When Risk Analysis Says Yes But Clinical Data Says No
I see manufacturers submit risk management files where every hazard is labeled “acceptable” through ALARP reasoning. The risk matrix shows green. The risk management report concludes the device is safe. Then the Notified Body asks: where is the clinical evidence supporting these acceptability decisions? The file goes silent.
In This Article
This happens more often than it should. Manufacturers treat risk management and clinical evaluation as parallel tracks. They complete ISO 14971 activities. They write the clinical evaluation report. Both documents exist. Both get submitted.
But they do not connect where it matters most: at the point where residual risk acceptability must be justified by clinical data.
The MDR does not allow risk analysis alone to declare a device safe. Article 61(1) requires clinical evaluation to confirm safety and performance throughout the device lifecycle. MDCG 2020-6 reinforces this: risk management outputs feed into clinical evaluation, and clinical data feed back into risk acceptability conclusions.
This is not a formality. It is a regulatory requirement that shapes how Notified Bodies review your submission.
Where Risk Management Meets Clinical Evaluation
Risk management identifies hazards, estimates risks, implements controls, and evaluates residual risks. This is standard ISO 14971 practice. The process produces a risk management file with traceability, risk matrices, and ALARP justifications.
But here is what I observe in audits: manufacturers stop at the risk management boundary. They document that residual risks are acceptable based on benefit-risk ratio, state of the art, and stakeholder input. They reference standards. They cite internal testing.
Then they move on.
The clinical evaluation report arrives later. It addresses different questions. It reviews clinical data. It establishes equivalence or presents clinical investigations. It concludes on safety and performance.
The two documents exist in the same submission but do not speak to each other at the critical junction: do the clinical data actually support the residual risk acceptability conclusions made in the risk management file?
The risk management report states that residual risks are acceptable based on benefit-risk considerations, but the clinical evaluation report does not quantify or characterize those benefits with clinical data. The Notified Body asks: what clinical evidence supports the claim that benefits outweigh these specific residual risks?
This is not a documentation gap. It is a logical gap. The manufacturer made a safety conclusion in risk management but did not ground it in the clinical reality that the device will face.
What Clinical Data Must Justify
Residual risk acceptability is not a checkbox. It is a conclusion that must be defended with evidence. That evidence comes from clinical data.
When you state that a residual risk is acceptable because the benefit outweighs the harm, you must show clinical data that quantify or describe that benefit in the intended population and use conditions. When you claim a risk is minimized as far as possible using state of the art, you must reference clinical literature or investigations that validate the effectiveness of your controls.
Let me be specific.
Suppose your device has a residual risk of minor tissue irritation in less than 5% of users. Your risk analysis concludes this is acceptable based on the therapeutic benefit. But if your clinical evaluation report does not present data showing the therapeutic outcome, the magnitude of benefit, or the clinical significance in the target population, then your acceptability conclusion has no foundation.
The Notified Body will see this immediately. The question comes back: where is the clinical evidence that justifies accepting this harm?
Another example. You implement risk controls and declare ALARP. You reference ISO standards and design verification tests. But if similar devices in clinical use show adverse events that your controls do not address, or if post-market data reveal failure modes you did not anticipate, then your ALARP claim is not supported by real-world clinical evidence.
Clinical data do not just confirm that your device works. They confirm that the residual risks you accepted in your risk management file are actually acceptable in clinical reality. If the data do not support this, your risk conclusions are unsupported.
This is why MDCG 2020-6 emphasizes the iterative relationship. Risk management informs what clinical data you need. Clinical data inform whether your risk conclusions hold.
The Benefit-Risk Determination
MDR Annex I requires that residual risks are acceptable when weighed against the benefits. This is not a qualitative statement. It is a determination that must be evidence-based.
Manufacturers often write: “The benefits of the device outweigh the residual risks.” Then they list features or intended uses. They do not quantify benefit. They do not present clinical outcomes. They do not compare risk rates with clinical gain.
This does not meet the MDR requirement.
To justify residual risk acceptability, your clinical evaluation must present data that demonstrate:
- What clinical benefit the device provides
- In which patient population and conditions
- With what magnitude or frequency
- How this benefit compares to the residual harm
If your device reduces recovery time by two weeks and causes mild discomfort in 3% of patients, you can defend acceptability. If your device has no clinical outcome data but states “improved patient comfort,” you cannot.
Notified Bodies will ask for this evidence explicitly. They will cross-reference your risk management report with your clinical data. If the data do not support the benefit claims underlying your acceptability conclusions, you will receive a finding.
State of the Art and Clinical Reality
Another common justification for residual risk acceptability is state of the art. Manufacturers claim that risks are minimized according to current best practice and cannot be further reduced without compromising functionality.
This is valid reasoning under ISO 14971. But it is not complete under the MDR.
State of the art is not only what is technically possible. It includes what is clinically known. If clinical literature shows that devices with similar risk profiles cause adverse events that you did not consider, or if post-market surveillance reveals risks that current designs do not address, then your state of the art analysis is incomplete.
Your clinical evaluation must review the clinical experience with equivalent or similar devices. It must identify known complications, failure modes, and long-term effects. It must assess whether your device introduces new risks or reproduces known ones.
If you claim your residual risks are acceptable based on state of the art, your clinical evaluation must show that you reviewed the relevant clinical evidence and that your device aligns with or improves upon the risk profile of existing devices.
The state of the art review in the CER focuses only on technical standards and design principles. It does not review clinical data from similar devices to assess whether the residual risks are clinically acceptable. The Notified Body asks: what clinical evidence shows that this level of risk is acceptable in practice?
This is where equivalence data become critical. If you claim equivalence for clinical evaluation, the clinical data from the equivalent device must also support your residual risk acceptability conclusions. If the equivalent device shows adverse event rates that contradict your risk estimates, your acceptability justification fails.
PMCF and Ongoing Justification
Residual risk acceptability is not a one-time conclusion. It is a living determination that must be confirmed throughout the device lifecycle.
This is why PMCF is not optional. It is the mechanism that feeds real-world clinical data back into your risk management process. If post-market data show that residual risks are higher than estimated, or that benefits are lower than claimed, then your acceptability conclusions must be re-evaluated.
Manufacturers often design PMCF plans that monitor performance but do not target residual risks. They collect complaint data. They track technical issues. But they do not systematically assess whether the clinical reality matches the risk acceptability assumptions made at the time of submission.
Your PMCF plan must include objectives that directly address residual risk acceptability. If you accepted a risk of device migration in less than 1% of cases, your PMCF must track migration rates. If you justified acceptability based on a specific therapeutic benefit, your PMCF must measure that benefit in real-world use.
Your PMCF objectives should map to your residual risk acceptability conclusions. If you cannot show how PMCF data will confirm or challenge your risk justifications, your post-market surveillance is not aligned with MDR requirements.
When Notified Bodies review your PMCF plan, they will look for this connection. They will ask: how will you know if your residual risks remain acceptable after the device enters the market? If your plan does not answer this, you will be asked to revise it.
How to Connect Risk Management and Clinical Evaluation
The practical solution is straightforward but requires discipline.
When you finalize your risk management file, identify every residual risk that you accept based on benefit-risk considerations, state of the art, or ALARP reasoning. For each one, ask: what clinical data support this acceptability conclusion?
Then go to your clinical evaluation report and verify that the data are there. If they are not, either gather the data or revise your acceptability conclusion.
This is not about creating new documents. It is about ensuring that the documents you already have are logically consistent and evidence-based.
In practice, I recommend a traceability table that links residual risks to clinical data sources. This table should be part of your risk management file and referenced in your clinical evaluation report. It makes the connection explicit and makes review easier for both you and the Notified Body.
The table should include:
- Residual risk description
- Acceptability justification
- Clinical data source that supports the justification
- PMCF objective that will monitor the risk in post-market use
This is not a regulatory requirement. But it is a practical tool that prevents the disconnection I see so often.
What Notified Bodies Expect
Notified Bodies do not expect perfection. They expect coherence.
They expect that when you claim a residual risk is acceptable, you can point to clinical data that justify that claim. They expect that your clinical evaluation report addresses the risks identified in your risk management file. They expect that your PMCF plan monitors what matters.
If your submission shows this coherence, the review proceeds. If it does not, you will receive findings that delay approval and require substantial rework.
The key is to think of risk management and clinical evaluation not as separate workstreams but as two perspectives on the same question: is this device safe and does it perform as intended?
Risk management answers this by identifying hazards and controlling risks. Clinical evaluation answers this by presenting evidence from real-world use. Both must arrive at the same conclusion. If they do not, something is wrong.
If your risk management file and clinical evaluation report reach different conclusions about safety, the Notified Body will notice. The question is not which one is right. The question is why they are not aligned.
This alignment is what the MDR requires. It is what competent authorities audit. It is what protects patients and supports market access.
When risk analysis says yes but clinical data say no, the answer is not to force agreement. The answer is to go back and understand why the mismatch exists, then resolve it with evidence.
This is the work of clinical evaluation under the MDR. It is not about producing documents. It is about producing justified conclusions that hold under scrutiny.
Next time you review a risk management file, ask: where is the clinical data that support these acceptability decisions? If the answer is not immediate, you have work to do.
Frequently Asked Questions
What is a Clinical Evaluation Report (CER)?
A CER is a mandatory document under MDR 2017/745 that demonstrates the safety and performance of a medical device through systematic analysis of clinical data. It must be updated throughout the device lifecycle based on PMCF findings.
How often should the CER be updated?
The CER should be updated whenever significant new clinical data becomes available, after PMCF activities, when there are changes to the device or intended purpose, and at minimum during annual reviews as part of post-market surveillance.
What causes CER rejection by Notified Bodies?
Common reasons include inadequate equivalence demonstration, insufficient clinical data for claims, poorly structured SOTA analysis, missing gap analysis, and lack of clear benefit-risk determination. Structure and logical flow are as important as the data itself.
Which MDCG guidance documents are most relevant for clinical evaluation?
Key documents include MDCG 2020-5 (Equivalence), MDCG 2020-6 (Sufficient Clinical Evidence), MDCG 2020-13 (CEAR Template), MDCG 2020-7 (PMCF Plan), and MDCG 2020-8 (PMCF Evaluation Report). MDCG 2020-6, ISO 14971
Need Expert Help with Your Clinical Evaluation?
Get personalized guidance on MDR compliance, CER writing, and Notified Body preparation.
✌
Peace, Hatem
Your Clinical Evaluation Partner
Follow me for more insights and practical advice.
– MDR 2017/745 Article 61(1), Annex I
– MDCG 2020-6: Regulation (EU) 2017/745: Clinical evidence needed for medical devices previously CE marked under Directives 93/42/EEC or 90/385/EEC
– ISO 14971:2019 Medical devices — Application of risk management to medical devices
Deepen Your Knowledge
Read Complete Guide to Clinical Evaluation under EU MDR for a comprehensive overview of clinical evaluation under EU MDR 2017/745.
