IEC/TR 80001-2-2:2012 医疗器械安全需求、风险和控制的沟通指南
IEC/TR 80001-2-2:2012 Application of risk management for IT-networks incorporating medical devices — Part 2-2: Guidance for the communication of medical device security needs, risks and controls
Status : Published
状态 : 已发布
Publication date : 2012-07
发布日期:2012-07
Edition : 1
版本 : 1
Number of pages : 48
页数:48
Technical Committee : ISO/TC 215 Health informatics
技术委员会:ISO/TC 215 健康信息学
ABSTRACT
IEC/TR 80001-2-2:2012(E), which is a technical report, creates a framework for the disclosure of security-related capabilities and risks necessary for managing the risk in connecting medical devices to IT-networks and for the security dialog that surrounds the IEC 80001-1 risk management of IT-network connection. This security report presents an informative set of common, high-level security-related capabilities useful in understanding the user needs, the type of security controls to be considered and the risks that lead to the controls. Intended use and local factors determine which exact capabilities will be useful in the dialog about risk. The capability descriptions in this report are intended to supply health delivery organizations (HDOs), medical device manufacturers (MDMs), and IT vendors with a basis for discussing risk and their respective roles and responsibilities toward its management. This discussion among the risk partners serves as the basis for one or more responsibility agreements as specified in IEC 80001-1.
IEC/TR 80001-2-2:2012(E) 是一份技术报告,它创建了一个框架,用于披露与安全相关的功能和风险,以管理将医疗设备连接到 IT 网络的风险以及安全性围绕 IT 网络连接的 IEC 80001-1 风险管理的对话。该安全报告提供了一组信息丰富的通用、高级安全相关功能,有助于了解用户需求、要考虑的安全控制类型以及导致控制的风险。预期用途和当地因素决定了哪些确切的功能将在有关风险的对话中有用。本报告中的功能描述旨在为健康服务组织 (HDO)、医疗设备制造商 (MDM) 和 IT 供应商提供讨论风险及其各自在管理中的角色和责任的基础。风险合作伙伴之间的这种讨论是 IEC 80001-1 中规定的一项或多项责任协议的基础。
**********************
在线预览
**********************
暂无评论