Meridian Medical triumphs at the 2023 ABP Awards for the second year in a row

Meridian Medical is celebrating being named Employer of the Year for the second year running by Arun Business Partnership and scooping the top accolade of Overall Business of the Year at the Partnership’s 2023 Awards. The wins recognise the company’s commitment to prioritising employee wellbeing, training and career development and the difference such an employee-focussed approach can make to overall business success.

Following the wins, co-directors James and Marcus Fenton, said: “We are delighted to have won the Employer of the Year award for the second year in a row. This award is very important to us as we firmly believe that being an employee-focussed company that wants to see everyone in our team succeed is the best way to attract and retain new staff.

“We would also like to extend a huge thanks to the individual managers, supervisors and members of HR that create the policies and create such a great system of support for every member of the team.”

Thanks to its employee-centric approach, Meridian Medical, a leading contract manufacturer of medical devices, based in Littlehampton, West Sussex, has seen staff turnover reduced from 10-15% per month in 2017 to less than 1% on average with today’s 130-strong full-time workforce.

With a dedication to creating a vibrant and enjoyable working environment based on trust, hard work and communication, the company has a top-down culture of trust and respect. Employees are encouraged to provide feedback, both positive and negative, that the owners and management team can take on board and use to make changes in how we operate, to become more efficient and achieve ever-improving customer satisfaction levels.

Employees are also encouraged to progress within the business, with many of the cleanroom shop floor staff having been promoted to quality control, supervisor and management positions. All employees benefit from Meridian Medical being a certified National Living Wage employer, an employee health cash plan and an employee assistance program, which offers mental health support not only for work but all life events.

Having picked up the Employer of the Year 2023 trophy Meridian Medical went on to scoop the top accolade of Overall Business of the Year, with the winner being selected by the judges from all the entries in all categories. Of this win, James and Marcus said: “We are also absolutely delighted to have been awarded the overall business of the year. Meridian Medical has been on an ever-improving journey over the last six years and we are over the moon to be recognised for our successes. We would like to thank all our staff, customers and suppliers for their support and for making Meridian Medical the amazing company that it is.”

The ABP Awards 2023 ceremony, sponsored by local businesses, took place on Friday 17th November at Fontwell Park Racecourse, honouring and commending outstanding businesses within the Arun District of West Sussex.

Meridian Medical is a family owned, privately held, contract manufacturer, specialising in sterile and non-sterile medical device development and supply. Founded in 1990, Meridian Medical is headquartered in Littlehampton, West Sussex.

Further information about Meridian Medical can be found on our website www.meridian-medical.com or by contacting us on 01903 732344 or emailing us at info@meridian-medical.com.

Effective risk management of medical devices is a fundamental aspect of ensuring their safety, efficacy and regulatory compliance. Rooted in Hippocrates’ principle of ‘First, do no harm’, it serves as a proactive approach to identifying, evaluating and mitigating risks throughout the product lifecycle. By doing so, manufacturers can prevent potential harm to end users and patients, enhance device performance and uphold the highest standards of care. Effective risk management not only meets regulatory standards, such as ISO 14971:2019 and EU MDR, but also builds trust with stakeholders and protects businesses from costly recalls and legal issues. This blog* will explore the essential components of risk management, common misconceptions and the latest challenges facing the industry, with a focus on emerging technologies and their associated risks.

What is risk?

In the context of medical devices, the concept of risk is central to ensuring safety, efficacy and compliance. Understanding risk is critical for managing potential hazards throughout the lifecycle of a medical device.

ISO 14971 definition of risk

ISO 14971:2019, the international standard for the application of risk management to medical devices, defines risk as ‘the combination of the probability of occurrence of harm and the severity of that harm.’ This framework is tailored to the medical device industry, focusing on identifying, evaluating, controlling and monitoring risks to ensure patient safety and regulatory compliance.

ISO 31000 definition of risk

ISO 31000, the broader international standard for risk management across industries, offers a slightly different perspective, defining risk as the effect of uncertainty on objectives. However this definition emphasises the potential for both positive and negative outcomes and highlights the need for a systematic approach to managing uncertainty.

Key standards and regulations for the risk management of medical devices

Several key standards and regulations provide a framework for managing risks throughout the lifecycle of medical devices. These standards ensure that safety, performance and compliance are maintained in alignment with both global and regional regulatory requirements.

ISO 14971:2019- the core standard for medical device risk management: 

• Provides a structured framework for identifying, evaluating and mitigating risks throughout the medical device product lifecycle.
• Emphasises balancing risks against benefits and implementing effective risk controls.

ISO 13485:2016 - integrates risk management into quality management systems:

• Ensures risk management is an ongoing process across all stages of development and production.

IEC 60601 - focuses on the safety and performance of electrical medical devices:

• Embeds risk management requirements into its guidelines.

Regional regulatory requirements:

• EU MDR - European Union Medical Device Regulation: Mandates robust risk management to meet General Safety and Performance Requirements (GSPR). It also highlights the importance of risk assessment in device design and post-market monitoring.
• FDA 21 CFR Part 820 - U.S. Food & Drug Administration: Enforces risk-based approaches within Quality Management System Regulation (QMSR). Requires risk management in design controls through to post-market surveillance.

Why is risk management for medical devices important?

Effective risk management plays a critical role in ensuring safety, compliance and business success. Here's why it matters:

• Patient Safety:
  • Prevents harm from faulty or potentially harmful devices (e.g. non-medical grade materials or malfunctioning equipment).
  • Ensures patient health is safeguarded throughout the device lifecycle.
• Regulatory Compliance:
  • Helps meet standards like ISO 14971:2019 and EU MDR.
  • Failure to comply can result in fines, recalls and delays to market access.
• Avoiding Financial Consequences:
  • Inadequate risk management can lead to costly recalls, legal action or damage to reputation.
• Improved Device Performance:
  • Identifies potential issues early, leading to better quality and reliability.
• Building Trust:
  • Reinforces confidence with stakeholders and end users, ensuring long-term success in the healthcare market.

What is risk management for medical devices?

Risk management for medical devices is a systematic, ongoing process aimed at identifying, assessing, controlling and monitoring risks to ensure safety, compliance and efficacy. This process is essential for meeting regulatory requirements and safeguarding both patients and manufacturers.

An overview of the risk management process

Risk analysis

The Risk analysis document involves identifying potential hazards associated with the device’s design, manufacturing and usage. These hazards should include all aspects of a devices design and intended use, and address the type of failure such as mechanical failure, electrical hazards, biological incompatibilities or software errors. Each hazard should be thoroughly investigated to determine its origin, frequency and potential impact on patients and users. Tools such as Failure Mode and Effects Analysis (FMEA) or Fault Tree Analysis (FTA) are often used in this stage to ensure all potential risks are identified.

Risk evaluation

After identifying ach of the risks, the next step is to evaluate them by assessing and scoring the likelihood of each risk occurring and the potential severity of its consequences. This evaluation enables manufacturers to categorise risks based on their potential impact and decide which risks are acceptable and which require immediate attention. The regulatory standard ISO 14971:2019 provide guidance on setting thresholds for acceptable risk.

Risk control

Risk control is the stage where action is taken to reduce, eliminate or mitigate identified risks. This might involve modifying the device design, adding safety features, enhancing testing protocols or implementing preventive measures in manufacturing. Medical device verification and validation are therefore key to the development and manufacturing of medical devices.

Verification ensures that any risk controls function as intended, while validation confirms they effectively reduce risks in real-world use. The aim is to lower residual risks to a level that is acceptable and ensures patient safety without compromising the device's intended function. Controls are continually reviewed and updated based on new information or evolving standards.

Residual risk evaluation

After implementing risk controls, manufacturers assess the remaining risks, known as ‘residual risks’, to ensure they are within acceptable limits. This step is critical to confirm that, even after mitigation measures, the risks do not pose an unacceptable threat to patient safety or device performance. If residual risks are deemed too high, further corrective actions, such as enhancing safety features or modifying design, are taken. Residual risk evaluation ensures that a device remains safe, compliant and effective throughout its lifecycle, balancing practical risk reduction with regulatory standards.

Production and post-production information

Risk management extends beyond product development into production and post-production. During production, it’s crucial to monitor the device for any new risks that arise during scaling or manufacturing processes. Supplier auditing is a key part of this process, helping to ensure that external vendors continue to meet quality and regulatory standards, reducing the risk of defects or inconsistencies. Once the device is on the market, Post market surveillance is necessary to collect data, including user feedback, adverse events as well as any complaints. This information helps identify new risks or previously unrecognised hazards, prompting updates to risk control measures and further refinement of the product.

Common misconceptions in risk management

Risk management in medical devices is often misunderstood, leading to gaps in implementation and compliance. Below are some of the most common misconceptions:

Risk management is only a regulatory requirement

Many believe that risk management is only necessary to meet regulatory requirements. While it is a critical part of compliance with standards such as ISO 14971:2019 and EU MDR, risk management goes beyond merely ticking boxes. It is an essential process to ensure patient safety, improve device performance and maintain long-term trust in the device. Effective risk management helps identify potential issues early, reducing the likelihood of costly recalls, legal action or damage to the company’s reputation.

Risk management is only about preventing harm

Another misconception is that risk management is solely about preventing harm or injury. While preventing harm is an essential aspect, risk management also includes evaluating the benefits of a device, balancing risks with intended benefits, and mitigating any risks that remain. It is a holistic process that involves identifying, assessing and controlling risks throughout the device's lifecycle, ensuring that both the device’s safety and effectiveness are optimised.

Risk management ends after product development

Some might think that risk management only applies during the design and development phases. However, this is far from the case. Risk management is an ongoing process that continues after product development, throughout production and even post-market. Continuous monitoring of device performance, addressing adverse events and implementing corrective actions are essential to maintaining safety and compliance. A robust post-market surveillance system ensures that any new risks are identified and mitigated quickly.

Emerging Challenges in Risk Management

As medical technology advances, new risks are emerging, requiring manufacturers to adapt their risk management strategies:

Cybersecurity Risks in Connected Devices

The rise of connected medical devices has introduced potential cybersecurity threats that challenge successful risk management of medical devices. These devices often store or transmit sensitive patient data, making them attractive targets for cyberattacks. A breach in security could lead to data theft, manipulation or even device malfunctions that harm patients. Risk management for connected devices must include robust cybersecurity measures to protect patient information, ensure device functionality and comply with regulations like the FDA’s post-market guidance on cybersecurity.

Risks Posed by AI and ML Systems

Artificial Intelligence (AI) and Machine Learning (ML) systems are becoming more prevalent in medical devices, from diagnostic tools to predictive healthcare applications. However, these technologies introduce unique risks due to their complex, data-driven decision-making processes. The ‘black box’ nature of many AI/ML models can make it difficult to understand how decisions are made, raising concerns about accountability and transparency. Risk management for AI/ML-based devices must address the potential for bias in algorithms, the need for continuous validation of models, and the implications of incorrect diagnoses or treatments.

Regulatory and Ethical Considerations

The rapid pace of innovation in connected devices and AI/ML systems also poses regulatory challenges. Standards and regulations must evolve to keep up with these technologies while ensuring patient safety and data privacy. Manufacturers must be proactive in staying abreast of new guidelines and regulations to manage emerging risks effectively.

These emerging challenges highlight the need for dynamic risk management approaches that can address the evolving landscape of connected and AI-driven medical devices.

Risk management of medical devices isn’t just a box to tick

Risk management is the backbone of every successful medical device. By constantly identifying, evaluating and mitigating risks, manufacturers not only protect patients but also ensure long-term business success. As technology advances, staying ahead of emerging risks like cybersecurity threats and AI challenges will be key to maintaining trust, compliance and innovation. A strong, evolving risk management strategy is your pathway to navigating the future of medical devices with confidence.

FAQs Risk Management of Medical Devices

What is risk management for medical devices?

Risk management for medical devices involves identifying, assessing and mitigating risks throughout a device's lifecycle. This process ensures patient safety, product effectiveness and regulatory compliance. It aims to reduce the likelihood of device failures or harm by implementing effective risk controls and continuously monitoring post-market performance.

What are the risks of medical devices?

Risks of medical devices include mechanical failure, electrical hazards, biocompatibility issues, user error, software malfunctions and data breaches. These risks can lead to patient harm, device malfunction or non-compliance with regulations. Effective risk management helps identify, assess and mitigate these risks to ensure safety and performance.

What is the ISO risk management standard for medical devices?

The ISO risk management standard for medical devices is ISO 14971:2019. It provides a framework for identifying, evaluating and controlling risks associated with medical devices throughout their lifecycle. The standard ensures that all potential hazards are identified, risks are assessed and appropriate risk control measures are implemented to ensure patient safety and device reliability.

What are the 5 steps of risk management?

The five steps of risk management are:

1. Risk Analysis – Identifying potential hazards and risks.
2. Risk Evaluation – Assessing the likelihood and severity of each risk.
3. Risk Control – Implementing measures to reduce or eliminate risks.
4. Residual Risk Evaluation – Evaluating remaining risks after controls are applied.
5. Post-Market Surveillance – Monitoring the device in real-world use and updating the risk management plan.

*DISCLAIMER: This blog has been written to provide general guidance on Risk Management of Medical Devices. Meridian Medical is not an expert in this field and does not offer risk management services. For expert advice or assistance, please consult a qualified professional. Meridian Medical is not responsible for actions taken based on this content.

Partner with Meridian Medical

If your company is looking for a trusted partner to manufacture high-quality medical devices, Meridian Medical is ready to assist. With a proven track record and a commitment to excellence, Meridian Medical is your ideal contract manufacturing partner.

Contact us today to learn more about our services and how we can help bring your innovative medical devices to market. Get in touch by filling out our online form or contacting us on 01903 732344 or info@meridian-medical.com.