Choices - IEC 60601-1 3rd Edition and Component Selection


Published on

When the 3rd edition of IEC 60601-1 was published, it marked the beginning of a new era. The standard now incorporates the concept and application of risk management in the design and production of devices. Implementation of
risk management has implications for not only the end-product manufacturer, but
component providers as well, and further cascades through the entire supply chain. All parties now face a series of choices and opportunities in determining how best to
ensure, for the entire lifetime of a device, that basic safety and essential performance are preserved. This article explores some of those choices and their consequences.

Published in: Business, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Choices - IEC 60601-1 3rd Edition and Component Selection

  1. 1. Choices – IEC 60601-1 3rd Editionand Component Selection
  2. 2. Choices – IEC 60601-1 3rd Edition and Component SelectionChoices – IEC 60601-13rd Edition and Component SelectionAbstract — When the 3rd edition of IEC 60601-1 was published, it marked thebeginning of a new era. The standard now incorporates the concept and applicationof risk management in the design and production of devices. Implementation ofrisk management has implications for not only the end-product manufacturer, butcomponent providers as well, and further cascades through the entire supply chain.All parties now face a series of choices and opportunities in determining how best toensure, for the entire lifetime of a device, that basic safety and essential performanceare preserved. This article explores some of those choices and their consequences.Background And in 21 CFR 820.30(g) - Design Validation:The publication of the 3rd Edition “ … shall include software validationof IEC 60601 sparked debate and and risk analysis (emphasis added) ... ”discussion about the need to perform In practice, some manufacturers havea risk management assessment of relied on third-party certification tocomponent power supplies that will be ensure adequacy of design of suppliedused in medical electrical equipment. components. With certain qualifiers,In reality, this is not a new concern. the FDA has acknowledged this approach.Many regulators have long required According to the preamble to the 1996manufacturers to incorporate risk quality systems regulationmanagement in the design and (comment No. 103):production of medical devices.For example, the U.S. Food and Drug “… [FDA] cautions manufacturers againstAdministration’s (FDA) quality system relying solely on certification by thirdregulation (QSR) requires manufacturers parties as evidence that suppliers haveto, (as noted in 21 CFR 820.30(c) - the capability to provide quality productsDesign Inputs) or services ... third party certification“ … ensure that the design requirements should not be relied on exclusivelyrelating to a device are appropriate in initially evaluating a supplier. If aand address the intended use of the device manufacturer has establisheddevice, including the needs of the user confidence in the suppliers ability toand patient … ” provide acceptable products or services,page 2
  3. 3. Choices – IEC 60601-1 3rd Edition and Component Selectioncertification with test data may in both normal and fault conditions. “…The MANUFACTURER of ME SYSTEMSbe acceptable.” This documentation shall be maintained in should make this determination on a the risk management file.” system level. The MANUFACTURER shouldThe national and international standards assess RISKS resulting from the fact thatused to certify these components have Therefore, if a manufacturer’s risk individual system components havealso provided a solid foundation to ensure management process has identified been integrated into one system. Thisthe safety of medical devices. a certain feature as critical to basic assessment should include all aspects of safety or essential performance, it is theGoing Forward manufacturer’s responsibility to ensure the information exchanged between theTo ensure the safety and effectiveness system components…” (emphasis added) that the feature is preserved through theof the finished device after the design expected service life of a device. This latter statement makes it clearphase, the finished device manufacturers that the risk assessment needs tomust control all contractors. In the past, In the past, if a feature was dependent consider the intended function of aend-product manufacturers have, to on a particular construction within an device and how it may relate to asome degree, relied on the certifications outsourced component, the end-product device’s essential performance.of off-the-shelf components to ensure manufacturer relied on compliance of the component with national and The rationale continues:safety. Because of the reliance oncertifications, original equipment international standards and their “…Even when these components aremanufacturers (OEM) may not have had certifications. Theoretically, if component non-me electrical components, thedetailed knowledge of design features manufacturers had risk management potential RISK related to the integrationat the component level. However, to processes in place, and if it were possible of these components into the MEtruly manage the risks involved in the for them to know the intended use and SYSTEM need to be considered. Furtherapplication of a component within essential performance of the ultimate requirements for the integration ofan overall system additional analysis, end product, this approach could non-medical equipment into a ME SYSTEMand knowledge of design details and continue. However, many component are described in clause 16. It gives theconstruction features of the component, manufacturers are not familiar with requirements for an ME SYSTEM and howmay be needed. these risk management requirements RISKS associated with non-ME EQUIPMENT and may never take the initiative to learn are addressed…”According to clause 4.2 of ISO 14971 them. It is then an OEM’s responsibility(Application of Risk Management to From 16.1 of IEC 60601-1:2005: to follow through and ensure appropriateMedical Devices): “…An ME SYSTEM shall provide: risk-management measures are taken.“ ... The manufacturer shall identify To see what this actually means, it is •  within the PATIENT ENVIRONMENT,and document those qualitative and necessary to dig deeper. the level of safety equivalent to MEquantitative characteristics that could From the rationale to Sub clause 4.2 EQUIPMENT complying with thisaffect the safety of the medical device and, of IEC 60601-1:2005: standard; andwhere appropriate, their defined limits. •  outside the PATIENT ENVIRONMENT, “…The MANUFACTURER is responsibleThis documentation shall be maintained the level of safety equivalent for ensuring that the design andin the risk management file.” to equipment complying with construction of the ME EQUIPMENTAnd according to clause 4.3 of ISO 14971: their respective IEC or ISO renders it suitable for its INTENDED“The manufacturer shall compile safety standards…” PURPOSE and that any RISKS that aredocumentation on known and foreseeable associated with its use are acceptable Additional details apply, but the nethazards associated with the medical device when weighed against the benefits….” effect is that a manufacturer must paypage 3
  4. 4. Choices – IEC 60601-1 3rd Edition and Component Selectionclose attention to where and under what process, OEMs may also require With respect to challenges, the singleconditions a given component is to be some level of supplier control over a biggest hurdle may be implementationemployed. In some cases, compliance component to preserve basic safety and of an ISO 14971 process, or at the least,with an applicable component safety essential performance. This may involve putting processes and procedures in placestandard alone may be sufficient. second-party audits by an OEM, which that support the information needs andIn other cases, a manufacturer must may also need to understand how a actions of an end-product manufacturer’sidentify associated hazards and estimate component manufacturer’s suppliers ISO 14971 process. Since many componentand evaluate the risks they carry. are controlled. The certification agency manufacturers have quality managementA manufacturer must take action to evaluating a finished device may also systems in place, there are resources thatcontrol those risks and monitor the need access to such information. If can assist. The Global Harmonization Taskeffectiveness of the controls. this same component is then sold to Force (GHTF) produced document GHTF/ other end-product medical device SG3/N15R8 titled “Implementation of riskBusiness Implications manufacturers for similar purposes, management principles and activitiesOf course, there are business within a Quality Management System.” suppliers may find themselves duplicatingimplications associated with the such assessments and information This document discusses and supportsselection of components, and they are sharing processes. the implementation and integrationmore extensive when risk management of a risk management system within ais required. This is true for both a From the OEM’s perspective, they must medical device manufacturer’s qualitycomponent supplier and OEM. With demonstrate compliance with clause 4.8 management system and providesregard to risk management for medical of IEC 60601-1:2005, which states in part: practical explanations and examples.devices, there are two basic scenarios: “All components, including wiring,either a component supplier elects to Another challenge, perhaps better the failure of which could result in aperform the risk management or not. stated as an additional requirement, HAZARDOUS SITUATION shall be used in is establishing and communicatingAt least initially, most component accordance with their specified ratings unless a specific exception is made the design intent of a component.suppliers will probably not perform in this standard or through the RISK Previously, a supplier could produce arisk management. This means that, for MANAGEMENT PROCESS…” component with certain features andthem, business will continue as usual ratings, and it was up to the OEM towith regard to design, development and With this information in hand, an OEM determine whether the componentproduction processes. will need to determine whether any was acceptable for the ultimate endHowever if a component is purchased by supplemental actions or end-product use. However, a foundational elementa medical device manufacturer and its design changes are needed to maintain of risk management for any device is aapplication requires risk management, an acceptable level of risk on an ongoing clear statement of intended use and aan OEM will need information about basis. OEMs may impose vendor declaration of the essential performance.the component beyond its ratings and requirements (such as supplier controls) These establish the basis for designcertifications. This might include design on suppliers to maintain an acceptable features, performance characteristics, anddetails of the component construction, level of risk. the identification of any limitations fore.g. transformer bobbin construction As discussed previously, some suppliers a device. The risk management processand material, creepage and clearance follow a risk management process when is then used to define, establish anddistances, and dielectric strength. developing components. This presents implement any necessary risk mitigationTo fulfill applicable regulatory obligations challenges to the component supplier, but to preserve the essential performance andand follow their risk management also offers some distinct benefits. basic safety of the ultimate 4
  5. 5. Choices – IEC 60601-1 3rd Edition and Component SelectionThe information that is developed in field issues, and greater profitability. There are additional potential benefits foranswer to the challenges provides the OEMs, including the following: OEMs that work with suppliers that havekey benefits of implementing a risk implemented a risk management process •  Reduced effort to identifymanagement program—namely, a will see distinct advantages beyond being component design features andsupplier’s ability to demonstrate due able to demonstrate compliance with a characteristics that may havediligence to a purchaser in the form of safety standard. This begins with supplier an impact on basic safety andobjective evidence of compliance with assessments. As noted in the FDA’s QSR, essential performancethe relevant parts of Clauses 4.2, 4.8 Sec. 820.50 on purchasing controls: •  Clear identification of any featuresand others of IEC 60601-1. Suppliers thatare able to provide a clear statement of “Each manufacturer shall establish or characteristics that may beintended use and a definition of essential and maintain procedures to ensure candidates for some level ofperformance for a component, as well as that all purchased or otherwise supplier controldetails of the risk analysis and mitigation received product and services conform •  Reduced overhead to maintainactions performed, put OEMs in a much to specified requirements. the device risk managementbetter position to complete their risk •  Evaluation of suppliers, file, due to the availability ofmanagement processes. Because of this, contractors, and consultants. information regarding theOEMs may prefer vendors that can offer Each manufacturer shall establish purchased componentsuch risk management documentation and maintain the requirements, In short, when both an OEM and abecause they can reduce the OEM’s including quality requirements, supplier have an ISO 14971 process inburden in terms of cost and time. that must be met by suppliers, place, communication between the twoSuppliers may find additional intangible contractors, and consultants is greatly enhanced. Both parties will havebenefits to implementing a risk Each manufacturer shall: a more comprehensive understandingmanagement process. Specifically, of the design and production risks •  Evaluate and select potentialmanufacturers that develop components associated with the finished device. suppliers, contractors, andwith the aid of a risk management This offers the opportunity for reduced consultants on the basis ofanalysis will find a clear and duplication of effort, making the entire their ability to meet specifiedcomprehensive understanding of the supply chain leaner, and focusing requirements, including qualityactual risks associated with its declared activities on the preservation of basic requirements. The evaluationintended use. As a result, the risk controls safety and essential performance. This shall be documented.” is in line with the imperative ofapplied to product design features andcharacteristics will be focused right where A supplier with an ISO 14971-compliant regulators around the world for goodthey need to be — on preserving basic process could readily produce the manufacturing and essential performance. This, information and documentation neededin turn, can result in a more efficient to support and simplify an OEM’s effortsallocation of resources, a reduction in to evaluate and select 5
  6. 6. Choices – IEC 60601-1 3rd Edition and Component SelectionConclusionMedical devices certified according to the 3rd edition of IEC 60601-1 must be developedunder a process compliant with ISO 14971. This is also true for critical outsourcedcomponents. This presents an end-product manufacturer and a component provideralike a choice: OEMs must decide if they are going to require outsourced components tobe developed under an ISO 14971 process. Similarly, component providers must decide ifthey’re going to implement an ISO 14971 process.Clearly these choices represent the potential for significant change in the industry,and the options faced by OEMs and component providers must be weighed carefully.However as history has demonstrated, change also brings opportunity; and with the 3rdedition of IEC 60601-1, change is upon the industry.For more information about the “Choices – IEC 60601-1 3rd Edition and ComponentSelection” white paper, please contact Mark Leimbeck, Health Sciences ProgramManager at and the UL logo are trademarks of UL LLC © 2012. No part of this document may be copied or distributed without the prior writtenconsent of UL LLC 6