BS EN 80001-1:2011 pdf download

BS EN 80001-1:2011 pdf download.Application of risk management for lT-networks incorporating medical devicesPart 1: Roles, responsibilities and activities.
2.21
RESPONSIBILITY AGREEMENT
one or more documents that together fully define the responsibilities of all relevant stakeholders
NOTE This agreement can be a legal document. eg. a contract
2.22
RESPONSIBLE ORGAMZAT)ON
entity accountable for the use and maintenance of a MEDICAL IT-NETwoRK
NOTE 1 The accountable entity can be. for example. a hospital, a private clinician or a telehealth organization. NOTE 2 Adapted from IEC 60601-12005 definition 3.lOt,
2.23
RISK
combination of the probability of occurrence of HARM artd the severity of that HARM
(ISO 14971:2007, definition 2.16]
2.24
RISK ANALYSIS
systematic use of available information to identify HAZARDS and to estimate the RISK
(ISO 14971:2007. definition 2.17]
2.25
RISK ASSESSMENT
overall PROCESS comprising a RISK ANALYSIS and a RISK EVALUATION
(lSO/IEC Guide 51:1999, definition 3.12]
2.26
RISK CONTROL
PROCESS in which decisions are made and measures implemented by which RISKS are reduced
to, or maintained within, specified levels
IISO 14971 :2007, definition 2.19]
2.27
RISK EVALUATION
PROCESS of comparing the estimated RISK against given RISK criteria to determine the
acceptability of the RISK
(ISO 14971:2007, definition 2.21]
2.28
RISK MANAGEMENT
systematic application of management policies, procedures and practices to the tasks of analyzing, evaluating, controlling, and monitoring RISK
IISO 14971 :2007, definition 2.22]
2.29
RISK MANAGEMENT FILE
set of records and other documents that are produced by RISK MANAGEMENT
2.30
SAFETY
freedom from unacceptable RISK of physical injury or damage to the health of people or damage to property or the environment
NOTE AdaPted from ISO 14971.2007, definition 224.
2.31
TOP MANAGEMENT
person or group of people who direct(s) and control(s) the RESPONSIBLE ORGANIZATION accountable for a MEDICAL IT-NETWORK at the highest level
NOTE Adaped from ISO 90002005. definition 32.7.
2.32
VERWICATION
confirmation through provision of objective evidence that specified requirements have been fulfilled
NOTE 1 The t.rm ‘verified is used to designate the corresponding siNus
NOTE 2 Conilirmation can compns• activities ;uch as
– prforming aliernative calculations:
comparing a new design specification with a similar proven design specificahon.
— undertaking Iet5 and demonstrations, and
— reviewing documents prior to issue
IISO 14971:2007, definItion 2.28j
NOTE 3 In design and development. VERIFICATION concerns the PROCESS of examining the result of a given activity to determine conformity with the staled requirement fo that activity.
3 Roles and responsibilities
3.1 General
Incorporation and modification of equipment or software of a MEDICAL IT-NETWORK shall be performed under a framework of clearly defined responsibilities. At a minimum, the parties, responsibilities and requirements identified in subclauses 3.2 through 3.6shall be defined.
For the particular MEDICAL IT•NETWORK being considered, the RESPONSIBLE ORGANIZATION shall establish and maintain a UEDICAL IT-NETWORK RISK MANAGEMENT FILE.
All documentation related to the requirements of this standard for RESPONSIBLE ORGANIZATIONS as well as all supporting documentation shall be maintained in a MEOICAL IT-NETWORK RISK MANAGEMENT FILE. This tile shall contain the current CONFIGURATION MANAGEMENT information for the MEDICAL IT-NETWORK.
Compliance is checked by inspection of the MEDICAL IT-NETWORK RISK MANAGEMENT FILE.
3.2 RESPONSIBLE ORGANIZATION
The overall responsibility for RISK MANAGEMENT for a MEDICAL IT-NETWORK shall stay within the RESPONSIBLE ORGANIZATION.
The RESPONSIBLE ORGANIZATION shall be the owner of the RISK MANAGEMENT PAocEss for theMEDICAL IT-NETWORK，spanning planning, design, installation， device connection,configuration, useloperation, maintenance, and device decommissioning.
Compliance is checked by assessment of the REsPONSIBLE ORGANIZATION.
3.3 ToP MANAGEMENT responsibilities
For RISK MANAGEMENT of MEDICALIT-NETWORKS,TOP MANAGEMENT shall be accountable for:a) establishing a policy for RISK MANAGEMENT for incorporating MEDICAL DEVICES;
b) defining the policy for determining acceptable RISK，taking into account relevant
international standards and national or regional regulations;
c) ensuring the provision of adequate resources;
d)ensuring the assignment of qualified personnel for management, performance of work and
assessment activities.