April 28, 2020
The third edition of international standard ISO 14971 (Medical devices—application of risk management to medical devices) is now available. This third version, dated December 2019, cancels and replaces the second edition (ISO 14971:2007). There are a number of changes, some of which relate directly to usability. ISO 14971:2019 is recognized by the FDA as a consensus standard for risk management and is acceptable for submissions. Likewise in Europe, manufacturers seeking to comply with the Medical Devices Regulations (MDR) will need to transition to this new version of the standard when planning their risk management activities.
Three changes from the second edition to the 2019 version that caught my eye are:
- Increased emphasis on defining the benefit and state of the art of the device as it pertains to residual risk.
- A new definition of reasonably foreseeable misuse, noting the importance of understanding the context of such use when considering if a device can be used safely.
- Increased focus on gathering post-production feedback from users; note that the MDR also requires enhanced post-market activities.
“Benefit” is defined in the new ISO 14971 standard as:
Positive impact or desirable outcome of the use of a medical device on the health of an individual, or a positive impact on patient management or public health (§3.2)
Manufacturers are reminded that they should understand the benefits of their device. This may involve reviewing clinical data, conducting a literature review, or interviewing health care providers and patients in order to properly understand the clinical, financial, and/or perceived benefits of the device. These benefits should then be considered when determining whether or not risks are acceptable.
We know that usability engineering (UE) can improve user satisfaction through enhanced ease of use. User satisfaction is a benefit to the user in terms of increased satisfaction. User satisfaction can also improve compliance and hence treatment outcomes—a benefit to healthcare systems. The implication for manufacturers is that they should gather data on user satisfaction during their UE testing program and consider it as part of a benefit-risk ratio and residual risk.
State of the art
“State of the art” is defined in the new standard as:
…developed stage of technical capability at a given time as regards products, processes and services, based on the relevant consolidated findings of science, technology and experience (§3.28)
State of the art embodies what is currently and generally accepted as good practice in technology and medicine. It is not necessarily what is most technologically advanced. State of the art can include published data specific to the application of the medical device under development, the availability of alternative methods, or other similar devices on the market.
Manufacturers should also show that their medical device development has incorporated state-of-the-art processes when considering its suitability for placement on the market. Two such approaches for UE include:
- Adopt IEC 62366—It is widely acknowledged that the methods described in IEC 62366-1:2015 constitute “good practice” for applying usability engineering to medical devices. Therefore, our recommendation is to follow the methods described in IEC 62366-1:2015 and provide this as evidence that you have adopted a “state-of-the-art” process.
- Known problems analyses—review similar “state-of-the-art” products on the market and demonstrate that users can avoid known use problems when using the new device.
Reasonably foreseeable misuse
This term is newly added to ISO 14971, and is defined as:
Use of a product or system in a way not intended by the manufacturer, but which can result from readily predictable human behaviours (§3.15)
This has already caused some confusion with clients, as it is not defined in IEC 62366-1:2015. So let’s consider a short example to illustrate the point.
Imagine an autoinjector. The manufacturer intends that users should administer the medication via subcutaneous injection into the thigh or abdomen. However, a user administers it straight into a vein. This is misuse (it is not what the manufacturer intended), but it is reasonable to foresee that some users may do this (perhaps they have seen a nurse giving an IV injection and assume it works the same).
The important implication is that when considering use-related risks, manufacturers must include not only use errors, but also reasonably foreseeable misuse. These must be included in the use-related risk analysis along with an estimate of the risk of harm. Risk control measures must be applied to misuse, and evidence gathered during usability testing that these mitigations are effective.
Post-market feedback (surveillance) is not new. However, the new standard expands significantly on the topic. Manufacturers are expected to:
…establish, document and maintain a system to actively collect and review information relevant to the medical device in the production and post-production phases (§10.1)
When establishing this system, the manufacturer shall:
…actively collect and review publicly available information about similar medical devices and similar other products on the market (§10.1)
The message is that manufacturers need to regularly, and proactively, gather data on the usability of their devices once they are marketed, and reflect that data back into their risk assessments to give a more comprehensive view of residual risk. If the post-market information reveals use problems that are not considered by the manufacturer to be acceptable then, of course, the UE processes should be instigated to reduce risk.
- Manufacturers should gather data during device usability testing to demonstrate the benefits of the device to users.
- Compliance with IEC 62366-1:2015 can be used as evidence of adopting “state-of-the-art” Usability Engineering processes.
- Manufacturers are responsible for mitigating the risks of reasonably foreseeable misuse.
- Post-market activities should be proactive, and should include evaluation of usability; any usability problems uncovered indicate a need to implement further UE methods to reduce risk.
Richard Featherstone is Research Director for the Human Factors Research & Design team at Emergo by UL.