Frequently Asked Questions About Medical Devices

Over many years in the design and manufacture of disposable medical devices, the team at Meridian Medical has gathered a wealth of experience and knowledge about the different needs of customers and the wide range of products we have created.

In addition, new and existing customers often have questions about disposable medical devices and their design, manufacture and supply, which we are always more than happy to help answer.

Here are just a few of the questions that we regularly get asked, which might help answer your own queries about disposable medical devices:

What are disposable medical devices?

A disposable medical device is any medical product that is designed and intended to be used on one patient and then discarded after the completion of that treatment or a period of time.

They can be:

• Individually packaged
• Single use
• Clinically clean / Non-sterile / Sterile
• Typically used by trained physicians
• Used in hospitals / GP surgeries and homes
• Ideally low cost
• Made in traceable batches
• CE marked by a regulatory body

How long does it take to get typical medical equipment project from concept to point of sale?

Allowing about 12 months, including all regulatory submissions, is a good timeframe to work to.

If Meridian Medical is assembling the device, does that mean they are the manufacturer?

No, the manufacturer is always the company with legal responsibility for the product (the company holding the CE certificate). Meridian would be your supplier.

Can you provide the product under the Meridian CE mark?

Medical products will need to be manufactured using your own CE mark. We can introduce you to our preferred regulatory experts if you require additional expertise.

Can you manage all the suppliers, assembly, packaging and sterilisation?

Meridian Medical can supply complete end to end medical device manufacturing, as well as all subcontractor management.

Do parts that subcontractors supply need to be made in a cleanroom?

Ideally, yes, but depending on what the part is and its origin, cleaned can be ok.

Should I use EtO or Gamma for sterile medical devices?

This is always dependent on the medical device and its application. We would be happy to advise you on the best type of sterilisation for your product.

What is the difference between verification and validation?

Verification is checking each piece of medical equipment meets the specification, whereas validation is the process of proving the manufacturing process repeatedly produces the correct medical device.

Can you export to other countries?

Yes, Meridian Medical can export your medical device to any country using our approved logistics suppliers.

What are the key attributes to look for in a contract manufacturer of medical disposables?

Selecting a contractor to manufacture your medical device is an important decision. There are many key attributes that you should look for in a medical devices manufacturing partner, from the quality of their facilities and equipment, through to the range of services they offer and their approach to working with you.

Where can I get expert advice and guidance on getting a medical device manufactured?

The team at Meridian Medical is always happy to discuss the production of any kind of medical device and offers a comprehensive range of services to meet any or all of your needs.

Meridian Medical is as an established and experienced contract medical equipment manufacturer, specialising in a wide range of sterile and non sterile medical device design, development and supply.

To find out more about how Meridian Medical can help you with your disposable medical product design or manufacture, get in touch today by filling out our online form, calling our sales team on 01903 732344 or emailing info@meridian-medical.com.

Effective risk management of medical devices is a fundamental aspect of ensuring their safety, efficacy and regulatory compliance. Rooted in Hippocrates’ principle of ‘First, do no harm’, it serves as a proactive approach to identifying, evaluating and mitigating risks throughout the product lifecycle. By doing so, manufacturers can prevent potential harm to end users and patients, enhance device performance and uphold the highest standards of care. Effective risk management not only meets regulatory standards, such as ISO 14971:2019 and EU MDR, but also builds trust with stakeholders and protects businesses from costly recalls and legal issues. This blog* will explore the essential components of risk management, common misconceptions and the latest challenges facing the industry, with a focus on emerging technologies and their associated risks.

What is risk?

In the context of medical devices, the concept of risk is central to ensuring safety, efficacy and compliance. Understanding risk is critical for managing potential hazards throughout the lifecycle of a medical device.

ISO 14971 definition of risk

ISO 14971:2019, the international standard for the application of risk management to medical devices, defines risk as ‘the combination of the probability of occurrence of harm and the severity of that harm.’ This framework is tailored to the medical device industry, focusing on identifying, evaluating, controlling and monitoring risks to ensure patient safety and regulatory compliance.

ISO 31000 definition of risk

ISO 31000, the broader international standard for risk management across industries, offers a slightly different perspective, defining risk as the effect of uncertainty on objectives. However this definition emphasises the potential for both positive and negative outcomes and highlights the need for a systematic approach to managing uncertainty.

Key standards and regulations for the risk management of medical devices

Several key standards and regulations provide a framework for managing risks throughout the lifecycle of medical devices. These standards ensure that safety, performance and compliance are maintained in alignment with both global and regional regulatory requirements.

ISO 14971:2019- the core standard for medical device risk management: 

• Provides a structured framework for identifying, evaluating and mitigating risks throughout the medical device product lifecycle.
• Emphasises balancing risks against benefits and implementing effective risk controls.

ISO 13485:2016 - integrates risk management into quality management systems:

• Ensures risk management is an ongoing process across all stages of development and production.

IEC 60601 - focuses on the safety and performance of electrical medical devices:

• Embeds risk management requirements into its guidelines.

Regional regulatory requirements:

• EU MDR - European Union Medical Device Regulation: Mandates robust risk management to meet General Safety and Performance Requirements (GSPR). It also highlights the importance of risk assessment in device design and post-market monitoring.
• FDA 21 CFR Part 820 - U.S. Food & Drug Administration: Enforces risk-based approaches within Quality Management System Regulation (QMSR). Requires risk management in design controls through to post-market surveillance.

Why is risk management for medical devices important?

Effective risk management plays a critical role in ensuring safety, compliance and business success. Here's why it matters:

• Patient Safety:
  • Prevents harm from faulty or potentially harmful devices (e.g. non-medical grade materials or malfunctioning equipment).
  • Ensures patient health is safeguarded throughout the device lifecycle.
• Regulatory Compliance:
  • Helps meet standards like ISO 14971:2019 and EU MDR.
  • Failure to comply can result in fines, recalls and delays to market access.
• Avoiding Financial Consequences:
  • Inadequate risk management can lead to costly recalls, legal action or damage to reputation.
• Improved Device Performance:
  • Identifies potential issues early, leading to better quality and reliability.
• Building Trust:
  • Reinforces confidence with stakeholders and end users, ensuring long-term success in the healthcare market.

What is risk management for medical devices?

Risk management for medical devices is a systematic, ongoing process aimed at identifying, assessing, controlling and monitoring risks to ensure safety, compliance and efficacy. This process is essential for meeting regulatory requirements and safeguarding both patients and manufacturers.

An overview of the risk management process

Risk analysis

The Risk analysis document involves identifying potential hazards associated with the device’s design, manufacturing and usage. These hazards should include all aspects of a devices design and intended use, and address the type of failure such as mechanical failure, electrical hazards, biological incompatibilities or software errors. Each hazard should be thoroughly investigated to determine its origin, frequency and potential impact on patients and users. Tools such as Failure Mode and Effects Analysis (FMEA) or Fault Tree Analysis (FTA) are often used in this stage to ensure all potential risks are identified.

Risk evaluation

After identifying ach of the risks, the next step is to evaluate them by assessing and scoring the likelihood of each risk occurring and the potential severity of its consequences. This evaluation enables manufacturers to categorise risks based on their potential impact and decide which risks are acceptable and which require immediate attention. The regulatory standard ISO 14971:2019 provide guidance on setting thresholds for acceptable risk.

Risk control

Risk control is the stage where action is taken to reduce, eliminate or mitigate identified risks. This might involve modifying the device design, adding safety features, enhancing testing protocols or implementing preventive measures in manufacturing. Medical device verification and validation are therefore key to the development and manufacturing of medical devices.

Verification ensures that any risk controls function as intended, while validation confirms they effectively reduce risks in real-world use. The aim is to lower residual risks to a level that is acceptable and ensures patient safety without compromising the device's intended function. Controls are continually reviewed and updated based on new information or evolving standards.

Residual risk evaluation

After implementing risk controls, manufacturers assess the remaining risks, known as ‘residual risks’, to ensure they are within acceptable limits. This step is critical to confirm that, even after mitigation measures, the risks do not pose an unacceptable threat to patient safety or device performance. If residual risks are deemed too high, further corrective actions, such as enhancing safety features or modifying design, are taken. Residual risk evaluation ensures that a device remains safe, compliant and effective throughout its lifecycle, balancing practical risk reduction with regulatory standards.

Production and post-production information

Risk management extends beyond product development into production and post-production. During production, it’s crucial to monitor the device for any new risks that arise during scaling or manufacturing processes. Supplier auditing is a key part of this process, helping to ensure that external vendors continue to meet quality and regulatory standards, reducing the risk of defects or inconsistencies. Once the device is on the market, Post market surveillance is necessary to collect data, including user feedback, adverse events as well as any complaints. This information helps identify new risks or previously unrecognised hazards, prompting updates to risk control measures and further refinement of the product.

Common misconceptions in risk management

Risk management in medical devices is often misunderstood, leading to gaps in implementation and compliance. Below are some of the most common misconceptions:

Risk management is only a regulatory requirement

Many believe that risk management is only necessary to meet regulatory requirements. While it is a critical part of compliance with standards such as ISO 14971:2019 and EU MDR, risk management goes beyond merely ticking boxes. It is an essential process to ensure patient safety, improve device performance and maintain long-term trust in the device. Effective risk management helps identify potential issues early, reducing the likelihood of costly recalls, legal action or damage to the company’s reputation.

Risk management is only about preventing harm

Another misconception is that risk management is solely about preventing harm or injury. While preventing harm is an essential aspect, risk management also includes evaluating the benefits of a device, balancing risks with intended benefits, and mitigating any risks that remain. It is a holistic process that involves identifying, assessing and controlling risks throughout the device's lifecycle, ensuring that both the device’s safety and effectiveness are optimised.

Risk management ends after product development

Some might think that risk management only applies during the design and development phases. However, this is far from the case. Risk management is an ongoing process that continues after product development, throughout production and even post-market. Continuous monitoring of device performance, addressing adverse events and implementing corrective actions are essential to maintaining safety and compliance. A robust post-market surveillance system ensures that any new risks are identified and mitigated quickly.

Emerging Challenges in Risk Management

As medical technology advances, new risks are emerging, requiring manufacturers to adapt their risk management strategies:

Cybersecurity Risks in Connected Devices

The rise of connected medical devices has introduced potential cybersecurity threats that challenge successful risk management of medical devices. These devices often store or transmit sensitive patient data, making them attractive targets for cyberattacks. A breach in security could lead to data theft, manipulation or even device malfunctions that harm patients. Risk management for connected devices must include robust cybersecurity measures to protect patient information, ensure device functionality and comply with regulations like the FDA’s post-market guidance on cybersecurity.

Risks Posed by AI and ML Systems

Artificial Intelligence (AI) and Machine Learning (ML) systems are becoming more prevalent in medical devices, from diagnostic tools to predictive healthcare applications. However, these technologies introduce unique risks due to their complex, data-driven decision-making processes. The ‘black box’ nature of many AI/ML models can make it difficult to understand how decisions are made, raising concerns about accountability and transparency. Risk management for AI/ML-based devices must address the potential for bias in algorithms, the need for continuous validation of models, and the implications of incorrect diagnoses or treatments.

Regulatory and Ethical Considerations

The rapid pace of innovation in connected devices and AI/ML systems also poses regulatory challenges. Standards and regulations must evolve to keep up with these technologies while ensuring patient safety and data privacy. Manufacturers must be proactive in staying abreast of new guidelines and regulations to manage emerging risks effectively.

These emerging challenges highlight the need for dynamic risk management approaches that can address the evolving landscape of connected and AI-driven medical devices.

Risk management of medical devices isn’t just a box to tick

Risk management is the backbone of every successful medical device. By constantly identifying, evaluating and mitigating risks, manufacturers not only protect patients but also ensure long-term business success. As technology advances, staying ahead of emerging risks like cybersecurity threats and AI challenges will be key to maintaining trust, compliance and innovation. A strong, evolving risk management strategy is your pathway to navigating the future of medical devices with confidence.

FAQs Risk Management of Medical Devices

What is risk management for medical devices?

Risk management for medical devices involves identifying, assessing and mitigating risks throughout a device's lifecycle. This process ensures patient safety, product effectiveness and regulatory compliance. It aims to reduce the likelihood of device failures or harm by implementing effective risk controls and continuously monitoring post-market performance.

What are the risks of medical devices?

Risks of medical devices include mechanical failure, electrical hazards, biocompatibility issues, user error, software malfunctions and data breaches. These risks can lead to patient harm, device malfunction or non-compliance with regulations. Effective risk management helps identify, assess and mitigate these risks to ensure safety and performance.

What is the ISO risk management standard for medical devices?

The ISO risk management standard for medical devices is ISO 14971:2019. It provides a framework for identifying, evaluating and controlling risks associated with medical devices throughout their lifecycle. The standard ensures that all potential hazards are identified, risks are assessed and appropriate risk control measures are implemented to ensure patient safety and device reliability.

What are the 5 steps of risk management?

The five steps of risk management are:

1. Risk Analysis – Identifying potential hazards and risks.
2. Risk Evaluation – Assessing the likelihood and severity of each risk.
3. Risk Control – Implementing measures to reduce or eliminate risks.
4. Residual Risk Evaluation – Evaluating remaining risks after controls are applied.
5. Post-Market Surveillance – Monitoring the device in real-world use and updating the risk management plan.

*DISCLAIMER: This blog has been written to provide general guidance on Risk Management of Medical Devices. Meridian Medical is not an expert in this field and does not offer risk management services. For expert advice or assistance, please consult a qualified professional. Meridian Medical is not responsible for actions taken based on this content.

Partner with Meridian Medical

If your company is looking for a trusted partner to manufacture high-quality medical devices, Meridian Medical is ready to assist. With a proven track record and a commitment to excellence, Meridian Medical is your ideal contract manufacturing partner.

Contact us today to learn more about our services and how we can help bring your innovative medical devices to market. Get in touch by filling out our online form or contacting us on 01903 732344 or info@meridian-medical.com.