alt text Open/Close

Risk management and warnings:

How to reduce risks

The risk analysis is a constantly changing document. This has been known since the introduction of the EU Medical Devices Regulation 2017/745 (MDR). The MDR defines a risk as: " combination of the probability of occurrence of harm and the severity of that harm". The risk analysis assesses risks that were either anticipated before the market launch, or have become known during use in clinical practice. Based on the severity of harm and the probability of harm occurrence, the manufacturer assesses whether a risk appears acceptable in view of the benefit. Unacceptable risks must be reduced in severity or probability. Since design change is very costly, it seems easier to inform about the risk in the instructions for use in order to reduce the probability of occurrence. This article explains when this measure is sufficient and how risk analysis relates to clinical evaluation.

Why reduce risks? 

The MDR (Annex I, Chapter 1, Article 1 and 2) is clear on this: "They [the products] shall be safe and effective and shall not compromise the clinical condition or the safety of patients, or the safety and health of users or, where applicable, other persons… ." And says that risks shall be reduced as “as far as possible without adversely affecting the benefit-risk ratio." What are the means by which a manufacturer can reduce risks and what are the requirements of the MDR?

Manufacturers have a vested interest in minimising risks, as safe products will prevail over competition in the long term. MDR provides options for risk reduction.

Risk-reducing measures

With the MDR coming into force, an important rule for risk-reducing measures was fundamentally changed. As part of risk management, it was previously not possible to reduce risks solely by means of a warning, for example in instructions for use.

ISO 14971:2012 and Directive 93/42 EEC

ISO 14971:2012 (Risk management for medical devices) states in Annex ZA, Section 7, b): "that users shall be informed about the residual risks. This indicates that according to Annex I to Directive 93/42 EEC, and contrary to the concept of the ISO standard, the information given to users does not reduce the (residual) risk any further".

This meant that risks had to be minimised by design changes or other protective measures. Residual risks that could not be further reduced had to (and still have to) be weighed against the benefits and were addressed in the warnings.

What does the MDR change?

The good news: under the MDR, risks can be reduced via warnings and information in the instructions for use. But to do so, the order of priority of risk-reducing measures must still be observed and this step must be justified in case of doubt. The MDR, Annex I, point 4 on this:

"In selecting the most appropriate solutions, manufacturers shall, in the following order of priority:

  • eliminate or reduce risks as far as possible through safe design and manufacture;
  • where appropriate, take adequate protection measures, including alarms if necessary, in relation to risks that cannot be eliminated; and,
  • provide information for safety (warnings/precautions/contra-indications) and, where appropriate, training to users.”

The order of priority of measures

This means that risks must preferably be reduced by design measures, for example by giving a pacemaker a particularly long-lasting battery to prevent loss of function. If the risk is still unacceptable after that, protective measures must be taken, for example, by the pacemaker giving an alarm before the battery life is over. Only if the risk cannot be reduced further the manufacturer is allowed to use a safety notice in the instructions for use to reduce the risk, for example by stating that the battery has a limited lifetime.

Whether a manufacturer has exhausted all design and protective measures, and whether these are sufficient, must be considered individually. Manufacturers should be prepared for questions from the Notified Body and be able to justify their approach.

    Less is more

    It is important not to overdo this kind of risk reduction by issuing too many notices and warnings.

    In this respect, ISO/TR 24971: 2020 states quite clearly in chapter 8.2, d): "An analysis might be needed to determine if there is an over-reliance on warnings".

    Warnings should therefore be used responsibly. Usability tests, for example, can be used to check whether the warnings have the desired effect.

    Warnings made easy

    When warning labels are used, their wording and form should be chosen carefully. So far, there is no harmonised standard on the subject of warnings. The MDR does not address this issue much either. It mentions the following points in Annex I, Article 23: "The medium, format, content, legibility, and location of the label and instructions for use shall be appropriate to the particular device [...]. In particular, instructions for use shall be written in terms readily understood by the intended user […]."

    Since there are no MDR specifications, some notified bodies fall back on standards. Our experience here shows that, for example, IEC 82079-1:2019, Part 1, which regulates the preparation of information for use, is considered relevant by some Notified Bodies, even though it does not specifically relate to medical devices.

    Thus, the information on "harm to persons" is to be marked with the signal words Danger, Warning and Caution. For damage to property, the terms Notice or Beware are to be used. There is no regulation on colours, but they should be used consistently.

    Danger, Warning, Caution, Notice

    Adapted from IEC 82079-1: 2019, Part 1:

    Danger: Hazard with high level of risk, which, if not avoided, will result in death or serious injury.

    Warning: Hazard with a medium level of risk, which, if not avoided, could result in death or serious injury.

    Caution: Hazard with a low level of risk, which, of not avoided, could result in minor or moderate injury.

    Notice: indicates information considered important but not hazard-related.

    What should be considered for the clinical evaluation?

    The risk analysis and the warnings in the instructions for use are also included in the clinical evaluation. The risks mentioned are carefully compared with the clinical data from the literature:

    Do the identified risks match the findings of the literature and post-marketing surveillance in terms of severity and probability of occurrence of harm?

    • Are there any contraindications described in the literature that are not reflected in the instructions for use?
    • Is the wording and choice of contraindications coherent?
    • Is the probability of occurrence of a risk estimated reasonably?

    With regard to the IFU, it is checked whether warnings that are defined in the risk analysis for risk reduction are implemented in the IFU.

    In addition, it is checked whether risks are appropriate with regard to the type of medical device.


    • Manufacturers must first consider design and protective measures in risk reduction before using a warning as a risk-reducing measure.
    • If warnings are used to reduce risk, a usability test could demonstrate the effectiveness of the measure.
    • Warnings can be phrased according to IEC 82079-1: 2019. Although this standard has not yet been harmonised and applies to all types of instructions for use (not specifically for medical devices), it provides good guidance for manufacturers. As the previous version of this standard was harmonised, it is quite possible that this version will also be harmonised.
    • In the clinical evaluation, warnings and risk-reducing measures are reviewed.


    Dominik Heiss, B.Sc.
    +49 7071 / 98979 - 150


    Dominik Heiss, B.Sc.
    +49 7071 / 98979 - 150