An Evaluation of Risk Management Standards and Frameworks for Assuring Data Security of Medical Device Software AI Models

Buddhika Jayaneththi; Fergal Caffery; Gilbert Regan

doi:10.5220/0012756000003753

An Evaluation of Risk Management Standards and Frameworks for Assuring Data Security of Medical Device Software AI Models

Buddhika Jayaneththi, Fergal Caffery, Gilbert Regan

2024

Abstract

Data is the backbone of Artificial Intelligence (AI) applications, including Medical Device Software (MDS) AI models which rely on sensitive health data. Assuring security of this sensitive health data is a key requirement for MDS AI models and there should be a structured way to manage the risk caused by data security compromises. Implementing a security risk management standard/framework is an effective way to develop a solid baseline for managing security risks, measuring the effectiveness of security controls and meeting compliance requirements. In this paper, nine risk management standards/frameworks in data/information security, AI, Medical Devices (MDs) and AI-enabled MDs domains are evaluated to identify their gaps and implementation challenges when applying them to assure data security of MDS AI models. The results show that currently there is no specific standard/framework that specifically addresses data security risk management of MDS AI models, and that existing standards/frameworks have several gaps such as complexity of the implementation process; lack of detailed threat and vulnerability catalogues; lack of a proper method for risk calculation/estimation; and lack of risk controls and control implementation details. These gaps necessitate the need for the development of a new data security risk management framework for MDS AI models.

Download

Paper Citation

in Harvard Style

Jayaneththi B., Caffery F. and Regan G. (2024). An Evaluation of Risk Management Standards and Frameworks for Assuring Data Security of Medical Device Software AI Models. In Proceedings of the 19th International Conference on Software Technologies - Volume 1: ICSOFT; ISBN 978-989-758-706-1, SciTePress, pages 91-99. DOI: 10.5220/0012756000003753

in Bibtex Style

@conference{icsoft24,
author={Buddhika Jayaneththi and Fergal Caffery and Gilbert Regan},
title={An Evaluation of Risk Management Standards and Frameworks for Assuring Data Security of Medical Device Software AI Models},
booktitle={Proceedings of the 19th International Conference on Software Technologies - Volume 1: ICSOFT},
year={2024},
pages={91-99},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012756000003753},
isbn={978-989-758-706-1},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 19th International Conference on Software Technologies - Volume 1: ICSOFT
TI - An Evaluation of Risk Management Standards and Frameworks for Assuring Data Security of Medical Device Software AI Models
SN - 978-989-758-706-1
AU - Jayaneththi B.
AU - Caffery F.
AU - Regan G.
PY - 2024
SP - 91
EP - 99
DO - 10.5220/0012756000003753
PB - SciTePress