Development of a Process Assessment Model for Assessing Medical IT Networks against IEC 80001-1

MacMahon, Silvana Togneri; McCaffery, Fergal; Eagles, Sherman; Keenan, Frank; Lepmets, Marion; Renault, Alain

doi:10.1007/978-3-642-30439-2_14

Cited by 8 publications

(7 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The authors from the Regulated Software Research Centre (RSRC) team developed an assessment framework that was based not only on the IEC 80001-1 standard but also on the other standards that informed IEC 80001-1 [9][10][11][12][13][14][15] . The resultant framework can be used to assess the performance of risk management activities through-out the lifecycle of a Medical IT Network.…”

Section: Methodsmentioning

confidence: 99%

Assessing a Hospital's Medical IT Network Risk Management Practice with 80001-1

Hegarty¹,

MacMahon²,

Byrne³

et al. 2014

Biomedical Instrumentation & Technology

Self Cite

View full text Add to dashboard Cite

Medical device interoperability has been identified as a key way of decreasing healthcare costs while improving patient care. 1 This has led to a shift toward placing more medical devices onto information technology (IT) networks. However, placing medical devices onto an IT network may lead to additional risks to safety, effectiveness and security of the devices, the network, and the data. ANSI/AAMI/IEC 80001-1 addresses the roles, responsibilities, and activities that need to be carried out when managing these risks. In this article, we describe an exercise undertaken to assess the medical IT network risk management practice implemented within a hospital to control risk associated with a clinical information system (CIS). The level of compliance with the 80001-1 standard was determined using an assessment framework developed by the Regulated Software Research Centre. The purpose of this exercise was to test and inform the development of an assessment method that is part of the assessment framework for this standard. The exercise also sought to identify how the management of such an existing CIS project meets the requirements of 80001-1.

show abstract

Section: Methodsmentioning

confidence: 99%

Assessing a Hospital's Medical IT Network Risk Management Practice with 80001-1

Hegarty¹,

MacMahon²,

Byrne³

et al. 2014

Biomedical Instrumentation & Technology

Self Cite

View full text Add to dashboard Cite

show abstract

“…The transformation process was used firstly, as it had been used in the development of similar PRM and PAMs for service management standards [40]. These service management standards were identified as being similar to the IEC 80001-1 standard [41]. Secondly, this approach was used for developing a PRM and PAM that are compliant with the requirements of ISO/IEC 15504-2 allows for an assessment to be performed regardless of the regulatory requirements of the geographical location in which the HDO provides care and also allows for the assessment to be tailored to take into account the context of the specific HDO in which the assessment is being conducted.…”

Section: Annex Slmentioning

confidence: 99%

Revising IEC 80001-1: Risk management of health information technology systems

MacMahon

Cooper²,

McCaffery

2018

Computer Standards & Interfaces

Self Cite

View full text Add to dashboard Cite

IEC 80001-1 was published in 2010 and is now undergoing revision. Feedback gathered on the adoption of the standard has revealed a number of barriers that have impacted its adoption. The standard provides requirements related to the roles, responsibilities and activities that need to be performed for the risk management of medical IT networks. One reported barrier is a lack of drivers to motivate Top Management to implement the standard. In addition, there is a lack of alignment between IT and biomedical engineering departments within hopitals. Finally, the IEC 80001-1 standard was considered to be too complicated and complex to implement. This paper presents the barriers identified in the feedback and presents an approach to the revision of the standard as a process based standard following the structure outlined in ISO/IEC Directives Annex SL and aligned risk management standards as a means to overcome these barriers.

show abstract

“…A possible reason for low implementation is poor awareness among healthcare personnel. Another contributing factor is absent assessment methods (MacMahon et al, 2012) for assessing risk management processes against the Standard. An assessment method ensures a standard approach to risk management (MacMahon et al, 2013).…”

Section: Introductionmentioning

confidence: 99%

“…However, rapid results and their immediate therapeutic effects is a risk to patient safety and clinical outcomes if errors are made (Meier and Jones, 2005). POCT errors can negatively affect patient care (MacMahon et al, 2012;Meier and Jones, 2005) resulting in incorrect or inadequate treatment. Some major risks related to POCT arise from: poor operator competency; data entry errors in analysers; poor supervision; inappropriate testing by inexperienced personnel and uncertainty on how to act on results (Academy of Medical Laboratory Science, Association of Clinical Biochemists in Ireland, Irish Medicines Board, Royal College of Physicians in Ireland Faculty of Pathology, 2007;Hayden et al, 2008;Snyder et al, 2012).…”

Section: Introductionmentioning

confidence: 99%

Improving ICU risk management and patient safety

Kielty

2017

IJHCQA

View full text Add to dashboard Cite

Purpose The purpose of this paper is to describe a study which aimed to develop and validate an assessment method for the International Electrotechnical Commission (IEC) 80001-1 (IEC, 2010) standard (the Standard); raise awareness; improve medical IT-network project risk management processes; and improve intensive care unit patient safety. Design/methodology/approach An assessment method was developed and piloted. A healthcare IT-network project assessment was undertaken using a semi-structured group interview with risk management stakeholders. Participants provided feedback via a questionnaire. Descriptive statistics and thematic analysis was undertaken. Findings The assessment method was validated as fit for purpose. Participants agreed (63 per cent, n=7) that assessment questions were clear and easy to understand, and participants agreed (82 per cent, n=9) that the assessment method was appropriate. Participant's knowledge of the Standard increased and non-compliance was identified. Medical IT-network project strengths, weaknesses, opportunities and threats in the risk management processes were identified. Practical implications The study raised awareness of the Standard and enhanced risk management processes that led to improved patient safety. Study participants confirmed they would use the assessment method in future projects. Originality/value Findings add to knowledge relating to IEC 80001-1 implementation.

show abstract

Development of a Process Assessment Model for Assessing Medical IT Networks against IEC 80001-1

Cited by 8 publications

References 2 publications

Assessing a Hospital's Medical IT Network Risk Management Practice with 80001-1

Assessing a Hospital's Medical IT Network Risk Management Practice with 80001-1

Revising IEC 80001-1: Risk management of health information technology systems

Improving ICU risk management and patient safety

Contact Info

Product

Resources

About