Strict quality control with ongoing accurate monitoring is vital in the manufacture of medical devices but, all too often, both are inefficient – leading to risk of failures. As the fines can be huge, why do companies appear to pay insufficient attention?
Peter Jordan of the Sensible Standards consultancy maintains that manufacturers ‘choose’ levels of safety, forcing them to take legal risks by offering products that are not perfectly safe and therefore potentially attract civil, or even criminal, liability.
The situation is particularly relevant to software which provides competitive new features. “Time-to-market and development costs are important, and the desire to minimise these is in direct conflict with the desire to engineer robust, and therefore safe, software,” says Jordan.
“In my experience, manufacturers are not reckless or cynical about safety. Most safety problems are cock-ups, not conspiracies.
“We must assume that manufacturers are well-intentioned and that failings are owed to errors, oversights, ignorance, shortage of time and money or poor judgement.”
He appreciates that patients expect that devices will not make their conditions worse and that, if they do, then they will sue the manufacturers – particularly in the US where lawyers make ‘huge’ fees from such actions. Patients also expect to be treated promptly and locally, putting pressure on cash-strapped clinics to purchase appropriate numbers of devices, therefore equally putting pressure on manufacturers to provide relevant products at the lowest possible cost.
Clinicians will not pay twice as much to obtain safer devices – particularly as superiority is difficult to prove at time of purchase. The only possible temptation is if a device can treat three times as many patients in a day or handle a wider range of treatments which, of course, necessitates more complex software.
WHERE RESPONSIBILITY FALLS
In this supplier-consumer relationship the clinician expects the manufacturer to design safe devices and to support efficient use with appropriate installations, manuals, training and service. Manufacturers, however, expect medical practitioners to act professionally and to ensure only appropriately trained people handle their device. This only applies to their specific areas of expertise as they cannot, for instance, expect clinicians to be experts on network installation or computer security. So they need devices that are easy to operate, reliable and that can often be operated unattended.
Users also expect to be provided with opportunities for informed intervention especially when the functions are hidden, which may be as simple as halting procedures if they threaten to do something inappropriate. Not surprisingly the manufacturer seeks to hand over the legal risks to the users. If they cannot monitor the devices efficiently, cannot stop them when a risk is perceived, or generally cannot understand their operation, manufacturers do not consider they should accept responsibility when procedures fail.
“For medical device manufacturers the problem is that the law puts no limit on safety,” says Jordan. “What does ‘safe’ mean when devices are used in treatment that has intrinsic dangers? In practice, manufacturers are obliged to sell potentially hazardous devices to users who may not follow instructions.”
WHERE RISK LIES
Jordan warns that software creates new hazards. When it is capable of undertaking procedures that users cannot carry out there is a risk that incorrect actions can be performed without being discovered – sometimes for years and affecting thousands of patients. He says the current trend is towards self-certification by manufacturers but they are subject to audits by the regulator or its surrogates. Manufacturers therefore take the risk that, after release, the devices can be determined to be unsafe.
Conversely, acceptance by the regulator does not prevent blame for accidents falling on manufacturers later and there is no redress on the regulator, although its approval may mitigate any future claims. The regulator can investigate adverse incidents and, if found to be caused by faulty equipment, then lawsuits will most certainly succeed – costs of which are likely to increase if it is thought that commercial or financial considerations coloured manufacturers’ judgement.
A relatively new but growing trend is for clinics to appoint system integrators to create systems based on purchased devices and these people are acting in an unregulated area. Device manufacturers can issue warnings that their guarantees are negated by such actions but clinicians do not always understand the potential severity of injury to patients.
Jordan maintains that new safety standards are needed to regulate such integrators, and to protect patients against risk of increasingly complicated software.
“Where complexity is essential, the software’s actions should be made as transparent as possible, allowing users an intuitive grasp of what’s going on,” he says. Reliable detection systems that terminate actions and/or sound alarms are also needed.
“IEC 61508 claims to be a standard to be followed when writing software safety standards,” he adds. “The medical device sector is currently working on Committee Draft 2 of IEC 62304. At present, this is little more than a description of the standard software development processes, broadly compatible with the Software Engineering Institute’s CMM model.
“In the medical device field we have ISO 14971 which describes how to organise information flow around a risk management file, ensuring that risks are first identified then reduced to an acceptable level in the design and finally verified. I think that disciplined processes are necessary but not sufficient. The missing bit is design, which is difficult to standardise.”
Jordan confesses he can not foresee how the law will encourage improved software as it is already subject to consumer, contract and safety laws. “For software which is not safety critical, a situation has arisen where a relatively high frequency of faults is tolerated by users,” he says. “If the law tried to reduce this tolerance it would kill a lot of useful software.”
IMPROVING MEDICAL DEVICES
Heather Weir, research associate at King’s College School of nursing and midwifery, says device development can be improved by involving end users in design stages, as has become standard in other medical fields – taking account of the perspectives and opinions of patients and clients. A King’s College research team has developed a model for research that is currently being tested out through a case study with patients suffering serious skin conditions.
“The perspectives of end-users often differ from those of both professional users and device producers … failure to embed end-user perspectives in device development has very real implications for device success in relation to all three groups – patients, professional users and manufacturers,” she says.
The MHRA says it is not able to comment on individual quality and monitoring but states that it places obligations on manufacturers to ensure their devices are safe and fit for their intended purpose before they are CE marked – the standard required before 30 countries accept products.
It does, though, often need to issue warnings of faulty devices. In April 2008, the agency urged patients to be vigilant if using Trulife walking frames as a problem had been perceived of failure of plastic height adjustment clips that can cause users to fall. And the importance of the medical device hotline for the reporting of faulty medical devices is still paramount to keeping these goods at the standards set by the industry. It is one of the best ways yet of keeping tabs on the instruments that are designed to keep us alive.