The International Standardisation Organisation (ISO) has now published the latest edition of the medical device risk management standard ISO 14971, titled ‘Medical devices — Application of risk management to medical devices’. The EN version is expected to also be published before the end of 2019.
Risk management is a critical cornerstone of compliance with the Medical Devices Regulation (MDR, 2017/745), and it is expected that the EN version will be ‘harmonised’ in accordance with the mandate from the European Commission to the European standards organisations CEN and CENELEC. Once harmonised, the standard will provide a ‘presumption of conformity’ to the relevant General Safety and Performance Requirements (GSPRs) listed in Annex I of the Regulation.
The ISO website states that the requirements of the standard are applicable to all phases of the life cycle of a medical device. The process described in the document applies to risks associated with a medical device, such as risks related to biocompatibility, data and systems security, electricity, moving parts, radiation, and usability.
Among the changes from the previous edition, several informative annexes have been moved to a guidance document, ISO/TR 24971, which has been revised in parallel to the standard, and is also now available. More information and a rationale for the requirements in this third edition have been provided in Annex A, and the correspondence between the clauses of the second edition and those of the third edition is given in Annex B.