ISO DIS 81001-1
Health software and health IT systems safety, effectiveness and security — Part 1: Foundational principles, concepts, and terms
|Publication Date:||10 November 2019|
|ICS Code (IT applications in health care technology):||35.240.80|
This document articulates the foundational principles, concepts, terms and definitions for health software and health IT system safety, effectiveness and security across the full life cycle, from concept to decommissioning, represented in Figure 1 (see Introduction). It takes into account the evolving complex internal and external context in healthcare, including people, technology (hardware/ software), organizations, processes, and external environment. It also addresses the transition points in the life cycle where transfers of responsibility occur, and the types of multi-lateral communication that are necessary. This document provides a unifying foundation of coherent concepts and terminology for other standards that address specific aspects of the safety, effectiveness, and security (including privacy) of health software and health IT systems.
The fundamental concepts and principles of managing safety, effectiveness and security are applicable to all parties involved in the health software and health IT systems life cycle including:
a) Organizations, health informatics professionals and clinical leaders designing, developing, integrating, implementing and operating these systems - for example health software developers and medical device manufacturers, system integrators, system administrators (including cloud and other IT service providers);
b) Healthcare service delivery organizations, healthcare providers and others who use these systems in providing health services;
c) Governments, health system funders, monitoring agencies, professional organizations and customers seeking confidence in an organization's ability to consistently provide safe, effective and secure health IT systems and services;
d) Organizations and interested parties seeking to improve communication in managing safety, effectiveness and security risks through a common understanding of the concepts and terminology used in safety, effectiveness and security management;
e) Organizations performing conformity assessments against the requirements of ISO/IEC 80001- series;
f) Providers of training, assessment or advice in safety, effectiveness and security risk management for health software and systems; and
g) Developers of related safety, effectiveness and security standards.