Revising IEC 80001-1: risk management of health information technology systems
MacMahon, Silvana TogneriORCID: 0000-0003-0179-2436, Cooper, Todd and McCaffery, Fergal
(2018)
Revising IEC 80001-1: risk management of health information technology systems.
Computer Standards and Interfaces, 60
.
pp. 67-72.
ISSN 0920-5489
IEC 80001-1 was published in 2010 and is now undergoing revision.
Feedback gathered on the adoption of the standard has revealed a number of
barriers that have impacted its adoption. The standard provides requirements
related to the roles, responsibilities and activities that need to be performed for
the risk management of medical IT networks. One reported barrier is a lack of
drivers to motivate Top Management to implement the standard. In addition,
there is a lack of alignment between IT and biomedical engineering departments
within hopitals. Finally, the IEC 80001-1 standard was considered to be too
complicated and complex to implement. This paper presents the barriers
identified in the feedback and presents an approach to the revision of the
standard as a process based standard following the structure outlined in
ISO/IEC Directives Annex SL and aligned risk management standards as a
means to overcome these barriers.
Metadata
Item Type:
Article (Published)
Refereed:
Yes
Uncontrolled Keywords:
IEC80001-1; Risk Assessment; ISO31000; Annex SL; Process Assessment; ISO15224