本文档重点介绍医疗保健信息系统的远程维护服务（RMS） 医疗设备和健康信息系统供应商提供的设施（HCF）。 本文件规定了保护远程维护活动所需的风险评估，包括: 考虑到医疗领域的特殊性，如患者安全、法规 以及隐私保护。 本文件提供了风险分析的实例，以保护HCF和RMS提供商 以安全高效（即经济）的方式提供信息资产。这些资产主要是 信息系统本身以及信息系统中保存的个人健康数据。 交叉引用:ISO/IEC 21547:2010ISO/IEC 21827:2008ISO/IEC 27001ISO/IEC 27002ISO/TS 13131:2014ISO/TR 11633-2ISO/IEC 31000:2018购买本文件时提供的所有当前修订版均包含在购买本文件中。

This document focuses on remote maintenance services (RMS) for information systems in healthcare facilities (HCFs) as provided by vendors of medical devices and health information systems. This document specifies the risk assessment necessary to protect remote maintenance activities, taking into consideration the special characteristics of the healthcare field such as patient safety, regulations and privacy protections. This document provides practical examples of risk analysis to protect both the HCF and RMS provider information assets in a safe and efficient (i.e. economical) manner. These assets are primarily the information system itself and personal health data held in the information system.Cross References:ISO/IEC 21547:2010ISO/IEC 21827:2008ISO/IEC 27001ISO/IEC 27002ISO/TS 13131:2014ISO/TR 11633-2ISO/IEC 31000:2018All current amendments available at time of purchase are included with the purchase of this document.