Assessing a Hospital’s Medical IT Network Risk Management Practice with 80001-1

Hegarty, Francis J and MacMahon, Silvana Togneri and Byrne, Patricia and McCaffery, Fergal (2014) Assessing a Hospital’s Medical IT Network Risk Management Practice with 80001-1. AAMI Biomedical Instrumentation and Technology, 48 (1). pp. 64-71. ISSN 0899-8205

[thumbnail of AAMI - STOR Upload PDF.pdf]
Download (132kB) | Preview


Medical device interoperability has been identified as a key way of decreasing healthcare costs while improving patient care.1 This has lead to a shift toward placing more medical devices onto information technology (IT) networks. However, placing medical devices onto an IT network may lead to additional risks to safety, effectiveness and security of the devices, the network, and the data. ANSI/AAMI/IEC 80001-1 addresses the roles, responsibilities, and activities that need to be carried out when managing these risks. In this article, we describe an exercise undertaken to assess the medical IT network risk management practice implemented within a hospital to control risk associated with a clinical information system (CIS). The level of compliance with the 80001-1 standard was determined using an assessment framework developed by the Regulated Software Research Centre (RSRC). The purpose of this exercise was to test and inform the development of an assessment method that is part of the assessment framework for this standard. The exercise also sought to identify how the management of such an existing CIS project meets the requirements of 80001-1.

Item Type: Article
Uncontrolled Keywords: Medical devices; Healthcare costs; IT network; ANSI/AAMI/IEC 80001-1; Risk management practice.
Subjects: Computer Science > Computer Software
Research Centres: Regulated Software Research Centre
Depositing User: Silvana MacMahon
Date Deposited: 11 Dec 2014 12:56
Last Modified: 11 Dec 2014 12:56

Actions (login required)

View Item View Item


Downloads per month over past year