Proactive Role of Clinical Engineering in the Adoption of ISO/IEC 80001-1 within Healthcare Delivery Organization

The integration of medical device systems and general hospital information technology (IT) infrastructure creates a medical device-IT network that requires patientoriented cybersecurity risk management to ensure patient safety. This study discusses the roles of clinical engineering in taking initiatives in the implementation of the ISO/IEC 80001-1 risk management framework in a hospital environment. Further, we present lessons learned and clinical engineering opportunities in managing medical device cybersecurity, which include development of an integrated systems test lab.Clinical Relevance— This paper highlights Clinical Engineering’s leadership role in implementing an effective risk management system for integrated medical device systems to reduce cybersecurity risks to enhance patient care and safety.

[1]  Kyle Eckhardt,et al.  Application of the IEC80001 standard towards integration of a real time alarm communication and management system , 2015 .

[2]  Richard Scott,et al.  Health Technology Management , 2014 .

[3]  Scott Anderson,et al.  Cybersecurity and medical devices: Are the ISO/IEC 80001-2-2 technical controls up to the challenge? , 2018, Comput. Stand. Interfaces.

[4]  Fergal McCaffery,et al.  Revising IEC 80001-1: Risk management of health information technology systems , 2018, Comput. Stand. Interfaces.

[5]  Patricia A. H. Williams,et al.  Cybersecurity vulnerabilities in medical devices: a complex environment and multifaceted problem , 2015, Medical devices.

[6]  Sarah Michaud Feature: As HTM Evolves, Soft Skills Become More Important. , 2019, Biomedical instrumentation & technology.

[7]  Daniel C Pettus,et al.  Reliable and Scalable Infusion System Integration with the Electronic Medical Record. , 2017, Biomedical instrumentation & technology.

[8]  Mike Papa Responsibility agreements ensure accountability under 80001. , 2011, Biomedical instrumentation & technology.

[9]  Martin Janssen,et al.  Guidelines from 80001: maintaining a medical IT network. , 2011, Biomedical instrumentation & technology.

[10]  Silvana Togneri MacMahon,et al.  Experience gained in applying IEC 80001-1 principles to a medical IT network supporting a clinical information system. , 2013 .

[11]  G. Stern Preparing for the Next Cyber Storm: Are You Ready? , 2019, Biomedical instrumentation & technology.