Hazard Analysis and FMEA: the Most Common Approaches to Risk Management for Medical Devices
What is Hazard Analysis?
Hazard Analysis is described as the Risk Management process in ISO 14971. It is a Top-Down type of risk analysis, starting from the end effects – Hazards and Hazardous Situations, and then proceeds backwards to identify the “reasonably foreseeable sequences or combinations of events that can result in a hazardous situation”.
Hazards Analysis can be started early in the device design process, as initial Hazards can be identified simply by analysing the Intended Use of the device and general application. The list of Hazards in Annex C of ISO 14971 can also be used as starting point.
Let’s take an example of a catheter that is used for heart surgery. It most certainly has hazards related to the interaction of the device with the body (biocompatibility, cleanliness, sterilization), in particular regarding effects on the circulatory system and surrounding tissues. Being a mechanical device, it can physically damage (scratch, cut, pierce, etc.) the surrounding membranes. If it is electrically powered, then electricity-related hazards can also apply.
What is FMEA?
FMEA (Failure Mode(s) and Effects Analysis) is a “Bottom-Up” type of Risk Analysis. It typically starts from components, subsystems and assemblies and identifies all possible ways they can (reasonably) fail; it then works its way up to find what effects (hazards and hazardous situations) they can result in.
It is a method used in many safety-critical industries in addition to MedTech, like Automotive and Aerospace. Due to its flexibility, this approach can be used for different risk areas, e.g. Use-related Risk Analysis, Cybersecurity risk analysis, and more.
FMEAs can be initiated only when there is, at a minimum, the definition of the product design. The subsystems / software components of the device must be identified, including their functions and interactions.
To continue the catheter example mentioned above, the catheter is composed, at a high level, by a “handle” that the user controls, a flexible tube that navigates the patient’s arteries and a tip with a certain function. Consider what will happen if the handle breaks: the user may lose control of the catheter, resulting in an inadvertent damage to the arteries. What happens if the tube breaks? Part of the catheter may be stuck in the patient’s body and additional surgery may be required to remove it.
What is the difference between Hazards analysis & FMEA?
The relationship between the top-down approach of Hazard analysis and the bottom-up approach of FMEA is shown in the diagram below. The main link between the FMEA and the Hazard Analysis is at the Cause level: a certain failure mode has the potential to result in a hazardous situation; and the hazard related to this hazardous situation is caused by (among others) that failure mode.
We can further compare the two risk management approaches by looking at things like when to start with one or the other approach, what are the inputs and outputs for either as well as the advantages and disadvantages of these approaches.
| Characteristic | Hazard Analysis | FMEA |
|---|---|---|
| Type of analysis | Top-Down | Bottom-Up |
| Inputs | Intended Use. ISO 14971 hazards list. Complaints / Adverse Events for similar devices. Other standards such as ISO 10933, IEC 60601. | Device architecture, detailed design, specifications. Preliminary testing. Technical knowledge of how used components / technology generally fails. |
| Starting point | Hazards and Hazardous situations | Components and failure modes |
| End point | Causes, failure modes | Hazards and Hazardous situations |
| When it can be started | Early in the project | Once the design architecture is defined |
| Outputs | Early identification of critical issues that can lead to significant architectural decisions. | Identification of critical components and need for redundancy or details redesign. |
| Advantages | It does need a lot of design information to be initiated and can provide early, valuable inputs to the architecture. | Very detailed, it analyses failures at any level of granularity.Technical in nature. |
| Disadvantages | It is not difficult to miss low level causes, so it cannot go too “deep” into the design. | It may miss the “big picture”. |
Example
Let’s look at the similarities and differences of the FMEA and the Hazard Analysis with the help of an example, the same catheter as described above. The illustration below highlights where the two approaches connect to each other in device risk management.
On the upper part of the illustration is a simple FMEA view – a fragment can detach from the catheter caused by wrong dimensions. The effect is that the fragment can circulate in the bloodstream and cause embolism (hazardous situation):
The same case in a top-down approach of Hazard Analysis is depicted on the lower part of the illustration above – the hazard of a loose fragment of the catheter in an embolism, where the fragment can travel through the bloodstream and cause a blockage. This can be caused by the head bolt breaking, because of its wrong dimensions.
Remember that in the Hazard Analysis, the severity rating for a certain harm must always be the same. Similarly, the risk mitigation for the same cause-effect risk items must report the same activities and so should their verification activities.
To summarize, the main link between the FMEA and the Hazard Analysis is at the Cause level: a certain failure mode has the potential to result in a hazardous situation; and the hazard related to this hazardous situation is caused by (among others) that failure mode.
Which Risk Management approach is best for my device?
Hazard Analysis is the bare minimum that any agency or regulatory body would accept for a simple, low-risk device. Increased risk or complexity may make Hazard Analysis insufficient to comprehensively capture all risks; in this case, one or more FMEAs should then be used to complete the picture.
In general, it is important to remember that different approaches to risk analysis are not mutually exclusive, and can actually complement each other to provide a more exhaustive analysis.
For more information about Medical Device Risk Management app in Atlassian Jira, check out the most advanced Risk Management app in Jira – you can try it out for free for 30 days. Alternatively, schedule a call with the SoftComply team!
Follow us on LinkedIn for more on Risk Management:
Recommended articles
