PD IEC/TR 80001-2-2:2012
Current
The latest, up-to-date edition.
Application of risk management for IT-networks incorporating medical devices Guidance for the disclosure and communication of medical device security needs, risks and controls
Hardcopy , PDF
English
07-10-2012
Committee |
CH/62/1
|
DocumentType |
Standard
|
Pages |
58
|
PublisherName |
British Standards Institution
|
Status |
Current
|
IEC/TR 80001-2-2:2012(E), which is a technical report, creates a framework for the disclosure of security-related capabilities and risks necessary for managing the risk in connecting medical devices to IT-networks and for the security dialog that surrounds the IEC 80001-1 risk management of IT-network connection. This security report presents an informative set of common, high-level security-related capabilities useful in understanding the user needs, the type of security controls to be considered and the risks that lead to the controls. Intended use and local factors determine which exact capabilities will be useful in the dialog about risk. The capability descriptions in this report are intended to supply health delivery organizations (HDOs), medical device manufacturers (MDMs), and IT vendors with a basis for discussing risk and their respective roles and responsibilities toward its management. This discussion among the risk partners serves as the basis for one or more responsibility agreements as specified in IEC 80001-1.
Standards | Relationship |
IEC TR 80001-2-2:2012 | Identical |
IEC 80001-1:2010 | Application of risk management for IT-networks incorporating medical devices - Part 1: Roles, responsibilities and activities |
ISO/IEC 15408-2:2008 | Information technology — Security techniques — Evaluation criteria for IT security — Part 2: Security functional components |
ISO/TR 27809:2007 | Health informatics Measures for ensuring patient safety of health software |
ISO/IEC 27001:2013 | Information technology — Security techniques — Information security management systems — Requirements |
IEEE 610.12-1990 | IEEE Standard Glossary of Software Engineering Terminology |
ISO/IEC 15408-3:2008 | Information technology — Security techniques — Evaluation criteria for IT security — Part 3: Security assurance components |
IEC 60601-1-6:2010+AMD1:2013 CSV | Medical electrical equipment - Part 1-6: General requirements for basic safety and essential performance - Collateral standard: Usability |
ISO 13485:2016 | Medical devices Quality management systems Requirements for regulatory purposes |
ISO/IEC 27002:2013 | Information technology Security techniques Code of practice for information security controls |
NEN 7510 : 2011 | HEALTH INFORMATICS - INFORMATION SECURITY MANAGEMENT IN HEALTHCARE |
IEC 60601-1-8:2006+AMD1:2012 CSV | Medical electrical equipment - Part 1-8: General requirements forbasic safety and essential performance - Collateral Standard: General requirements, tests and guidance for alarm systems inmedical electrical equipment and medical electrical systems |
IEC TR 80001-2-3:2012 | Application of risk management for IT-networks incorporating medical devices - Part 2-3: Guidance for wireless networks |
ISO/IEC 20000-1:2011 | Information technology Service management Part 1: Service management system requirements |
IEC 62304:2006+AMD1:2015 CSV | Medical device software - Software life cycle processes |
ISO/IEC 20000-2:2012 | Information technology Service management Part 2: Guidance on the application of service management systems |
ISO/IEC 27005:2011 | Information technology Security techniques Information security risk management |
ISO/TS 13606-4:2009 | Health informatics Electronic health record communication Part 4: Security |
IEC 60300-3-9:1995 | Dependability management - Part 3: Application guide - Section 9: Risk analysis of technological systems |
IEC 61907:2009 | Communication network dependability engineering |
ISO/IEC 15408-1:2009 | Information technology — Security techniques — Evaluation criteria for IT security — Part 1: Introduction and general model |
ISO 14971:2007 | Medical devices Application of risk management to medical devices |
IEC TR 80001-2-1:2012 | Application of risk management for IT-networks incorporating medical devices - Part 2-1: Step by step risk management of medical IT-networks - Practical applications and examples |
ISO/TS 25238:2007 | Health informatics Classification of safety risks from health software |
ISO 27799:2016 | Health informatics Information security management in health using ISO/IEC 27002 |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.