IEC/TR 80001-2-2:2012

Application of risk management for IT-networks incorporating medical devices — Part 2-2: Guidance for the communication of medical device security needs, risks and controls

Publication date:   Jul 13, 2012

General information

90.92 Standard to be revised   Feb 22, 2021

IEC

ISO/TC 215 Health informatics

Technical Report

35.240.80   IT applications in health care technology | 11.040.01   Medical equipment in general

Buying

Published

Language in which you want to receive the document.

Scope

IEC/TR 80001-2-2:2012(E), which is a technical report, creates a framework for the disclosure of security-related capabilities and risks necessary for managing the risk in connecting medical devices to IT-networks and for the security dialog that surrounds the IEC 80001-1 risk management of IT-network connection. This security report presents an informative set of common, high-level security-related capabilities useful in understanding the user needs, the type of security controls to be considered and the risks that lead to the controls. Intended use and local factors determine which exact capabilities will be useful in the dialog about risk. The capability descriptions in this report are intended to supply health delivery organizations (HDOs), medical device manufacturers (MDMs), and IT vendors with a basis for discussing risk and their respective roles and responsibilities toward its management. This discussion among the risk partners serves as the basis for one or more responsibility agreements as specified in IEC 80001-1.

Life cycle

NOW

PUBLISHED
IEC/TR 80001-2-2:2012
90.92 Standard to be revised
Feb 22, 2021

REVISED BY

IN_DEVELOPMENT
IEC/AWI TR 80001-2-2