Networked Medical Devices And The IEC80001 Standard: Are You Ready?

Similar documents
QA offers significant economic benefits!

For some years, the automation of hospital administrative

STATEMENT. JEFFREY SHUREN, M.D., J.D. Director, Center for Devices and Radiological Health Food and Drug Administration

U-M Hospitals and Health Centers Policies and Procedures

Administrative Policies and Procedures. Policy No.: N/A Title: Medical Equipment Management Plan

Top Ten Health Technology Hazards

Software Regulation and Validation

The anesthesiologist switches the patient from the ventilator to the cardiopulmonary

Chemical Biological Defense Materiel Reliability Program

Medical Device and Health Software

Sentinel Events and S Patient Patient entinel Event Alerts Safety Act Safety Ac Revised: BW/September 2010

Safety Surveillance for Medical Devices

Midwest Alliance for Patient Safety Patient Safety Organization Getting Started with a PSO. An Illinois Hospital Association Company

Choosing Regulatory-Compliant Power Strips for Every Area of a Healthcare Facility

E.H.R. s and Improving Patient Safety - What Has Been the Real Impact?

EMERGING TRENDS WHAT I WILL COVER INCREASED INTEREST DEVICES ARE MIGRATING SAFE AND RELIABLE DEVICES LEAD TO LIVING WELL

CIO Legislative Brief

Component Description Unit Topics 1. Introduction to Healthcare and Public Health in the U.S. 2. The Culture of Healthcare

Guide to Incident Reporting for In-vitro Diagnostic Medical Devices

Eligibility Introduction Practice Ethics and Patient Rights and Responsibilities (RI)... 6

QC Explained Quality Control for Point of Care Testing

GHTF SG2 Guidance: Group work output presentation

Which QMS Standard should be chosen for the structural quality of a medical laboratory? Matthias ORTH

P2 Policies and Procedures for Institutions Working with PSOs

Manager. 2. To establish procedures for selecting and acquiring biomedical equipment.

UNCLASSIFIED. R-1 ITEM NOMENCLATURE PE A: Biometrics Enabled Intelligence FY 2012 OCO

Texas Tech University Health Sciences Center El Paso

POCKET GUIDE TO THE ACCREDITATION STANDARDS (ISO 15189:2014)

PRIVACY BREACH MANAGEMENT GUIDELINES. Ministry of Justice Access and Privacy Branch

SKAC240 Manage health, safety, security and welfare in sport and active leisure

Lessons from Chicago

Fault Tree Analysis (FTA) Kim R. Fowler KSU ECE February 2013

PRIVACY IMPACT ASSESSMENT (PIA) For the

Working document QAS/ RESTRICTED September 2006

INSTRUCTION. Department of Defense. NUMBER August 19, 2009 Incorporating Change 1, October 10, 2017 USD(AT&L)

Economic Burden of Counterfeit Medicine in Africa: Situation Analysis and Proposed Solution

STANDARDS Point-of-Care Testing

April 17, Edition of the Joint Commission International Accreditation. SUBJECT: MITA Feedback on the 5 th Standards for Hospitals

DEPARTMENT OF HEALTH AND HUMAN SERVICES. Permanent Certification Program for Health Information Technology; Revisions to

Clinical Medical Engineering New Paradigms New Challenges & AUB Experience

Guidance for Industry and FDA Staff Radiation Safety Considerations for X-Ray Equipment Designed for Hand-Held Use

Management Standards. EHS Policy and Program

510(k) Clinical Data Requirements: Current Status and Considerations for Clinical Studies

The Solution to Medical Device Security Also Could Save Tens of Thousands of Lives and Millions of Dollars

Personal Protective Equipment Program. Risk Management Services

12.01 Safety Management Plan UWHC Administrative Policies

Teaching the Smart Grid

SJMHS SAFE MEDICAL DEVICE ACT (SMDA) 7/2017

Understanding USP 797

805A-36A-8005 Implement e-commerce Activities Status: Approved

1. Workplace Violence Employee Survey 2010

GUIDELINES ON A MEDICAL DEVICES VIGILANCE SYSTEM

Department of Defense INSTRUCTION. Non-Lethal Weapons (NLW) Human Effects Characterization

Contact Hours (CME version ONLY) Suggested Target Audience. all clinical and allied patient care staff. all clinical and allied patient care staff

APEC Preliminary Workshop: Review of Drug Development in Clinical Trials

DOES TECHNOLOGY KEEP PATIENTS OUT OF HOSPITALS?

Received an RTA Deficiency List or AI Letter? Now What?

Patient Safety Course Descriptions

PERFORMANCE WORK STATEMENT FOR. Sustainment/Patching Service U.S. AIR FORCE OWNED LAND MOBILE RADIO (LMR) EQUIPMENT. (ASTRO 25 Core System)

Safety in the Pharmacy

How the Industry Must Take in Stride New CMS and TJC Requirements

This document describes the University s processes for reporting and investigating health and safety Incidents and Near Misses.

BIOMETRICS IN HEALTH CARE : A VALUE PROPOSITION FROM HEALTH CARE SECTOR

To describe the process for the management of an infusion pump involved in an adverse event or close call.

Comprehensive Staff and Patient Communications: Emphasizing Patient-Centered Care

National Health Regulatory Authority Kingdom of Bahrain

ELECTRONICS TECHNICIAN I ELECTRONICS TECHNICIAN II

MINIMUM CRITERIA FOR REACH AND CLP INSPECTIONS 1

THE AMERICAN BOARD OF PATHOLOGY PATIENT SAFETY COURSE APPLICATION

May 8, Division of Dockets Management (HFA-305) Food and Drug Administration 5630 Fishers Lane, Room 1061 Rockville, MD

Review for Required Monitors

POLICY & PROCEDURE FOR INCIDENT REPORTING

We are the regulator: Our job is to check whether hospitals, care homes and care services are meeting essential standards.

February New Zealand Health and Disability Services National Reportable Events Policy 2012

Centers for Medicare & Medicaid Pay for Performance Updates Jeff Flick Regional Administrator CMS, Region IX February 7, 2006

General Health and Safety Information for Victoria University. An outline of any further Health and Safety Training you may require.

ONC Health IT Certification Program: Enhanced Oversight and Accountability

Burton Hospitals NHS Foundation Trust. On: 25 January Review Date: December Corporate / Directorate. Department Responsible for Review:

Avera Critical Lab Value Alarms. Candice Friestad, MSN, RN, MBA Director, Clinical Informatics

Bed Rail Provision Guidance for Assessment and Provision. Clinical & Prescriber Support Special Interest Group

Changing Requirements for Devices//Device Constituent Parts in Combination Products

Supporting The Joint Commission 2012 Standards and National Patient Safety Goals

DATA PROTECTION POLICY

Prepublication Requirements

Understanding Patient Choice Insights Patient Choice Insights Network

DOD MANUAL DOD ENVIRONMENTAL LABORATORY ACCREDITATION PROGRAM (ELAP)

Nursing Documentation 101

Acute Care Workflow Solutions

Automation and Information Technology

POLICY NAME POLICY # Sentinel, Adverse Event and Near Miss. CSP Reporting and Investigation

Remote Patient Monitoring - How Are RM Systems Affecting Home and Hospital Ecosystems? Bill Betten Director of Business Solutions Devicix

Changes in practice and organisation surrounding blood transfusion in NHS trusts in England

Patient Safety is Everyone s Responsibility Tammy Brock, MSN RN CPHRM

Report No. D September 25, Controls Over Information Contained in BlackBerry Devices Used Within DoD

End-to-end infusion safety. Safely manage infusions from order to administration

general criteria New Zealand Code of Radiology Management Practice for accreditation

Sample Reportable Events

The Importance of Transfusion Error Surveillance This is step #1 in error management. Jeannie Callum, BA, MD, FRCPC, CTBS

Roles & Responsibilities of Investigator & IRB

(Type inside gray boxes, cells will expand) A. EIGHT POINT CRITERIA for IRB Review

Transcription:

Networked Medical Devices And The IEC80001 Standard: Are You Ready? The Third Annual Medical Device Connectivity Conference & Exhibition Friday, September 9, 2011 Rick Hampton

Why are we here? In the past, networked medical devices required their own separate network. The HITECH Act and other business drivers are pushing healthcare institutions to converge the medical device network and the HIT network. Does converging medical devices safely require more than simply connecting the medical devices to the HIT network? What methodology do you use to address patient safety, continued efficacy of the medical device, and system security? Are there potential regulatory and legal responsibilities? How will your facility or company deal with the HIT network becoming a critical part of a regulated medical device?

The Joint Commission Sentinel Event Alert 42 (12.11.08) Title Safely implementing health information and converging technologies As health information technology (HIT) and converging technologies the interrelationship between medical devices and HIT are increasingly adopted by health care organizations, users must be mindful of the safety risks and preventable adverse events that these implementations can create or perpetuate. Technology-related adverse events can be associated with all components of a comprehensive technology system and may involve errors of either commission or omission. This Alert focuses on how to safely implement HIT and converging health technologies.

The Joint Commission Sentinel Event Alert 42 Leadership standards LD.4.20 (LD.04.04.03*) and LD.4.40 (LD.04.04.05*) address designing new processes and establishing a safety program. In addition, since technology is prevalent in health care from patient admission to the surgical suite to the ordering and administration of medication and the use of equipment and medical devices any Joint Commission standard could potentially be tied to technology. Users should consider the use of any technology in relation to the standards and be aware of potential dangers to patients, as in any clinical situation. Environment of Care standards EC.02.01.01, EC.02.04.01, and EC.02.04.03 address product recalls, selection, testing, and maintenance of medical equipment, and contingencies when equipment fails.

ECRI Institute Top 10 Technology Hazards For 2011 Alarm Hazards ranked #2 Alarm-related adverse incidents typically involve, alarms not being properly relayed to ancillary notification systems (e.g., paging system, wireless phones), potentially leading to a failure to notify relevant staff. Data Loss, System Incompatibilities, and Other Health IT Complications ranked #5 The convergence of medical technology and health information technology (HIT) is no longer a new phenomenon or purely a specialized concern. Technologies like medication management systems and processes like the incorporation of medical data from devices such as physiologic monitors and ventilators into electronic health records are just a few examples of how convergence is becoming more commonplace.

ECRI Institute Top 10 Technology Hazards For 2011 Data Loss, System Incompatibilities, and Other Health IT Complications ranked #5 While convergence presents many benefits, including improved standards of care and operational efficiencies, it also presents many risks. Ineffective convergence can adversely affect patient care in a wide variety of ways. It can, for example, lead to data being lost (e.g., overwritten, unsuccessfully transmitted) or being associated with the wrong patient, which in turn can lead to misdiagnosis, inappropriate treatment, or the need for repeat testing. To prevent hazards associated with convergence of medical technology and HIT, ECRI Institute recommends, [employing] good project management, change management, and risk management processes. To aid in this effort, hospitals should consider applying the International Electrotechnical Commission s new IEC 80001-1 standard, Application of Risk Management for IT- Networks Incorporating Medical Devices Part 1: Roles, Responsibilities and Activities.3

FDA NEWS RELEASE: February 14, 2011 Medical Device Data Systems are off-the-shelf or custom hardware or software products used alone or in combination that display unaltered medical device data, or transfer, store or convert medical device data for future use, in accordance with a preset specification. Examples of MDDS products include: devices that collect and store data from a glucose meter for future use or that transfer lab results to be displayed at a nursing station for future use. Information technology companies that design, install or market these systems, and hospitals that develop them in their facilities, must follow Class I requirements as well.

What is IEC 80001? IEC 80001-1 Ed.1: Application of risk management for it-networks incorporating medical devices Part 1: Roles, responsibilities and activities It is an international standard It is a voluntary standard unless formally adopted by regulatory authorities Specifically aimed at healthcare facilities of all sizes It is a process standard describing the risk management process Does not provide a checklist, but informs users how to create a program suitable for their facility

Future Documents Technical Reports (guidance documents) to be published soon: Guidance for Healthcare Delivery Organizations An implementation guide for HDOs of all sizes Step by Step Risk Management Still not a bullet-list of steps to accomplish, but rather a simple explanation of concepts from ISO 14971 and how they might be adopted by Responsible Organizations Security Use of Wireless Technologies With more to come

Origins of 80001 Core ideas drawn from: ISO 14971 Application of risk management to medical devices Applies ONLY to medical device manufacturers ISO 20000 IT Service Management Standards ITIL IT Infrastructure Library

The Key Properties 80001 defines three Key Properties to be managed. They are, in this order of priority: Safety (freedom from unacceptable risk of physical injury or damage to the health of people or damage to property or the environment) Effectiveness (ability to produce the intended result for the patient and the Responsible Organization) Data and System Security (an operational state of a Medical IT-Network in which information assets (data and systems) are reasonably protected from degradation of confidentiality, integrity, and availability) 80001 does not specify acceptable risk levels.

Role Relationships Medical Device Manufacturer Providers of Other Information Technology Responsible Organization Top Management Medical IT-Network Risk Manager

Contact Information Rick Hampton Wireless Communications Manager Partners HealthCare System One Constitution Center, Suite 200 Charlestown, MA 02129 Office: 617-726-6633 Cell: 617-968-2262 RHampton@Partners.org

Other References ISO/IEC 60601-1: 2005 Medical Electrical Equipment requires manufactures to include some information in accompanying documents if medical equipment is to be connected to an IT network ISO/IEC 14971:2007 Application of risk management to medical devices ISO/IEC 80001-1: 2010 Application of risk management for IT-networks incorporating medical devices Part 1: Roles, responsibilities & activities ISO/IEC 20000-1:2005 IT Service Management System Information Technology Infrastructure Library (ITIL v3) HIMSS/NEMA HN 1-2008 Manufacturer s Disclosure Statement for Medical Device Security (MDS2) MIL-STD-882E DOD s Standard Practice for System Safety, http://www.systemsafety.org/documents/mil-std-882e-feb05.doc ACCE ECRI Security Guide for Biomedical Technology, www.ecri.org Systems Engineering Guide for Systems of Systems, Version 1.0, Office of the Deputy Under Secretary of Defense for Acquisition and Technology, Systems and Software Engineering. Washington, DC: ODUSD(A&T)SSE, 2008. DOD, Aug 2008 National Institute of Standards and Technology (NIST) standards (http://csrc.nist.gov/publications/nistpubs/)

Final Thoughts In flying I have learned that carelessness and overconfidence are usually far more dangerous than deliberately accepted risks. Wilbur Wright in a letter to his father, September 1900

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback