Health informatics — Information security management for remote maintenance of medical devices and medical information systems — Part 1: Requirements and risk analysis

This document focuses on remote maintenance services (RMS) for information systems in healthcare facilities (HCFs) as provided by vendors of medical devices and health information systems. This document specifies the risk assessment necessary to protect remote maintenance activities, taking into consideration the special characteristics of the healthcare field such as patient safety, regulations and privacy protections. This document provides practical examples of risk analysis to protect both the HCF and RMS provider information assets in a safe and efficient (i.e. economical) manner. These assets are primarily the information system itself and personal health data held in the information system.

Informatique de santé — Management de la sécurité de l'information pour la maintenance à distance des dispositifs médicaux et des systèmes d'information médicale — Partie 1: Exigences et analyse du risque

General Information

Status
Published
Publication Date
13-Aug-2019
Current Stage
9092 - International Standard to be revised
Completion Date
29-Nov-2023
Ref Project

Relations

Buy Standard

Technical specification
ISO/TS 11633-1:2019 - Health informatics -- Information security management for remote maintenance of medical devices and medical information systems
English language
16 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

TECHNICAL ISO/TS
SPECIFICATION 11633-1
First edition
2019-08
Health informatics — Information
security management for remote
maintenance of medical devices and
medical information systems —
Part 1:
Requirements and risk analysis
Informatique de santé — Management de la sécurité de l'information
pour la maintenance à distance des dispositifs médicaux et des
systèmes d'information médicale —
Partie 1: Exigences et analyse du risque
Reference number
ISO/TS 11633-1:2019(E)
©
ISO 2019

---------------------- Page: 1 ----------------------
ISO/TS 11633-1:2019(E)

COPYRIGHT PROTECTED DOCUMENT
© ISO 2019
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting
on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address
below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Fax: +41 22 749 09 47
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO 2019 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/TS 11633-1:2019(E)

Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 An outline of RMS security of medical devices and medical information systems .2
4.1 Contents of RMS security of medical devices and medical information systems . 2
4.1.1 General. 2
4.1.2 RMS using a public switched telephone network. 3
4.1.3 RMS using the Internet . 4
4.2 Security requirement of RMS of medical devices and medical information systems . 4
4.2.1 General. 4
4.2.2 Security measures in RMS operation . 4
4.2.3 Contracts between HCF and RSC including 3rd parties . 4
4.2.4 Protection of personal information . 4
4.3 Roles of RSC and HCF. 5
5 Risk analysis . 5
Annex A (informative) Use case of RMSs. 6
Annex B (informative) Example of risk analysis result of remote maintenance services .11
Annex C (informative) Example of risk analysis criteria .15
Bibliography .
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.