AAMI TIR80001 2 8 2016
$140.32
AAMI/IEC TIR80001-2-8:2016 – Application of risk management for IT networks incorporating medical devices. Part 2-8: Application guidance – guidance on standards for establishing the security capabilities identified in IEC 80001-2-2
| Published By | Publication Date | Number of Pages |
| AAMI | 2016 | 57 |
This technical report provides guidance for the application of the framework outlined in AAMI/IEC 80001-2-2. Managing the RISK in connecting MEDICAL DEVICES to IT-networks requires the disclosure of security-related capabilities and RISKS. AAMI/IEC 80001-2-2 presents a framework for this disclosure and the security dialog that surrounds the AAMI/IEC 80001-1 RISK MANAGEMENT of IT-networks. AAMI/IEC 80001-2-2 presents an informative set of common, descriptive security-related capabilities that are useful in terms of gaining an understanding of user needs. This report addresses each of the SECURITY CAPABILITIES and identifies SECURITY CONTROLS for consideration by all stakeholders during RISK MANAGEMENT activities, supplier selection, device selection etc.
PDF Catalog
| PDF Pages | PDF Title |
|---|---|
| 1 | AAMI/IEC TIR80001-2-8:2016; Application of risk management for IT networks incorporating medical devices—Part 2-8: Application guidance—Guidance on standards for establishing the security capabilities identified in IEC 80001-2-2 |
| 4 | AAMI Technical Information Report ANSI Registration |
| 5 | Contents |
| 6 | Glossary of equivalent standards |
| 7 | Committee representation |
| 8 | Foreword |
| 10 | Introduction |
| 14 | 1 Scope 2 Normative references 3 Terms and definitions |
| 18 | 4 Guidance for establishing security capabilities 4.1 General 4.2 Automatic logoff – ALOF |
| 19 | Table 1 – ALOF controls |
| 20 | 4.3 Audit controls – AUDT |
| 21 | Table 2 – AUDT controls |
| 22 | 4.4 Authorization – AUTH |
| 23 | Table 3 – AUTH controls |
| 24 | 4.5 Configuration of security features – CNFS |
| 25 | Table 4 – CNFS controls |
| 26 | 4.6 Cyber security product upgrades – CSUP |
| 27 | Table 5 – CSUP controls |
| 29 | 4.7 Health data de-identification – DIDT |
| 30 | Table 6 – DIDT controls |
| 31 | 4.8 Data backup and disaster recovery – DTBK |
| 32 | Table 7 – DTBK controls |
| 33 | 4.9 Emergency access – EMRG |
| 34 | Table 8 – EMRG controls 4.10 Health data integrity and authenticity – IGAU |
| 35 | Table 9 – IGAU controls |
| 36 | 4.11 Malware detection/protection – MLDP Table 10 – MLDP controls |
| 38 | 4.12 Node authentication – NAUT |
| 39 | Table 11 – NAUT controls |
| 41 | 4.13 Person authentication – PAUT |
| 42 | Table 12 – PAUT controls |
| 43 | 4.14 Physical locks on device – PLOK |
| 44 | Table 13 – PLOK controls |
| 45 | 4.15 Third-party components in product lifecycle roadmaps – RDMP |
| 46 | Table 14 – RDMP controls |
| 48 | 4.16 System and application hardening – SAHD |
| 49 | Table 15 – SAHD controls |
| 51 | 4.17 Security guides – SGUD Table 16 – SGUD controls |
| 53 | 4.18 health data storage confidentiality – STCF |
| 54 | Table 17 – STCF controls |
| 55 | 4.19 Transmission confidentiality – TXCF Table 18 – TXCF controls |
| 56 | 4.20 Transmission integrity – TXIG Table 19 – TXIG controls |
| 57 | Bibliography |
