{"id":198265,"date":"2024-10-19T12:37:17","date_gmt":"2024-10-19T12:37:17","guid":{"rendered":"https:\/\/pdfstandards.shop\/product\/uncategorized\/aami-tir80001-2-2-2012\/"},"modified":"2024-10-25T05:10:26","modified_gmt":"2024-10-25T05:10:26","slug":"aami-tir80001-2-2-2012","status":"publish","type":"product","link":"https:\/\/pdfstandards.shop\/product\/publishers\/aami\/aami-tir80001-2-2-2012\/","title":{"rendered":"AAMI TIR80001 2 2 2012"},"content":{"rendered":"

Step-by-step guide to help in the application of risk management when creating or changing a medical IT-network.<\/p>\n

PDF Catalog<\/h4>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
PDF Pages<\/th>\nPDF Title<\/th>\n<\/tr>\n
1<\/td>\nANSI\/AAMI\/IEC TIR80001-2-2:2012, Application of risk management for IT-networks incorporating medical devices\u2014 Part 2-2: Guidance for the disclosure and communication of medical device security needs, risks and controls <\/td>\n<\/tr>\n
3<\/td>\nTitle page
\n <\/td>\n<\/tr>\n
4<\/td>\nCopyright information
\n <\/td>\n<\/tr>\n
5<\/td>\nAAMI Technical Information Report
ANSI Technical Report <\/td>\n<\/tr>\n
6<\/td>\nContents <\/td>\n<\/tr>\n
8<\/td>\nGlossary of equivalent standards <\/td>\n<\/tr>\n
11<\/td>\nCommittee representation <\/td>\n<\/tr>\n
12<\/td>\nBackground of ANSI\/AAMI adoption of IEC\/TR 80001-2-2:2012 <\/td>\n<\/tr>\n
13<\/td>\nFOREWORD <\/td>\n<\/tr>\n
15<\/td>\nINTRODUCTION <\/td>\n<\/tr>\n
17<\/td>\n1 Scope <\/td>\n<\/tr>\n
18<\/td>\n2 Normative references
3 Terms and definitions <\/td>\n<\/tr>\n
22<\/td>\n4 Use of security capabilities
4.1 Structure of a security capability entry <\/td>\n<\/tr>\n
23<\/td>\n4.2 Guidance for use of security capabilities in the risk management process
4.3 Relationship of ISO 14971-based risk management to IT security risk management <\/td>\n<\/tr>\n
24<\/td>\n5 Security capabilities
5.1 Automatic logoff \u2013 ALOF <\/td>\n<\/tr>\n
25<\/td>\n5.2 Audit controls \u2013 AUDT
5.3 Authorization \u2013 AUTH <\/td>\n<\/tr>\n
27<\/td>\n5.4 Configuration of security features \u2013 CNFS
5.5 Cyber security product upgrades \u2013 CSUP
5.6 Health data de-identification \u2013 DIDT <\/td>\n<\/tr>\n
28<\/td>\n5.7 Data backup and disaster recovery \u2013 DTBK
5.8 Emergency access \u2013 EMRG <\/td>\n<\/tr>\n
29<\/td>\n5.9 Health data integrity and authenticity \u2013 IGAU
5.10 Malware detection\/protection \u2013 MLDP
5.11 Node authentication \u2013 NAUT <\/td>\n<\/tr>\n
30<\/td>\n5.12 Person authentication \u2013 PAUT <\/td>\n<\/tr>\n
31<\/td>\n5.13 Physical locks on device \u2013 PLOK
5.14 Third-party components in product lifecycle roadmaps \u2013 RDMP <\/td>\n<\/tr>\n
32<\/td>\n5.15 System and application hardening \u2013 SAHD
5.16 Security guides \u2013 SGUD <\/td>\n<\/tr>\n
33<\/td>\n5.17 Health data storage confidentiality \u2013 STCF
5.18 Transmission confidentiality \u2013 TXCF <\/td>\n<\/tr>\n
34<\/td>\n5.19 Transmission integrity \u2013 TXIG
6 Example of detailed specification under security capability: Person authentication \u2013 PAUT <\/td>\n<\/tr>\n
35<\/td>\n7 References <\/td>\n<\/tr>\n
37<\/td>\n8 Other resources
8.1 General
8.2 Manufacture disclosure statement for medical device security (MDS2)
8.3 Application security questionnaire (ASQ)
8.4 The Certification Commission for Healthcare Information Technology (CCHIT)
8.5 http:\/\/www.cchit.org\/get_certifiedHL7 Functional Electronic Health Record (EHR) <\/td>\n<\/tr>\n
38<\/td>\n8.6 Common criteria \u2013 ISO\/IEC 15408
9 Standards and frameworks <\/td>\n<\/tr>\n
39<\/td>\nAnnex A (informative) Sample scenario showing the exchange of security information
A.1 Introduction to the security characteristics scenario <\/td>\n<\/tr>\n
40<\/td>\nA.2 Manufacturer (MDM) Security Characteristics Report \u2013 \u201cThe Offering\u201d <\/td>\n<\/tr>\n
41<\/td>\nA. Brief Intended Purpose definition of the device FOOBAR 2.0
B. Detailed Specification of Security Capabilities <\/td>\n<\/tr>\n
49<\/td>\nA.3 HDO\u2019s reply to the MDM Security Characteristics Report \u2013 \u201cThe Response\u201d <\/td>\n<\/tr>\n
62<\/td>\nAnnex B (informative) Examples of regional specification on a few security capabilities <\/td>\n<\/tr>\n
66<\/td>\nAnnex C (informative) Security capability mapping to C-I-A-A <\/td>\n<\/tr>\n
67<\/td>\nBibliography <\/td>\n<\/tr>\n<\/table>\n","protected":false},"excerpt":{"rendered":"

AAMI\/IEC TIR80001-2-2:2012 – Application of risk management for IT-networks incorporating medical devices-Part 2-2: Guidance for the disclosure and communication of medical device security needs, risks and controls<\/b><\/p>\n\n\n\n\n
Published By<\/td>\nPublication Date<\/td>\nNumber of Pages<\/td>\n<\/tr>\n
AAMI<\/b><\/a><\/td>\n2012<\/td>\n68<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"featured_media":198269,"template":"","meta":{"rank_math_lock_modified_date":false,"ep_exclude_from_search":false},"product_cat":[2654],"product_tag":[],"class_list":{"0":"post-198265","1":"product","2":"type-product","3":"status-publish","4":"has-post-thumbnail","6":"product_cat-aami","8":"first","9":"instock","10":"sold-individually","11":"shipping-taxable","12":"purchasable","13":"product-type-simple"},"_links":{"self":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product\/198265","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product"}],"about":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/types\/product"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/media\/198269"}],"wp:attachment":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/media?parent=198265"}],"wp:term":[{"taxonomy":"product_cat","embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product_cat?post=198265"},{"taxonomy":"product_tag","embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product_tag?post=198265"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}