We use cookies to understand how this site is used and to improve the site to make use easier. We also share details with Google for analytic purposes. For more information, and to understand the limited use we have for your data, see our privacy page.

If you do not want us to handle your data in this way you can eitherstop using this site or set your browser to request that we do not track you. Continued use of this site without setting do not track explicitly provides your authority to make limited use your data.

The final draft of this International Standard is now approaching completion. It will shortly be available for the ISO and IEC member bodies to vote on whether to approve.

Why does this matter?

This final draft standard in intended to underpin all the international standards for safe, effective and secure health software and health IT systems. This website provides a concept model to assist in understanding the terms and definitions.

What does it cover?

According to the scope, the standard articulates the foundational principles, concepts, and terms for health software and health IT system safety across the full life cycle, from concept to decommission. It takes into account the evolving complex internal and external context, including people, technology (hardware/software), organizations, processes, and external environment. It also addresses the transition points in the life cycle where transfers of responsibility occur, and the types of multi-lateral communication that are necessary. This standard provides a unifying foundation for other standards that collectively address all life cycle stages, the context of use, and focus areas necessary to ensure the safety, effectiveness, and both data and system security (including privacy) of health software and health IT systems.

The standard specifies the terms and definitions applicable to future safety, effectiveness and security risk management system standards developed for the health sector.

Who is it for?

The fundamental concepts and principles of managing safety, effectiveness and security that are applicable to all parties involved in the health software and health IT systems life cycle include:

  1. organizations, health informatics professionals and clinical leaders designing, developing, integration, implementing and operating these systems – for example health software developers and medical device manufacturers, system integrators, system operators (including cloud and other IT service providers);
  2. Healthcare service delivery organizations, healthcare providers and others who use these systems in providing health services;
  3. Governments, health system funders, monitoring agencies, professional organizations and customers seeking confidence in an organization’s ability to consistently provide safe, effective an secure health IT systems and services
  4. organizations and interested parties seeking to improve communication in managing safety effectiveness and security risks through a common understanding of the vocabulary used in safety, effectiveness and security management
  5. organizations performing conformity assessments against the requirements of ISO/IEC 80001 series;
  6. Providers of training, assessment or advice in safety, effectiveness and security risk management for health IT software and systems; and
  7. developers of related safety, effectiveness and security standards.

Published on Sunday, May 10, 2020 by Nicholas O