PD ISO/TR 27809:2007
Current
The latest, up-to-date edition.
Health informatics. Measures for ensuring patient safety of health software
Hardcopy , PDF
English
08-31-2007
Important note : All end users must be registered with an Account prior to user licenses being assigned.
Foreword
Introduction
1 Scope
2 Terms and definitions
3 Abbreviated terms
4 Outline of the issues
5 General position on medical device controls
6 The border between health software products and medical
devices
7 Classifying health software products
7.1 Options
7.2 Conclusions
8 Options for control measures for health software products
8.1 Overview
8.2 Labelling and documentation
8.3 Clinical evidence
8.4 Incident reporting
8.5 Quality systems
8.6 Design control
8.7 Risk management
9 Standards relevant to risks of a particular nature
9.1 General
9.2 Conclusions
10 Observation on safety and risks in the user domain
10.1 General
10.2 Conclusions
11 Taxonomies
11.1 General
11.2 Conclusions
12 Summary of conclusions
Annex A (informative) Position regarding medical devices in
different countries
Annex B (informative) Analysis of classification procedures
Annex C (informative) Risk management
Bibliography
Describes the control measures required to ensure patient safety in respect to health software products.
| Committee |
IST/35
|
| DocumentType |
Standard
|
| Pages |
48
|
| PublisherName |
British Standards Institution
|
| Status |
Current
|
This Technical Report considers the control measures required to ensure patient safety in respect to health software products. It does not apply to software which is: necessary for the proper application of a medical device or an accessory to a medical device or a medical device in its own right. This Technical Report is aimed at identifying what standards might best be used or created, and their nature, if health software products were to be regulated or controlled in some other formal or informal or voluntary manner whether national, regional or local. However, it is not the purpose of this Technical Report to recommend whether or not health software products should be regulated. This Technical Report applies to any health software product whether or not it is placed on the market and whether or not it is for sale or free of charge. It is addressed to manufacturers of health software products. NOTE The scope is intended to cover health software products which are not, in practice, covered by medical device regulations. AnnexA considers this matter in detail. This Technical Report acknowledges that, on the boundary, there are health software products which are encompassed by medical device regulations in some countries but not in others and that some definitions of medical devices may appear to cover health software products in general but in practice do not.
| Standards | Relationship |
| ISO/TR 27809:2007 | Identical |
| ISO/IEC 27001:2013 | Information technology — Security techniques — Information security management systems — Requirements |
| ISO/TS 22224:2009 | Health informatics Electronic reporting of adverse drug reactions |
| BS 7799-3:2006 | Information security management systems Guidelines for information security risk management |
| EN 1441 : 1997 | MEDICAL DEVICES - RISK ANALYSIS |
| ISO 31000:2009 | Risk management Principles and guidelines |
| ISO 13485:2016 | Medical devices Quality management systems Requirements for regulatory purposes |
| IEC 61508-5:2010 | Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 5: Examples of methods for the determination of safety integrity levels (see Functional Safety and IEC 61508) |
| CFR 21(PTS800-1299) : 0 | FOOD AND DRUGS - FOOD AND DRUG ADMINISTRATION, CHAPTER 1 DEPARTMENT OF HEALTH AND HUMAN SERVICES - PARTS 800-1299 |
| ISO/TR 14969:2004 | Medical devices Quality management systems Guidance on the application of ISO 13485: 2003 |
| IEC 61508-3:2010 | Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 3: Software requirements (see Functional Safety and IEC 61508) |
| PD 6668:2000 | Managing risk for corporate governance |
| EN 1041:2008+A1:2013 | Information supplied by the manufacturer of medical devices |
| ISO/IEC Guide 51:2014 | Safety aspects — Guidelines for their inclusion in standards |
| ISO/TS 19218:2005 | Medical devices Coding structure for adverse event type and cause |
| IEC 62304:2006+AMD1:2015 CSV | Medical device software - Software life cycle processes |
| AS/NZS 4360:2004 | Risk management |
| ISO/IEC 27005:2011 | Information technology Security techniques Information security risk management |
| ISO/IEC 12207:2008 | Systems and software engineering — Software life cycle processes |
| ISO/IEC 17799:2005 | Information technology Security techniques Code of practice for information security management |
| ISO 9001:2015 | Quality management systems — Requirements |
| ISO/IEC TR 15271:1998 | Information technology Guide for ISO/IEC 12207 (Software Life Cycle Processes) |
| ISO 14971:2007 | Medical devices Application of risk management to medical devices |
| CEN/TS 15260:2006 | Health informatics - Classification of safety risks from health informatics products |
| ISO/IEC 90003:2014 | Software engineering Guidelines for the application of ISO 9001:2008 to computer software |
| IEC 60601-1-4:1996+AMD1:1999 CSV | Medical electrical equipment - Part 1-4: General requirements for safety - Collateral Standard: Programmable electrical medical systems |
| ISO/TS 25238:2007 | Health informatics Classification of safety risks from health software |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.