Abstract
Nowadays, the hospital IT network is increasingly used to transport data between medical devices and information systems. The increase in network integration and the importance of the transported data results in high dependency on the IT network in the clinical setting. Until now, risk classification methods focused on two individual components of a medical system: medical devices and medical software. In this paper, we present a tool to classify patient safety risks of data transfer in medical systems by indicating the dependency on the IT network. The new method shifts the focus from separate components to the intended use of the entire system. It supports communication about risks and enables us to link risk analysis techniques and safety measures to the classification. The tool can be used in the design phase and is the start of a risk management process to secure safe use of a medical system.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Volkskrant (2014). http://www.volkskrant.nl/dossier-zorg/risico-uitval-draadloos-netwerk-in-zorginstellingen-onderschat~a3633074/
Hanuscak, T.L., Szeinback, S.L., Seoane-Vazquez, E., Reichert, B.J., McCluskey, C.F.: Evaluation of causes and frequency of medication errors during information technology downtime. Am. J. Health Syst. Pharm. 66(12), 1119–1125 (2009)
Campbell, E.M., Sittig, D.N., Guappone, K.P., Dykstra, R.H., Ash, J.S.: Overdependence on technology: an unintended adverse consequence of computerized provider order entry. In: AMIA Annual Symposium Proceedings, pp. 94–98 (2007)
Sittig, D.F., Singh, H.: Defining health information technology-related errors: new developments since to err is human. Arch. Intern. Med. 171(14), 1281–1284 (2011)
Skipr (2014). http://www.skipr.nl/actueel/id18982-ziekenhuis-weinig-alert-op-cybersecurity.html
Telegraph (2014). http://www.telegraph.co.uk/news/science/science-news/11212777/Terrorists-could-hack-pacemakers-like-in-Homeland-say-security-experts.html
Volkskrant (2013). http://www.volkskrant.nl/dossier-archief/hoe-hackers-ons-in-het-hart-raken~a3537587/
Austrian Times (2012). http://austriantimes.at/news/General_News/2012-12-01/45780/Patient%20hackers%20managed%20to%20dial%20a%20drug%20in%20hospital
The Economist (2014). http://www.economist.com/news/special-report/21606416-companies-markets-and-countries-are-increasingly-under-attack-cyber-criminals
Halperin, D., Heydt-Benjamin, T.S., Ransford, B., Clark, S., Defend, B., Morgan, W., Fu, K., Kohno, T., Maisel, W.H.: Pacemakers and implantable cardiac defibrillators: software radio attacks and zero-power defenses. Computer Science Department Faculty Publication Series. Paper 68 (2008)
Himss: Himss System Risk Analysis Survey Report (2012)
European Commission DG Health and Consumers: Medical Devices: Directive 93/42/EEC
European Parliament and Council of the European Union: Medical Devices: Guidance Document – Classification of Medical Devices MEDDEV 2.4/1 Rev. 9 (2010)
Ekker, A., van Rest, B.: Medische apps, is certificeren nodig? Nictiz (2013)
International Electrotechnical Commission (IEC): International Standard IEC 80001-1: Application of Risk Management for IT-networks Incorporating Medical Devices – Part 1: Roles, responsibilities and activities (2010)
NEderlandse Norm (NEN): NEN7510:2011 Medische Informatica – Informatiebeveiliging in de Zorg (2011)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Rosenbrand, D., de Weerd, R., Bothe, L., Baalbergen, J.J. (2015). Risk Classification of Data Transfer in Medical Systems. In: Koornneef, F., van Gulijk, C. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2014. Lecture Notes in Computer Science(), vol 9337. Springer, Cham. https://doi.org/10.1007/978-3-319-24255-2_18
Download citation
DOI: https://doi.org/10.1007/978-3-319-24255-2_18
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-24254-5
Online ISBN: 978-3-319-24255-2
eBook Packages: Computer ScienceComputer Science (R0)