医疗器械网络安全注册技术审查指导原则---参考文献

（一）《中华人民共和国网络安全法》（中华人民共和国主席令第五十三号）

（二）国务院办公厅关于促进和规范健康医疗大数据应用发展的指导意见（国办发〔2016〕47号）

（三）《医疗器械注册管理办法》（国家食品药品监督管理总局令第4号）

（四）《医疗器械说明书和标签管理规定》（国家食品药品监督管理总局令第6号）

（五）国家食品药品监督管理总局关于公布医疗器械注册申报资料要求和批准证明文件格式的公告（国家食品药品监管总局公告2014年第43号）

（六）国家食品药品监督管理总局关于发布医疗器械软件注册技术审查指导原则的通告（国家食品药品监管总局通告2015年第50号）

（七）《医疗器械召回管理办法（试行）》（原卫生部令第82号）

（八）《人口健康信息管理办法（试行）》（国卫规划发〔2014〕24号）

（九）国家卫生计生委关于推进医疗机构远程医疗服务的意见（国卫医发〔2014〕51号）

（十）GB/T 20271-2006《信息安全技术信息系统通用安全技术要求》

（十一）GB/T 20984-2007 《信息安全技术信息安全风险评估规范》

（十二）GB/T 22080-2016《信息技术安全技术信息安全管理体系要求》

（十三）GB/T 22081-2016《信息技术安全技术信息安全管理实用规则》

（十四）GB/T 29246-2012《信息技术安全技术信息安全管理体系概述和词汇》

（十五）GB/Z 24364-2009《信息安全技术信息安全风险管理指南》

（十六）YY/T 0287-2003《医疗器械质量管理体系用于法规的要求》

（十七）YY/T 0316-2016《医疗器械风险管理对医疗器械的应用》

（十八）YY/T 0664-2008《医疗器械软件软件生存周期过程》

（十九）YY/T 1474-2016 《医疗器械可用性工程对医疗器械的应用》

（二十）FDA, Cybersecurity for Networked Medical Devices ContainingOff-the-Shelf Software, 2005-1-14

（二十一）FDA, Content of Premarket Submissions for Management ofCybersecurity in Medical Devices - Guidance for Industry and Foodand Drug Administration Staff, 2014-10-2

（二十二）FDA, Radio Frequency Wireless Technology in Medical Devices -Guidance for Industry and Food and Drug Administration Staff,2013-8-14

（二十三）FDA, Postmarket Management ofCybersecurity in Medical Devices– Draft Guidance for Industry and Food and Drug AdministrationStaff, 2016-1-22

（二十四）FDA, Design Considerations and Pre-marketSubmissionRecommendations for InteroperableMedical Devices – DraftGuidance for Industry and Food and Drug Administration Staff,2016-1-26

（二十五）IEC 60601-1Edition3.1:2012, Medical electrical equipment -Part 1: General requirements for basic safety and essentialperformance

（二十六）IEC 82304-1, Health Software - Part 1: General requirementsfor product safety

（二十七）IEC80001-1:2010, Application of risk management forIT-networks incorporating medical devices - Part 1:Roles,responsibilities and activities

（二十八）IEC/TR 80001-2-1:2012, Application of risk management forIT-networks incorporating medical devices - Part 2-1: Step-by-steprisk management of medical IT-networks - Practical applications andexamples

（二十九）IEC/TR 80001-2-2:2012, Application of risk management forIT-networks incorporating medical devices - Part 2-2: Guidance forthe disclosure and communication of medical device security needs,risks and controls

（三十）IEC/TR 80001-2-3:2012, Application of risk management forIT-networks incorporating medical devices - Part 2-3: Guidance forwireless networks

（三十一）IEC/TR 80001-2-4:2012, Application of risk management forIT-networks incorporating medical devices - Part 2-4: Applicationguidance - General implementation guidance for healthcare deliveryorganizations

（三十二）IEC/TR 80001-2-5:2014, Application of risk management forIT-networks incorporating medical devices - Part 2-5: Applicationguidance - Guidance on distributed alarm systems

（三十三）ISO/TR 80001-2-6:2014, Application of risk management forIT-networks incorporating medical devices -Part 2-6: Applicationguidance - Guidance for responsibility agreements

（三十四）ISO/TR 80001-2-7:2015, Application of risk management forIT-networks incorporating medical devices -Application guidance-Part 2-7: Guidance for Healthcare Delivery Organizations (HDOs) onhow to self-assess their conformance with IEC 80001-1

（三十五）IEC/TR 80001-2-8:2016, Application of risk management forIT-networks incorporating medical devices - Part 2-8: Applicationguidance - Guidance on standards for establishing the securitycapabilities identified in IEC/TR 80001-2-2

（三十六）IEC/TR 80001-2-9, Application of risk management forIT-networks incorporating medical devices - Part 2-9: Applicationguidance - Guidance for use of security assurance cases todemonstrate confidence in IEC/TR 80001-2-2 securitycapabilities

（三十七）ISO/DIS 27799Health informatics - Information securitymanagement in health using ISO/IEC 27002

（三十八）HIMSS/NEMA HN 1-2013, Manufacturer Disclosure Statement forMedical Device Security

（三十九）NEMA/MITA CSP 1-2016, Cybersecurity for Medical Imaging

（四十）IMDRF/SaMD WG/N12FINAL:2014, Software as a Medical Device(SaMD): Possible Framework for Risk Categorization andCorresponding Considerations, 2014-9-18

文章摘自医疗器械网

更多具体事宜请咨询中拓检测，为您提供专业高效的医疗器械网络安全注册服务

直接联系：【中拓检测】