I do not think it is really possible to design a zero-risk device. While certain kinds of risks can be eliminated, some risk will always exist in some form. Unfortunately, I think that means that striving for zero-risk designs, while a good goal, is not really feasible for most devices. I think that the goal of risk management should not just be to mitigate risk to an acceptable level, but to reduce risk as much as possible. I think your question of how to define what's acceptable when lives are on the line is a question that has no clear or good answer. Due to that I think that a better goal is just mitigate risk as much as possible, while still acknowledging that some risk will always remain. Thorough management of risk is the much more achievable solution rather than elimination while hopefully still reducing the risk to a very safe level. 

As was already said before me, I think it is virtually impossible to completely eliminate risk. Even using a medical device in perfect conditions and following intended use protocols to a tee, there is still a possibility for risk to arise. A pacemaker may be engineered perfectly, but there may be an issue that arises internally or externally due to the bodies interaction with the pacemaker or a simple failure in the electronics. There is always risk associated with medical devices, especially those that sustain life or can cause potential injury to those that use them. In a perfect world where the device would not fail so long as risk mitigation protocols were followed, then in theory we could eliminate risk completely. Since this is not the case, it is a far better strategy to focus on mitigating risks than attempting to eliminate risk completely. In terms of defining acceptability in regards to risk, I think risks that are harmful to patients are obviously unacceptable where as minor risks that may cause inconveniences or slight issues are more acceptable. Of course it should be the goal of a company to mitigate all risks associated with the device, but there are definitely those that are more acceptable than others. Ultimately, risk management should focus on the mitigation of all associated risks and risk management plans should be robust in order to handle any risks or adverse events that may arise. 

Zero risk devices would be the dream goal, but that is impossible because as the lecture mentioned, someone will always find a way to create a risk that no one expected, so even if a product can start off being zero risk, it does not actually necessarily have to stay that way throughout its lifecycle. I do not believe that the goal should be to ever perfect the product because it takes away from creating a useful product because if the idea is to perfect something, then the entire process will take forever because new issues will always come up. It makes more sense to avoid as many risks as possible and trying to constantly create a better design that can maybe help to avoid the risk the previous design did not account for, but I think for the first rendition, it should be perfected. Even during that time though, there should be precautions taken so that if there is a feeling that a big issue is coming up then action can be taken immediately and fixed early on. This is when the risk matrix is quite helpful because it helps to layout the risks that can occur and makes it easy to identify what should be the main focus to address, and then a plan to either avoid or mitigate the risk can be developed.

I agree zero-risk devices aren't realistic, but I think the bigger issue is that "acceptable risk" isn't only an engineering decision, it's also ethical and practical. Sometimes trying to drive risk to zero can actually create new risks, like adding too much complexity, hurting usability, or slowing down devices that could save lives. So instead of aiming for zero risk, the real goal is finding the point where the benefits clearly outweigh the remaining risks, and any further risk reduction would hurt the devices' purpose, accessibility, or safety in other ways. Other high-risk fields don't chase zero risk either, they focus on making systems predictable, well-understood, and continuously improved. In that sense, "acceptable" means the risk is known, controlled, and justified by the benefit, not eliminated. 

One thing that often gets overlooked is that risk isn’t just tied to the device design but it’s tied to the patient using it. Two people with the same pacemaker can have completely different reactions due to comorbidities, genetics, drug interactions, immune responses, or even lifestyle. Because biology is inherently variable, zero risk isn’t reachable; the patient introduces uncertainty that engineers cannot fully eliminate. That’s why the realistic goal is not zero risk, but risk predictability which is making the device behave consistently across as many patient profiles as possible so clinicians understand what the risk actually looks like.

I do not believe companies should strive for completely risk-free designs but rather work to reduce risk as much as possible without compromising the device’s intended function. Every medical device carries some level of inherent risk, and the goal is to ensure that the probability and severity of potential hazards fall within the company’s pre-defined risk acceptance criteria. To determine what level of risk is acceptable, you must consider both how frequently a hazard could occur and how severe the resulting harm would be to the user or patient if that hazardous situation were to happen. Attempting to design a device with zero risk is not only unrealistic, but it would also require eliminating features or functionalities that are essential to achieving the device’s purpose. Aiming for a zero risk device would lead to a product that can no longer perform its intended use or provide meaningful clinical benefit. Overall, medical device design is about balancing safety with functionality to ensure that the benefits to the patient outweigh any risks.

Since there are no zero-risk medical devices, I believe the objective should always be to lower risk to a manageable level rather than strive for something that's zero-risk. Nothing would ever reach patients if businesses attempted to eliminate every potential risk. Even when there is some residual risk associated with pacemakers, insulin pumps, artificial joints, etc. the advantages greatly exceed the hazards. Acceptable risk isn't about pretending the device is completely safe, it's about demonstrating that all significant risks have been found, reduced, and tracked, and that the remaining risks are low enough that the patient still benefits from the device.

In reality, there are no 0-risk devices or products on the market in terms of the medical industry. Even devices that may have 100% success rates technically still have some type of risk. For example, 1,000,000 people may have used or still use a medical device with a 100% success rate, but one person, due to a genetic difference, may not be able to use it, and therefore risk is created. Due to innate human differences, there will always be risk related to the medical industry. The idea is the lower the risk as close as possible to 0 or find alternative methods to account for that risk. In the general case, trying to mitigate risk can definitely slow down innovation, since it takes lots of time to even find the risks and then actually have the risk management team formulate a plan to reduce it. In this way, it is important to try to mitigate risk but at one point it becomes insignificant to keep trying, and that is when you stop in a sense. Finding the right moment to stop and say "this is the best or lowest risk we can possibly have" and that would be the end product. As I said before, there cannot really be a 0 risk device due to innate differences between each individual but it can be extremely close to 0 (we can just say 0).

In medical device development, true zero risk is essentially impossible, especially for implantable or life sustaining products. Even with extensive verification, validation, and post-market monitoring, there will always be some residual risk that can not be engineered away. This failure might include infection, software glitches, or patient misuse for example. Because of this, the goal of risk management under ISO 14971 is not risk elimination but reducing risk to an acceptable level where the clinical benefits outweigh the potential harms. Striving for zero risk designs sounds ideal, but in practice it can stall innovation, slow access to life saving technologies, and consume resources on diminishing returns with no meaningful improvement to patient outcomes. Structured risk benefit analysis with real world data, and clinical justification, must be conducted while acknowledging that some risk is just unavoidable while ensuring it is controlled, justified, and transparently communicated.

When answering this question, I am tempted to say that the risk should strive for a zero-chance, but that is impossible. Devices and products will always carry some risk, although they will be put to an acceptable level of risk most of the time. To use a simple example: seatbelts do save lives, but a driver always accept some levels of risk when driving on the road despite wearing one. The same goes for any device, it should be understood that they carry some degree of residual risk despite a company's best efforts to mitigate it. Rather than trying to strive for a 0.001% chance of risk in an unfeasible manner, it is more important about creating a device that should behave in a way that clinicians can trust.

As to what is or should be considered "acceptable" I think requires some form of context. Devices that are needed to sustain someone else's life should carry higher levels of tolerated risk rather than something like a tongue depressor With that said: remaining risks after device development should be understood by all, risks should be tightly controlled as much as possible, and that the benefit of the device is significantly worth more than the residual risk.

I agree that eliminating risk entirely is not realistic, especially when dealing with devices that interact directly with the human body. Even when a device is designed correctly, verified, validated, and used exactly as intended, there are still biological responses, environmental factors, and long term wear that no team can fully predict. A pacemaker, for example, can pass every test and still face issues years later simply because the body is dynamic and complex. That reality shows why aiming for zero risk would place development at a standstill and delay devices that could save or improve lives. Because of this, the true goal of risk management is to lower risk to a point where the clinical benefit is clearly greater than the potential harm. Companies should design strong controls, address the most critical hazards first, and create a system that continues to learn from real world performance. Not all risks carry the same weight. A risk that threatens patient safety cannot be treated the same as a risk that causes minor inconvenience, and part of responsible development is knowing the difference and prioritizing accordingly. A strong risk management plan does not just document these decisions but also adapts as new information comes in. What do you guys think matters most when judging if a remaining risk is truly acceptable?

In medical devices, the goal can never realistically be zero risk, because every design choice—materials, power sources, software, biocompatibility, battery life—introduces trade-offs that simply can’t be eliminated without also eliminating the device’s ability to function. That’s why regulators and standards (like ISO 14971) frame the objective as reducing risk to an acceptable or as-low-as-reasonably-practicable level, not to zero. “Acceptable” is defined through a combination of clinical benefit, severity of potential harm, likelihood of harm, available alternatives, and current state-of-the-art technology; a device is ethically and legally justified when the expected health benefit clearly outweighs the residual risk and when no safer design is feasible without destroying the device’s therapeutic value. In practice, this creates a dynamic balance: you continually push risks downward, but you stop short of measures that add complexity, delay life-saving therapies, or create new hazards that outweigh the improvement. Absolute safety isn’t attainable, but transparent risk–benefit reasoning, rigorous post-market surveillance, and patient-centered design make it possible to reach a level of residual risk that society—and the people whose lives depend on these devices—can reasonably accept.