BS EN 80001-1:2011 pdf download – Application of risk management for IT-networks incorporating medical devices Part 1: Roles, responsibilities and activities Recognizing that MEDICAL DEVICEs are incorporated into lT-NETWORKs to achieve desirablebenefits (for example,INTEROPERABILITY),this international standard defines the roles,responsibilities and activities that are necessary for RISK MANAGEMENT of IT-NETWORKSincorporating MEDICAL DEVICEs to address SAFETY,EFFECTIVENESs and DATA AND SYSTEMSECURITY (the KEY PROPERTIES).This international standard does not specify acceptable RISKlevels. NOTE 1 The RISK MANAGEMENT activities described in this standard are derived from those in lS0 14971 [4]. Therelationship between lS0 14971 and this standard is described in Annex A. This standard applies after a MEDICAL DEVICE has been acquired by a RESPONSIBLEORGANIZATION and is a candidate for incorporation into an lT-NETWORK. NOTE 2 This standard does not cover pre-market RISK MANAGEMENT. This standard applies throughout the life cycle of IT-NETWORKS incorporating MEDICAL DEVICES. NOTE 3 The life cycle management activities described in this standard are very similar to those ofISo/IEC 20000-2 [10].The relationship between lSO/IEC 20000-2 and this standard is described in Annex D. This standard applies where there is no single MEDICAL DEVICE manufacturer assumingresponsibility for addressing the KEY PROPERTIEs of the lT-NETWORK incorporating a MEDICALDEVICE. NOTE 4 lf a single manufacturer specifies a complete MEDICAL DEVICE that includes a network, the installation orassembly of the MEDICAL DEVICE according to the manufacturer’s AcCOMPANYING DOCUMENTs is not subject to theprovisions of this standard regardless of who installs or assembles the MEDICAL DEVICE. NOTE 5 lf a single manufacturer specifies a complete MEDICAL DEVICE that includes a network, additions to thatMEDICAL DEVICE or modification of the configuration of that MEDICAL DEvVIGE,other than as specified by themanufacturer, is subject to the provisions of this standard. This standard applies to RESPONSIBLE ORGANIZATIONS,MEDICAL DEVICE manufacturers andproviders of other information technology for the purpose of RISK MANAGEMENT of an lT-NETWORK incorporating MEDICAL DEVICEs as specified by the RESPONSIBLE ORGANIZATION. This standard does not apply to personal use applications where the patient,OPERATOR andRESPONSIBLE ORGANIZATION are one and the same person. NOTE 6 In cases where a MEDICAL DEVIcE is used at home under the supervision or instruction of the provider,that provider is deemed to be the RESPONSIBLE ORGANIZATION.Personal use where the patient acquires and uses aMEDICAL DEVICE without the supervision or instruction of a provider is out of scope of this standard. This standard does not address regulatory or legal requirements. 2Terms and definitions For the purposes...

Download Address

  • Download