Networked Medical Devices And The IEC80001 Standard: Are You Ready? The Third Annual Medical Device Connectivity Conference & Exhibition Friday, September 9, 2011 Rick Hampton
Why are we here? In the past, networked medical devices required their own separate network. The HITECH Act and other business drivers are pushing healthcare institutions to converge the medical device network and the HIT network. Does converging medical devices safely require more than simply connecting the medical devices to the HIT network? What methodology do you use to address patient safety, continued efficacy of the medical device, and system security? Are there potential regulatory and legal responsibilities? How will your facility or company deal with the HIT network becoming a critical part of a regulated medical device?
The Joint Commission Sentinel Event Alert 42 (12.11.08) Title Safely implementing health information and converging technologies As health information technology (HIT) and converging technologies the interrelationship between medical devices and HIT are increasingly adopted by health care organizations, users must be mindful of the safety risks and preventable adverse events that these implementations can create or perpetuate. Technology-related adverse events can be associated with all components of a comprehensive technology system and may involve errors of either commission or omission. This Alert focuses on how to safely implement HIT and converging health technologies.
The Joint Commission Sentinel Event Alert 42 Leadership standards LD.4.20 (LD.04.04.03*) and LD.4.40 (LD.04.04.05*) address designing new processes and establishing a safety program. In addition, since technology is prevalent in health care from patient admission to the surgical suite to the ordering and administration of medication and the use of equipment and medical devices any Joint Commission standard could potentially be tied to technology. Users should consider the use of any technology in relation to the standards and be aware of potential dangers to patients, as in any clinical situation. Environment of Care standards EC.02.01.01, EC.02.04.01, and EC.02.04.03 address product recalls, selection, testing, and maintenance of medical equipment, and contingencies when equipment fails.
ECRI Institute Top 10 Technology Hazards For 2011 Alarm Hazards ranked #2 Alarm-related adverse incidents typically involve, alarms not being properly relayed to ancillary notification systems (e.g., paging system, wireless phones), potentially leading to a failure to notify relevant staff. Data Loss, System Incompatibilities, and Other Health IT Complications ranked #5 The convergence of medical technology and health information technology (HIT) is no longer a new phenomenon or purely a specialized concern. Technologies like medication management systems and processes like the incorporation of medical data from devices such as physiologic monitors and ventilators into electronic health records are just a few examples of how convergence is becoming more commonplace.
ECRI Institute Top 10 Technology Hazards For 2011 Data Loss, System Incompatibilities, and Other Health IT Complications ranked #5 While convergence presents many benefits, including improved standards of care and operational efficiencies, it also presents many risks. Ineffective convergence can adversely affect patient care in a wide variety of ways. It can, for example, lead to data being lost (e.g., overwritten, unsuccessfully transmitted) or being associated with the wrong patient, which in turn can lead to misdiagnosis, inappropriate treatment, or the need for repeat testing. To prevent hazards associated with convergence of medical technology and HIT, ECRI Institute recommends, [employing] good project management, change management, and risk management processes. To aid in this effort, hospitals should consider applying the International Electrotechnical Commission s new IEC 80001-1 standard, Application of Risk Management for IT- Networks Incorporating Medical Devices Part 1: Roles, Responsibilities and Activities.3
FDA NEWS RELEASE: February 14, 2011 Medical Device Data Systems are off-the-shelf or custom hardware or software products used alone or in combination that display unaltered medical device data, or transfer, store or convert medical device data for future use, in accordance with a preset specification. Examples of MDDS products include: devices that collect and store data from a glucose meter for future use or that transfer lab results to be displayed at a nursing station for future use. Information technology companies that design, install or market these systems, and hospitals that develop them in their facilities, must follow Class I requirements as well.
What is IEC 80001? IEC 80001-1 Ed.1: Application of risk management for it-networks incorporating medical devices Part 1: Roles, responsibilities and activities It is an international standard It is a voluntary standard unless formally adopted by regulatory authorities Specifically aimed at healthcare facilities of all sizes It is a process standard describing the risk management process Does not provide a checklist, but informs users how to create a program suitable for their facility
Future Documents Technical Reports (guidance documents) to be published soon: Guidance for Healthcare Delivery Organizations An implementation guide for HDOs of all sizes Step by Step Risk Management Still not a bullet-list of steps to accomplish, but rather a simple explanation of concepts from ISO 14971 and how they might be adopted by Responsible Organizations Security Use of Wireless Technologies With more to come
Origins of 80001 Core ideas drawn from: ISO 14971 Application of risk management to medical devices Applies ONLY to medical device manufacturers ISO 20000 IT Service Management Standards ITIL IT Infrastructure Library
The Key Properties 80001 defines three Key Properties to be managed. They are, in this order of priority: Safety (freedom from unacceptable risk of physical injury or damage to the health of people or damage to property or the environment) Effectiveness (ability to produce the intended result for the patient and the Responsible Organization) Data and System Security (an operational state of a Medical IT-Network in which information assets (data and systems) are reasonably protected from degradation of confidentiality, integrity, and availability) 80001 does not specify acceptable risk levels.
Role Relationships Medical Device Manufacturer Providers of Other Information Technology Responsible Organization Top Management Medical IT-Network Risk Manager
Contact Information Rick Hampton Wireless Communications Manager Partners HealthCare System One Constitution Center, Suite 200 Charlestown, MA 02129 Office: 617-726-6633 Cell: 617-968-2262 RHampton@Partners.org
Other References ISO/IEC 60601-1: 2005 Medical Electrical Equipment requires manufactures to include some information in accompanying documents if medical equipment is to be connected to an IT network ISO/IEC 14971:2007 Application of risk management to medical devices ISO/IEC 80001-1: 2010 Application of risk management for IT-networks incorporating medical devices Part 1: Roles, responsibilities & activities ISO/IEC 20000-1:2005 IT Service Management System Information Technology Infrastructure Library (ITIL v3) HIMSS/NEMA HN 1-2008 Manufacturer s Disclosure Statement for Medical Device Security (MDS2) MIL-STD-882E DOD s Standard Practice for System Safety, http://www.systemsafety.org/documents/mil-std-882e-feb05.doc ACCE ECRI Security Guide for Biomedical Technology, www.ecri.org Systems Engineering Guide for Systems of Systems, Version 1.0, Office of the Deputy Under Secretary of Defense for Acquisition and Technology, Systems and Software Engineering. Washington, DC: ODUSD(A&T)SSE, 2008. DOD, Aug 2008 National Institute of Standards and Technology (NIST) standards (http://csrc.nist.gov/publications/nistpubs/)
Final Thoughts In flying I have learned that carelessness and overconfidence are usually far more dangerous than deliberately accepted risks. Wilbur Wright in a letter to his father, September 1900