Managing security risks with 80001

Biomedical Instrumentation and Technology

Volumn 45, Issue FALL, 2011, Pages 27-32

  Mankovich, Nick ^a   Fitzgerald, Brian ^a  

^a CENTER FOR DRUG EVALUATION AND RESEARCH   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

ALERTNESS; COMPUTER NETWORK; COMPUTER PROGRAM; COMPUTER SECURITY; COMPUTER VIRUS; CONFIDENTIALITY; ELECTRONIC MEDICAL RECORD; HEALTH CARE DELIVERY; HEALTH CARE MANAGEMENT; HEALTH CARE ORGANIZATION; HEALTH CARE QUALITY; HEALTH HAZARD; INFORMATION TECHNOLOGY; INTERNET; MEDICAL DEVICE; PATIENT CARE; RISK ASSESSMENT; RISK MANAGEMENT; SHORT SURVEY; ARTICLE; BIOMEDICAL ENGINEERING; DEVICES; ORGANIZATION AND MANAGEMENT; PRACTICE GUIDELINE; STANDARD; UNITED STATES;

BIOMEDICAL ENGINEERING; COMPUTER COMMUNICATION NETWORKS; COMPUTER SECURITY; EQUIPMENT AND SUPPLIES; GUIDELINES AS TOPIC; SECURITY MEASURES; UNITED STATES;

EID: 84555189691     PISSN: 08998205     EISSN: None     Source Type: Journal    
DOI: 10.2345/0899-8205-45.s2.27     Document Type: Short Survey

References (13)

1. IEC 80001-1:2010. Application of risk management for IT-networks incorporating medical devices - Part 1: Roles, responsibilities and activities, 2010.
2. Shuren J. Testimony before the Health Information Technology (HIT) Policy Committee, Adoption/Certification Workgroup. Washington, DC, February 25, 2010. Available at http://healthit.hhs.gov/portal/server.pt/gateway/PTARGS-0-10741- 910717-0-0-18/3Shuren-Testimony022510.pdf.
3. Cooper T, Eagles S. IEC SC62A Joint Working Group 7: Application of risk management to information technology (IT) networks incorporating medical devices. January 9, 2011. Available at http://www.iecstandards.org/dyn/www/f?p= 102:14:0::::FSP-ORG-ID:2471.
4. Wiinberg, Stig. e-virus ett ständigt hot mot patienten! (e-viruses a constant threat to the patient!). Notes from the MTF seminar on e-viruses in Stockholm January 19, 2010. Available at www.mtf.nu/Utbildning/Reportage/e- virus/reportage-e-virus20100119.htm.
5. NZPA. Computer virus cripples Waikato DHB. New Zealand Harald nzherald.co.nz. 2009. Available at www.nzherald.co.nz/compute/news/article.cfm? c-id=1501832&objectid=10616074.
6. ISO 14971:2007. Medical devices - Application of risk management to medical devices.
7. ISO/IEC 27001:2005 Information technology - Security techniques - Information security management systems - Requirements;
8. ISO 27799:2008 Health informatics - Information security management in health using ISO/IEC 27002;
9. ISO/IEC 27002:2005 Information technology - Security techniques - Code of practice for information security management.
10. U.S. Food and Drug Administration. Quality System Regulation 21CFR820. Available at www.fda.gov/MedicalDevices/ResourcesforYou/Industry/ucm126252.htm.
11. Haislip H, et al. Medical Device Isolation Architecture Guide, v2.0. Washington, D.C. : US Department of Veterans Affairs, August 2009. Available at: www.himss.org/ASP/topics-FocusDynamic.asp?faid=101.
12. HIMSS Medical Device Security Work Group. Manufacturer Disclosure Statement for Medical Device Security - MDS2 Version 1.0. HIMSS Medical Device Security Manufacturer Disclosure Statement for Medical Device Security. December 17, 2004. Available at www.himss.org/content/files/MDS2FormInstructions.pdf.
13. McAndrew S, Holtzman DS. Health Information Security Rule: Trends in Enforcement. NIST/OCR HIPAA Security Assurance Conference. Available at http://csrc.nist.gov/news-events/HIPAA-May2011-workshop/presentations/ day2-HIPAA-conference2011-OCR-Enforcement-Activities.pdf.