Posts in IEC60601

Orcanos QMS: Regulation Compliance & Governance Engine

August 7th, 2017 Posted by Document control, IEC 62304, IEC60601, ISO 13485, ISO 14971, regulation compliance 0 thoughts on “Orcanos QMS: Regulation Compliance & Governance Engine”

Orcanos is about to launch its QMS-Regulation-Compliance engine as part of Orcanos integrated ALM and Quality Management Software System.


Compliance best practices lie at the heart of all standards-based regulations and good quality management, such as ISO 14971, IEC 62304 and ISO 13485. However, it is a challenge to keep compliance without electronic QMS, or using traditional ALM tools, as most of them are R&D driven, and lack the support of the quality management software system. Compliance remains a leading concern for regulated industries such as Medical Device, Pharma and automotive.

Orcanos QMS Compliance engine

The powerful new capabilities of Orcanos Compliance Engine would simplify the way companies govern and control quality and regulations, and will provide a “Virtual Auditor” that would scan the project data in respect for specific industry regulation, and quality best practice, such as compliance with ISO 14971, IEC 62304 and ISO 13485 and more.

Orcanos QMS Compliance Engine is a flexible tool that allows companies define any regulation in a simple Excel or Google Sheet, defining the standard, section, classification in case of medical device (CLASS I, II, III), Remediation, and many other parameters, ans then import these regulations into Orcanos ALM and QMS platform and connect it to their projects records.

Orcanos QMS Compliance Engine then scans project data based on the specific regulations, and specific logic attached to it, and shows the faults in a graphical presentation. Together with Orcanos dashboard and notification mechanism we provide quite a good control and monitoring platform

Defining a compliance audit item

Define any compliance audit, setup and customize each compliance item

Compliance Audit

Running a compliance audit check

This is an example of an “Virtual Auditor” that inspects the compliance of specific product with the ISO 14971.

Running Compliance Audit Check


Why there is a change in the approach regarding labeling as RISK mitigation

July 24th, 2013 Posted by 510(k), CE Marking, FDA, IEC60601, ISO 14971, Recall, RISK Assessment, Risk Management 0 thoughts on “Why there is a change in the approach regarding labeling as RISK mitigation”

A recent recall on Bryan Medical Tracoe Mini 3.0mm Tracheostomy Tube: class 1 recall – mislabeled packaging – See more at: has proven some of the justification regarding the change in approch when putting labeling as part of the RISK mitigation. In the above case in the RISK assessment we should expect to see that not just labeling should be used to differentiate between the different devices but also packaging and coloring could be a good way to use on the device. Such mistake in labeling could affect patient safety since an oversized tracheostomy tube may cause permanent injury to the trachea. This product may cause serious adverse health consequences, including death. When we come to RISK assessment and decide to use labels as mitigation we may want to consider mistakes in packaging and address such cases as well or even perform change by design to avoid use of the device on the wrong application.

QPack Risk Form According to ISO14971

October 23rd, 2012 Posted by IEC60601, ISO 14971, Risk Management 0 thoughts on “QPack Risk Form According to ISO14971”

Following is breakdown of each phase in the risk management process described in ISO 14971:

4. Risk Analysis
4.3. Hazard Identification

  1. Describe the hazard
  2. Select risk category
  3. Define the feature/function hazard relates to
  4. Describe Potential harm
  5. Describe Cause of failure

4.4. Risk Estimation

  1. Define probability of harm due to hazard
  2. Define severity of harm due to hazard
  3. The risk level (RPN=Risk Priority Number) is automatically calculated

5. Risk Evaluation

Decide whether risk should be controlled by the predefined acceptability zone (Acceptable, ALARP, Unacceptable)

6. Risk Control

6.2 Risk Control Measures

Define control type

6.4 Final Risk Evaluation – Residual Risk

  1. Define probability of harm due to hazard
  2. Define severity of harm due to hazard
  3. The residual risk level (RPN=Risk Priority Number) is automatically calculated

6.6. New Hazard

A new   hazard created? (yes/no)

7. Verification and validation

Evaluation of overall residual risk acceptability

Use QPack traceability to relate artifacts used for risk control.

The test cases (verification) should be connected to design artifacts to assure verification

Risk management terminology and characteristics

August 30th, 2012 Posted by IEC 62304, IEC60601, ISO 14971, Risk Management, Standards and Regulations 0 thoughts on “Risk management terminology and characteristics”
Basic terms
  • Hazard: Potential  source  of  harm (what can go wrong)
  • Failure cause: what causes the hazard
  • Harm: Physical injury or damage to  the of people or property
  • Risk: the calculation (RPN) of the Probability of occurrence of Harm and its Severity
  • Risk control/ Risk mitigation: the means taken to reduce the risk
  • Residual risk: Remaining risk after risk control measures have been implemented

So, Hazard creates the risk that can cause harm: what can go wrong, what is the likelihood for this to happen, what would be the consequences and is the risk level tolerable or not?

Example 1 : Risk analysis to mobile phone: The radiation (hazard) that caused because of crack in mobile phone body (failure cause) causes severe headaches (harm) solved by using materials according to relevant standards (risk control)

Type of optional hazards – hazard category (partial list)

  • Energy
  • Biological
  • Chemical
  • Environmental
  • Hazards Related to the Use of the Device
  • Functional Failure
  • Maintenance
  • Aging
  • more…

Risk probability/frequency values (the probability for the harm to occur)

  • Improbable (So unlikely, it can be assumed occurrence may not be experienced)
  • Remote (Unlikely, but possible to occur in life of an item)
  • Occasional (Likely to occur sometime in life of an item)
  • Probable (Will occur several times in life of an item)
  • Frequent (Likely to occur frequently)

Risk severity values (the severity of the harm!!)

  • Negligible
  • Minor
  • Moderate
  • Major
  • Catastrophic

Risk control types

  • Safety by design
  • Protective measures – in the medical devices itself or in the manufacturing process – alarms, production line tests
  • Information for safety – marking, user manual
  • Operational – Workshops, training courses…

Risk properties

  • Hazard – what can go wrong
  • Category – see list above
  • Failure cause – what cause the hazard
  • Condition – Normal use, single fault, incorrect use
  • Affected – Patient, operator, service personal, bystanders, environment
  • Probability1 (also known as occurance/likelyhood/Frequency) – probability of the harm before risk control
  • Severity1 – severity of the harm before mitigation
  • RPN1 (risk level1) – the risk estimation result (Severity and probability) before mitigation
  • Control type – see above
  • Reduction necessary? – yes/no for hazards that are in ALARP zone
  • Probability 2 – after mitigation (risk control)
  • Severity 2 (not always in use, usually equal to Severity1)
  • RPN 2 – after mitigation
  • New hazard created – yes/no. Indicates if new risks arises from risk control
  • Related artifacts (for control) – relations to SRS, HRS, user manual…
  • Status – risk status, see in our blog some examples (hazard identification->risk estimation risk control identification->risk control implementation->verified)
  • Verification type – external labs, test management, training (you can use a descriptive field as well)
  • Verification description
  • Applicable component

risk management procedure

July 30th, 2012 Posted by IEC 62304, IEC60601, ISO 14971, Risk Management, Software Lifecycle Management 0 thoughts on “risk management procedure”

Please review posts Risk management terminology, risk management file before reading this post

Risk management is supported by the following activities:

Risk management

  • Risk Assessment
    • Risk analysis (part of risk assessment)
      • Hazard/hazardous situations identification
    • Risk evaluation (part of risk assessment)
      • risk estimation
      • including acceptability evaluation
  • Risk control
    • Define effective control of the risk
    • Control implementation
  • Post production
    • Monitor risk control effectiveness

A device may contain some risks eventually, but it must be free from UNACCEPTABLE risks

IEC 60601-1 Third Ed clause 4.2 requires RM process (RMF)

Potential risk forms in QPack (partial fields) – click to enlarge:



8 Tozeret Ha'aretz Street
Tel Aviv, Israel

Copyright © Orcanos, All rights reserved. | Privacy policy | Terms of use