Revising IEC 80001-1: Risk Management of Health Information Technology Systems

MacMahon, Silvana Togneri and Cooper, Todd and McCaffery, Fergal (2018) Revising IEC 80001-1: Risk Management of Health Information Technology Systems. Computer Standards & Interfaces. ISSN ISSN: 0920-5489

[thumbnail of Revising IEC 80001-1 - Risk Management of HITS - Final Revised 29-03-2018.pdf]
Download (118kB) | Preview


IEC 80001-1 was published in 2010 and is now undergoing revision. Feedback gathered on the adoption of the standard has revealed a number of barriers that have impacted its adoption. The standard provides requirements related to the roles, responsibilities and activities that need to be performed for the risk management of medical IT networks. One reported barrier is a lack of drivers to motivate Top Management to implement the standard. In addition, there is a lack of alignment between IT and biomedical engineering departments within hopitals. Finally, the IEC 80001-1 standard was considered to be too complicated and complex to implement. This paper presents the barriers identified in the feedback and presents an approach to the revision of the standard as a process based standard following the structure outlined in ISO/IEC Directives Annex SL and aligned risk management standards as a means to overcome these barriers.

Item Type: Article
Uncontrolled Keywords: IEC 80001-1, Risk Assessment, ISO 31000, Annex SL, Process Assessment, ISO 15224.
Subjects: Computer Science
Computer Science > Computer Software
Research Centres: Regulated Software Research Centre
Depositing User: Silvana MacMahon
Date Deposited: 11 Jan 2019 13:27
Last Modified: 11 Jan 2019 13:27

Actions (login required)

View Item View Item


Downloads per month over past year