Towards a Process Assessment Model for IEC 80001-1

Silvana Togneri MacMahon, Fergal McCaffery, Frank Keenan

2013

Abstract

Medical Devices are widely used in patient care for both diagnosis and treatment purposes. Typically, modern medical devices are intended to be networked at their point of use. The incorporation of medical devices opens up new opportunities and new vulnerabilities to patients and medical facilities. In 2010, the first standard to address the risks of incorporating a medical device into an IT network was published in the form of IEC 80001-1. Currently no method exists to allow responsible organisations - entities that operate and maintain a network that incorporates a medical device- to assess themselves against this standard. This paper discusses the how healthcare providers can be assessed against IEC 80001-1. This paper discusses the work carried out to date to develop a Process Reference Model and future work to allow this Process Reference Model to be extended to form a Process Assessment Model is also presented within this paper.

References

  1. Barafort, B., Betry, V., Cortina, S., Picard, M., St Jean, M., Renault, A., Valdés, O. & Tudor, P. R. C. H. 2009. ITSM Process Assessment Supporting ITIL : Using TIPA to Assess and Improve your Processes with ISO 15504 and Prepare for ISO 20000 Certification, Zaltbommel, Netherlands, Van Haren.
  2. Barafort, B., Renault, A., Picard, M. & Cortina, S. 2008. A transformation process for building PRMs and PAMs based on a collection of requirements - Example with ISO/IEC 20000. SPICE Nuremberg, Germany.
  3. Cooper, T., David, Y. & Eagles, S. 2011. Getting Started with IEC 80001: Essential Information for Healthcare Providers Managing Medical IT-Networks, AAMI.
  4. IEC 2010. IEC 80001-1 - Application of Risk Management for IT-Networks incorporating Medical Devices - Part 1: Roles, responsibilities and activities. Geneva, Switzerland: International Electrotechnical Commission.
  5. ISO/IEC 2003. ISO/IEC 15504-2:2003 - Software engineering - Process assessment - Part 2: Performing an assessment. Geneva, Switzerland.
  6. ISO/IEC 2010. ISO/IEC TR 24774:2010 - Systems and software engineering - Life cycle management - Guidelines for process description. Geneva, Switzerland.
  7. ISO/IEC 2011a. ISO/IEC 20000-1:2011 - Information technology -Service management Part 1: Service management system requirements. Geneva, Switzerland.
  8. ISO/IEC 2011b. ISO/IEC PDTR 15504-8 - Information technology -- Process assessment -- Part 8: An exemplar process assessment model for IT service management. Geneva, Switzerland.
  9. National Cybersecurity and Communications Integration Center 2012. Attack Surface: Healthcare and Public Health Sector.
  10. The Cabinet Office 2011. ITIL 2011 - Summary of Updates. Norfolk, England: Crown Copyright.
Download


Paper Citation


in Harvard Style

Togneri MacMahon S., McCaffery F. and Keenan F. (2013). Towards a Process Assessment Model for IEC 80001-1 . In Proceedings of the International Conference on Health Informatics - Volume 1: HEALTHINF, (BIOSTEC 2013) ISBN 978-989-8565-37-2, pages 301-304. DOI: 10.5220/0004184003010304


in Bibtex Style

@conference{healthinf13,
author={Silvana Togneri MacMahon and Fergal McCaffery and Frank Keenan},
title={Towards a Process Assessment Model for IEC 80001-1},
booktitle={Proceedings of the International Conference on Health Informatics - Volume 1: HEALTHINF, (BIOSTEC 2013)},
year={2013},
pages={301-304},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004184003010304},
isbn={978-989-8565-37-2},
}


in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Health Informatics - Volume 1: HEALTHINF, (BIOSTEC 2013)
TI - Towards a Process Assessment Model for IEC 80001-1
SN - 978-989-8565-37-2
AU - Togneri MacMahon S.
AU - McCaffery F.
AU - Keenan F.
PY - 2013
SP - 301
EP - 304
DO - 10.5220/0004184003010304