IEC TR 80001-1:2011 pdf free download

IEC TR 80001-1:2011 pdf free download.Application of risk management for IT-networks incorporating medical devices Part 1: Roles, responsibilities and activities.
Incorporation and modification of equipment or software of a MEDICAL IT-NETWORK shall be performed under a framework of clearly defined responsibilities. At a minimum, the parties, responsibilities and requirements identified in subclauses 3.2 through 3.6shaII be defined.
For the particular MEDICAL IT-NETWORK being considered, the RESPONSIBLE ORGANIZATION shall establish and maintain a MEDICAL IT-NETWORK RISK MANAGEMENT FILE.
All documentation related to the requirements of this standard for RESPONSIBLE ORGANIZATIONS as well as all supporting documentation shall be maintained in a MEDICAL IT-NETWORK RISK MANAGEMENT FILE. This file shall contain the current CONFIGURATION MANAGEMENT information for the MEDICAL IT-NETWORK.
NOTE The CONFIGURATION MANAGEMENT information can be included in the MEDICAL IT-NETWORK RISK MANAGEMENT
FILE either through explicit documentation or by reference, for example. to a live database.
Compliance is checked by inspection of the MEDICAL IT-NETWORK RISK MANAGEMENT FILE.
3.2 RESPONSIBLE ORGANIZATION
The overall responsibility for RISK MANAGEMENT for a MEDICAL IT-NETWORK shall stay within the RESPONSIBLE ORGANIZATION.
The RESPONSIBLE ORGANIZATION shall be the owner of the RISK MANAGEMENT PROCESS for the MEDICAL IT-NETWORK, spanning planning, design, installation, device connection, configuration, use/operation, maintenance, and device decommissioning.
Compliance is checked by assessment of the RESPONSIBLE ORGANIZATION.
3.3 ToP MANAGEMENT responsibilities
For RISK MANAGEMENT of MEDICAL IT-NETWORKS, TOP MANAGEMENT shall be accountable for:
a) establishing a policy for RISK MANAGEMENT for incorporating MEDICAL DEVICES;
b) defining the policy for determining acceptable RISK, taking into account relevant
international standards and national or regional regulations;
C) ensuring the provision of adequate resources;
d) ensuring the assignment of qualified personnel for management, performance of work and assessment activities; and
e) reviewing the results of RISK MANAGEMENT activities, including EVENT MANAGEMENT (see 4.6.2), at defined intervals to ensure the continuing suitability and the effectiveness of the
RISK MANAGEMENT PROCESS.
The above shall be documented in the MEDICAL IT-NETWORK RISK MANAGEMENT FILE.
TOP MANAGEMENT shall appoint a MEDICAL IT-NETWORK RISK MANAGER, who has the necessary qualifications, knowledge and competence for RISK MANAGEMENT applied to MEDICAL IT- NETWORKS (see 3.4).
TOP MANAGEMENT shall identify the people responsible for the following tasks and ensure that they co-operate with the MEDICAL IT-NETWORK RISK MANAGER:
f) gathering, analysis, assessment and storage of information needed for RISK MANAGEMENT;
g) lifecycle management of MEDICAL DEVICES incorporated in IT-NETWORKS;
h) reviewing and accepting RESIDUAL RISK on behalf of TOP MANAGEMENT;
i) maintenance of MEDICAL IT-NETWORKS; and
j) choice of and procurement of MEDICAL DEVICES.IEC TR 80001-1 pdf download.