Health informatics — Information security management for remote maintenance of medical devices and medical information systems – Part 2: Implementation of an information security management system (ISMS)

Category
Technical Report
Organisation
International Organization for Standardization (ISO)
ID
ISO/TR 11633-2:2021
Type
Standard
Version
2
Access
Fees apply to access
Status
Active
Created
Feb 2021
This document provides a guideline for the implementation of an information-security management system (ISMS) by showing practical examples of risk analysis on remote maintenance services (RMS). It applies to information systems in healthcare facilities (HCFs) provided by vendors of medical devices or health information systems.

This guidance aims to protect the information assets on both sides (primarily the information system itself and personal health data) in a safe and efficient way. It covers the application of ISMS to RMS; security management measures for RMS; and gives an example of the evaluation and effectiveness based on the ‘controls’ defined in the ISMS.

Main sections:

· Scope

· Normative references

· Terms and definitions

· Application of ISMS to remote maintenance services

· Security management measures for remote maintenance services

· Approving residual risks

· Security audit

· Annex A: Example of risk assessment in remote maintenance services
Access Health informatics — Information security management for remote maintenance of medical devices and medical information systems – Part 2: Implementation of an information security management system (ISMS)

By accessing this content, you are leaving this website. The Agency takes no responsibility for the accuracy of content on the destination page.

Standards Catalogue Home

Explore the Standards Catalogue