AAMI規格 AAMI TIR97, 2019: Principles for medical device security - Postmarket risk management for device manufacturers, 医療機器セキュリティの原則 - 機器メーカーの市販後のリスクマネージメント

AAMI規格 TIR97, 2019/(R)2023

産業規格・仕様書  >  AAMI  > 




AAMI規格 TIR97, 2019/(R)2023

62,920(税込)

数量

書名

AAMI TIR97, 2019: Principles for medical device security - Postmarket risk management for
device manufacturers(Includes all amendments and changes through Reaffirmation Notice, 2023)
AAMI規格 TIR97, 2019: 医療機器セキュリティの原則 - 機器メーカーの市販後のリスクマネージメント
発行元 Association for the Advancement of Medical Instrumentation (AAMI)
発行年/月 2023年1月   
装丁 ペーパー
ページ数 56 ページ
発送予定 海外倉庫よりお取り寄せ 1-2週間以内に発送します
※PDF版をご希望のお客様は別途お問合せ下さいませ。
※当ウェブ・ショップに未掲載のAAMI規格につきましては、別途お問合せ下さいませ。
※掲載の規格は、当ウェブ・ショップに掲載時点で確認できた最新版でございます。
最新の発行状況につきましては受注時に改めて確認をさせて頂きますので予めご了承下さい。

 

Description

This TIR provides guidance for addressing postmarket security risk management within the risk management framework defined by ANSI/AAMI/ISO 14971. While it is based on the ANSI/AAMI/ISO 14971 framework for medical device risk management, most concepts are applicable to any healthcare product that requires postmarket management of security.

This guidance is intended to assist manufacturers and other users of the standard with the following:
- establishing an enterprise-wide process to manage security postmarket interactions with users and other stakeholders;
- creating design features that enable postmarket management of security risk and effective integration with healthcare delivery organization (HDO) network security policies and technologies, or other operational contexts;
- understanding and communicating the security expectations from manufacturers to those who deploy medical devices in a user environment;
- implementing processes to monitor fielded devices for newly discovered security vulnerabilities both from the devices themselves and from other sources;
- implementing processes to assess both safety and security risk to decide when action is required;
- developing a coordinated vulnerability disclosure process;
- implementing processes to manage device security patching; and
- planning for device retirement.

The guidance provided by this document is applicable to the production and post-production phases of the life-cycle of a medical device (hereinafter referred to as the “postmarket” phase).

This TIR expands the information provided in Clause 4 “Production and post-production feedback loop” of ANSI/AAMI/ISO TIR24971:2013 by highlighting the need for proactive monitoring to assess threats and detect vulnerabilities. It references the coordinated safety/security risk assessment approach that was presented in Clause 9 of AAMI TIR57:2016, Production and post-production information.