UNLIMITED FREE ACCESS TO THE WORLD'S BEST IDEAS

close
Already an Engineering360 user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your Engineering360 Experience

close
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

AAMI HIT1000-3

Safety and effectiveness of health IT software and systems - Part 3: Application of risk management

active, Most Current
Buy Now
Organization: AAMI
Publication Date: 1 January 2019
Status: active
Page Count: 50
scope:

This part of AAMI HIT1000 (Part 3: Application of risk management) identifies the core concepts and principles needed to maintain safe and effective health IT software and systems in order to estimate and evaluate the associated risks, to control these risks, and to monitor the effectiveness of the controls.

This standard applies throughout the whole lifecycle of health IT software and systems, as well as to all sizes and types of actors involved with that system-from Developers and system Integrators who create the systems, to healthcare delivery organizations (HDOs) who own, configure, implement, and use the systems, and to those responsible for operating and ultimately decommissioning health IT systems or health IT system components.

This standard defines the points in the health IT lifecycle where different roles-Top Management, Business Owner, Developer, Integrator, Implementer, Operator, and User (see Table 1)-assume primary responsibility for managing risks and identifies the communication necessary among the different roles at those points.

Note: Roles in this standard are activity-based and not dependent upon the entity or organization involved. For example, a HDO may be the Business Owner but may also create or substantively modify health IT system components during certain stages of the health IT software and systems lifecycle. At those stages, the HDO would also be serving as a Developer and would assume the appropriate responsibilities of that role.

This standard provides guidance for managing risk, including best practices for assessing, classifying and prioritizing the relative risks and includes examples of means for controlling these risks. It does not specify acceptable risk levels, nor does it address regulatory or legal requirements.

It is recognized that not all incorporated parts of health IT software and systems will have used this series of standards or applicable medical software standards throughout the lifecycle. Where this lack of use is the case, the safety impacts of these parts, including the use of other standards must be considered and addressed to appropriately mitigate potential negative consequences.

Document History

AAMI HIT1000-3
January 1, 2019
Safety and effectiveness of health IT software and systems - Part 3: Application of risk management
This part of AAMI HIT1000 (Part 3: Application of risk management) identifies the core concepts and principles needed to maintain safe and effective health IT software and systems in order to...

References

Advertisement