Development and Validation of the MedITNet Assessment Framework: Improving Risk Management of Medical IT Networks

MacMahon, Silvana Togneri and McCaffery, Fergal and Keenan, Frank (2015) Development and Validation of the MedITNet Assessment Framework: Improving Risk Management of Medical IT Networks. In: 2015 International Conference on Software and Systems Process (ICSSP), August 24–26, 2015, Tallinn, Estonia. (Submitted)

[thumbnail of ICSSP 2015 v1.6 Camera Ready Updated.pdf]
PDF - Submitted Version
Download (1MB) | Preview


The use of networked medical devices can provide a number of benefits such as improved patient safety, reduced costs of care and a reduction in adverse events. Traditionally, medical devices were placed onto a proprietary IT network provided by the manufacturer of the device. Today, medical devices are increasingly designed for incorporation into a hospital’s general IT network enabling devices to exchange critical information. However, this can introduce risks and negate the potential benefits to patients. While the IEC 80001-1 standard has been developed to aid Healthcare Delivery Organisations (HDOs) in addressing these risks, HDOs may struggle to understand and implement the requirements. The MedITNet framework has been developed to allow HDOs to assess the capability of their risk management processes against the requirements of IEC 80001-1. MedITNet provides a flexible assessment framework enabling HDOs to gain a greater understanding of the requirements of the standard and to improve risk management processes by determining their current state and highlighting areas for improvement. This paper examines the challenges faced by HDOs in the risk management of medical IT networks and briefly explains the components of the MedITNet framework and how the framework addresses these challenges. This paper also details how Action Design Research (ADR) was used in the development and validation of MedITNet.

Item Type: Conference or Workshop Item (Paper)
Uncontrolled Keywords: Medical Devices; Risk Management; Medical IT networks; IEC 80001-1; Action Design Research.
Subjects: Computer Science
Computer Science > Computer Software
Research Centres: Regulated Software Research Centre
Depositing User: Sean McGreal
Date Deposited: 23 Sep 2015 12:28
Last Modified: 04 Dec 2015 14:10
License: Creative Commons: Attribution-Noncommercial-Share Alike 4.0

Actions (login required)

View Item View Item


Downloads per month over past year