Shopping Cart

No products in the cart.

AAMI TIR97 2019

$140.32

AAMI TIR97:2019 – Principles for medical device security-Postmarket risk management for device manufacturers

Published By Publication Date Number of Pages
AAMI 2019 56
Guaranteed Safe Checkout
Category:

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

Provides guidance on methods to perform postmarket security risk management for a medical device in the context of the Safety Risk Management process required by ISO 14971. This TIR is intended to be used in conjunction with AAMI TIR57:2016.

PDF Catalog

PDF Pages PDF Title
1 AAMI TIR97:2019; Principles for medical device security—Postmarket risk management for device manufacturers
3 Title page
4 AAMI Technical Information Report
Copyright information
5 Contents
6 Committee representation
8 Foreword
9 Introduction
11 1 Scope
2 Terms and definitions
14 3 Postmarket considerations for security policies and security program administration
3.1 Medical device security policy
3.2 Coordinated vulnerability disclosure
3.3 Information sharing
15 3.4 Communication of security capabilities
4 Design features for postmarket security risk management
5 Installation and configuration
16 5.1 Device security configuration
5.2 Security utility updating
5.3 Other considerations for security maintenance in the clinical environment
6 Postmarket management of fielded devices
17 Figure 1—Postmarket decision-making flow diagram
18 Figure 2—Cybersecurity signal handling process
19 6.1 Observation and transmission
6.1.1 Security monitoring
6.1.1.1 Supplier monitoring
6.1.1.2 Vulnerability monitoring
20 6.1.1.3 Third-party monitoring services
6.1.1.4 Product return and servicing
6.1.1.5 Changes in operational context
6.1.1.6 Active monitoring
6.1.2 Coordinated vulnerability disclosure
21 6.1.3 Bug bounty program
6.1.4 Other sources of security performance information
22 6.2 Assessment
6.2.1 Preliminary cybersecurity signal risk assessment
23 Table 1—Prioritization of cybersecurity signals
6.2.2 Product-specific threat event risk assessment
24 Figure 3—Product-specific threat event risk assessment
6.2.3 Assessing related products (variant analysis)
6.3 Action
25 Figure 4—Field change and security risk assessment revision due to a new cybersecurity signal
6.3.1 Speed of response
6.3.2 Software maintenance
26 6.3.2.1 Patch generation and distribution
27 6.3.2.2 Healthcare delivery organization control variations
6.3.3 External communication
Table 2—Types of external communication
28 6.3.4 Interacting with healthcare delivery organizations
29 6.3.5 Inventory management
7 Retirement/obsolescence
Figure 5—Product life-cycle and support milestones
7.1 General considerations
30 7.2 Secure disposal
32 Annex A (informative) Sample medical device security policy statements
A.1 Medical device security (top-level)
33 A.2 Medical device security operations
A.3 Supporting security controls and implementation (by organizational function)
35 Annex B (informative) Security risk management for healthcare networks
B.1 Healthcare network monitoring and device identification
B.1.1 Operational context
B.1.2 Design techniques to assist HDOs with device identification
36 Table B.1—Identification techniques
37 B.1.3 Asset identification
B.1.4 Authorization services
B.1.5 Structure of healthcare delivery organization networks
B.1.5.1 Small HDOs
B.1.5.2 Home healthcare environments
B.2 Security monitors and logging
38 B.2.1 Passive monitoring
39 B.2.1.1 Technical recommendations for passive security logging
B.2.2 Active monitoring
40 B.2.3 Security logs
41 B.3 Other Design Features to Support Postmarket Security Risk Management
B.4 Design pitfalls
42 Annex C (informative) Establishing a coordinated vulnerability disclosure process
C.1 Process establishment
Figure C.1—A model of the interface between ISO/IEC 29147 and ISO/IEC 30111
43 C.2 Accepting vulnerability information from external sources
C.3 Process for communicating to users and reporting known vulnerabilities
44 C.4 Importance of third-party applications, firmware, and hardware
C.5 U.S. FDA recognition of consensus standards (country-specific)
45 Annex D (informative) Mapping of defined terms included in Guidance for Industry and Food and Drug Administration Staff, Postmarket Management of Cybersecurity in Medical Devices
Table D.1—Mapping of defined terms
50 Annex E (informative) Security incident handling and response
E.1 Medical device security incident handling and response
E.2 Incident response preparation
51 E.3 Security incident categories
E.4 Security incident assessment
E.5 Security incident response execution
52 E.6 Internal coordination activities
E.6.1 Internal stakeholders
E.6.2 Deciding how to respond
54 E.6.3 Internal coordination of external communications
E.6.4 Patch release coordination
E.6.5 Incident response plan (impact and technical analysis)
56 Bibliography
AAMI TIR97 2019
$140.32