--- title: Intended Use and Reasonably Foreseeable Misuse in Risk Analysis description: How intended purpose under MDR Article 2(12) and reasonably foreseeable misuse drive hazard identification in EN ISO 14971 risk analysis. authors: Tibor Zechmeister, Felix Lenhard category: Risk Management Under MDR primary_keyword: intended use foreseeable misuse risk analysis MDR canonical_url: https://zechmeister-solutions.com/en/blog/intended-use-foreseeable-misuse-risk-analysis source: zechmeister-solutions.com license: All rights reserved. Content may be cited with attribution and a link to the canonical URL. --- # Intended Use and Reasonably Foreseeable Misuse in Risk Analysis *By Tibor Zechmeister (EU MDR Expert, Notified Body Lead Auditor) and Felix Lenhard.* > **Under MDR Article 2(12), intended purpose is the use the manufacturer describes in labelling, IFU, promotional material, and clinical evaluation. Under EN ISO 14971 clause 5.2 and 5.3, that intended purpose plus the reasonably foreseeable misuse of the device together form the first required input to hazard identification. Skip either one and the entire risk file sits on sand.** **By Tibor Zechmeister and Felix Lenhard.** ## TL;DR - MDR Article 2(12) defines intended purpose as what the manufacturer states on the label, in the IFU, in promotional material, and in the clinical evaluation. - EN ISO 14971:2019+A11:2021 clause 5.2 requires a documented intended use and reasonably foreseeable misuse before hazards can be identified. - Annex I GSPR 1, 2, 3, and 5 all refer back to intended purpose as the boundary against which risks are judged. - Reasonably foreseeable misuse is not the same as abuse. It is the use a rational human being may make of the device that the manufacturer did not intend. - A vague or inflated intended purpose pushes the hazard surface outward and creates risks the manufacturer never planned to control. - In Tibor's audit experience, a thin use specification is the single most common reason a risk file fails the notified body desk review. ## Why this matters Startups commonly treat intended purpose as a marketing line. Something to polish before a pitch deck. A regulatory formality to paste into the first page of the technical documentation. Then the risk management file is started, the team sits in a room, somebody opens a spreadsheet, and a list of hazards appears out of nothing. That approach fails at the notified body. Not because the hazards on the list are wrong, but because the auditor cannot tell whether the list is complete. Completeness of hazard identification is judged against the intended use and the reasonably foreseeable misuse. If those two inputs are weak, the auditor has no measuring stick. In Tibor's audit practice, the pattern is consistent. Companies with strong intended-purpose documentation pass the risk management review cleanly. Companies that wrote their intended purpose in fifteen minutes fail, and the failure is expensive because it triggers a rework of the entire risk file, not just the intended-purpose paragraph. ## What MDR actually says MDR Article 2(12) defines intended purpose with this exact wording: > "intended purpose means the use for which a device is intended according to the data supplied by the manufacturer on the label, in the instructions for use or in promotional or sales materials or statements and as specified by the manufacturer in the clinical evaluation" Four sources of truth are listed: the label, the IFU, the promotional or sales materials, and the clinical evaluation. A notified body auditor reading the technical file will check all four against each other. Inconsistency across them is itself a finding. MDR Annex I GSPR 1 requires that devices achieve the performance intended by the manufacturer and that any risks associated with their use are acceptable when weighed against the benefits to the patient. "Intended" appears in the very first general safety and performance requirement. MDR Annex I GSPR 2 requires the manufacturer to establish, implement, document, and maintain a risk management system. The risks being managed are the risks of the device used according to its intended purpose. MDR Annex I GSPR 3 requires the manufacturer to eliminate or reduce risks as far as possible through safe design and manufacture, taking account of the generally acknowledged state of the art. Again, risks are defined against the intended use boundary. MDR Annex I GSPR 5 explicitly requires that, in eliminating or reducing risks related to use error, the manufacturer shall consider the ergonomic features of the device and the environment in which it is intended to be used, as well as the technical knowledge, experience, education, training, use environment, and medical and physical conditions of intended users. EN ISO 14971:2019+A11:2021 clause 5.2 requires a documented intended use for the device. Clause 5.3 requires identification of reasonably foreseeable misuse. Clause 5.4 then requires hazard identification, and the standard is explicit that hazards shall be identified for both normal and fault conditions and for the reasonably foreseeable misuse of the device. The chain is concrete. Article 2(12) defines intended purpose. Annex I GSPRs require intended-purpose-bounded risk management. EN ISO 14971 clauses 5.2 and 5.3 require both intended use and reasonably foreseeable misuse as named, documented inputs to the rest of the process. ## A worked example A two-founder startup is building a wearable patch that measures skin temperature and sends readings to a companion app. The founders describe the intended purpose in their first draft as: "to monitor body temperature for health and wellness applications". Tibor reviews the draft for the first notified body pre-submission and flags three problems. First, "health and wellness" crosses the boundary between medical device and non-medical product. A wellness claim may remove the device from MDR scope entirely. If the company wants CE marking as a medical device, the wellness language has to go. Second, "body temperature" is ambiguous. Skin temperature is not the same as core body temperature. A user reading the label may expect core temperature and act on a reading that the device was never designed to produce. That is not misuse in the abuse sense. It is reasonably foreseeable misuse driven by labelling that did not match the measurement physics. Third, "to monitor" leaves out the user, the environment, the duration of use, and the clinical decision being supported. EN 62366-1 clause 5.1 requires a use specification, and the use specification requires every one of those elements. The revised intended purpose reads: "The device is intended to continuously measure and record skin temperature at the upper arm in adult patients (18 years and older) during febrile episodes for up to 72 hours of continuous wear, in a home environment, to support a healthcare professional's assessment of fever progression. The device does not measure core body temperature and is not intended to trigger any clinical intervention on its own." With that revised statement, the hazard identification exercise surfaces real hazards the original statement had hidden. Skin irritation from prolonged adhesive contact. Algorithm confusion if worn on a site other than the upper arm. Reasonably foreseeable misuse: a patient wearing the patch longer than 72 hours, a patient wearing it on a child, a patient interpreting skin temperature as core temperature and delaying medical care. Each of those is a new entry in the hazard list. Each requires risk control. Each is now traceable back to the Article 2(12) statement. The notified body can follow the thread from the label to the hazard to the mitigation and back. ## The Subtract to Ship playbook Felix coaches founders to write intended purpose and reasonably foreseeable misuse as a single connected exercise, not as two separate documents authored months apart. Three moves make this practical. **Move one. Write intended purpose in three layers.** Layer one is the clinical claim: what condition, what population, what benefit. Layer two is the use environment: where, by whom, for how long. Layer three is the negative space: what the device does not do, does not claim, and is not intended for. Layer three is the layer most startups skip. Layer three is also where foreseeable misuse gets contained. **Move two. Run a foreseeable-misuse session immediately after drafting intended purpose.** Get the clinical adviser, a development lead, a quality lead, and a user representative into the same room. Read the intended purpose aloud. For every sentence, ask: what could a rational user read into this that we did not mean. Every answer is a candidate for reasonably foreseeable misuse. This takes two hours, not two days, but it has to happen with the intended purpose text in front of everyone. **Move three. Feed both outputs into the EN ISO 14971 clause 5.4 hazard identification step on day one.** Not week four. The hazard list is built from the use specification and the foreseeable misuse list, and it cannot exist before those exist. Subtract anything that is not traceable back to the intended purpose. A hazard on the list that does not connect to a use or a foreseeable misuse is either scope creep or evidence that the intended purpose is wrong. Either way, it gets resolved before the risk file moves forward. ## Reality Check 1. Does your current intended purpose statement appear, word for word, on the label, in the IFU, in the sales material, and in the clinical evaluation plan? 2. Can you point to the exact clause in your risk management plan that cites EN ISO 14971 clauses 5.2 and 5.3? 3. Does your intended purpose specify user, environment, duration, and population, or does it only describe the function of the device? 4. Have you documented a reasonably foreseeable misuse list that is distinct from your hazard list? 5. For every entry on the foreseeable misuse list, can you trace a risk control measure in the risk file? 6. Has the intended purpose been reviewed by a clinician and by a potential end user, not only by the development team? 7. If the notified body asks how you demonstrated completeness of hazard identification, can you show a document that links hazards back to the use specification? ## Frequently Asked Questions **What is the difference between intended purpose and intended use under MDR?** MDR Article 2(12) uses the term "intended purpose". Many startups and standards use "intended use" to mean the same thing. The terms are treated as synonyms in practice, but the legal definition that binds is the Article 2(12) text. Always quote that text when drafting regulatory documents. **Is reasonably foreseeable misuse the same as abuse?** No. Abuse describes deliberate hostile action against the device. Reasonably foreseeable misuse describes rational behaviour by an ordinary user that the manufacturer did not intend but could have predicted. A patient wearing a 72-hour patch for 96 hours is foreseeable misuse. A patient deliberately crushing the device with a hammer is abuse. **Where does foreseeable misuse get documented, in the risk file or the usability file?** Both, because the same input feeds EN ISO 14971 clause 5.3 and EN 62366-1 clause 5.1. The cleanest approach is to maintain one master use specification document and reference it from both the risk management file and the usability engineering file. **Can a broad intended purpose make the regulatory path simpler?** The opposite. Broader intended purpose means larger hazard surface, more foreseeable misuse, more risk controls, more clinical evidence, and often a higher classification. In Tibor's experience, narrow and precise intended purpose statements lead to smaller, faster-to-certify files. **Who should sign off on the intended purpose statement?** Top management, the PRRC if appointed, the clinical lead, and the risk management lead. Article 2(12) names the clinical evaluation as one of the four sources, so the clinical lead cannot be absent from sign-off. **How often should intended purpose be revisited?** Whenever the label, IFU, promotional material, or clinical evaluation changes. Any mismatch across those four sources is a notified body finding waiting to happen. ## Related reading - [MDR Annex I General Safety and Performance Requirements](/blog/mdr-annex-i-gspr) on how GSPR 1, 2, 3, and 5 bind intended purpose into risk management. - [Intended purpose vs intended use under MDR](/blog/intended-purpose-vs-intended-use-mdr) on the terminology trap that costs startups time in their first NB exchange. - [Define intended purpose without over-constraining](/blog/define-intended-purpose-without-over-constraining) on how to narrow the statement without losing commercial flexibility. - [The ISO 14971 Annex Z trap](/blog/iso-14971-annex-z-trap) on the MDR-specific deviations from ISO 14971 that startups miss when copying the standard. - [Documenting intended purpose in the technical file](/blog/documenting-intended-purpose-technical-file) on the exact file locations a notified body auditor will check. ## Sources 1. Regulation (EU) 2017/745 on medical devices, consolidated text. Article 2(12), Annex I GSPR 1, 2, 3, and 5. 2. EN ISO 14971:2019+A11:2021, Medical devices, Application of risk management to medical devices, clauses 5.2, 5.3, and 5.4. 3. EN 62366-1:2015+A1:2020, Medical devices, Part 1, Application of usability engineering to medical devices, clause 5.1 on use specification. --- *This post is part of the [Risk Management Under MDR](https://zechmeister-solutions.com/en/blog/category/risk-management) cluster in the [Subtract to Ship: MDR Blog](https://zechmeister-solutions.com/en/blog). For EU MDR certification consulting, see [zechmeister-solutions.com](https://zechmeister-solutions.com).*