IEC TR 80001-2-1:2012
Withdrawn
A Withdrawn Standard is one, which is removed from sale, and its unique number can no longer be used. The Standard can be withdrawn and not replaced, or it can be withdrawn and replaced by a Standard with a different number.
Application of risk management for IT-networks incorporating medical devices - Part 2-1: Step by step risk management of medical IT-networks - Practical applications and examples
Hardcopy , PDF , PDF 3 Users , PDF 5 Users , PDF 9 Users
04-05-2024
English
07-10-2012
Important note : All end users must be registered with an Account prior to user licenses being assigned.
FOREWORD
INTRODUCTION
1 Scope
2 Normative references
3 Terms and definitions
4 Prerequisites
5 Study of terms used in RISK MANAGEMENT
6 The steps
7 IEC 80001-1:2010, Clause 4.4: Step by step
8 Practical examples
Annex A (informative) - Common HAZARDS,
HAZARDOUS SITUATIONS, and causes to
consider in MEDICAL IT-NETWORKS
Annex B (informative) - List of questions to consider
when identifying HAZARDs of the MEDICAL IT-NETWORK
Annex C (informative) - Layers of MEDICAL IT-NETWORKS where
errors can be found
Annex D (informative) - Probability, severity, and RISK
acceptability scales used in the examples in this
technical report
Annex E (informative) - MONITORING RISK mitigation
effectiveness
Annex F (informative) - RISK ANALYZING small changes in a
MEDICAL IT-NETWORK
Annex G (informative) - Example of Change Window Form
Annex H (informative) - Template for examples
Bibliography
IEC/TR 80001-2-1:2012(E), which is a technical report, is a step-by-step guide to help in the application of risk management when creating or changing a medical IT-network. It provides easy to apply steps, examples, and information helping in the identification and control of risks. All relevant requirements in IEC 80001-1:2010 are addressed and links to other clauses and subclauses of IEC 80001-1 are addressed where appropriate (e.g. handover to release management and monitoring). This technical report focuses on practical risk management. It is not intended to provide a full outline or explanation of all requirements that are satisfactorily covered by IEC 80001-1. This step-by-step guidance follows a 10-step process that follows subclause 4.4 of IEC 80001-1:2010, which specifically addresses risk analysis, risk evaluation and risk control. These activities are embedded within the full life cycle risk management process. They can never be the first step, as risk management follows the general process model which sets planning before any action.
| DevelopmentNote |
Stability date: 2017. (09/2017)
|
| DocumentType |
Technical Report
|
| Pages |
66
|
| PublisherName |
International Electrotechnical Committee
|
| Status |
Withdrawn
|
| Standards | Relationship |
| ANSI/AAMI/IEC TIR80001-2-1:2012 | Identical |
| NEN NPR IEC/TR 80001-2-1 : 2012 | Identical |
| PD IEC/TR 80001-2-1:2012 | Identical |
| 16/30346073 DC : 0 | BS ISO 16142-2 - MEDICAL DEVICES - RECOGNIZED ESSENTIAL PRINCIPLES OF SAFETY AND PERFORMANCE OF MEDICAL DEVICES - PART 2: GENERAL ESSENTIAL PRINCIPLES AND ADDITIONAL SPECIFIC ESSENTIAL PRINCIPLES FOR ALL IVD MEDICAL DEVICES AND GUIDANCE ON THE SELECTION OF STANDARDS |
| ISO 16142-1:2016 | Medical devices — Recognized essential principles of safety and performance of medical devices — Part 1: General essential principles and additional specific essential principles for all non-IVD medical devices and guidance on the selection of standards |
| AAMI/IEC TIR80001-2-3:2012 | APPLICATION OF RISK MANAGEMENT FOR IT-NETWORKS INCORPORATING MEDICAL DEVICES - PART 2-3: GUIDANCE FOR WIRELESS NETWORKS |
| ISO 16142-2:2017 | Medical devices — Recognized essential principles of safety and performance of medical devices — Part 2: General essential principles and additional specific essential principles for all IVD medical devices and guidance on the selection of standards |
| EN 62453-1:2017 | Field Device Tool (FDT) interface specification - Part 1: Overview and guidance |
| PD ISO/TR 80001-2-7:2015 | Application of risk management for IT-networks incorporating medical devices. Application guidance Guidance for Healthcare Delivery Organizations (HDOs) on how to self-assess their conformance with IEC 80001-1 |
| PD IEC/TR 80001-2-9:2017 | Application of risk management for it-networks incorporating medical devices Application guidance. Guidance for use of security assurance cases to demonstrate confidence in IEC TR 80001-2-2 security capabilities |
| AAMI IEC TIR 80001-2-2 : 2012 | APPLICATION OF RISK MANAGEMENT FOR IT-NETWORKS INCORPORATING MEDICAL DEVICES - PART 2-2: GUIDANCE FOR THE DISCLOSURE AND COMMUNICATION OF MEDICAL DEVICE SECURITY NEEDS, RISKS AND CONTROLS |
| ANSI/AAMI/ISO 16142-2:2017 | MEDICAL DEVICES - RECOGNIZED ESSENTIAL PRINCIPLES OF SAFETY AND PERFORMANCE OF MEDICAL DEVICES - PART 2: GENERAL ESSENTIAL PRINCIPLES AND ADDITIONAL SPECIFIC ESSENTIAL PRINCIPLES FOR ALL IVD MEDICAL DEVICES AND GUIDANCE ON THE SELECTION OF STANDARDS |
| I.S. EN 62453-1:2017 | FIELD DEVICE TOOL (FDT) INTERFACE SPECIFICATION - PART 1: OVERVIEW AND GUIDANCE |
| AAMI/IEC TIR80001-2-5:2014 | APPLICATION OF RISK MANAGEMENT FOR IT-NETWORKS INCORPORATING MEDICAL DEVICES - PART 2-5: APPLICATION GUIDANCE - GUIDANCE ON DISTRIBUTED ALARM SYSTEMS |
| NEMA HN 1 : 2013 | MANUFACTURER DISCLOSURE STATEMENT FOR MEDICAL DEVICE SECURITY |
| BS ISO 16142-2:2017 | Medical devices. Recognized essential principles of safety and performance of medical devices General essential principles and additional specific essential principles for all IVD medical devices and guidance on the selection of standards |
| BS ISO 16142-1:2016 | Medical devices. Recognized essential principles of safety and performance of medical devices General essential principles and additional specific essential principles for all non-IVD medical devices and guidance on the selection of standards |
| BS EN 62453-1:2017 | Field Device Tool (FDT) interface specification Overview and guidance |
| PD IEC/TR 80001-2-4:2012 | Application of risk management for IT-networks incorporating medical devices Application guidance. General implementation guidance for healthcare delivery organizations |
| IEC TR 80001-2-4:2012 | Application of risk management for IT-networks incorporating medical devices - Part 2-4: Application guidance - General implementation guidance for healthcare delivery organizations |
| PD IEC/TR 80001-2-3:2012 | Application of risk management for IT-networks incorporating medical devices Guidance for wireless networks |
| PD IEC/TR 80001-2-2:2012 | Application of risk management for IT-networks incorporating medical devices Guidance for the disclosure and communication of medical device security needs, risks and controls |
| AAMI/IEC TIR80001-2-4:2012 | APPLICATION OF RISK MANAGEMENT FOR IT-NETWORKS INCORPORATING MEDICAL DEVICES - PART 2-4: GENERAL IMPLEMENTATION GUIDANCE FOR HEALTHCARE DELIVERY ORGANIZATIONS |
| IEC TR 80001-2-3:2012 | Application of risk management for IT-networks incorporating medical devices - Part 2-3: Guidance for wireless networks |
| IEC 62453-1:2016 | Field device tool (FDT) interface specification - Part 1: Overview and guidance |
| IEC TR 80001-2-2:2012 | Application of risk management for IT-networks incorporating medical devices - Part 2-2: Guidance for the disclosure and communication of medical device security needs, risks and controls |
| PD IEC/TR 80001-2-5:2014 | Application of risk management for IT-networks incorporating medical devices Application guidance. Guidance on distributed alarm systems |
| IEC TR 80001-2-5:2014 | Application of risk management for IT-networks incorporating medical devices - Part 2-5: Application guidance - Guidance on distributed alarm systems |
| AAMI/IEC TIR80001-2-7:2014 | APPLICATION OF RISK MANAGEMENT FOR IT-NETWORKS INCORPORATING MEDICAL - APPLICATION GUIDANCE - PART 2-7: GUIDANCE FOR HEALTHCARE DELIVERY ORGANIZATIONS (HDOS) ON HOW TO SELF-ASSESS THEIR CONFORMANCE WITH IEC 80001-1 |
| ISO/TR 80001-2-7:2015 | Application of risk management for IT-networks incorporating medical devices — Application guidance — Part 2-7: Guidance for healthcare delivery organizations (HDOs) on how to self-assess their conformance with IEC 80001-1 |
| IEC 80001-1:2010 | Application of risk management for IT-networks incorporating medical devices - Part 1: Roles, responsibilities and activities |
| ISO/IEC 27001:2013 | Information technology — Security techniques — Information security management systems — Requirements |
| IEC 60601-1:2005+AMD1:2012 CSV | Medical electrical equipment - Part 1: General requirements for basic safety and essential performance |
| ISO/TS 19218-2:2012 | Medical devices Hierarchical coding structure for adverse events Part 2: Evaluation codes |
| ISO/IEC 27002:2013 | Information technology Security techniques Code of practice for information security controls |
| IEC TR 80001-2-2:2012 | Application of risk management for IT-networks incorporating medical devices - Part 2-2: Guidance for the disclosure and communication of medical device security needs, risks and controls |
| IEC 60601-1-2:2014 | Medical electrical equipment - Part 1-2: General requirements for basic safety and essential performance - Collateral Standard: Electromagnetic disturbances - Requirements and tests |
| IEC TR 80001-2-3:2012 | Application of risk management for IT-networks incorporating medical devices - Part 2-3: Guidance for wireless networks |
| ISO 14971:2007 | Medical devices Application of risk management to medical devices |
| ISO 27799:2016 | Health informatics Information security management in health using ISO/IEC 27002 |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.