We use cookies to understand how this site is used and to improve the site to make use easier. We also share details with Google for analytic purposes. For more information, and to understand the limited use we have for your data, see our privacy page.

If you do not want us to handle your data in this way you can eitherstop using this site or set your browser to request that we do not track you. Continued use of this site without setting do not track explicitly provides your authority to make limited use your data.


This website is providing a view of a model bringing together the various different terms and definitions for developing and using the international standards for safe, effective and secure health software and health IT systems.

The marketplace for health software is complex with many products subject to specific regulation in some jurisdictions. These terms and definitions provide a foundation for the development of the standards used to support manufacturers, whether they are providing simple apps on a mobile device or complex systems with the capacity to inflict substantial harm if incorrectly designed, implemented or used.

Why 81001.org

The ISO and IEC Joint Working Group focused on safe, effective and secure health software and health IT systems is currently developing a standard building on the terms in this model. More information about this standard and its progress is available on the ISO website.

What is the scope of the model

The model covers the full life-cycle of relevant products from initial design through development, placing on the market, implementing within a healthcare delivery organization (such as a hospital of doctors office), use and eventual decommissioning of the product. It also covers the full complexity of the healthcare delivery organization's infrastructure.

The model is not limited to regulated health software products or regulated health IT systems.

... and what is not in scope

The model intentionally does not attempt to include the full scope of a risk management system. For a few definitions, this will place the model in conflict with established risk management terms and definitions. For example, according to ISO 31000, risk is the “effect of uncertainty on objectives” and an effect is a positive or negative deviation from what is expected. In this model, risk is combination of the probability of occurrence of harm and the severity of that harm so excludes uncertain benefits or neutral events.

Who is behind this site

The model was created by Nicholas Oughtibridge and Trish Williams with support from members of the ISO and IEC Joint Working Group focused on safe, effective and secure health software and health IT systems.

The site is provided by Oughtibridge Ltd. The content is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. The Temple Diagram is designed by Greg Wye, © NHS Digital, licenced under the Open Government Licence 3.0.

Published on Friday, May 8, 2020 by Nicholas O