The Draft International Standard is now available for public review and comment ahead of the decision by the BSI committee (and other national member bodies) to cast their votes. For UK contributors, the commenting capability is available on the BSI site.
Why does this matter?
This draft standard in intended to underpin all the international standards for safe, effective and secure health software and health IT systems. This website provides a concept model to assist in understanding the terms and definitions.
Any standard benefits from widespread review. Getting ISO/IEC 81001 right provides a solid foundation for future standardisation efforts, both internationally and locally in England.
What does it cover?
According to the scope, the standard articulates the foundational principles, concepts, and terms for health software and health IT system safety across the full life cycle, from concept to decommission. It takes into account the evolving complex internal and external context, including people, technology (hardware/software), organizations, processes, and external environment. It also addresses the transition points in the life cycle where transfers of responsibility occur, and the types of multi-lateral communication that are necessary. This standard provides a unifying foundation for other standards that collectively address all life cycle stages, the context of use, and focus areas necessary to ensure the safety, effectiveness, and both data and system security (including privacy) of health software and health IT systems.
The standard specifies the terms and definitions applicable to future safety, effectiveness and security risk management system standards developed for the health sector.
Who is it for?
The fundamental concepts and principles of managing safety, effectiveness and security that are applicable to all parties involved in the health software and health IT systems life cycle include:
- organizations, health informatics professionals and clinical leaders designing, developing, integration, implementing and operating these systems – for example health software developers and medical device manufacturers, system integrators, system operators (including cloud and other IT service providers);
- Healthcare service delivery organizations, healthcare providers and others who use these systems in providing health services;
- Governments, health system funders, monitoring agencies, professional organizations and customers seeking confidence in an organization’s ability to consistently provide safe, effective an secure health IT systems and services
- organizations and interested parties seeking to improve communication in managing safety effectiveness and security risks through a common understanding of the vocabulary used in safety, effectiveness and security management
- organizations performing conformity assessments against the requirements of ISO/IEC 80001 series;
- Providers of training, assessment or advice in safety, effectiveness and security risk management for health IT software and systems; and
- developers of related safety, effectiveness and security standards.
Conclusion
The standard matters - take part and contribute!
Published on
Wednesday, November 27, 2019
by
Nicholas O