Modern Medical Information Systems very often comprise Medical Devices and governed by regulations which require stringent Risk Management activities to be implemented to minimize the occurrence of safety risks. Currently, the reference standard adopted by manufacturers for Risk Management is ISO 14971, which, however, was devised for traditional (mostly hardware) Medical Devices and does not either take into account the peculiarities of modern Medical Information Systems, or define a formal methodology to conduct Risk Assessment. Moreover, the approaches currently implemented by manufacturers typically aims at obtaining qualitative Risk Assessment results. Within the so-delineated application scenario, this paper proposes a methodology for the Dynamic Probabilistic Risk Assessment of Medical Information Systems, by specifically looking at medical devices that are intended as one of the most relevant components in such systems. The methodology complies with ISO 14971 and improves current practices because it allows the analyst to conduct a quantitative analysis, also taking into account the temporal dimension. It relies on a Probabilistic Risk Model, defined as a set of Markov Models, which is model-checked to obtain quantitative information about the risks. The proposed methodology is also adopted to improve definitively the Medical Device post-market surveillance, which is currently implemented as a "wait for an incident" activity.

An Innovative Risk Assessment Methodology for Medical Information Systems

Cuzzocrea A.
2022-01-01

Abstract

Modern Medical Information Systems very often comprise Medical Devices and governed by regulations which require stringent Risk Management activities to be implemented to minimize the occurrence of safety risks. Currently, the reference standard adopted by manufacturers for Risk Management is ISO 14971, which, however, was devised for traditional (mostly hardware) Medical Devices and does not either take into account the peculiarities of modern Medical Information Systems, or define a formal methodology to conduct Risk Assessment. Moreover, the approaches currently implemented by manufacturers typically aims at obtaining qualitative Risk Assessment results. Within the so-delineated application scenario, this paper proposes a methodology for the Dynamic Probabilistic Risk Assessment of Medical Information Systems, by specifically looking at medical devices that are intended as one of the most relevant components in such systems. The methodology complies with ISO 14971 and improves current practices because it allows the analyst to conduct a quantitative analysis, also taking into account the temporal dimension. It relies on a Probabilistic Risk Model, defined as a set of Markov Models, which is model-checked to obtain quantitative information about the risks. The proposed methodology is also adopted to improve definitively the Medical Device post-market surveillance, which is currently implemented as a "wait for an incident" activity.
2022
Analytical models
Dynamic Probabilistic Risk Assessment
Markov Decision Processes
Medical Device
Medical information systems
Probabilistic logic
Probabilistic Model Checking
Risk management
Safety
Software
Standards
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.11770/312335
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 38
  • ???jsp.display-item.citation.isi??? 33
social impact