safety, installation and commissioning
file: n:\article\cos14310m5-v1_07hpc-en\20130207_cos14310m5-v1.07hpc-en_h-p-cosmos_treadmill_manual.doc
© 2013 h/p/cosmos sports & medical gmbh author: fh [email protected] created 07.02.2013 printed 04.03.2013 page: 103 of 197
Appendix A of DIN EN 14971 includes questions to identify characteristics of a medical device that may have security
implications. The application of this annex to the causes and risks of networks and data networks should at least, according
to DIN EN 60601-1, include the following considerations or risk and potential causes respectively:
N
telemedicine and tele-service with external access to internal network or data network of an operator (hospital
or other)
N
remote service of modalities manufacturers
N
compatibility of operating systems
N
changes and upgrades of the software (operating system, applications, etc.)
N
impact and consequences of patch management
N
interface management (e.g. intolerance of 10 MB network cards with a 100 MB Ethernet network or other)
N
connections (modification of hardware, network connector)
N
protocols such as DICOM, HL7 in the network or data network
N
packet address structure and bandwidth
N
heterogeneous network topology
N
normal network traffic and bandwidth requirements
N
peak network load
N
security and long-term readability of data carriers
N
security against destructive software, unauthorized software updates or upgrades
N
maximum acceptable response time
N
acceptable error rate of the network or data network
N
availability during planned and unplanned maintenance
N
inconsistency of interfaces and formats, which can lead to loss of accuracy during data transfer
N
etc.
Annex D of the DIN EN 14971 describes examples of risks and other factors related to the ME device and network or
data network:
N
What predictable abuse can occur?
N
Is the connection to the network or data network carried out in accordance with the intended use or purpose
according to § 3 para 10 of the Medical Devices Act?
N
Could a false data flow occur from or to any connected PEMS?
N
What should the medical data transferred through the network or data network achieve or what should be done
with this data? What happens if the network or data network collapses during data transmission?
N
Can there be any deviations from specified operating characteristics of each participating PEMS?
N
What qualities and operating characteristics does a PEMS have and how and in what form may it be
influenced by the network or data network?
N
Does a complete description of the parameters of the network or data network exist, such as network topology,
configuration, parameters, bandwidth (100 MB Ethernet, 1GB Ethernet, etc.), etc.?
N
Can an overloading of the network or data connections within the network node occur?
N
Is the network designed to ensure load? Does the number of planned network nodes suffice or is there
redundancy? Is there a structured network cabling?
N
Can use errors occur and if so, which? What training, and capabilities, does the operator need to manage and
administer the network properly?
N
How do the configuration and patch management of the network and connected PEMS occur? Does regular
servicing change the characteristics and properties of the network or data network such as remote service?
What influence do remote service, patch management, etc. have on the connected PEMS such arrangements,
etc.? Does the system administrator takes care of the authorization or approval of patches on the operating
system level, virus protection, etc., and does he examine the effects on PEMS and network?
N
Do the medical data arrive at the right place at the right destination in their complete form? May there be
unforeseen changes, the user acknowledges in time?
N
Is there a readily available documentation for all hard- and software components with all updates?