IEC 60601 is a series of technical standards for the safety and effectiveness of medical electrical equipment. The primary standard governing medical device design is IEC 60601-1 (medical electrical equipment – Part 1: general requirements for basic safety and essential performance). Often referred to simply as “60601,” compliance with the standard has become a de facto requirement to bring new medical devices to market in many countries. Many of today’s products appear simple; yet embed sophisticated circuits and software that are invisible to the user. The IEC 60601-1 standard manages this reality by becoming intimately involved in the product-development process, going beyond performance test and verification. This is done because the product complexity generally yields a nearly uncountable number of potential test cases, permutations, and combinations in both normal and non-normal operating modes, and these cannot be assessed in the final design alone.
Risk management, now a vital part of the standard, is a multifaceted, multistep process. It begins with risk assessment, which itself is composed of risk analysis (identification of hazards and estimation of the effect of each hazard) and then proceeds to risk evaluation (deciding if risk control is needed, recording results in the Risk Management File). Standard techniques such as fault-tree analysis are among those used, but the assessment is not limited to that approach. After the assessment phase, the risk management process moves on to risk control. Here, options for managing the risk are evaluated, any risk-control measures are implemented, and the residual risk is assessed (some risks cannot be eliminated by design changes). There is also risk/benefit analysis, as well as examination of the critical issue of any new risks that may result from the risk-control steps themselves.