thing became clear—risk management is more than a failure modes and effects analysis (FMEA) or a file submitted to the Food and Drug Administration (FDA); it is a vital part of a product’s lifecycle.
Currently, risk management is largely seen as a regulatory requirement codified in the FDA’s Quality System Regulation (21 CFR 820) and preamble, and addressed in the standard ANSI/AAMI/ISO 14971 and other guidance documents. When asked about the current state of the practice within healthcare technology, one participant replied: “We're doing risk management to check a box, file it away, and never look at it.”
On the other hand, Tina Krenc, the director of R&D quality assurance at Abbott Laboratories, presented a much larger view of risk management. She described the process as a continuum that doesn’t stop. It should begin during the research and development phase and continue all the way through product retirement.
Krenc’s keys to life cycle risk management included using all sources of data, including original risk management files, as a starting point for decisions during production or postproduction, such as failures, harms, hazardous situations, and corrective and preventive action.
One challenge with the early implementation of risk management, especially for start-up companies, is that there is no perceived engineering benefit to risk management.
“It’s just paperwork,” says Tom Shoup, PhD, a consultant with Foxburg LLC, summing up a view that he does not share. Indeed, Shoup was one of the experts who said there needs to be a more enthusiastic embrace of risk management in healthcare technology.
Many of the participants agreed that a stack of documents is not usually seen as a measurement of success. However, waiting to identify risks and perform risk management can be costly, according to Laurie Wiggins, president and CEO of the consulting firm Sysenex. As a general rule of thumb, she said, a problem that costs thousands of dollars to fix early in the concept, definition, and design stages will blossom into a $300,000 to $500,000 problem if not addressed.
What risk management needs is an image makeover.
“We don't have a good marketing department,” says Tammy Pelnik, a quality systems consultant and president of the St. Vrain Group, regarding risk management in start-ups. “We need to convince investors that risk management is in their best interest from the start.”
A number of participants agreed. “We need to present risk management as ‘value added’ rather than a ‘necessary evil'.”
This was the seventh summit hosted by AAMI in partnership with the FDA that has addressed a major issue affecting the healthcare technology community. A full report of the summit proceedings and priority actions will be published in late 2015 to help guide future initiatives on this issue.