Application of risk management for IT-networks incorporating medical devices

ISO/TR 80001-2-6:2014 provides guidance on implementing RESPONSIBILITY AGREEMENTS, which are described in IEC 80001-1 as used to establish the roles and responsibilities among the stakeholders engaged in the incorporation of a MEDICAL DEVICE into an IT-NETWORK in order to support compliance to IEC 80001-1. Stakeholders may include RESPONSIBLE ORGANIZATIONS, IT suppliers, MEDICAL DEVICE manufacturers and others. The goal of the RESPONSIBILITY AGREEMENT is that these roles and responsibilities should cover the complete lifecycle of the resulting MEDICAL IT-NETWORK.

Application de la gestion des risques pour les réseaux intégrant appareils médicaux

General Information

Status
Published
Publication Date
19-Nov-2014
Current Stage
6060 - International Standard published
Start Date
16-Oct-2014
Completion Date
20-Nov-2014
Ref Project

Buy Standard

Technical report
ISO/TR 80001-2-6:2014 - Application of risk management for IT-networks incorporating medical devices
English language
15 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (sample)

TECHNICAL ISO/TR
REPORT 80001-2-6
First edition
2014-12-01
Application of risk management for
IT-networks incorporating medical
device —
Part 2-6:
Application guidance — Guidance for
responsibility agreements
Application de la gestion des risques pour les réseaux intégrant
appareils médicaux —
Partie 2-6: Application guidage — Orientation des accords de
responsabilité
Reference number
ISO/TR 80001-2-6:2014(E)
ISO 2014
---------------------- Page: 1 ----------------------
ISO/TR 80001-2-6:2014(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO 2014

All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any

means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior written permission.

Permission can be requested from either ISO at the address below or ISO’s member body in the country of the requester.

ISO copyright office
Case postale 56  CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland
ii © ISO 2014 – All rights reserved
---------------------- Page: 2 ----------------------
ISO TR 80001-2-6:2014(E)
Contents Page

Foreword ............................................................................................................................................................ iv

Introduction ......................................................................................................................................................... v

1 Scope ...................................................................................................................................................... 1

1.1 Purpose .................................................................................................................................................. 1

1.2 Prerequisites .......................................................................................................................................... 1

2 Normative references ............................................................................................................................ 1

3 Terms and definitions ........................................................................................................................... 1

4 Key aspects for RESPONSIBILITY AGREEMENTS ........................................................................ 5

4.1 Reasons and rationale .......................................................................................................................... 5

4.2 Participants ............................................................................................................................................ 5

4.3 Proposed types of RESPONSIBILITY AGREEMENTS ....................................................................... 5

4.4 Communication control ........................................................................................................................ 5

4.4.1 Bilateral versus multilateral RESPONSIBILITY AGREEMENTS ........................................................ 5

4.4.2 Non-disclosure agreements ................................................................................................................. 5

4.4.3 Update of information and documentation ......................................................................................... 6

4.5 Responsibility for establishing ............................................................................................................ 6

4.6 Methods for determination and of responsibilities ............................................................................ 6

4.7 Life cycle considerations...................................................................................................................... 6

5 Elements of a RESPONSIBILITY AGREEMENT .................................................................................. 7

Annex A (informative) RACI chart .................................................................................................................... 11

Annex B (informative) Typical documents ........................................................................................................ 12

© ISO 2014 – All rights reserved iii
---------------------- Page: 3 ----------------------
ISO TR 80001-2-6:2014(E)
Foreword

ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies

(ISO member bodies). The work of preparing International Standards is normally carried out through ISO

technical committees. Each member body interested in a subject for which a technical committee has been

established has the right to be represented on that committee. International organizations, governmental and

non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the

International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.

International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.

The main task of technical committees is to prepare International Standards. Draft International Standards

adopted by the technical committees are circulated to the member bodies for voting. Publication as an

International Standard requires approval by at least 75 % of the member bodies casting a vote.

In exceptional circumstances, when a technical committee has collected data of a different kind from that

which is normally published as an International Standard (“state of the art”, for example), it may decide by a

simple majority vote of its participating members to publish a Technical Report. A Technical Report is entirely

informative in nature and does not have to be reviewed until the data it provides are considered to be no

longer valid or useful.

Attention is drawn to the possibility that some of the elements of this document may be the subject of patent

rights. ISO shall not be held responsible for identifying any or all such patent rights.

ISO TR 80001-2-6 was prepared by Technical Committee ISO/TC 215, Health informatics, jointly with IEC

Subcommittee IEC/SC 62A.

ISO/IEC TR 80001 consists of the following parts, under the general title Application of risk management for

IT-networks incorporating medical devices.
 Part 1: Roles, responsibilities and activities

 Part 2-1: Step-by-step risk management of medical IT-networks – Practical applications and examples

 Part 2-2: Guidance for the disclosure and communication of medical device security needs, risks and

controls
 Part 2-3: Guidance for wireless networks

 Part 2-4: Application guidance – General implementation guidance for Healthcare Delivery Organizations

 Part 2-5: Application guidance – Guidance on distributed alarm systems (in development)

 Part 2-6: Application guidance – Guidance for responsibility agreements

 Part 2-7: IT-networks incorporating medical devices - Part 2-7: Application Guidance - Guidance for

Healthcare Delivery Organizations (HDOs) on how to self-assess their conformance with IEC 80001-1 (in

development)

 Part 2-8: Application of risk management for IT-networks incorporating medical devices Part 2-8:

Application guidance - Guidance on standards for establishing the security capabilities identified in IEC

80001-2-2 (in development)
iv © ISO 2014 – All rights reserved
---------------------- Page: 4 ----------------------
ISO TR 80001-2-6:2014(E)
Introduction
0.1 Background

IEC 80001-1 was developed to meet the need to managing RISKS associated with the increasing prevalence of

MEDICAL DEVICES being connected to general purpose IT-NETWORKS. The standard introduces the notion of a

RESPONSIBILITY AGREEMENT covering roles and responsibilities of the stakeholders. This Technical Report

provides practical guidance to RESPONSIBLE ORGANIZATIONS on establishing a RESPONSIBILITY AGREEMENT

among all stakeholders involved, namely the RESPONSIBLE ORGANIZATION, the MEDICAL DEVICE manufacturer(s)

and the IT supplier(s).

Examples of situations where a RESPONSIBILITY AGREEMENT could prove useful when an IT-NETWORK

incorporates MEDICAL DEVICES. The benefits of the RESPONSIBILITY AGREEMENT include:

a) The roles and responsibilities of the stakeholders are identified and communicated in written form.

It is essential to have a clear understanding of the clinical dependencies on the network and to identify

the roles and responsibilities of the stakeholders, including clinical staff and the MEDICAL DEVICE

manufacturers.

The organization or department responsible for configurations control and maintenance of the IT-

NETWORK should have, or establish if necessary, change control procedures to manage the RISKS to

services supported by the network arising from the implementation of changes to network (e.g. software

upgrade to network components).

EXAMPLE 1 Common examples include software upgrades for antivirus software or bug fixes in networking

switches and routers. Before upgrading hard/soft/firmware on infrastructure supporting MEDICAL DEVICES and medical

systems, it is important that MEDICAL DEVICES that can be impacted are identified through an impact assessment. To

undertake such an assessment requires either detailed engineering knowledge of each component and its

dependencies or for example, the co-operation of the respective manufacturer. Whichever party takes responsibility

for this should then review and validate their systems on the new hard/soft/firmware. It is also important to ensure

that whenever practicable, there is a back-out/regression plan which has also been tested. In this scenario, the

RESPONSIBILITY AGREEMENT would set out the responsibilities of each party, e.g., How such activities would be initiated,

who would notify whom, when, with what information and how would they be expected to respond. There have

already been documented instances where MEDICAL DEVICES have been adversely affected from such changes and

this was one reason for US FDA's "Guidance for Industry - Cybersecurity for Networked Medical Devices Containing

Off-the-Shelf (OTS) Software." See:

http://www.fda.gov/MedicalDevices/DeviceRegulationandGuidance/GuidanceDocuments/ucm077812.htm

b) A clinical user of a MEDICAL DEVICE can desire to connect the MEDICAL DEVICE to a general purpose IT-

NETWORK. Having a PROCESS in place to inform and involve relevant stakeholders early in the planning

stage (i.e., prior to go live) could help avert uninformed decision making and implementation that could

adversely impact other clinical systems that rely on the IT-NETWORK.

EXAMPLE 2 Demand already exists for this capability, e.g., delivery of MEDICAL DEVICE alarms via wireless

communications devices carried by PATIENT care staff, automated/remote programming of infusion therapy pumps

and Admit/Discharge/Transfer data feeds to medical monitoring systems. When doing so requires multiple otherwise

independent stakeholders to be responsible for aspects of the system’s development, implementation and operation,

and maintenance, it is imperative that all stakeholders are explicitly aware and accepting of their responsibilities. A

RESPONSIBILITY AGREEMENT serves as a vehicle to accomplish this.
© ISO 2014 – All rights reserved v
---------------------- Page: 5 ----------------------
ISO TR 80001-2-6:2014(E)
0.2 Normative requirements from IEC 80001-1

In addition to the languages of subclause 4.3.4 describing the RESPONSIBILITY AGREEMENT, subclauses 3.5 and

3.6 require information to be made available to the RESPONSIBLE ORGANIZATION by MEDICAL DEVICE

manufacturers and IT supplier, respectively. Both subclauses acknowledge the possibility that the information

identified may be insufficient to address the RESPONSIBLE ORGANIZATION’S RISK MANAGEMENT needs by

including the following notes:

NOTE 1 Where the content made available does not meet the RESPONSIBLE ORGANIZATION'S RISK MANAGEMENT need,

additional content can be made available under a RESPONSIBILITY AGREEMENT.

NOTE 2 A RESPONSIBILITY AGREEMENT between the RESPONSIBLE ORGANIZATION and a MEDICAL DEVICE manufacturer can

be used to identify and share the documentation needed.
vi © ISO 2014 – All rights reserved
---------------------- Page: 6 ----------------------
TECHNICAL REPORT ISO TR 80001-2-6:2014(E)
Application of risk management for IT-networks incorporating
medical devices — Part 2-6: Application guidance — Part 2-6:
Guidance for responsiblity agreements
1 Scope
1.1 Purpose

This Technical Report provides guidance on implementing RESPONSIBILITY AGREEMENTS, which are described

in IEC 80001-1 as used to establish the roles and responsibilities among the stakeholders engaged in the

incorporation of a MEDICAL DEVICE into an IT-NETWORK in order to support compliance to IEC 80001-1.

Stakeholders may include RESPONSIBLE ORGANIZATIONS, IT suppliers, MEDICAL DEVICE manufacturers and

others. The goal of the RESPONSIBILITY AGREEMENT is that these roles and responsibilities should cover the

complete lifecycle of the resulting MEDICAL IT-NETWORK.
1.2 Prerequisites

The RESPONSIBLE ORGANIZATION’S (ROs) TOP MANAGEMENT has accepted responsibility for the successful

implementation of IEC 80001-1. As required by IEC 80001-1, the RO has created and approved policies for

the RISK MANAGEMENT PROCESS and RISK acceptability criteria while balancing the three KEY PROPERTIES with

the mission of the RO. The RO has identified and provisioned adequate resources and assigned qualified

personnel to perform tasks related to the standard. The RO has appointed a MEDICAL IT-NETWORK RISK

MANAGER and is prepared to establish the RESPONSIBILITY AGREEMENT.
2 Normative references

The following document, in whole or in part, is normatively referenced in this document and is indispensable

for its application. As a dated reference, only the edition cited applies.

IEC 80001-1:2010, Application of risk management for IT -networks incorporating medical devices – Part 1:

Roles, responsibilities and activities
3 Terms and definitions
3.1
CHANGE PERMIT

outcome of the RISK MANAGEMENT PROCESS consisting of a document that allows a specified change or type of

change without further RISK MANAGEMENT activities subject to specified constraints

[SOURCE: IEC 80001-1:2010, 2.3]
3.2
DATA AND SYSTEM SECURITY

operational state of a MEDICAL IT-NETWORK in which information assets (data and systems) are reasonably

protected from degradation of confidentiality, integrity, and availability
© ISO 2014 – All rights reserved
---------------------- Page: 7 ----------------------
ISO TR 80001-2-6:2014(E)
[SOURCE: IEC 80001-1:2010, 2.5]
3.3
EFFECTIVENESS

ability to produce the intended result for the subject of care and the RESPONSIBLE ORGANIZATION

[SOURCE: IEC 80001-1:2010, 2.6]
3.4
EVENT MANAGEMENT

PROCESS that ensures that all events that can or might negatively impact the operation of the IT-NETWORK are

captured, assessed, and managed in a controlled manner
[SOURCE: IEC 80001-1:2010, 2.7]
3.5
HARM

physical injury or damage to the health of people, or damage to property or the environment, or reduction in

EFFECTIVENESS, or breach of DATA AND SYSTEM SECURITY
[SOURCE: IEC 80001-1:2010, 2.8]
3.6
HAZARD
potential source of HARM
[SOURCE: IEC 80001-1:2010, 2.9]
3.7
INFORMATION TECHNOLOGY

branch of engineering that deals with the use of computers and telecommunications to retrieve, store, and

transmit information
3.8
IT-NETWORK

electronic data transmission facility which can comprise of just a point-to-point wire link between two devices,

or a complex arrangement of transmission lines.
[SOURCE: IEC 80001-1:2010, 2.12]
3.9
KEY PROPERTIES

three RISK managed characteristics (SAFETY, EFFECTIVENESS, and DATA AND SYSTEMS SECURITY) of MEDICAL IT-

NETWORKS
[SOURCE: IEC 80001-1:2010, 2.13]
3.10
MEDICAL DEVICE

Means any instrument, apparatus, implement, machine, appliance, implant, in vitro reagent or calibrator,

software, material or other similar or related article

a) intended by the manufacturer to be used, alone or in combination, for human beings for one or more of

the specific purpose(s) of:
 diagnosis, prevention, monitoring, treatment or alleviation of disease,

 diagnosis, monitoring, treatment, alleviation of or compensation for an injury,

© ISO 2014 – All rights reserved
---------------------- Page: 8 ----------------------
ISO TR 80001-2-6:2014(E)

 investigation, replacement, modification, or support of the anatomy or of a physiological process,

 supporting or sustaining life,
 control of conception,
 disinfection of MEDICAL DEVICES.

 providing information for medical or diagnostic purposes by means of in vitro examination of

specimens derived from the human body; and

b) which does not achieve its primary intended action in or on the human body by pharmacological,

immunological or metabolic means, but which may be assisted in its intended function by such means.

Note 1 to entry: The definition of a device for in vitro examination includes, for example, reagents, calibrators, sample

collection and storage devices, control materials, and related instruments or apparatus. The information provided by such

an in vitro diagnostic device may be for diagnostic, monitoring or compatibility purposes. In some jurisdictions, some in

vitro diagnostic devices, including reagents and the like, may be covered by separate regulations

Note 2 to entry: Products which may be considered to be MEDICAL DEVICES in some jurisdictions but for which there

is not yet a harmonized approach, are:
 aids for disabled/handicapped people;
 devices for the treatment/diagnosis of diseases and injuries in animals;
 accessories for MEDICAL DEVICES (see Note 3 to entry);
 disinfection substances;

 devices incorporating animal and human tissues which may meet the requirements of the above definition

but are subject to different controls.

Note 3 to entry: Accessories intended specifically by manufacturers to be used together with a ‘parent’ MEDICAL DEVICE

to enable that MEDICAL DEVICE to achieve its intended purpose should be subject to the same GHTF procedures as apply to

the MEDICAL DEVICE itself. For example, an accessory will be classified as though it is a MEDICAL DEVICE in its own right. This

may result in the accessory having a different classification than the ‘parent’ device.

Note 4 to entry: Components to MEDICAL DEVICES are generally controlled through the manufacturer’s quality

management system and the conformity assessment procedures for the device. In some jurisdictions, components are

included in the definition of a ‘MEDICAL DEVICE."

[SOURCE: IEC 80001-1:2010, 2.14, modified — NOTES changed to "notes to entry" format.]

3.11
MEDICAL IT-NETWORK
IT-NETWORK that incorporates at least one MEDICAL DEVICE
[SOURCE: IEC 80001-1:2010, 2.16]
3.12
MEDICAL IT-NETWORK RISK MANAGER
person accountable for RISK MANAGEMENT of a MEDICAL IT-NETWORK
[SOURCE: IEC 80001-1, 2.17]
3.13
MONITORING

on-going review of all RISK MANAGEMENT activities and RISK control options that were put in place to achieve

acceptable RISK in the use of MEDICAL IT-NETWORK(S)
© ISO 2014 – All rights reserved
---------------------- Page: 9 ----------------------
ISO TR 80001-2-6:2014(E)
3.14
PROCESS

set of interrelated or interacting activities which transforms inputs into outputs in a computer program

[SOURCE: IEC 80001-1:2010, 2.19]
3.15
RESPONSIBILITY AGREEMENT

one or more documents that together fully define the responsibilities of all relevant stakeholders

[SOURCE: IEC 80001-1:2010, 2.21]
3.16
RESPONSIBLE ORGANIZATION
entity accountable for the use and maintenance of a MEDICAL IT-NETWORK
[SOURCE: IEC 80001-1:2010, 2.22]
3.17
RISK

combination of the probability of occurrence of HARM and the severity of that HARM

[SOURCE: IEC 80001-1:2010, 2.23]
3.18
RISK ANALYSIS

systematic use of available information to identify HAZARDS and to estimate the RISK

[SOURCE: IEC 80001-13.19:2010, 2.24]
3.19
RISK ASSESSMENT
overall PROCESS comprising a RISK ANALYSIS and a RISK EVALUATION
[SOURCE: IEC 80001-1:2010, 2.25]
3.20
RISK EVALUATION

PROCESS of comparing the estimated RISK against given RISK criteria to determine the acceptability of the RISK

[SOURCE: IEC 80001-1:2010, 2.27]
3.20
RISK MANAGEMENT

systematic application of management policies, procedures and practices to the tasks of analysing, evaluating,

controlling, and MONITORING RISK
[SOURCE: IEC 80001-1:2010, 2.28]
3.21
SAFETY

freedom from unacceptable RISK of physical injury or damage to the health of people or damage to property or

the environment
[SOURCE: IEC 80001-1:2010, 2.30]
© ISO 2014 – All rights reserved
---------------------- Page: 10 ----------------------
ISO TR 80001-2-6:2014(E)
3.22
TOP MANAGEMENT

person or group of people e who direct(s) and control(s) the RESPONSIBLE ORGANIZATION accountable for

a MEDICAL IT-NETWORK at the highest level
[SOURCE: IEC 80001-1:2010, .31]
4 Key aspects for RESPONSIBILITY AGREEMENTS
4.1 Reasons and rationale

Among the important aspects of implementing and maintaining a MEDICAL IT-NETWORK is distributing

responsibilities for its RISK MANAGEMENT activities. Clear allocation of these responsibilities is indispensable for

achieving the targets of the three KEY PROPERTIES as defined by the RESPONSIBLE ORGANIZATION.

RESPONSIBILITY AGREEMENTS are a means to document the roles and responsibilities relating to RISK

MANAGEMENT, of the various stakeholders involved in the activities associated with procurement,

implementation or through-life /in-service management of MEDICAL IT-NETWORK. Each project/ network will be

different and it is possible that some may already have some roles and responsibilities defined and in such

cases the RESPONSIBILITY AGREEMENT will simply help with identifying any gaps. In other projects however, the

RESPONSIBLE ORGANIZATION may find that it becomes a key PROCESS for establishing the management

PROCESSES that will be required to adequately manage RISKS relating to the three KEY PROPERTIES.

4.2 Participants

RESPONSIBILITY AGREEMENTS may not only be needed between the RO, MEDICAL DEVICE manufacturers, and IT

suppliers but may also be helpful between different stakeholders within the RESPONSIBLE ORGANIZATION like the

biomedical engineering department and the IT department.
4.3 Proposed types of RESPONSIBILITY AGREEMENTS

Depending upon the context for which it is to be used, a RESPONSIBILITY AGREEMENT can span the spectrum

from informal to formal. A RESPONSIBILITY AGREEMENT can take the form of a Memorandum of Understanding

(MoU) e.g., 1) Planning and & Design Phase, 2) Installation and Go Live Phase, and 3) Maintenance Phase.

Later in the life cycle and given that there may be commitments to provide specific services in certain

situations, a RESPONSIBILITY AGREEMENT for a system being placed in active clinical service may need to take

the form of a legal contract.
4.4 Communication control
4.4.1 Bilateral versus multilateral RESPONSIBILITY AGREEMENTS

In the case that more than two parties are required to be included in RESPONSIBILITY AGREEMENTS the MEDICAL

IT-NETWORK RISK MANAGER should consider whether separate bilateral agreements or a common

RESPONSIBILITY AGREEMENT should be set up. The difference between these solutions is the extent of

information sharing. While a high degree of information sharing is often valuable, it needs to be weighed

against privacy of information and increased effort in case of updates.
4.4.2 Non-disclosure agreements

In the event any stakeholder has concerns related to disclosing proprietary information a confidentiality or

Non-Disclosure Agreement (NDAs) can be established with the RESPONSIBLE ORGANIZATION. This will ensure

that the proprietary information is kept confidential between one or more stakeholders and the RESPONSIBLE

ORGANIZATION.
© ISO 2014 – All rights reserved
---------------------- Page: 11 ----------------------
ISO TR 80001-2-6:2014(E)

In many cases technical data provided by the MEDICAL DEVICE manufacturer and IT suppliers which are

essential for RISK MANAGEMENT of the MEDICAL IT-NETWORK are sensitive to confidentiality. A means to support

this confidentiality is to limit the intended audience of this information (see also bilateral vs. multilateral) or to

establish NDAs.
4.4.3 Update of information and documentation

Technical information as well as personnel responsible for specified activities may change over time. It is

important that these changes are communicated to the stakeholders in a timely manner. This should be done

by update of the documentation which contains this information. Furthermore, this requires assigning revision

identifiers to the documents. An appropriate mechanism should be described in the RESPONSIBILITY

AGREEMENT(S) and should cover possible updates of the RESPONSIBILITIES AGREEMENTS themselves.

4.5 Responsibility for establishing

The overall responsibility for establishing RESPONSIBILITY AGREEMENTS rests with the MEDICAL IT-NETWORK RISK

MANAGER (see 4 c) and e) of IEC 80001-1:2010)
4.6 Methods for determination and of responsibilities

The starting point for determination of responsibilities is the preparation of the overall plan for incorporation of

MEDICAL DEVICES into the network. In addition, IEC 80001-1:2010, 4.3.5 b) requires for the RISK MANAGEMENT

plan a description of activities, roles and responsibilities for all parties involved in operating/maintaining the

MEDICAL IT-NETWORK, with respect to RISK MANAGEMENT.

Subclauses 3.4 through 3.6 of the standard define responsibilities for the usually involved parties, e.g. for the

provision of specific information.

Setting up this plan requires the participation of the involved MEDICAL DEVICE manufacturers and IT suppliers.

Usually, this planning comprises high level meetings with all MEDICAL DEVICE manufacturers and IT suppliers

as well as meetings on a very detailed level with experts from at least two involved parties.

The MEDICAL IT-NETWORK RISK MANAGER should determine which level of detail needs to be defined in the RISK

MANAGEMENT plan and which level of detail can be left up to the internal plans of the involved parties. The

contents of the RESPONSIBILITY AGREEMENT(S) are based on this determination.

Analysis tools can be used to support identification, clarification, and understanding of stakeholder roles in any

task of any phase. An example is the Responsible, Accountable, Consulted, Informed (RACI) chart, where the

acronym RACI stands for:
 Responsible for performing the task
 Accountable for the task being completed
 Consulted prior to the task being performed
 Informed that the task has been completed.
An example for a RACI chart is contained in Annex A.
4.7 Life cycle considerations

When establishing RESPONSIBILITY AGREEMENTS it should be taken into account that different phases of the

lifecycle necessitate different activities and different responsibilities. This should be considered from the very

beginning of the project. For our purpose here, the lifecycle of a network can be considered as divided into the

Planning and Design, Installation and Go Live, Maintenance phases. The design phase includes the planning

phase where the network is designed to meet the needs of the specific healthcare delivery organization, as

well as any phase where, for example, the architecture, topology or hardware used within an existing network

is modified. The maintenance phase includes times where the network is operational and changes are

completed while the network is in operation. Changes to the network during the maintenance phase are

© ISO 2014 – All rights reserved
---------------------- Page: 12 ----------------------
ISO TR 80001-2-6:2014(E)

restricted to replacement of defective parts. Modification of the network according to CHANGE PERMITS as

described in IEC 80001-1 may be seen as part of the maintenance phase

Reference information supporting these phases is available from various sources. For example:

 Manufacturer Disclosure Statement for MEDICAL DEVICE Security – MDS2
 See also Annex B for information which might be required in specific phases.
5 Elements of a RESPONSIBILITY AGREEMENT

The purpose of this clause is to elaborate upon the requirements of subclause 4.3.4 of the IEC 80001-1:2010.

Boxed text [items a) – h)] is copied from 80001-1:2010 to identify the subclauses for which guidance is

provided.

NOTE 1 If in the following more than two parties are mentioned this does not impose that multilateral RESPONSIBILITY

AGREEMENTS are required or preferable compared to bilateral RESPONSIBILITY AGREEMENTS.

a) the name of the person responsible for RISK MANAGEMENT for the activities covered by the

RESPONSIBILITY AGREEMENT

IEC 80001-1:2010, 4.3.4 a) requires provision of the name of the responsible person for the RISK MANAGEMENT

project at each of the legal entities, e.g., RESPONSIBLE AGREEMENT between different stakeholders by the

RESPONSIBILITY ORGANIZATION.
Guidance:
1) In addition to the name the necessary contact data should be provided.

NOTE Documentation of this information in a separate attachment allows for a more efficient search and

easier update.

2) This person should have the authority to perform or initiate and control the tasks covered by the

RESPONSIBILITY AGREEMENT in line with the requirements by the standard.

3) For the RESPONSIBLE ORGANIZATION this person is usually the MEDICAL IT-NETWORK RISK MANAGER.

4) Depending on the type and extent of activities cove
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.