11 Questions about IEC 80001-1

The world of networked medical devices is changing. Historically, healthcare facilities have placed medical devices (e.g., physiologic monitoring systems) on their own stand-alone, vendor-supplied network(s). This was done for reasons such as addressing regulatory concerns and ensuring the availability, integrity, and confidentiality of medical data.

But while some stand-alone networks may still be appropriate in certain situations, healthcare facilities are more frequently placing medical devices on the general hospital IT network. The advantage of this trend is that an ever-increasing amount of medical data can be delivered to electronic medical records and exchanged between different information systems that reside on the hospital network. Examples include the above-mentioned physiologic monitoring systems, closed-loop medication management systems, and medical alarm-notification systems that communicate to clinician-worn pagers or cell phones.

However, as medical devices are added to the hospital network, performance issues, as well as cybersecurity risks, become much more challenging. A medical device manufacturer can comfortably predict the performance of its stand-alone network and the devices running on it. But performance may change once a device is placed on a hospital's IT network, making such predictions impractical. Consequently, the healthcare facility and the medical device supplier share the...