Skip to main content
Top

Hint

Swipe to navigate through the chapters of this book

2017 | Supplement | Chapter

A Proposed Approach to the Revision of IEC 80001-1 Following Annex SL

Authors : Silvana Togneri MacMahon, Todd Cooper, Fergal McCaffery

Published in: Software Process Improvement and Capability Determination

Publisher: Springer International Publishing

share
SHARE

Abstract

IEC 80001-1 was published in 2010 and is now undergoing revision. Feedback gathered on the adoption of the standard has revealed a number of barriers that have impacted its adoption. The standard provides requirements related to the roles, responsibilities and activities that need to be performed for the risk management of medical IT networks. One reported barrier is a lack of drivers to motivate Top Management to implement the standard. In addition, there is a lack of alignment between IT and biomedical engineering departments within hopitals. Finally, the IEC 80001-1 standard was considered to be too complicated and complex to implement. This paper presents the barriers identified in the feedback and presents an approach to the revision of the standard as a process based management system standard in accordance with ISO/IEC Directives Annex SL as a means to overcome these barriers.
Literature
1.
go back to reference West Health Institute: The Value of Medical Device Interoperability - Improving patient care with more than $30 billion in annual health care savings (2013) West Health Institute: The Value of Medical Device Interoperability - Improving patient care with more than $30 billion in annual health care savings (2013)
2.
go back to reference Hamilton, A., Nau, R., Burke, R., Weinstein, S., Dlatt, C.K.B., Fiore, S., Conyers, J.L.: Summary of the August 2011 Symposium on the Role and Future of Health Information Technology in an Era of Health Care Transformation. The George Washington University (2011) Hamilton, A., Nau, R., Burke, R., Weinstein, S., Dlatt, C.K.B., Fiore, S., Conyers, J.L.: Summary of the August 2011 Symposium on the Role and Future of Health Information Technology in an Era of Health Care Transformation. The George Washington University (2011)
3.
go back to reference Lee, I., Pappas, G.J., Cleaveland, R., Hatcliff, J., Krogh, B.H., Lee, P., Rubin, H., Sha, L.: High-confidence medical device software and systems. Comput. (Long. Beach. Calif.) 39, 33–38 (2006) Lee, I., Pappas, G.J., Cleaveland, R., Hatcliff, J., Krogh, B.H., Lee, P., Rubin, H., Sha, L.: High-confidence medical device software and systems. Comput. (Long. Beach. Calif.) 39, 33–38 (2006)
8.
go back to reference Wagner, E.H.: The role of patient care teams in chronic disease management. BMJ Br. Med. J. 320, 569 (2000) CrossRef Wagner, E.H.: The role of patient care teams in chronic disease management. BMJ Br. Med. J. 320, 569 (2000) CrossRef
9.
go back to reference Wagner, E.H., Austin, B.T., Davis, C., Hindmarsh, M., Schaefer, J., Bonomi, A.: Improving chronic illness care: translating evidence into action. Health Aff. 20, 64–78 (2001) CrossRef Wagner, E.H., Austin, B.T., Davis, C., Hindmarsh, M., Schaefer, J., Bonomi, A.: Improving chronic illness care: translating evidence into action. Health Aff. 20, 64–78 (2001) CrossRef
10.
go back to reference Hoffman, C., Rice, D.: Chronic Care in America: A 21st Century Challenge. Robert Wood Johnson Found, Princeton (1996) Hoffman, C., Rice, D.: Chronic Care in America: A 21st Century Challenge. Robert Wood Johnson Found, Princeton (1996)
13.
go back to reference Castañeda, M.: Connecting devices and data on the healthcare network. Biomed. Instrum. Technol. 44, 18–25 (2010) CrossRef Castañeda, M.: Connecting devices and data on the healthcare network. Biomed. Instrum. Technol. 44, 18–25 (2010) CrossRef
14.
go back to reference Whitehead, S.F., Goldman, J.M.: Getting connected for patient safety how medical device “Plug-and-Play” interoperability can make a difference. Patient Saf. Qual. Healthc. 1–5 (2008) Whitehead, S.F., Goldman, J.M.: Getting connected for patient safety how medical device “Plug-and-Play” interoperability can make a difference. Patient Saf. Qual. Healthc. 1–5 (2008)
15.
go back to reference Venkatasubramanian, K.K., Gupta, S.K.S., Jetley, R.P., Jones, P.L.: Interoperable Medical Devices - Communication Security Issues. IEEE Pulse, 2 September/October 2010 Venkatasubramanian, K.K., Gupta, S.K.S., Jetley, R.P., Jones, P.L.: Interoperable Medical Devices - Communication Security Issues. IEEE Pulse, 2 September/October 2010
17.
go back to reference Rakitin, S.R.: Networked Medical Devices: Essential Collaboration for Improved Safety. AAMI.org. (2009) Rakitin, S.R.: Networked Medical Devices: Essential Collaboration for Improved Safety. AAMI.org. (2009)
18.
go back to reference Loughlin, S., Williams, J.S.: The top 10 medical device challenges. Biomed. Instrum. Technol. 45, 98–104 (2011) CrossRef Loughlin, S., Williams, J.S.: The top 10 medical device challenges. Biomed. Instrum. Technol. 45, 98–104 (2011) CrossRef
19.
go back to reference Mehta, T., Mah, C.: Auto-provisioning of biomedical devices on a converged IP network. Biomed. Instrum. Technol. 43, 463–467 (2009) CrossRef Mehta, T., Mah, C.: Auto-provisioning of biomedical devices on a converged IP network. Biomed. Instrum. Technol. 43, 463–467 (2009) CrossRef
21.
go back to reference Eagles, S.: An Introduction to IEC 80001: Aiming for Patient Safety in the Networked Healthcare Environment. In: IT Horizons, vol. 2008 (2008) Eagles, S.: An Introduction to IEC 80001: Aiming for Patient Safety in the Networked Healthcare Environment. In: IT Horizons, vol. 2008 (2008)
22.
go back to reference National Cybersecurity and Communications Integration Center: Attack Surface: Healthcare and Public Health Sector (2012) National Cybersecurity and Communications Integration Center: Attack Surface: Healthcare and Public Health Sector (2012)
25.
26.
go back to reference Eagles, S.: IEC 80001: An Introduction. 80001-1 Experts (2012) Eagles, S.: IEC 80001: An Introduction. 80001-1 Experts (2012)
27.
go back to reference Cooper, T., David, Y., Eagles, S.: Getting Started with IEC 80001: Essential Information for Healthcare Providers Managing Medical IT-Networks. AAMI (2011) Cooper, T., David, Y., Eagles, S.: Getting Started with IEC 80001: Essential Information for Healthcare Providers Managing Medical IT-Networks. AAMI (2011)
28.
go back to reference IEC: IEC 80001-1 - Application of Risk Management for IT-Networks incorporating Medical Devices - Part 1: Roles, responsibilities and activities (2010) IEC: IEC 80001-1 - Application of Risk Management for IT-Networks incorporating Medical Devices - Part 1: Roles, responsibilities and activities (2010)
29.
go back to reference Association for the Advancement of Medical Instrumentation: Health IT risk management, Arlington, Virginia (2017) Association for the Advancement of Medical Instrumentation: Health IT risk management, Arlington, Virginia (2017)
30.
go back to reference ISO: ISO 14971:2007 - Medical Devices - Application of Risk to Medical Devices (2007) ISO: ISO 14971:2007 - Medical Devices - Application of Risk to Medical Devices (2007)
31.
go back to reference ISO: ISO 31000:2009 Risk management – Principles and guidelines (2009) ISO: ISO 31000:2009 Risk management – Principles and guidelines (2009)
32.
go back to reference ISO: ISO/TR 80001-2-7: 2015 - Application of risk management for IT-networks incorporating medical devices – Application guidance – Part 2-7: Guidance for healthcare delivery organizations (HDOs) on how to self-assess their conformance with IEC 80001-1 (2015) ISO: ISO/TR 80001-2-7: 2015 - Application of risk management for IT-networks incorporating medical devices – Application guidance – Part 2-7: Guidance for healthcare delivery organizations (HDOs) on how to self-assess their conformance with IEC 80001-1 (2015)
34.
go back to reference IEC: IEC 82304-1:2016 Health software – Part 1: General requirements for product safety (2016) IEC: IEC 82304-1:2016 Health software – Part 1: General requirements for product safety (2016)
35.
go back to reference British Standards Institute: BS EN 15224:2016 Quality management systems. EN ISO 9001:2015 for healthcare (2016) British Standards Institute: BS EN 15224:2016 Quality management systems. EN ISO 9001:2015 for healthcare (2016)
36.
go back to reference ISO/IEC: ISO/IEC Directives, Part 1 Consolidated ISO Supplement — Procedures specific to ISO - Annex SL (2015) ISO/IEC: ISO/IEC Directives, Part 1 Consolidated ISO Supplement — Procedures specific to ISO - Annex SL (2015)
37.
go back to reference ISO/IEC: ISO/IEC 15504-2:2003 - Software engineering — Process assessment — Part 2: Performing an assessment (2003) ISO/IEC: ISO/IEC 15504-2:2003 - Software engineering — Process assessment — Part 2: Performing an assessment (2003)
38.
go back to reference MacMahon, S.T., McCaffery, F., Keenan, F.: Transforming Requirements of IEC 80001-1 into an ISO/IEC 15504-2 Compliant Process Reference Model and Process Assessment Model (2013) MacMahon, S.T., McCaffery, F., Keenan, F.: Transforming Requirements of IEC 80001-1 into an ISO/IEC 15504-2 Compliant Process Reference Model and Process Assessment Model (2013)
39.
go back to reference Barafort, B., Betry, V., Cortina, S., Picard, M., St Jean, M., Renault, A., Valdés, O., Tudor, P.R.C.H.: ITSM Process Assessment Supporting ITIL: Using TIPA to Assess and Improve your Processes with ISO 15504 and Prepare for ISO 20000 Certification. Van Haren, Zaltbommel (2009) Barafort, B., Betry, V., Cortina, S., Picard, M., St Jean, M., Renault, A., Valdés, O., Tudor, P.R.C.H.: ITSM Process Assessment Supporting ITIL: Using TIPA to Assess and Improve your Processes with ISO 15504 and Prepare for ISO 20000 Certification. Van Haren, Zaltbommel (2009)
40.
go back to reference Barafort, B., Renault, A., Picard, M., Cortina, S.: A transformation process for building PRMs and PAMs based on a collection of requirements – Example with ISO/IEC 20000 (2008) Barafort, B., Renault, A., Picard, M., Cortina, S.: A transformation process for building PRMs and PAMs based on a collection of requirements – Example with ISO/IEC 20000 (2008)
41.
go back to reference MacMahon, S.T., McCaffery, F., Eagles, S., Keenan, F., Lepmets, M., Renault, A.: Development of a Process Assessment Model for assessing Medical IT Networks against IEC 80001-1 (2012) MacMahon, S.T., McCaffery, F., Eagles, S., Keenan, F., Lepmets, M., Renault, A.: Development of a Process Assessment Model for assessing Medical IT Networks against IEC 80001-1 (2012)
42.
go back to reference ISO/IEC: ISO/IEC TR 24774:2010 - Systems and software engineering — Life cycle management — Guidelines for process description (2010) ISO/IEC: ISO/IEC TR 24774:2010 - Systems and software engineering — Life cycle management — Guidelines for process description (2010)
43.
go back to reference Cortina, S., Mayer, N., Renault, A., Barafort, B.: Towards a process assessment model for management system standards. Commun. Comput. Inf. Sci. 477, 36–47 (2014) Cortina, S., Mayer, N., Renault, A., Barafort, B.: Towards a process assessment model for management system standards. Commun. Comput. Inf. Sci. 477, 36–47 (2014)
44.
go back to reference ISO/IEC: ISO/IEC 33004:2015 Information technology – Process assessment – Requirements for process reference, process assessment and maturity models (2015) ISO/IEC: ISO/IEC 33004:2015 Information technology – Process assessment – Requirements for process reference, process assessment and maturity models (2015)
45.
go back to reference ISO: ISO 9001: 2015 Quality management systems – Requirements (2015) ISO: ISO 9001: 2015 Quality management systems – Requirements (2015)
47.
go back to reference Hegarty, F.J., MacMahon, S.T., Byrne, P., McCaffery, F.: Assessing a hospital’s medical IT network risk management practice with 80001-1. Biomed. Instrum. Technol. 48, 64–71 (2014) CrossRef Hegarty, F.J., MacMahon, S.T., Byrne, P., McCaffery, F.: Assessing a hospital’s medical IT network risk management practice with 80001-1. Biomed. Instrum. Technol. 48, 64–71 (2014) CrossRef
Metadata
Title
A Proposed Approach to the Revision of IEC 80001-1 Following Annex SL
Authors
Silvana Togneri MacMahon
Todd Cooper
Fergal McCaffery
Copyright Year
2017
DOI
https://doi.org/10.1007/978-3-319-67383-7_22

Premium Partner