dispositivi medici software una sfida globale una nuova
play

Dispositivi medici software una sfida globale: una nuova era dei - PowerPoint PPT Presentation

Sep 18, 2022 •275 likes •633 views

Dispositivi medici software una sfida globale: una nuova era dei dispositivi medici La sicurezza informatica dei dispositivi medici Antonio Bartolozzi antonio.bartolozzi@bartolozzi.it Trieste 25/11/2019 1 Health Software 2.17 ISO

  1. Dispositivi medici software una sfida globale: una nuova era dei dispositivi medici La sicurezza informatica dei dispositivi medici Antonio Bartolozzi antonio.bartolozzi@bartolozzi.it Trieste 25/11/2019 1

  2. Health Software 2.17 ISO 29321:2008/TS health software product software product for use in the health sector for health related purposes but excluding software that is: ⎯ necessary for the proper application of a medical device; ⎯ ⎯ ⎯ ⎯ ⎯ an accessory to a medical device; ⎯ ⎯ ⎯ ⎯ ⎯ ⎯ a medical device in its own right. NOTE 1 This definition is intended for this Technical Specification only. 3.6 EN 82304:2016 HEALTH SOFTWARE software intended to be used specifically for maintaining or improving health of individual persons, or the delivery of care 2 antonio.bartolozzi@bartolozzi.it

  3. Draft IEC 62304 Ed. 2: Health software - Software life cycle processes 3.11 HEALTH SOFTWARE SOFTWARE SYSTEM intended to be used specifically for managing, maintaining, or improving health of individual persons, or the delivery of care, or which has been developed for the purpose of being incorporated into a MEDICAL DEVICE Note 1 to entry: HEALTH SOFTWARE fully includes what is considered software as a MEDICAL DEVICE. [SOURCE: ISO 81001-1:—, 3.22, modified — In the definition, the term "software" has been replaced by "SOFTWARE SYSTEM".] 3 antonio.bartolozzi@bartolozzi.it

  4. DRAFT EN 62304 Ed. 2 3.9 HAZARD potential source of HARM Note 1 to entry: Potential sources of HARM include breach of SECURITY and reduction of effectiveness. Under preparation . Stage at the time of this CDV: ISO/DIS 81001-1:2019. 3.10 HAZARDOUS SITUATION circumstance in which people, property or the environment is/are exposed to one or more NEW HAZARD(S) ISO 81001-1:—, 3.17] 4 antonio.bartolozzi@bartolozzi.it

  5. ISO 14971:2019 Benefit 3.2 benefit positive impact or desirable outcome of the use of a medical device (3.10) on the health of an individual, or a positive impact on patient management or public health Note 1 to entry: Benefits can include positive impact on clinical outcome, the patient’s quality of life, outcomes related to diagnosis, positive impact from diagnostic devices on clinical outcomes, or positive impact on public health. 3.3 harm injury or damage to the health of people, or damage to property or the environment [SOURCE: ISO/IEC Guide 63:2019, 3.1] 5 antonio.bartolozzi@bartolozzi.it

  6. lEC 80001-2010 2.8 harm physical injury or damage to the health of people, or damage to property or the environment, or reduction in effectiveness, or breach of data and systems security 6 antonio.bartolozzi@bartolozzi.it

  7. Software intended to specifically be used for delivery of care DRAFT EN 62304 3.11 HEALTH SOFTWARE SOFTWARE SYSTEM intended to be used specifically for managing, maintaining, or improving health of individual persons, or the delivery of care, or which has been developed for the purpose of being incorporated into a MEDICAL DEVICE Note 1 to entry: HEALTH SOFTWARE fully includes what is considered software as a MEDICAL DEVICE. [SOURCE: ISO 81001-1:XXXX, 3.22, modified — In the definition, the term "software" has been replaced by "SOFTWARE SYSTEM".] (53) ‘clinical benefit’ means the positive impact of a device on the health of an individual, expressed in terms of a meaningful, measurable, patient-relevant clinical outcome(s), including outcome(s) related to diagnosis, or a positive impact on patient management or public health; Prevention of malfunctioning, as of Class I ? MPI, ADT an organ or structure of the body. healthcare booking system C.U.P.? Software intended to provide information which is used to take decisions with diagnosis or therapeutic purposes is classified as class IIa 7 antonio.bartolozzi@bartolozzi.it

  8. ISO 14971:2019 process — It is explained that the described in ISO 14971 can be used for managing risks associated with medical devices , including those related to data and systems security. 8 antonio.bartolozzi@bartolozzi.it

  9. GDPR & MDR Directive 95/46/EC is repealed with Article 110 effect from 25 May 2018 Data protection 1. Member States shall apply Directive 95/46/EC to the processing of personal data carried out in the Member States pursuant to this Regulation. 2. Regulation (EC) No 45/2001 shall apply to the processing of personal data carried out by the Commission pursuant to this Regulation. GDPR (EU 679/2016) EUDPR - Regulation 2018/1725 1.This Regulation lays down rules relating to the protection of natural persons with regard to the processing of personal data by the Union institutions and bodies and rules relating to the free movement of personal data between them or to other recipients established in the Union 9 antonio.bartolozzi@bartolozzi.it

  10. IHE PCD 10 antonio.bartolozzi@bartolozzi.it

  11. Vulnerability 11 antonio.bartolozzi@bartolozzi.it

  12. Smart Rosario – Not so smart When a user resets their account using Click to Pray’s app, it uses an application programming interface (API) to make the request to the server, which then sends the PIN to the user’s email. The server also returns the PIN in its response to the API request, meaning that someone accessing the API directly could get the user’s PIN without having access to their email. Click to Pray 12 antonio.bartolozzi@bartolozzi.it

  13. Tomcat Realm The standard Tomcat Realm component allows unlimited authorization attempts, opening the door to brute force attacks from a spoofed IP address. The LockOut Realm prevents this by placing a limit on the number of log in attempts within a given time period before a user is locked out of the system. 13 antonio.bartolozzi@bartolozzi.it

  14. Draft EN 62304 – Risk Management The MANUFACTURER of HEALTH SOFTWARE shall establish and maintain the following: a) A PROCESS for managing RISKS, primarily to the patient, but also to the operator, other persons, property, and the environment. This PROCESS shall provide methods for identifying HAZARDS, performing RISK ESTIMATION and RISK EVALUATION, controlling identified RISKS, and monitoring the effectiveness of the RISK CONTROL measures, taking the INTENDED USE of the HEALTH SOFTWARE into account. b) As applicable, a PROCESS for managing RISKS associated with SECURITY. This PROCESS shall provide methods for identifying vulnerabilities, estimating and evaluating the associated threats, controlling these threats, and monitoring the effectiveness of the RISK CONTROL (SECURITY) measures, taking the INTENDED USE of the HEALTH SOFTWARE into account. NOTE 2 Examples of SECURITY RISK considerations and RISK CONTROL measures can be found in the ISO 27000 family of Information Security Management System (ISMS) standards (see Table C.1), ISO 27799 [19], IEC 62443 (all parts) [ 5], and AAMI TIR 57:2016 [30]. 14 antonio.bartolozzi@bartolozzi.it

  15. State of the art - ISO/IEC Guide 63:2019 3.18 state of the art developed stage of technical capability at a given time as regards products, processes and services, based on the relevant consolidated findings of science, technology and experience. Note 1 to entry: The state of the art embodies what is currently and generally accepted as good practice in technology and medicine. The state of the art does not necessarily imply the most technologically advanced solution . The state of the art described here is sometimes referred to as the “ generally acknowledged state of the art ”. [SOURCE: ISO/IEC Guide 2:2004, 1.4, modified — Note 1 to entry has been added.] 15 antonio.bartolozzi@bartolozzi.it

  16. ISO/EN 14971:2012 Annex D - Risk concepts applied to medical devices “State of the art” is used here to mean what is currently and generally accepted as good practice. Various methods can be used to determine "state of the art" for a particular medical device. Examples are: ─ standards used for the same or similar devices; ─ best practices as used in other devices of the same or similar type; ─ results of accepted scientific research. 16 antonio.bartolozzi@bartolozzi.it

  17. ISO 24971:2013 - Developing the policy for determining the criteria for risk acceptability When developing or maintaining the policy (for determining the criteria for risk acceptability) the following should be taken into consideration: — The applicable regulatory requirements in the regions where the medical device is to be marketed . — The relevant International Standards for the particular medical device or an intended use of the medical device that can help identify principles for setting the criteria for risk acceptability (see 2.2). — Information on the state of the art can be obtained from review of the literature and other information on similar medical devices the manufacturer has marketed, as well as those from competing companies . — The validated and comprehensive concerns from the main stakeholders. Some potential sources of information on the patient and clinician perspective can include news media, social media, patient forums, as well as input from internal departments with expert knowledge of stakeholder concerns such as the clinical department. 17 antonio.bartolozzi@bartolozzi.it

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

The Medici Family leaders of Florence Cosimo de Medici The Medici family controlled Florence

The Medici Family leaders of Florence Cosimo de Medici The Medici family controlled Florence

The Medici Family leaders of Florence Cosimo de Medici The Medici family controlled Florence throughout much of the Renaissance. Giovanni de Medici In 1397, Giovanni de Medici, banker to the Papal Court, established headquarters in Florence.

192 views • 3 slides
CODE OF DECEMBER 2019 ETHICS R E S P O N S I B I L I T Y Y C N E R A P S A

CODE OF DECEMBER 2019 ETHICS R E S P O N S I B I L I T Y Y C N E R A P S A

CODE OF DECEMBER 2019 ETHICS R E S P O N S I B I L I T Y Y C N E R A P S A R T CONFINDUSTRIA DISPOSITIVI MEDICI - CODE OF ETHICS DECEMBER 2019 pag. 2 TABLE OF CONTENTS FOREWORD PAG. 5 INTRODUCTION PAG. 7 1

593 views • 48 slides
Palace commissioned by Cosimo Donatellos David 1440 Commissioned by Cosimo de Medici

Palace commissioned by Cosimo Donatellos David 1440 Commissioned by Cosimo de Medici

Gozzoli, Benozzo Journey of the Magi 1459-1460 in chapel of Medici Palace commissioned by Cosimo Donatellos David 1440 Commissioned by Cosimo de Medici for courtyard of the new Medici palace Ghiberti Gates of Paradise

548 views • 16 slides
T H S E OPTIMISATION GLOBALE SEMI-DTERMINISTE ET APPLICATIONS INDUSTRIELLES Soutenue par:

T H S E OPTIMISATION GLOBALE SEMI-DTERMINISTE ET APPLICATIONS INDUSTRIELLES Soutenue par:

T H S E OPTIMISATION GLOBALE SEMI-DTERMINISTE ET APPLICATIONS INDUSTRIELLES Soutenue par: Ivorra Benjamin Sous la direction de: Bijan Mohammadi : lUniversit Montpellier II 09 Juin 2006 Soutenance de thse - p. 1/19 Outlines

845 views • 62 slides
tour de lvaluation interlaboratoire biennale globale des laboratoires analysant les POPs

tour de lvaluation interlaboratoire biennale globale des laboratoires analysant les POPs

Rsultats et enseignements tirs du deuxime tour de lvaluation interlaboratoire biennale globale des laboratoires analysant les POPs Heidelore Fiedler Universit drebro, cole des Sciences et de la Technologie, Centre de

488 views • 37 slides
Dualit sans contraintes en optimisation globale Simon Boulmier www.localsolver.com 1 | 28

Dualit sans contraintes en optimisation globale Simon Boulmier www.localsolver.com 1 | 28

Dualit sans contraintes en optimisation globale Simon Boulmier www.localsolver.com 1 | 28 Global optimization and lower bounds Mixed-integer nonlinear problem : Dual search Primal search v v f 2 | 28 min s.c. x R n f ( x ) l

730 views • 46 slides
Webinar Series on The Good Adult Educator Glocalisation How the Curriculum globALE

Webinar Series on The Good Adult Educator Glocalisation How the Curriculum globALE

Webinar Series on The Good Adult Educator Glocalisation How the Curriculum globALE was localised in Laos to train adult educators. 18.02.20 1 The International Council for Adult Education (ICAE ) is a global netwo rk

348 views • 31 slides
La nuo La nuova classific a classificazio azione WHO ne WHO delle Sindromi mi Mielo

La nuo La nuova classific a classificazio azione WHO ne WHO delle Sindromi mi Mielo

La nuo La nuova classific a classificazio azione WHO ne WHO delle Sindromi mi Mielo Mielodisplas8c displas8che he Gina Zini, MD. PhD. Hematology Prof. FPG - Universit Ca>olica, Roma Learning Learning obje jec8ves 2016 WHO Updated

630 views • 20 slides
A Global Perspective Coeliaque Sans Frontires: Une Perspective Globale Dr. Mohsin Rashid MD,

A Global Perspective Coeliaque Sans Frontires: Une Perspective Globale Dr. Mohsin Rashid MD,

Celiac Without Borders: A Global Perspective Coeliaque Sans Frontires: Une Perspective Globale Dr. Mohsin Rashid MD, MEd, FRCP(C) Paediatric Gastroenterologist Canadian Celiac Association Annual Conference, Kelowna, BC May 2012 Financial

1.06k views • 65 slides
COLLECTION CONCEPT DE LA COLLECTION FOCUS NOUVEAUTES OFFRE GLOBALE IDEES CADEAUX ACTIVITES DE

COLLECTION CONCEPT DE LA COLLECTION FOCUS NOUVEAUTES OFFRE GLOBALE IDEES CADEAUX ACTIVITES DE

XMAS 17 COLLECTION CONCEPT DE LA COLLECTION FOCUS NOUVEAUTES OFFRE GLOBALE IDEES CADEAUX ACTIVITES DE LA JOURNEE CONCEPT WINTERWONDERLAND Nol frique sous la neige Ambiance cocooning Millnial Pink et Rose gold LA MASCOTTE DE LA

666 views • 19 slides
DICHIARAZIONE Relatore: Dr.ssa LORENA DRAGHINI Come da nuova regolamentazione della Commissione

DICHIARAZIONE Relatore: Dr.ssa LORENA DRAGHINI Come da nuova regolamentazione della Commissione

DICHIARAZIONE Relatore: Dr.ssa LORENA DRAGHINI Come da nuova regolamentazione della Commissione Nazionale per la Formazione Continua del Ministero della Salute, richiesta la trasparenza delle fonti di finanziamento e dei rapporti con soggetti

453 views • 12 slides
DICHIARAZIONE Relatore: Antonio PONTORIERO Come da nuova regolamentazione della Commissione

DICHIARAZIONE Relatore: Antonio PONTORIERO Come da nuova regolamentazione della Commissione

DICHIARAZIONE Relatore: Antonio PONTORIERO Come da nuova regolamentazione della Commissione Nazionale per la Formazione Continua del Ministero della Salute, richiesta la trasparenza delle fonti di finanziamento e dei rapporti con soggetti

942 views • 55 slides
DICHIARAZIONE Relatore: Ernesto Maranzano Come da nuova regolamentazione della Commissione

DICHIARAZIONE Relatore: Ernesto Maranzano Come da nuova regolamentazione della Commissione

DICHIARAZIONE Relatore: Ernesto Maranzano Come da nuova regolamentazione della Commissione Nazionale per la Formazione Continua del Ministero della Salute, richiesta la trasparenza delle fonti di finanziamento e dei rapporti con soggetti

669 views • 33 slides
DICHIARAZIONE Relatore: Giudi.a Chiloiro Come da nuova regolamentazione della Commissione

DICHIARAZIONE Relatore: Giudi.a Chiloiro Come da nuova regolamentazione della Commissione

DICHIARAZIONE Relatore: Giudi.a Chiloiro Come da nuova regolamentazione della Commissione Nazionale per la Formazione Con:nua del Ministero della Salute, richiesta la trasparenza delle fon: di finanziamento e dei rappor: con soggeB portatori

1.12k views • 48 slides
EARLY A ACCE CCESS T TO MEDICI CINES IN N EUROPE PE: HOW TO TO MAKE C E COMPASSIONATE E

EARLY A ACCE CCESS T TO MEDICI CINES IN N EUROPE PE: HOW TO TO MAKE C E COMPASSIONATE E

EARLY A ACCE CCESS T TO MEDICI CINES IN N EUROPE PE: HOW TO TO MAKE C E COMPASSIONATE E USE E BECOME ME A REALI LITY F Y FOR R ALL I L IN N NEED ED Joint M Meeting o g of t the P Patients And C Consumers W Worki king

255 views • 24 slides
La nuova classifi ficazione WHO delle Sindromi mi Mielo Mielodisplas8c displas8che he Gina

La nuova classifi ficazione WHO delle Sindromi mi Mielo Mielodisplas8c displas8che he Gina

La nuova classifi ficazione WHO delle Sindromi mi Mielo Mielodisplas8c displas8che he Gina Zini, MD. PhD. Hematology Prof. FPG - Universit Ca>olica, Roma Learning Learning obje jec8ves 2016 WHO Updated Classification of

409 views • 20 slides
Perverse Sheaves on Semi-abelian Varieties: Structure and Applications Laurentiu Maxim (joint

Perverse Sheaves on Semi-abelian Varieties: Structure and Applications Laurentiu Maxim (joint

Perverse Sheaves on Semi-abelian Varieties: Structure and Applications Laurentiu Maxim (joint work with Yongqiang Liu and Botong Wang) University of Wisconsin-Madison Laurentiu Maxim Cohomology jump loci Let X be a smooth connected complex

990 views • 65 slides
More on the product formula Ehud Hrushovski Model Theory in Bedlewo July 2017 Globally Valued

More on the product formula Ehud Hrushovski Model Theory in Bedlewo July 2017 Globally Valued

More on the product formula Ehud Hrushovski Model Theory in Bedlewo July 2017 Globally Valued Fields project, with I. B-Y. mistakes: E.H. 1 1 The fundamental theorem of arithmetic: | n | = p p v p ( n ) relates the real norm | x | ,

587 views • 32 slides
cl the Boolean algebra of languages regular expressions Informatics 1 School of

cl the Boolean algebra of languages regular expressions Informatics 1 School of

https://app-ca.tophat.com/e/835603 NFA and regex cl the Boolean algebra of languages regular expressions Informatics 1 School of Informatics, University of Edinburgh 1 KISS DFA D eterministic F inite A utomaton Exactly one start

849 views • 35 slides
Relational Schema Design Goal of relational schema design is to avoid anomalies and redundancy

Relational Schema Design Goal of relational schema design is to avoid anomalies and redundancy

Relational Schema Design Goal of relational schema design is to avoid anomalies and redundancy Update anomaly: one occurrence of a fact is changed, but not all occurrences Deletion anomaly: valid fact is lost when a tuple is deleted

1.18k views • 101 slides
THE Me 262 AND LOST OPPORTUNITIES IN THE AIR SUPERIORITY CONTEST Professor Philip Sabin

THE Me 262 AND LOST OPPORTUNITIES IN THE AIR SUPERIORITY CONTEST Professor Philip Sabin

THE Me 262 AND LOST OPPORTUNITIES IN THE AIR SUPERIORITY CONTEST Professor Philip Sabin Kings College London LOST OPPORTUNITIES We need quality of performance, if only to restore in our own force the sense of superiority, even if

640 views • 24 slides
Bayh-Dole act and the Public Paid for the Invention: Who Owns It? T HE U NIVERSITY R&D M

Bayh-Dole act and the Public Paid for the Invention: Who Owns It? T HE U NIVERSITY R&D M

Bayh-Dole act and the Public Paid for the Invention: Who Owns It? T HE U NIVERSITY R&D M ICROCOSMS 30 Y EARS AFTER BD BD in 1970s as re-conceptualization of public research as response to the rise of Japan BD acts in US, while more

288 views • 14 slides
Science and Inventions Science and Inventions Dr V Premnath Head, NCL Innovations Head,

Science and Inventions Science and Inventions Dr V Premnath Head, NCL Innovations Head,

Science and Inventions Science and Inventions Dr V Premnath Head, NCL Innovations Head, Intellectual Property Group Scientist, Polymer Science & Engineering NATIONAL CHEMICAL LABORATORY, Pune v.premnath(at)ncl.res.in NCL Academy > Popular

465 views • 33 slides
Following the Leader LESSON 9 Your Response to the Lesson What was most interesting in the Bible

Following the Leader LESSON 9 Your Response to the Lesson What was most interesting in the Bible

Following the Leader LESSON 9 Your Response to the Lesson What was most interesting in the Bible story? What activity was most enjoyable? What new things did you learn? Activity A Imitating the Leader How easily do you follow when others

363 views • 24 slides

More recommend