UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

IEC - 81001-5-1

Health software and health IT systems safety, effectiveness and security – Part 5-1: Security – Activities in the product life cycle

active, Most Current
Organization: IEC
Publication Date: 1 December 2021
Status: active
Page Count: 118
ICS Code (IT applications in health care technology): 35.240.80
ICS Code (Medical equipment in general): 11.040.01
scope:

This document defines the LIFE CYCLE requirements for development and maintenance of HEALTH SOFTWARE needed to support conformance to IEC 62443-4-1[11] - taking the specific needs for HEALTH SOFTWARE into account. The set of PROCESSES, ACTIVITIES, and TASKS described in this document establishes a common framework for secure HEALTH SOFTWARE LIFE CYCLE PROCESSES. An informal overview of activities for HEALTH SOFTWARE is shown in Figure 2.

The purpose is to increase the CYBERSECURITY of HEALTH SOFTWARE by establishing certain ACTIVITIES and TASKS in the HEALTH SOFTWARE LIFE CYCLE PROCESSES and also by increasing the SECURITY of SOFTWARE LIFE CYCLE PROCESSES themselves.

It is important to maintain an appropriate balance of the key properties SAFETY, effectiveness and SECURITY as discussed in ISO 81001-1[17].

This document excludes specification of ACCOMPANYING DOCUMENTATION contents.

Document History

81001-5-1
December 1, 2021
Health software and health IT systems safety, effectiveness and security – Part 5-1: Security – Activities in the product life cycle
This document defines the LIFE CYCLE requirements for development and maintenance of HEALTH SOFTWARE needed to support conformance to IEC 62443-4-1[11] – taking the specific needs for HEALTH SOFTWARE...

References

This document references:
AAMI TIR57 - Technical Information Report: Principles for medical device security—Risk management
Published by AAMI on January 1, 2016
This TIR provides guidance for addressing information security within the risk management framework defined by ANSI/AAMI/ISO 14971. This guidance is intended to assist manufacturers and other users...
This document references:
AAMI TIR97 - Principles for medical device security - Postmarket risk management for device manufacturers
Published by AAMI on January 1, 2019
This TIR provides guidance for addressing postmarket security risk management within the risk management framework defined by ANSI/AAMI/ISO 14971. While it is based on the ANSI/AAMI/ISO 14971...
This document references:
TS 102 165-1 - CYBER; Methods and protocols; Part 1: Method and pro forma for Threat, Vulnerability, Risk Analysis (TVRA)
Published by ETSI on January 1, 2022
The present document defines a method primarily for use by ETSI standards developers in undertaking an analysis of the threats, risks and vulnerabilities of an Information and Communications...
This document references:
IEC 62304 - Medical device software – Software life cycle processes
Published by IEC on June 1, 2015
Purpose This standard defines the life cycle requirements for MEDICAL DEVICE SOFTWARE. The set of PROCESSES, ACTIVITIES, and TASKS described in this standard establishes a common framework for...
This document references:
IEC 62366-1 - Medical devices – Part 1: Application of usability engineering to medical devices
Published by IEC on June 1, 2020
This part of IEC 62366 specifies a PROCESS for a MANUFACTURER to analyse, specify, develop and evaluate the USABILITY of a MEDICAL DEVICE as it relates to SAFETY. This USABILITY ENGINEERING (HUMAN...
This document is referenced by:
BS PD IEC TR 60601-4-5 - Medical electrical equipment Part 4-5: Guidance and interpretation — Safetyrelated technical security specifications
Published by BSI on January 31, 2021
A description is not available for this item.
This document is referenced by:
11073-10700 - Health Informatics—Device Interoperability Part 10700: Point‐of‐Care Medical Device Communication—Standard for Base Requirements for Participants in a Service‐Oriented Device Connectivity (SDC) System
Published by IEEE on November 8, 2022
This standard specifies the base set of Participant Key Purposes (PKPs) for the Service-oriented Device Connectivity (SDC) series of standards. PKPs are role-based sets of requirements for products...
This document is referenced by:
ISO 80601-2-84 - Medical electrical equipment — Part 2-84: Particular requirements for the basic safety and essential performance of ventilators for the emergency medical services environment
Published by ISO on July 1, 2020
This document applies to the basic safety and essential performance of an EMS ventilator in combination with its accessories, hereafter also referred to as ME equipment: ⎯ intended for patients who...
This document is referenced by:
ISO 80601-2-72 - Medical electrical equipment - Part 2-72: Particular requirements for basic safety and essential performance of home healthcare environment ventilators for ventilator-dependent patients
Published by ISO on September 1, 2015
IEC 60601‐1:2005+AMD1:2012, 1.1 is replaced by: This part of ISO 80601 applies to the BASIC SAFETY and ESSENTIAL PERFORMANCE of a VENTILATOR in combination with its ACCESSORIES, hereafter referred to...
This document is referenced by:
BS EN ISO 80601-2-80 - Medical electrical equipment Part 2-80: Particular requirements for basic safety and essential performance of ventilatory support equipment for ventilatory insufficiency
Published by BSI on August 31, 2018
A description is not available for this item.
View Less
View All
Advertisement