• There are no items in your cart

DD ISO/TS 25238:2007

Current
Current

The latest, up-to-date edition.

Health informatics. Classification of safety risks from health software
Available format(s)

Hardcopy , PDF

Language(s)

English

Published date

08-31-2007

Foreword
Introduction
1 Scope
2 Terms and definitions
3 Abbreviated terms
4 Principles of hazard and risk analysis
5 Assignment of a risk class to a health software product
   5.1 Introduction
   5.2 Assignment to consequence categories
   5.3 Assignment of likelihood to consequences
   5.4 Risk classes
   5.5 Assignment of risk class to a health software product
   5.6 Process of iteration
6 The analytical process
   6.1 General
   6.2 Involvement of stakeholders
   6.3 Understanding the system and user environment
   6.4 Consequence analysis
   6.5 Likelihood analysis
   6.6 Iteration
   6.7 Reviews
   6.8 Documentation
   6.9 Incident library
7 Examples of assignment of risk classes to products
8 Relationship of risk classes to design and control of
   production of products
Annex A (informative) Health software products and medical
                      devices: rationale
Annex B (informative) Examples of assignment of Risk Classes
Annex C (informative) Illustration of the nature of the relationship
                      between risk classes and potential controls
                      for risk management
Bibliography

Defines the safety of patients and gives guidance on the analysis and categorization of hazards and risks to patients from health software products, in order to allow any product to be assigned to one of five risk classes. Applies to hazards and risks, which could cause harm to a patient.

This Technical Specification is concerned with the safety of patients and gives guidance on the analysis and categorization of hazards and risks to patients from health software products, in order to allow any product to be assigned to one of five risk classes. It applies to hazards and risks which could cause harm to a patient. Other risks, such as financial or organizational risks, are outside the scope of this Technical Specification unless they have the potential to harm a patient.

This Technical Specification applies to any health software product, whether or not it is placed on the market and whether it is for sale or free of charge. Examples of the application of the classification scheme are given.

This Technical Specification does not apply to any software which is necessary for the proper application or functioning of a medical device.

NOTE This Technical Specification is intended for the assignment of health software to broad risk classes, so as to aid decisions such as what controls should be applied to ensure safety. It is not intended for the application of risk analysis and risk management to the design of health software products and the mitigation of any identified risks to acceptable levels (see AnnexA).

Committee
IST/35
DocumentType
Standard
Pages
36
PublisherName
British Standards Institution
Status
Current

Standards Relationship
ISO/TS 25238:2007 Identical

EN 1441 : 1997 MEDICAL DEVICES - RISK ANALYSIS
IEC 61508-4:2010 Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 4: Definitions and abbreviations (see Functional Safety and IEC 61508)
ISO/IEC Guide 51:2014 Safety aspects Guidelines for their inclusion in standards
AS/NZS 4360:2004 Risk management
ISO/IEC Guide 73:2002 Risk management Vocabulary Guidelines for use in standards
ISO/IEC 17799:2005 Information technology Security techniques Code of practice for information security management
ISO 14971:2007 Medical devices Application of risk management to medical devices
IEC 60601-1-4:1996+AMD1:1999 CSV Medical electrical equipment - Part 1-4: General requirements for safety - Collateral Standard: Programmable electrical medical systems

View more information
US$277.90
Excluding Tax where applicable

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.