Top Ten Errors in Medical Projects – #3: Late Safety

30 September 2016
| |
Reading time: 3 minutes

This is the eighth in a series of blog postings in which we present a top-ten list of common errors encountered in the context of medical projects. Of course, such a ranking depends on personal observations and individual experience – and hence has a subjective outcome. Please feel invited to tell us about your perspective in the comments section!

The world of product development is full of truisms such as “Safety is a system property”, “One cannot test quality into a product”, or “Nine women can’t make a baby in one month”. Another rule of the same variety is this: It is nearly impossible to add safety to an already existing (but unsafe) product.

The fundamental reason for this fact is the following feedback loop:

  • Different designs imply different risks.
  • Different risks require different risk mitigation measures.
  • Different risk mitigation measures lead to different designs.

And there we go. You do not want to have your device ready for production, only to learn in the last minute that an additional light barrier and motor are required to prevent the device from devouring patients’ fingers.


The only chance to deal with this feedback loop is an iterative approach:

  • An initial safety concept must be created early in the project – simply because a safety concept nearly always leads to fundamental constraints or design choices.
  • Similarly, a first risk analysis (e.g., a PHA and an FTA) must be performed early in the design process – because it will nearly always result in additional risk mitigation measures.
  • As the design becomes more detailed and specific, new and residual risks must be analyzed and (re)evaluated. It is not by mere chance that the ISO 14971 standard demands an “ongoing process” in the first sentence of its first “real” chapter (as opposed to the formal chapters providing the scope and the glossary).

On a final remark, risk management is not the only thing that should be considered from early on. Late involvement of notified bodies often leads to expensive rework. Late documentation is very expensive because information bust be acquired through reverse engineering. Late traceability is terrible because finding the relationships can require excessive amounts of effort even for single edges. You get the idea.

Coming up next: #2, Classification Gibberish. See you there – or at the MedConf 2016!

Read more:

Comments (0)


Sign up for our Updates

Sign up now for our updates.

This field is required
This field is required
This field is required

I'm interested in:

Select at least one category
You were signed up successfully.

Receive regular updates from our blog


Or would you like to discuss a potential project with us? Contact us »