Characteristics of a medical device software development framework

This paper aims to describe the software development settings of medical device domain focusing on the demands of the safety critical software processes. Medical device software developers have to adhere to a number of regulations and standards. This paper addresses the most important characteristics of a software development framework that could support medical device software developers in their efforts to comply with these regulations as well as to improve their software development processes

Assessing against IEC 80001-1

Medical devices are designed and produced subject to various standards. These standards are recognized by the regulatory authorities within the region in which they are going to be marketed. Traditionally medical devices were placed on a proprietary network; however emergent technology is increasingly seeing medical devices being included on to the general hospital IT network. The incorporation of a medical device into an IT network can introduce risks which can impact the safety, effectiveness & security of the medical device. 80001-1: Application of Risk Management for IT networks incorporating Medical Devices addresses the risk that healthcare can be compromised when a medical device is incorporated into an IT network. In order to address these risks, an assessment of the network against IEC 80001-1 must be performed. To perform an assessment which is compliant with ISO/IEC 15504-2 of an IT network against IEC 80001-1, a process assessment model is required. This paper examines how a process assessment model could be developed to assess against IEC 80001-1

Development of a process assessment model for assessing medical IT networks against IEC 80001-1

Increasingly medical devices are being designed to allow them to exchange information over an IT network. However incorporating a medical device into an IT network can introduce risks which can impact the safety, effectiveness and security of the medical device. Medical devices are stringently tested according to regulation during the design and manufacture process. However until the introduction of IEC 80001-1: Application of Risk Management for IT-Networks incorporating Medical Devices, no standard addressed the risks of incorporating a medical device into an IT network. In order to perform an assessment (which is compliant with ISO/IEC 15504-2) of an IT network against IEC 80001-1, a Process Assessment Model is required. Based on the relationship between IEC 80001-1 and ISO/IEC 20000-1, this paper examines how the TIPA transformation process developed by Public Research Centre Henri Tudor was used to develop a process assessment model (TIPA PAM) for ISO/IEC 20000-1. It also examines how a process assessment model can be developed following that transformation process to assess Medical IT networks against IEC 80001-1