DD ISO/TS 25238:2007

This standard DD ISO/TS 25238:2007 Health informatics. Classification of safety risks from health software is classified in these ICS categories:

• 35.240.80 IT applications in health care technology

This Technical Specification is concerned with the safety of patients and gives guidance on the analysis and categorization of hazards and risks to patients from health software products, in order to allow any product to be assigned to one of five risk classes. It applies to hazards and risks which could cause harm to a patient. Other risks, such as financial or organizational risks, are outside the scope of this Technical Specification unless they have the potential to harm a patient.

This Technical Specification applies to any health software product, whether or not it is placed on the market and whether it is for sale or free of charge. Examples of the application of the classification scheme are given.

This Technical Specification does not apply to any software which is necessary for the proper application or functioning of a medical device.

NOTE This Technical Specification is intended for the assignment of health software to broad risk classes, so as to aid decisions such as what controls should be applied to ensure safety. It is not intended for the application of risk analysis and risk management to the design of health software products and the mitigation of any identified risks to acceptable levels (see Annex A).