Clinical Risk Management: Telehealth / Mobile Health Solutions - Implementation Guidance
|
|
- Marion Beasley
- 7 years ago
- Views:
Transcription
1 Document filename: Clinical Risk Management Telehealth_Mobile Health Solutions - Implementation Guidance v1.0 Directorate / Programme Solution Design Standards and Assurance Project Clinical Safety Document Reference NPFIT-FNT-TO-TOCLNSA Director Rob Shaw Status Approved Owner Stuart Harrison Version 1.0 Author Lorraine Olowosuko Version issue date Clinical Risk Management: Telehealth / Mobile Health Solutions - Implementation Guidance
2 Document Management Revision History Version Date Summary of Changes Revised to take into account comments from Safety Engineers Revised to take into account comments from HSCIC Clinical Safety Officers and external Health IT Manufacturer First issue Reviewers This document must be reviewed by the following people: Reviewer name Title / Responsibility Date Version HSCIC Safety Engineers HSCIC Clinical Safety Officers Dr Alex Yeates Medical Director Advanced Health and Care Approved by This document must be approved by the following people: Name Title Date Version Rob Shaw Programme Director Maureen Baker CBE Clinical Director for Patient Safety Stuart Harrison Lead Safety Engineer Related Documents These documents provide additional information and are specifically referenced within this document. Ref Doc Reference Number Title Version 1. ISB 0160 Amd 38/2012 Clinical Risk Management: its Application in the Deployment and Use of Health IT Systems - Specification 2. ISB 0129 Amd 39/2012 Clinical Risk Management: its Application in the Manufacture of Health IT Systems - Specification 3. NPFIT-FNT-TO-TOCLNSA-1293 Clinical Risk Management: its Application in the Deployment and Use of Health IT Systems Implementation Guidance Page 2 of 21
3 Ref Doc Reference Number Title Version 4. NPFIT-FNT-TO-TOCLNSA-1300 Clinical Risk Management: its Application in the Manufacture of Health IT Systems Implementation Guidance 5. ISO 14971:2007 Medical Devices -- Application of Risk Management to Medical Devices Glossary of Terms Term Clinical risk Clinical risk analysis Clinical risk control Clinical risk management Clinical Risk Management Plan Clinical safety Consequence Harm Hazard Hazard Log Health IT System Health Organisation Lifecycle Manufacturer What it stands for Combination of the likelihood of occurrence of harm to a patient and the severity of that harm. Systematic use of available information to identify and estimate a risk. Process in which decisions are made and measures implemented by which clinical risks are reduced to, or maintained within, specified levels. Systematic application of management policies, procedures and practices to the tasks of analysing, evaluating and controlling clinical risk. A plan which documents how the Health Organisation will conduct clinical risk management of a Health IT System. Freedom from unacceptable clinical risk to patients. Degree of severity of harm to a patient. Death, physical injury, psychological trauma and/or damage to the health or wellbeing of a patient. Potential source of harm to a patient. A mechanism for recording and communicating the on-going identification and resolution of hazards associated with a Health IT System evaluation. Product used to provide electronic information for health or social care purposes. The product may be hardware, software or a combination. Organisation within which a Health IT System is deployed or used for a healthcare purpose. All phases in the life of a Health IT System, from the initial conception to final decommissioning and disposal. Person or organisation with responsibility for the design, manufacture, packaging or labelling of a Health IT System, assembling a system, or adapting a Health IT System before it is placed on the market and/or put into service, regardless of whether these operations are carried out by that person or on that person's behalf by a third party. Page 3 of 21
4 Term Medical Device Mobile Health Mobile working Patient Procedure Process Telehealth Top Management What it stands for Any instrument, apparatus, appliance, software, material or other article, whether used alone or in combination, including the software intended by its manufacturer to be used specifically for diagnostic and/or therapeutic purposes and necessary for its proper application, intended by the manufacturer to be used for human beings for the purpose of: diagnosis, prevention, monitoring, treatment or alleviation of disease, diagnosis, monitoring, treatment, alleviation of or compensation for an injury or handicap, investigation, replacement or modification of the anatomy or of a physiological process, control of conception, and which does not achieve its principal intended action in or on the human body by pharmacological, immunological or metabolic means, but which may be assisted by such means. (Article 1, clause 2(a), The use of emerging mobile communications and network technologies for healthcare. (Istepanian et al 2005) The ability to work anywhere, irrespective of place and time, enabling staff to access and update information and communicate on the go. ( A person who is the recipient of healthcare. Specified way to carry out an activity or a process. Set of interrelated or interacting activities which transform inputs into outputs. The use of telecommunications and information technologies to provide access to health information and services across a geographical distance, including (but not limited to) consultation, assessment, intervention and health maintenance. (Glueckauf et al, 2002) Person or group of people who direct(s) and control(s) the Health Organisation and has overall accountability for a Health IT System. Document Control The controlled copy of this document is maintained in the HSCIC corporate network. Any copies of this document held outside of that area, in whatever format (e.g. paper, attachment), are considered to have passed out of control and should be checked for currency and validity. Page 4 of 21
5 Disclaimer The document principally provides details of some generic clinical safety hazards relating to the development and use of telehealth / mobile health solutions in normal and fault conditions, as well as their potential controls / mitigations. It is provided "as is", without any conditions, warranties or other terms of any kind. It supports the standards ISB0 129 (Clinical Risk Management: its Application in the Manufacture of Health IT Systems [Ref 2]) and ISB 0160 (Clinical Risk Management: its Application in the Deployment and Use of Health IT Systems [Ref 1]) and is a supplement to the more generic detailed Clinical Risk Management Implementation documents on demonstrating compliance to the standards. This document does not relate to telehealth / mobile health devices and solutions controlled by Medical Device Directives. It also does not apply to or attempt to add or deviate from ISO [Ref 5], which covers the requirements for a risk management system for medical devices. ISO [Ref 5] is widely used throughout the world for compliance with medical device manufacturing safety regulations which in most countries encompass software that is necessary for the proper application of a medical device or software that is an accessory to a medical device. The document is not intended to ascertain legally enforceable responsibilities or cite regulatory or statutory requirements for the development, implementation or use of telehealth / mobile health solutions in Health Organisations within the NHS. It may be subject to future additions, modifications or corrections without notice. As with any guidance document, it will evolve over time, largely based on contributions from the Health Organisations and Manufacturers. It only considers telehealth / mobile health solutions within the Health Organisations in England, and as such, international standards and guidelines on how to govern telehealth / mobile health solutions should be assessed and incorporated where applicable. All employees of the Health and Social Care Information Centre (HSCIC) disclaim all liability for the completeness of this guideline and disclaim all warranties of any kind, express or implied, including any warranty of fitness for a particular purpose. In no event will HSCIC and its employees be responsible for any loss or damage arising out of or resulting from any defect, error or omission in this document or from anyone s use or reliance on this document. Page 5 of 21
6 Contents 1 Introduction Background Audience Scope Assumptions 9 2 Generic Clinical Safety Hazards HAZ01 - Clinical information missing from display HAZ02 - Misleading or confusing presentation of clinical information HAZ03 - Loss and/or corruption of clinical Information subsequent to synchronisation HAZ04 - Loss of clinical information subsequent to interruption during use of telehealth / mobile health solution HAZ05 - Access to information on device unavailable HAZ06 - Inappropriate or erroneous access to clinical information HAZ07 End user (patient) information incorrectly entered in telehealth / mobile health device HAZ08 - Infection or contamination HAZ09 - Electrical or Electromagnetic Interference 21 Page 6 of 21
7 1 Introduction 1.1 Background Telehealth in the context of this guidance is as defined by Glueckauf et al (2002) 1 as the use of telecommunications and information technologies to provide access to health information and services across a geographical distance, including (but not limited to) consultation, assessment, intervention and health maintenance. Mobile Health is an aspect emerging within the telehealth field. Istepanian et al (2005) 2 defined Mobile Health as the use of emerging mobile communications and network technologies for healthcare. Mobile Health solutions referred to in this guidance includes mobile health apps and mobile health technology based on this definition. Examples, though not extensive, could include: the use of mobile communication devices, such as mobile phones, tablet computers and PDAs to view a patient s electronic health record the use of these devices to enter patients information offsite to be later synchronised with Health IT Systems onsite in the Health Organisation (from here on referred to as parent system) SMS medication reminders patients entering or accessing information from telehealth / mobile health devices solutions on devices used for mobile working. One of the clinical risk management processes as highlighted in Figure 1 of section 2.1 of ISB 0160 [Ref 1] and ISB 0129 [Ref 2] is Clinical Hazard Identification. Based on this and elaborated in Requirement of both ISB 0160 [Ref 1] and ISB 0129 [Ref 2], this document principally provides details of some generic clinical safety hazards relating to telehealth / mobile health solutions in both normal and fault conditions. Details of potential controls or mitigations for these hazards are also provided as guidance. This aims to assist Manufacturers and Health Organisations comply with Requirement of the safety standards. 1 Glueckauf, R. L., S. P. Fritz, E. P. Ecklund-Johnson, H. J. Liss, P. Dages and P. Carney Videoconferencing-based Family Counseling for Rural Teenagers with Epilepsy: Phase 1 Findings. Rehabilitation Psychology. 47(1), pp Istepanian, R., S. Laxminarayan and C. S. Pattichis M-Health: Emerging Mobile Health Systems. (eds) Springer: New Jersey. Page 7 of 21
8 Both the ISB 0160 and ISB 0129 Implementation Guidance documents [Ref 3 and Ref 4] provide Health Organisations and Manufacturers respectively, informative guidance to support the interpretation of the specific requirements established in the standards. Manufacturers should ensure that they adhere to ISB 0129 in the development of their telehealth / mobile health solution and Health Organisations in which these solutions are to be used should also ensure that this is done. In adhering to ISB 0160, Top Management in the Health Organisation must ensure that the approved Clinical Risk Management Plan for the implementation of such telehealth / mobile health solutions highlights clinical risk control measures that would be in place. The Manufacturer should undertake their own clinical risk assessment to identify any potential clinical hazards in developing the telehealth / mobile health solution and how those hazards would be controlled or mitigated. The Health Organisation need to review this and in addition to their own identified clinical hazards relating to the use of the solution, confirm the potential hazards that are specific to their organisation. They also need to ensure that appropriate mitigations are in place to manage the risks. 1.2 Audience The primary audience of this document are: Health Organisations implementing and using these solutions and seeking to demonstrate compliance to Requirement of ISB 0160 [Ref 1] Manufacturers of telehealth / mobile health solutions seeking to demonstrate compliance to Requirement of ISB 0129 [Ref 2]. 1.3 Scope In Scope: this document provides generic clinical hazards to inform Health Organisations implementing and using telehealth / mobile health solutions, as well as Manufacturers developing these solutions. it is intended as a supplement to the more generic detailed clinical risk management guidance on Manufacturers and Health Organisations demonstrating compliance to ISB 0129 and ISB 0160 respectively. telehealth / mobile health solutions referred to in this document covers mobile health apps on all mobile platforms provided by all mobile service providers, all mobile health technology and all telehealth solutions that are medical devices or accessories to medical devices. throughout this document the term clinical is used to make clear that the scope is limited to matters of risks to patient safety as distinct from other types of risk, such as financial end users referred to in this guidance could include patients as well as healthcare professionals. Page 8 of 21
9 Out of scope: this guidance does not apply to telehealth / mobile health solutions, including mobile health apps that are medical devices, accessories to medical devices or clinical decision support systems. 1.4 Assumptions The following assumptions have been identified that apply to Manufacturers and Health Organisations developing and implementing telehealth / mobile health solutions: sufficient resource from stakeholders involved in development activities, meetings, document reviews, will be made available in agreed timeframes. These assumptions are specific to the Health Organisations: Top management has approved the Health Organisation s readiness for the implementation of telehealth / mobile solutions patients have been fully informed as to the purpose and processes involved in the use of the telehealth / mobile health devices, as well as the normal care alternatives the parent system used in the Health Organisation is sufficiently mature in service. This would avoid issues with end user confidence and use of the end to end solution. Page 9 of 21
10 2 Generic Clinical Safety Hazards This section provides a list of generic clinical safety hazards associated with the development and implementation of telehealth / mobile health solutions under both normal and fault conditions. It is important to note that the hazards detailed below were derived from an overall telehealth / mobile health device clinical risk analysis (in the context of this guidance) and are NOT definitive to any one system or device. Many techniques exist for hazard identification and an appropriate technique will need to be chosen depending on the telehealth / mobile health solution and the available expertise. Appendix B of both Implementation Guidance for Health Organisations [Ref 3] and for Manufacturers [Ref 4] provides examples of different hazard identification techniques. The techniques described in the Implementation Guidance and used in identifying the generic hazards detailed in this document were: Functional Failure Analysis (FFA) - takes a functional view of the system and for each function considers what the potential safety consequences may be if the function is not available when it is required is available but performs an unintended action and is provided when not required, i.e. function performs as intended but not at the correct time or out of sequence Hazard Identification (HAZID) - that focuses on the characteristics of information flow within a system and Structured What-IF Technique (SWIFT) - that uses pertinent questions to explore the consequences of unintentional actions. It can include functions, information and users. Based on the telehealth / mobile solutions in the context of this guidance, these techniques were the preferred options. Some factors such as flow of information from telehealth / mobile health devices to parent systems, how the devices were used, users actions on the devices, were considered. There are no clinical risks assessments specified for the hazards as it is expected that Manufacturers and Health Organisations work collaboratively to complete this based on the outcomes of a hazard assessment workshop (more guidance on hazards identification and hazard assessment workshop can be found in Section 4.3 of both the Implementation Guidance for Health Organisations [Ref 3] and for Manufacturers [Ref 4]). It is therefore a generic list that can be used as a starting point and needs to be individually assessed in relation to the overall product or release. It is not a definitive list and is in no way exhaustive. Each hazard is presented with a unique identifier HAZ number, for example HAZ01, however, this is not definitive, as Manufacturers and Health Organisations may employ unique hazard identifiers specific to their own clinical risk management system process. Page 10 of 21
11 2.1 HAZ01 - Clinical information missing from display Hazard Description Small handheld (e.g. PDA, mobile phones) devices tend to have smaller screen displays and therefore reduced screen real estate could prevent information from being displayed in its entirety Potential Clinical Impact There is a potential for any Healthcare Professional (HCP) acting on incomplete information presented by the solution, to administer inappropriate care, which could result in patient harm and Screen real estate is not optimised The telehealth / mobile health solution is designed specifically for use on an approved handheld device with particular versions of the firmware and operating system. Optimise screen resolution and display settings on telehealth / mobile health device. Incorrect wrapping of text If all the information cannot be displayed in its entirety on a small screen, a vertical scroll bar could be used on the screen; the vertical scroll bar serving as an alert to the end user that more information is available. Information may be only presented in a particular orientation e.g. landscape mode, with end users not able to change the setting. Truncation of information If all the information cannot be displayed in its entirety on a small screen, a vertical scroll bar could only be used on the screen; the vertical scroll bar serving as an alert to the end user that more information is available. Telehealth / mobile health solution used on device does not meet screen resolution requirements Telehealth / mobile health solution s user interface not fit for purpose Information may be only presented in a particular orientation e.g. landscape mode, with end users not able to change the setting. Telehealth / mobile health solution designed to allow access to only one patient record at a time. Validation of design. Extensive test assurance to confirm the minimum screen resolution and size combination to display information. Ongoing user acceptance testing throughout the design and development process. Extensive test assurance of the solution on real Telehealth / mobile health devices or Telehealth / mobile health device emulators. Page 11 of 21
12 Placing the device to a particular orientation e.g. portrait, could incorrectly change display of information and possibly cause loss of data Information may be only presented in a particular orientation e.g. landscape mode, with end users not able to change the setting. Manufacturers to provide intensive end user training on modes of navigation. 2.2 HAZ02 - Misleading or confusing presentation of clinical information Hazard Description Telehealth / Mobile health device displays the clinical information in a misleading and confusing way to the end user Potential Clinical Impact The ability to provide data or records pertinent to the care of any patient is critical in terms of accuracy and timing. Misleading or confusing clinical information may contribute to a delay in treatment of the patient or no patient care given. Potential to incorrectly diagnose or treat a patient as a result of having misleading or confusing clinical information and Inappropriate user interface layout and design Telehealth / Mobile health solution s functionality unclear and inconsistent Placing the device to a particular orientation e.g. portrait mode, could incorrectly change display of information Adherence to relevant user interface standards on the presentation of data e.g. Common User Interface standards 3. Clear and consistent solution response to device functionality e.g. scrolling, text selection, back button. Information may be only presented in a particular orientation e.g. landscape mode, with end users not able to change the setting. Use of simple navigation structures. Manufacturers to provide intensive end user training on modes of navigation. 3 Page 12 of 21
13 Poor user interaction or flow of telehealth / mobile health solution Patient banner on clinical record not displayed on every screen Font / Text colour not suitable for telehealth / mobile health device Font / Text colour not suitable telehealth / mobile health solution s background colour and / or theme Usability testing to address issues such as intuitiveness, consistency, user-friendliness of solution, clarity of user interface, ease of use, navigation, incorporated in solution development lifecycle. Clear alerts and feedback to end users on the progress of task completion in solution. Validation of design. Extensive test assurance to ensure patient banner is visible on the screen at all times and on every screen, when viewing a clinical record. Ongoing user acceptance testing throughout the design and development process. Appropriate font / text colour used in telehealth / mobile health solution. Extensive test assurance of the solution on real telehealth / mobile health devices or telehealth / mobile health device emulators. Ongoing user acceptance testing throughout the design and development process. Appropriate font / text colour used in telehealth / mobile health solution. Extensive test assurance of the solution on real Telehealth / mobile health devices or Telehealth / mobile health device emulators. 2.3 HAZ03 - Loss and/or corruption of clinical Information subsequent to synchronisation Hazard Description Failure or issues with the synchronisation of data (device to device or integrating with a parent system) either real time or as a download, resulting in the loss and/or corruption of clinical information Potential Clinical Impact The ability to provide data or records pertinent to the care of any patient is critical in terms of accuracy and timing. Denied access to clinical information may contribute to a delay in treatment of the patient. Potential to incorrectly diagnose or treat a patient as a result of not having clinical information available. Page 13 of 21
14 2.3.3 and Information is not sent through correctly either to the right device or is corrupted during transmission, or there is partial transmission only No lock out function when one or more users attempt to update the same patient record End user hibernates telehealth / mobile health device while transmitting or receiving data End user turns on screen lock while transmitting or receiving data Architecture design of transmission protocol minimises corruption and loss of messages. Extensive testing and assurance of transmission protocols. Contingency procedures in place to manually transfer data from telehealth / mobile health device to parent system. The system or service to provide the facility to view an audit trail of all interactions on the device and / or record to ensure data quality is maintained. Appropriate alerts in place, to inform end users record is being used elsewhere. Extensive test assurance on any patient record locking functionality. The system or service to provide the facility to view an audit trail of all interactions on the device and / or record to ensure data quality is maintained. Date and time of last synchronisation presented on information. Configure session persistence in solution to maintain the solution state information during usage. The system or service to provide the facility to view an audit trail of all interactions on the device and / or record to ensure data quality is maintained. Date and time of last synchronisation presented on information. Date and time of last synchronisation presented on information. Configure session persistence in solution to maintain the solution state information during usage. The system or service to provide the facility to view an audit trail of all interactions on the device and / or record to ensure data quality is maintained. Page 14 of 21
15 Data corruption Contingency procedures in place to manually transfer data from telehealth / mobile health device to parent system. Training of end users to check validity of information using live like patient data or scenarios. Telehealth / mobile health solution conformity to NHS data and technical standards for interoperability such as: o Open Standards Interconnection (OSI) model to level 6 and 7 (ISO/IEC :1994) 4 o EDIFACT 5 o HL7 6 o e-government Interoperability Framework (e-gif) 7. o NHS Data Dictionary 8 o NHS Reference Information Model (RIM) 9. Telehealth / mobile health device lost or stolen Hardware or software failure of parent system Appropriate procedures in place to disable telehealth / mobile health device when reported as lost or stolen. Password protection on all devices strong passwords enforced. Encryption of data on telehealth / mobile health devices. Contingency procedures in place to manually transfer data from telehealth / mobile health device to parent system when issues with parent system is resolved. The system or service to provide the facility to view an audit trail of all interactions on the device and / or record to ensure data quality is maintained e.g. last modified date and time, last accessed date and time and by whom, is available. Issues regarding parent system fixed and automatic synchronisation in place. Alerts in place on both parent system and telehealth / mobile health solution if there is more up-to-date information recorded on a patient on either systems government_interoperability_framework_version_61.aspx Page 15 of 21
16 2.4 HAZ04 - Loss of clinical information subsequent to interruption during use of telehealth / mobile health solution Hazard Description Loss of clinical information when telehealth / mobile health solution does not restore to its previous state when interrupted during use Potential Clinical Impact HCP acting on incomplete clinical information may lead to inappropriate or no care being given, resulting in patient harm and Low memory Configure session persistence in solution to maintain the solution state information during usage. Extend memory of telehealth / mobile health device. Network disruptions Caching end users logon credentials for an agreed period during network disruptions which reduces the repeated need for end users to re-enter login details. Telehealth / mobile health solution interrupted by other actions such as phone call, text message, low battery alert, other device solution End user moves out of network coverage range Implement solution which offers network session persistence. This keeps the existing network session open at both ends of the connection while the connection itself is down. Alternative secure connection options when mobile data coverage is low e.g. the use of wifi. Configure session persistence in solution to maintain the solution state information during usage. Caching end users logon credentials for an agreed period during network disruptions which reduces the repeated need for end users to re-enter login details. Implement solution which offers network session persistence. This keeps the existing network session open at both ends of the connection while the connection itself is down. Configure session persistence in solution to maintain the solution state information during usage. Page 16 of 21
17 Low battery Extensive test assurance of the solution on real telehealth / mobile health devices using different battery states e.g. behaviour of solution during full, half or very low battery. End user accidently quits the telehealth / mobile health solution and restarts it End user hibernates device or turns on screen lock while entering, receiving or transmitting data Configure session persistence in solution to maintain the solution state information during usage. Telehealth / mobile health device should notify users when battery is low. Ongoing user acceptance testing by end users throughout the design and development process. Telehealth / mobile health solution auto saves information entered at regular intervals. Configure session persistence in solution to maintain the solution state information during usage. The system or service to provide the facility to view an audit trail of all interactions on the device and / or record to ensure data quality is maintained. Date and time of last synchronisation presented on information. 2.5 HAZ05 - Access to information on device unavailable Hazard Description HCP denied access to clinical data or the patient record Potential Clinical Impact The ability to provide data or records pertinent to the care of any patient is critical in terms of accuracy and timing. Denied access to clinical information may contribute to a delay in treatment of the patient. Potential to incorrectly diagnose or treat a patient as a result of not having clinical information available and Telehealth / mobile health device malfunction Contingency plans for service unavailability should be in place in the Health Organisation. Issues with the telehealth / mobile health device resolved. HCP given a replacement telehealth / mobile health device. Page 17 of 21
18 Telehealth / mobile health device power outage/supply issues Intermittent connectivity or connection to Telehealth / mobile health device or solution HCP could be in an area with poor mobile signal coverage and the device is unable to connect to the mobile data network HCP is unable to log on or access clinical information due to lack of knowledge Telehealth / mobile health device should notify users when battery is low. Training of end users in the recharging/replacing of device batteries. Policy in place for HCP to carry spare batteries and / or chargers. Alternative secure connection options when mobile data coverage is low e.g. the use of wifi. Alternative secure connection options when mobile data coverage is low e.g. the use of wifi. Intensive end user training on how to access clinical information on telehealth / mobile health device. End user forgotten log in details Disaster recovery plans in place if the telehealth / mobile health device is solely relied on. Policy in place for username and password recovery. 2.6 HAZ06 - Inappropriate or erroneous access to clinical information Hazard Description Clinical information in the telehealth / mobile device inappropriately accessed by an unauthorised user or another solution on the device Potential Clinical Impact Clinical information maliciously modified which could consequently affect patient care. Where device is the sole storage of mobile patient encounter, HCP would have to reacquire patient data and Stringent security protocols have NOT been applied to the telehealth / mobile health device End users should be aware and formally agree to the information security policy for mobile working. Extensive security test assurance on telehealth / mobile health solution. Page 18 of 21
19 Inadequate telehealth / mobile health device usage policies Deliberate unauthorised use or insufficient Information governance rules applied Telehealth / mobile health device lost or stolen results in the inappropriate access to the device Malicious actions to access the data whilst being sent to the telehealth/mobile health device Extensive security test assurance on telehealth / mobile health solution. End users should be aware and formally agree to the information security policy for mobile working. Only NHS and/or Health Organisation s approved telehealth / mobile health solutions allowed on device. Functionality in place to allow for remote data wiping or removal. Other physical device to be allowed to access the device or telehealth / mobile health solution (e.g. Smartcard). Encryption of data on telehealth / mobile devices. Professional duty of HCP to look after telehealth / mobile health device as well as clinical information before or during mobile patient encounter. Password protection on all devices strong passwords enforced. Encryption of data on telehealth / mobile devices. Appropriate procedures in place to disable telehealth / mobile health device when reported as lost or stolen. Functionality in place to allow for remote data wiping or removal. Encryption of data while being sent to telehealth / mobile device. Handshaking between receiving telehealth/mobile health devices and sending system in place to ensure that data is sent to the right device. 2.7 HAZ07 End user (patient) information incorrectly entered in telehealth / mobile health device Hazard Description To monitor their condition, end user (patient) incorrectly enters information about themselves in telehealth / mobile health device Potential Clinical Impact HCP acting on incorrect patient s clinical information may lead to inappropriate or no care being given, resulting in patient harm. Page 19 of 21
20 2.7.3 and Telehealth / mobile health device inappropriate for patient Patient does not know how to use the telehealth / mobile health device Ongoing user acceptance testing by end users (patients) throughout the design and development process. Appropriate device given to patient taking into account their varying medical conditions e.g. poor eye sight, colour blindness. Intensive end user (patient) training on how to use the telehealth / mobile health device to enter their information. Support available to end user (patient) in ensuring proper telehealth / mobile health device usage. Procedure to allow for patients feedback on their telehealth / mobile health device usage and review processes to act on feedback received, in place. End user (patient) error Alert available to HCP when information received from the telehealth / mobile health device is missing or incorrect. Intensive end user (patient) training on how to use the telehealth / mobile health device to enter their information. 2.8 HAZ08 - Infection or contamination Hazard Description The contamination of any device used in the treatment of patients in an environment where infection or similar can be transferred to subsequent patients Potential Clinical Impact The transmission of infection such as MRSA or Clostridium Dificile can lead to serious clinical consequences including death. Any object that comes into contact with patients either directly, or in this case indirectly, has the potential to harbour infectious organisms that could be transmitted between patients. Page 20 of 21
21 2.8.3 and This could happen if the device is used in multiple patient locations. Infection could be spread to patients causing further illness and patient harm. Health Organisation infection control policies / guidelines in place. Telehealth / mobile health devices should be suitable for the environment they are being used in. Adherence to any universal NHS guidelines on infection Anti-bacterial touch screens on telehealth / mobile health devices. 2.9 HAZ09 - Electrical or Electromagnetic Interference Hazard Description Devices may be susceptible to electrical or electromagnetic noise / interference in unsuitable environments, limiting its functionality Potential Clinical Impact Devices may not work as designed or intended if subject to adverse conditions and Device is not compliant with Electromagnetic Compatibility (EMC) directive 10. Device compliance with Electromagnetic Compatibility (EMC) directive. Devices should be fully compliant with the certification / standards required for operation in the environment intended. Health Organisation should have back up plans in place or business continuity options for other devices or solutions should this hazard occur. For example proven compliant alternative device suppliers. 10 Electromagnetic Compatibility (EMC) directive: Page 21 of 21
Clinical Risk Management: Agile Development Implementation Guidance
Document filename: Directorate / Programme Document Reference NPFIT-FNT-TO-TOCLNSA-1306.02 CRM Agile Development Implementation Guidance v1.0 Solution Design Standards and Assurance Project Clinical Risk
More informationClinical Risk Management: its Application in the Manufacture of Health IT Systems - Implementation Guidance
Document filename: ISB 0129 Implementation Guidance v2.1 Directorate Solution Design Standards and Assurance Project Clinical Safety Document Reference NPFIT-FNT-TO-TOCLNSA-1300.03 Director Rob Shaw Status
More informationINFORMATION TECHNOLOGY SECURITY STANDARDS
INFORMATION TECHNOLOGY SECURITY STANDARDS Version 2.0 December 2013 Table of Contents 1 OVERVIEW 3 2 SCOPE 4 3 STRUCTURE 5 4 ASSET MANAGEMENT 6 5 HUMAN RESOURCES SECURITY 7 6 PHYSICAL AND ENVIRONMENTAL
More informationImplementation of ANSI/AAMI/IEC 62304 Medical Device Software Lifecycle Processes.
Implementation of ANSI/AAMI/IEC 62304 Medical Device Software Lifecycle Processes.. www.pharmout.net Page 1 of 15 Version-02 1. Scope 1.1. Purpose This paper reviews the implementation of the ANSI/AAMI/IEC
More informationNational Decontamination Guidance on Loan Medical Devices (Reusable): Roles & Responsibilities GUID 5002
National Decontamination Guidance on Loan Medical Devices (Reusable): Roles & Responsibilities GUID 5002 July 2015 Contents Page 1.0 Executive summary... 3 2.0 Background... 4 3.0 Objective... 5 4.0 Scope...
More informationISO27001 Controls and Objectives
Introduction This reference document for the University of Birmingham lists the control objectives, specific controls and background information, as given in Annex A to ISO/IEC 27001:2005. As such, the
More informationOhio Supercomputer Center
Ohio Supercomputer Center IT Business Continuity Planning No: Effective: OSC-13 06/02/2009 Issued By: Kevin Wohlever Director of Supercomputer Operations Published By: Ohio Supercomputer Center Original
More informationInformation Security Policies. Version 6.1
Information Security Policies Version 6.1 Information Security Policies Contents: 1. Information Security page 3 2. Business Continuity page 5 3. Compliance page 6 4. Outsourcing and Third Party Access
More informationWEST LOTHIAN COUNCIL INFORMATION SECURITY POLICY
WEST LOTHIAN COUNCIL INFORMATION SECURITY POLICY DATA LABEL: PUBLIC INFORMATION SECURITY POLICY CONTENTS 1. INTRODUCTION... 3 2. MAIN OBJECTIVES... 3 3. LEGISLATION... 4 4. SCOPE... 4 5. STANDARDS... 4
More informationWHITEPAPER: SOFTWARE APPS AS MEDICAL DEVICES THE REGULATORY LANDSCAPE
WHITEPAPER: SOFTWARE APPS AS MEDICAL DEVICES THE REGULATORY LANDSCAPE White paper produced by Maetrics For more information, please contact global sales +1 610 458 9312 +1 877 623 8742 globalsales@maetrics.com
More informationSouth West Lincolnshire NHS Clinical Commissioning Group Business Continuity Policy
South West Lincolnshire NHS Clinical Commissioning Group Business Continuity Policy Reference No: CG 01 Version: Version 1 Approval date 18 December 2013 Date ratified: 18 December 2013 Name of Author
More informationScotland s Commissioner for Children and Young People Records Management Policy
Scotland s Commissioner for Children and Young People Records Management Policy 1 RECORDS MANAGEMENT POLICY OVERVIEW 2 Policy Statement 2 Scope 2 Relevant Legislation and Regulations 2 Policy Objectives
More informationInformation Security Policy September 2009 Newman University IT Services. Information Security Policy
Contents 1. Statement 1.1 Introduction 1.2 Objectives 1.3 Scope and Policy Structure 1.4 Risk Assessment and Management 1.5 Responsibilities for Information Security 2. Compliance 3. HR Security 3.1 Terms
More informationHSCIC Audit of Data Sharing Activities:
Directorate / Programme Data Dissemination Services Project Data Sharing Audits Status Approved Director Terry Hill Version 1.0 Owner Rob Shaw Version issue date 26/10/2015 HSCIC Audit of Data Sharing
More informationHSCIC Audit of Data Sharing Activities:
Directorate / Programme Data Dissemination Services Project Data Sharing Audits Status Approved Director Terry Hill Version 1.0 Owner Rob Shaw Version issue date 20/04/2016 HSCIC Audit of Data Sharing
More informationExhibit E - Support & Service Definitions. v1.11 / 2015-07-03
Exhibit E - Support & Service Definitions v1.11 / 2015-07-03 Introduction - Support Services Table of Contents 1 Introduction... 4 2 General Definitions... 5 2.1 Support Services... 5 2.2 2.3 License or
More informationData Protection Act 1998. Guidance on the use of cloud computing
Data Protection Act 1998 Guidance on the use of cloud computing Contents Overview... 2 Introduction... 2 What is cloud computing?... 3 Definitions... 3 Deployment models... 4 Service models... 5 Layered
More informationKings Estate Agents - Terms of Use
Kings Estate Agents - Terms of Use PLEASE READ THESE TERMS AND CONDITIONS CAREFULLY AS THEY CONTAIN IMPORTANT INFORMATION ABOUT YOUR RIGHTS AND OBLIGATIONS WHEN USING KINGSESTATEAGENTS.CO.UK ("this Site").
More informationElectronic business conditions of use
Electronic business conditions of use This document provides Water Corporation s Electronic Business Conditions of Use. These are to be applied to all applications, which are developed for external users
More informationISO 9001:2008 Quality Management System Requirements (Third Revision)
ISO 9001:2008 Quality Management System Requirements (Third Revision) Contents Page 1 Scope 1 1.1 General. 1 1.2 Application.. 1 2 Normative references.. 1 3 Terms and definitions. 1 4 Quality management
More informationHSCIC Audit of Data Sharing Activities:
Directorate / Programme Data Dissemination Services Project Data Sharing Audits Status Approved Director Terry Hill Version 1.0 Owner Rob Shaw Version issue date 20/04/2016 HSCIC Audit of Data Sharing
More informationISO 9001:2015 Internal Audit Checklist
Page 1 of 14 Client: Date: Client ID: Auditor Audit Report Key - SAT: Satisfactory; OBS: Observation; NC: Nonconformance; N/A: Not Applicable at this time Clause Requirement Comply Auditor Notes / Evidence
More informationTitle: Rio Tinto management system
Standard Rio Tinto management system December 2014 Group Title: Rio Tinto management system Document No: HSEC-B-01 Standard Function: Health, Safety, Environment and Communities (HSEC) No. of pages: 23
More informationHead of Information & Communications Technology Responsible work team: ICT Security. Key point summary... 2
Policy Procedure Information security policy Policy number: 442 Old instruction number: MAN:F005:a1 Issue date: 24 August 2006 Reviewed as current: 11 July 2014 Owner: Head of Information & Communications
More informationInformation Security Team
Title Document number Add document Document status number Draft Owner Approver(s) CISO Information Security Team Version Version history Version date 0.01-0.05 Initial drafts of handbook 26 Oct 2015 Preface
More informationFDA Releases Final Cybersecurity Guidance for Medical Devices
FDA Releases Final Cybersecurity Guidance for Medical Devices By Jean Marie R. Pechette and Ken Briggs Overview and General Principles On October 2, 2014, the Food and Drug Administration ( FDA ) finalized
More informationBEACON HEALTH STRATEGIES, LLC TELEHEALTH PROGRAM SPECIFICATION
BEACON HEALTH STRATEGIES, LLC TELEHEALTH PROGRAM SPECIFICATION Providers contracted for the telehealth service will be expected to comply with all requirements of the performance specifications. Additionally,
More informationVoya Financial Advisors, Inc. Registered Representative s Website Terms of Use
Voya Financial Advisors, Inc. Registered Representative s Website Terms of Use Welcome to our site. This page provides important information about use of this site and other legal matters. Please read
More informationFinal Document. Software as a Medical Device (SaMD): Key Definitions. Date: 9 December 2013. Despina Spanou, IMDRF Chair. IMDRF/SaMD WG/N10FINAL:2013
Final Document Title: Authoring Group: Software as a Medical Device (SaMD): Key Definitions IMDRF SaMD Working Group Date: 9 December 2013 Despina Spanou, IMDRF Chair This document was produced by the
More informationData Protection Act 1998. Bring your own device (BYOD)
Data Protection Act 1998 Bring your own device (BYOD) Contents Introduction... 3 Overview... 3 What the DPA says... 3 What is BYOD?... 4 What are the risks?... 4 What are the benefits?... 5 What to consider?...
More informationSolihull Clinical Commissioning Group
Solihull Clinical Commissioning Group Business Continuity Policy Version v1 Ratified by SMT Date ratified 24 February 2014 Name of originator / author CSU Corporate Services Review date Annual Target audience
More informationMarch 2008 Grant Halverson CEO, GFG Group. Regional Processing Models
March 2008 Grant Halverson CEO, GFG Group Regional Processing Models The search for successful regional and global IT processing models has been a major focus of the last fifteen years across banks, insurance
More informationITIL A guide to service asset and configuration management
ITIL A guide to service asset and configuration management The goal of service asset and configuration management The goals of configuration management are to: Support many of the ITIL processes by providing
More informationHSCIC Audit of Data Sharing Activities:
Directorate / Programme Data Dissemination Services Project Data Sharing Audits Status Approved Director Terry Hill Version 1.0 Owner Rob Shaw Version issue date 21/09/2015 HSCIC Audit of Data Sharing
More informationHIPAA Security. 2 Security Standards: Administrative Safeguards. Security Topics
HIPAA Security SERIES Security Topics 1. Security 101 for Covered Entities 5. 2. Security Standards - Organizational, Security Policies Standards & Procedures, - Administrative and Documentation Safeguards
More informationGeneral Terms and Conditions of Trade for the use of the Bitplaces management platform and the Bitplaces software
General Terms and Conditions of Trade for the use of the Bitplaces management platform and the Bitplaces software I. Definitions, application area / conclusion of contract 1. Definitions 1.1 "App" in the
More informationPerformance Specification for Pedestrian Facilities at Temporary Standalone Traffic Signals
traffic systems and signing TR 2503 Issue B February 2006 Performance Specification for Pedestrian Facilities at Temporary Standalone Traffic Signals Crown Copyright 2005 First published 2005 Printed and
More informationCO-LOCATION SPACE SCHEDULE OF SERVICES Schedule 1
CO-LOCATION SPACE SCHEDULE OF SERVICES Schedule 1 1. THIS SCHEDULE - INTERPRETATION 1.1 The terms of this Co-Location Space Schedule of Services ( Schedule 1 ) apply together with, in addition to and form
More informationDNV GL Assessment Checklist ISO 9001:2015
DNV GL Assessment Checklist ISO 9001:2015 Rev 0 - December 2015 4 Context of the Organization No. Question Proc. Ref. Comments 4.1 Understanding the Organization and its context 1 Has the organization
More informationSCDHSC0032 Promote health, safety and security in the work setting
Promote health, safety and security in the work setting Overview This standard identifies the requirements when you promote the health, safety and security of yourself and others for whom you are responsible
More informationSAFETY and HEALTH MANAGEMENT STANDARDS
SAFETY and HEALTH STANDARDS The Verve Energy Occupational Safety and Health Management Standards have been designed to: Meet the Recognised Industry Practices & Standards and AS/NZS 4801 Table of Contents
More informationBusiness Continuity Management
Business Continuity Management Standard Operating Procedure Notice: This document has been made available through the Police Service of Scotland Freedom of Information Publication Scheme. It should not
More informationSERVICE LEVEL AGREEMENT (SLA)
SERVICE LEVEL AGREEMENT (SLA) This agreement covers the provision and support of the Managed Networking Services and details the service targets and obligations set and maintained by One...Solutions. Further,
More informationnehta Commissioning Requirements for Secure Message Delivery Secure Messaging 19 December 2012 National E-Health Transition Authority
nehta Secure Messaging Commissioning Requirements for Secure Message Delivery 19 December 2012 National E-Health Transition Authority National E-Health Transition Authority Ltd Level 25 56 Pitt Street
More informationDocument Type Doc ID Status Version Page/Pages. Policy LDMS_001_00161706 Effective 2.0 1 of 7 Title: Corporate Information Technology Usage Policy
Policy LDMS_001_00161706 Effective 2.0 1 of 7 AstraZeneca Owner Smoley, David Authors Buckwalter, Peter (MedImmune) Approvals Approval Reason Approver Date Reviewer Approval Buckwalter, Peter (MedImmune)
More informationSupplier Security Assessment Questionnaire
HALKYN CONSULTING LTD Supplier Security Assessment Questionnaire Security Self-Assessment and Reporting This questionnaire is provided to assist organisations in conducting supplier security assessments.
More informationPlease Note: Temporary Graduate 485 skills assessments applicants should only apply for ANZSCO codes listed in the Skilled Occupation List above.
ANZSCO Descriptions This ANZSCO description document has been created to assist applicants in nominating an occupation for an ICT skill assessment application. The document lists all the ANZSCO codes that
More informationSPECIAL CONDITIONS FOR THE INFRASTRUCTURE CDN SERVICE Version date 10-04-2013
SPECIAL CONDITIONS FOR THE INFRASTRUCTURE CDN SERVICE Version date 10-04-2013 DEFINITIONS: Anycast IP Address: The IP address to which the Customer s domain name must be redirected to enable the Service
More informationHang Seng HSBCnet Security. May 2016
Hang Seng HSBCnet Security May 2016 1 Security The Bank aims to provide you with a robust, reliable and secure online environment in which to do business. We seek to achieve this through the adoption of
More informationInformation Security Policy
Information Security Policy Author: Responsible Lead Executive Director: Endorsing Body: Governance or Assurance Committee Alan Ashforth Alan Lawrie ehealth Strategy Group Implementation Date: September
More informationCCG: IG06: Records Management Policy and Strategy
Corporate CCG: IG06: Records Management Policy and Strategy Version Number Date Issued Review Date V3 08/01/2016 01/01/2018 Prepared By: Consultation Process: Senior Governance Manager, NECS CCG Head of
More informationAn introduction to the regulation of apps and wearables as medical devices
An introduction to the regulation of apps and wearables as medical devices Introduction Phones are increasingly equipped with a range of devices capable of being used as sensors, including gyroscopes,
More informationPolicy Document Control Page
Policy Document Control Page Title Title: Medical Devices Management Policy Version: 10 Reference Number: CO16 Supersedes Supersedes: Version 9 Description of Amendment(s): Originator Addition of 4.8 Sharps
More informationManagement Standards for Information Security Measures for the Central Government Computer Systems
Management Standards for Information Security Measures for the Central Government Computer Systems April 26, 2012 Established by the Information Security Policy Council Table of Contents Chapter 1.1 General...
More informationISO 27001 Controls and Objectives
ISO 27001 s and Objectives A.5 Security policy A.5.1 Information security policy Objective: To provide management direction and support for information security in accordance with business requirements
More informationQUALITY MANUAL ISO 9001:2015
Page 1 of 22 QUALITY MANUAL ISO 9001:2015 Quality Management System Page 1 of 22 Page 2 of 22 Sean Duclos Owner Revision History Date Change Notice Change Description 11/02/2015 1001 Original Release to
More informationDeclaration Form for EP Online/ WP Online User Agreement
Work Pass Division 18 Havelock Road Singapore 059764 Tel: 6438 5122 www.mom.gov.sg mom_wpd@mom.gov.sg Declaration Form for EP Online/ WP Online User Agreement You may need about 2 minutes to complete this
More informationCloud Software Services for Schools
Cloud Software Services for Schools Supplier self-certification statements with service and support commitments Please insert supplier details below Supplier name Address Contact name Contact email Contact
More informationCloud Software Services for Schools
Cloud Software Services for Schools Supplier self-certification statements with service and support commitments Please insert supplier details below Supplier name Address Isuz Ltd. trading as Schoolcomms
More informationCloud Software Services for Schools
Cloud Software Services for Schools Supplier self-certification statements with service and support commitments Supplier name Address Contact name Contact email Contact telephone Parent Teacher Online
More informationSCHEDULE 25. Business Continuity
SCHEDULE 25 Business Continuity 1. Scope 1.1 This schedule covers TfL s requirements in respect of: any circumstance or event which renders, or which TfL considers likely to render, it necessary or desirable
More informationSOFTWARE UPDATE SERVICES (SUS)
SOFTWARE UPDATE SERVICES (SUS) These Software Update Services terms and conditions ( Terms and Conditions ) apply to any quote, order, order acknowledgment, and invoice, and any sale or provision of Software
More informationPORTABLE DATA STORAGE SECURITY INFORMATION FOR CIOs/CSOs Best Before November 2011 1
Executive Summary PORTABLE DATA STORAGE SECURITY INFORMATION FOR CIOs/CSOs Best Before November 2011 1 In today s business environment, managing and controlling access to data is critical to business viability
More informationBalancing and Settlement Code BSC PROCEDURE BSCP537. QUALIFICATION PROCESS FOR SVA PARTIES, SVA PARTY AGENTS AND CVA MOAs
Balancing and Settlement Code BSC PROCEDURE BSCP537 QUALIFICATION PROCESS FOR SVA PARTIES, SVA PARTY AGENTS AND CVA MOAs APPENDIX 3 GUIDANCE NOTES ON COMPLETING THE SAD Version 2.0 Date: 10 September 2007
More informationTransource Warranty & Support Agreement
2405 West Utopia Road, Phoenix, AZ 85027 USA www.transource.com Toll-Free: (800) 486-3715 Tel: (623) 879-8882 Fax: (623) 879-8887 Transource Warranty & Support Agreement I. Warranty Coverage: Transource
More informationPreparation of a Rail Safety Management System Guideline
Preparation of a Rail Safety Management System Guideline Page 1 of 99 Version History Version No. Approved by Date approved Review date 1 By 20 January 2014 Guideline for Preparation of a Safety Management
More informationOracle CRM On Demand Connected Mobile Sales Administration Guide. Version 1.0.3 March 2012
Oracle CRM On Demand Connected Mobile Sales Administration Guide March 2012 Copyright 2005, 2012 Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided
More informationNOS for Network Support (903)
NOS for Network Support (903) November 2014 V1.1 NOS Reference ESKITP903301 ESKITP903401 ESKITP903501 ESKITP903601 NOS Title Assist with Installation, Implementation and Handover of Network Infrastructure
More informationHow To Use Adobe Software For A Business
EXHIBIT FOR MANAGED SERVICES (2013V3) This Exhibit for Managed Services, in addition to the General Terms, the OnDemand Exhibit, and any applicable PDM, applies to any Managed Services offering licensed
More informationBingo and Casino Equipment Technical Requirements
Bingo and Casino Equipment Technical Requirements July 2008 Contents Introduction 4 PART I - Casino Equipment Technical Requirements Game requirements 5 Speed of play Display of information on players
More informationThe U.S. FDA s Regulation and Oversight of Mobile Medical Applications
The U.S. FDA s Regulation and Oversight of Mobile Medical Applications The U.S. FDA s Regulation and Oversight of Mobile Medical Applications As smart phones and portable tablet computers become the preferred
More informationOperational Risk Publication Date: May 2015. 1. Operational Risk... 3
OPERATIONAL RISK Contents 1. Operational Risk... 3 1.1 Legislation... 3 1.2 Guidance... 3 1.3 Risk management process... 4 1.4 Risk register... 7 1.5 EBA Guidelines on the Security of Internet Payments...
More informationHealth Informatics Application of clinical risk management to the manufacture of health software Formerly ISO/TS 29321:2008(E) DSCN14/2009
Health Informatics Application of clinical risk management to the manufacture of health software (formerly ISO/TS 29321:2008(E)) DSCN14/2009 Programme Sub-Prog / Project NPFIT Clinical Safety Document
More informationMedical Software Development. International standards requirements and practice
Medical Software Development International standards requirements and practice Food and Drug Administration What? A public health agency Why? Protect American consumers How? By enforcing the Federal Food,
More informationFOR MORE INFORMATION. 125 8880 or from a non-telstra phone 13 2200 and say pre-paid telstra.com/ppmbb visit a telstra store or partner
FOR MORE INFORMATION 125 8880 or from a non-telstra phone 13 2200 and say pre-paid telstra.com/ppmbb visit a telstra store or partner getting to know your telstra pre-paid 4G WI-FI (760S) LET S GET THIS
More informationExhibit to Data Center Services Service Component Provider Master Services Agreement
Exhibit to Data Center Services Service Component Provider Master Services Agreement DIR Contract No. DIR-DCS-SCP-MSA-002 Between The State of Texas, acting by and through the Texas Department of Information
More informationBOARD OF DIRECTORS PAPER COVER SHEET. Meeting date: 22 February 2006. Title: Information Security Policy
BOARD OF DIRECTORS PAPER COVER SHEET Meeting date: 22 February 2006 Agenda item:7 Title: Purpose: The Trust Board to approve the updated Summary: The Trust is required to have and update each year a policy
More informationNASA Federal Credit Union ebranch Online Banking Service Agreement
NASA Federal Credit Union ebranch Online Banking Service Agreement By accessing the NASA Federal Credit Union s ebranch Online Banking Service (the Service), you agree to this ebranch Online Banking Agreement
More informationPRIVACY POLICY. comply with the Australian Privacy Principles ("APPs"); ensure that we manage your personal information openly and transparently;
PRIVACY POLICY Our Privacy Commitment Glo Light Pty Ltd A.C.N. 099 730 177 trading as "Lighting Partners Australia of 16 Palmer Parade, Cremorne, Victoria 3121, ( LPA ) is committed to managing your personal
More informationSPECIAL CONDITIONS FOR THE WEBSTORAGE CDN SERVICE Latest version dated 13/11/2013
DEFINITIONS: SPECIAL CONDITIONS FOR THE WEBSTORAGE CDN SERVICE Latest version dated 13/11/2013 Bandwidth: Volume of data exchanged (uploads and downloads) between the CDN and the users that download Files
More informationUse of Exchange Mail and Diary Service Code of Practice
Use of Exchange Mail and Diary Service Code of Practice Introduction This code of practice outlines the support mechanisms in place for the security of the Exchange mail and diary service. References are
More informationRegulations on Information Systems Security. I. General Provisions
Riga, 7 July 2015 Regulations No 112 (Meeting of the Board of the Financial and Capital Market Commission Min. No 25; paragraph 2) Regulations on Information Systems Security Issued in accordance with
More informationRecommendations from Industry on Key Requirements for Building Scalable Managed Services involving Telehealth, Telecare & Telecoaching
Recommendations from Industry on Key Requirements for Building Scalable Managed Services involving Telehealth, Telecare & Telecoaching Contacts: Angela Single, Chair, Industry Working Group: angela.single@3millionlives.co.uk
More informationHazard/Incident Recording, Reporting and Investigation
Hazard/Incident Recording, Reporting and Investigation Power and Water Corporation Procedure 1 Purpose... 1 2 Scope... 1 3 References... 2 4 Roles and Responsibilities... 2 5 Definitions... 6 6 Records...
More informationSYSTEM SOFTWARE AND OR HARDWARE SUPPORT SERVICES (PREMIUM 24x7)
SYSTEM SOFTWARE AND OR HARDWARE SUPPORT SERVICES (PREMIUM 24x7) These System Software and or Hardware System Support Services terms and conditions ( Terms and Conditions ) apply to any quote, order, order
More informationElectronic Trading Information Template
Electronic Trading Information Template Preface This Electronic Trading Information Template (the "Template") has been created through the collaborative efforts of the professional associations listed
More informationAn Oracle White Paper December 2010. Leveraging Oracle Enterprise Single Sign-On Suite Plus to Achieve HIPAA Compliance
An Oracle White Paper December 2010 Leveraging Oracle Enterprise Single Sign-On Suite Plus to Achieve HIPAA Compliance Executive Overview... 1 Health Information Portability and Accountability Act Security
More informationOVERVIEW. In all, this report makes recommendations in 14 areas, such as. Page iii
The Office of the Auditor General has conducted a procedural review of the State Data Center (Data Center), a part of the Arizona Strategic Enterprise Technology (ASET) Division within the Arizona Department
More informationTerms of Use & Privacy Policy
Terms of Use & Privacy Policy These terms and conditions apply to your access and use of the Registration website and the Live Streaming website to UOB Privilege Conversations Live Webcast(collectively
More informationITIL Introducing service transition
ITIL Introducing service transition The goals of service transition Aligning the new or changed service with the organisational requirements and organisational operations Plan and manage the capacity and
More informationCommercial Online Banking
These terms form the agreement between us, Metro Bank PLC and you, a business customer and apply to the Commercial Online Banking Service (Commercial Online Banking) provided by us. Commercial Online Banking
More informationGlossary of terms used in our standards. June 2010. Upholding standards and public trust in pharmacy www.pharmacyregulation.org
Glossary of terms used in our standards June 2010 About us The General Pharmaceutical Council is the regulator for pharmacists, pharmacy technicians and registered pharmacy premises in England, Scotland
More informationSample CDC Certification and Accreditation Checklist For an Application That Is Considered a Moderate Threat
Sample CDC Certification and Accreditation Checklist For an Application That Is Considered a Moderate Threat Centers for Disease and Prevention National Center for Chronic Disease Prevention and Health
More informationJonathan Wilson. Sector Manager (Health & Safety)
Jonathan Wilson Sector Manager (Health & Safety) OHSAS 18001:2007 Making Life Easier For Health & Safety Managers Workshop Agenda 1. Introduction 2. Why Manage Health & Safety 3. OHSAS 18001 and OHSMS
More informationWest Midlands Police and Crime Commissioner Records Management Policy 1 Contents
West Midlands Police and Crime Commissioner Records Management Policy 1 Contents 1 CONTENTS...2 2 INTRODUCTION...3 2.1 SCOPE...3 2.2 OVERVIEW & PURPOSE...3 2.3 ROLES AND RESPONSIBILITIES...5 COMMISSIONED
More informationfdsfdsfdsfdsfsdfdsfsdfdsfsdfsd Square Box Systems Technical Support Agreement
fdsfdsfdsfdsfsdfdsfsdfdsfsdfsd Square Box Systems Technical Support Agreement Last updated 4 th January 2016 Technical Support Agreement This Technical support agreement is made up of these terms and conditions
More informationBIGPOND ULTIMATE MOBILE BROADBAND WI-FI QUICK START GUIDE
BIGPOND ULTIMATE MOBILE BROADBAND WI-FI QUICK START GUIDE WARNINGS AND SAFETY NOTICES Please read all the safety notices before using this device. The BigPond Ultimate Mobile Broadband Wi-Fi is designed
More informationPolicies and Procedures Audit Checklist for HIPAA Privacy, Security, and Breach Notification
Policies and Procedures Audit Checklist for HIPAA Privacy, Security, and Breach Notification Type of Policy and Procedure Comments Completed Privacy Policy to Maintain and Update Notice of Privacy Practices
More information