よむ、つかう、まなぶ。
医療機関等におけるサイバーセキュリティ対策の強化について(注意喚起)(令和4年11月10日) (68 ページ)
出典
| 公開元URL | https://www.mhlw.go.jp/stf/seisakunitsuite/bunya/kenkou_iryou/iryou/johoka/cyber-security.html |
| 出典情報 | 医療機関等におけるサイバーセキュリティ対策の強化について(注意喚起)(11/10付 事務連絡)《厚生労働省》 |
ページ画像
ダウンロードした画像を利用する際は「出典情報」を明記してください。
低解像度画像をダウンロード
プレーンテキスト
資料テキストはコンピュータによる自動処理で生成されており、完全に資料と一致しない場合があります。
テキストをコピーしてご利用いただく際は資料と付け合わせてご確認ください。
IMDRF/CYBER WG/N60FINAL:2020
●
サポート終了:
a.
医療業務の継続に影響を与えることなく医療機器の使用を終了できない場合、
当該医療機器のセキュリティを管理する責任及びセキュリティ EOS 日以降も使
用を継続することによって発生し得るリスクを引き受ける。
7.0 参考文献
7.1
IMDRF 文書
1. Software as a Medical Device: Possible Framework for Risk Categorization and
Corresponding Considerations IMDRF/SaMD WG/N12:2014 (September 2014)
2. Essential Principles of Safety and Performance of Medical Devices and IVD Medical
Devices IMDRF/GRRP WG/N47 FINAL:2018 (November 2018)
7.2
規格
3. AAMI TIR57:2016 Principles for medical device security—Risk management
4. AAMI TIR 97:2019, Principles for medical device security—Postmarket risk management
for device manufacturers
5. IEC 60601-1:2005+AMD1:2012, Medical electrical equipment - Part 1: General
requirements for basic safety and essential performance
6. IEC 62304:2006/AMD 1:2015, Medical device software – Software life cycle processes
7. IEC 62366-1:2015, Medical devices - Part 1: Application of usability engineering to medical
devices
8. IEC 80001-1:2010, Application of risk management for IT-networks incorporating medical
devices - Part 1: Roles, responsibilities and activities
9. IEC TR 80001-2-2:2012, Application of risk management for IT-networks incorporating
medical devices - Part 2-2: Guidance for the disclosure and communication of medical
device security needs, risks and controls
10. IEC TR 80001-2-8:2016, Application of risk management for IT-networks incorporating
medical devices – Part 2-8: Application guidance – Guidance on standards for establishing
the security capabilities identified in IEC 80001-2-2
11. ISO 13485:2016, Medical devices – Quality management systems – Requirements for
regulatory purposes
12. ISO 14971:2019, Medical devices – Application of risk management to medical devices
2020/3/18
Page 43 of 51
45/53 ページ
●
サポート終了:
a.
医療業務の継続に影響を与えることなく医療機器の使用を終了できない場合、
当該医療機器のセキュリティを管理する責任及びセキュリティ EOS 日以降も使
用を継続することによって発生し得るリスクを引き受ける。
7.0 参考文献
7.1
IMDRF 文書
1. Software as a Medical Device: Possible Framework for Risk Categorization and
Corresponding Considerations IMDRF/SaMD WG/N12:2014 (September 2014)
2. Essential Principles of Safety and Performance of Medical Devices and IVD Medical
Devices IMDRF/GRRP WG/N47 FINAL:2018 (November 2018)
7.2
規格
3. AAMI TIR57:2016 Principles for medical device security—Risk management
4. AAMI TIR 97:2019, Principles for medical device security—Postmarket risk management
for device manufacturers
5. IEC 60601-1:2005+AMD1:2012, Medical electrical equipment - Part 1: General
requirements for basic safety and essential performance
6. IEC 62304:2006/AMD 1:2015, Medical device software – Software life cycle processes
7. IEC 62366-1:2015, Medical devices - Part 1: Application of usability engineering to medical
devices
8. IEC 80001-1:2010, Application of risk management for IT-networks incorporating medical
devices - Part 1: Roles, responsibilities and activities
9. IEC TR 80001-2-2:2012, Application of risk management for IT-networks incorporating
medical devices - Part 2-2: Guidance for the disclosure and communication of medical
device security needs, risks and controls
10. IEC TR 80001-2-8:2016, Application of risk management for IT-networks incorporating
medical devices – Part 2-8: Application guidance – Guidance on standards for establishing
the security capabilities identified in IEC 80001-2-2
11. ISO 13485:2016, Medical devices – Quality management systems – Requirements for
regulatory purposes
12. ISO 14971:2019, Medical devices – Application of risk management to medical devices
2020/3/18
Page 43 of 51
45/53 ページ