The IT department is likely to point the finger at radiology or the purchasing department, claiming the even is an equipment problem. They, however, are likely to knock the ball back into the IT department’s court -- the bug is, after all, affecting the IT network. Finally, the third party is the X-ray equipment manufacturer, suspected of introducing the bug during the last systems upgrade.
Everyone agrees: This is no way to constructively deal with the problem. Up to March this year there had been no guidelines, as such, on how to deal with these – quite recent – types of problem. ‘However, since the introduction of the ICE 80001 the rule has been that the legal requirements for medical products also apply to medical products to be integrated into an IT network “with a view to reliable operation within the network”,’ said IT specialist Armin Gärtner. ‘IT networks that integrate medical products therefore turn into medical networks – but the network itself is not a medical product.’
The norm does not offer any strict specifications; instead it provides suggestions for a risk management approach to ensure the integration of different types of equipment from various manufacturers into the IT network. ‘The user is in charge here,’ Armin Gärtner emphasised in his lecture during a recent PACS and more! seminar. ‘The manufacturer is not responsible for the safety of the integration into an existing IT network. Although he has to provide all the necessary information, the actual implementation remains the responsibility of the end user. This is why the IT department should already be involved at the point of purchase. When, for instance, an MRI scanner is purchased, an additional 20% of the acquisition cost is required for the network integration.’ At the very latest, these costs become clear when we look at the potential risks of systems integration inherent in the installation itself, the remote service or the technician’s notebook.
Accordingly, this realisation has far-reaching consequences, as the current structures and the division between medicine technology and IT has to be abolished. ‘A modern process assessment confirms the need to break down the old patterns and combine the two disciplines in a new department – experts talk about MIT, i.e. Medical IT,’ he explained. What exactly this new type of department looks like and what role the manufacturer plays depends strongly on the respective objective of a hospital. The ICE 80001 does not deliver any authoritative answers, but as a process norm provides the incentive for a lively discussion on the philosophy of acquisition and maintenance of equipment.
‘The ICE 80001 presents, at the centre of things, the question How much safety can a hospital afford?’ he pointed out. The above-mentioned process optimisation and enhanced networking of IT and medical technology obviously come at a price. ‘On the other hand,’ he added, ‘the hospital operators need to compare these costs to the breakdown and down-time costs per day of, for instance, a CT scanner, to say nothing of the additional effects on the patients.’
The question of what impact these changes will actually have on the manufacturers of medical devices remains. ‘Within the context of conformity assessments, the manufacturers obviously have to think about how they can equip their products for long-term use within a changing network. This includes, for instance, considerations as to the operating system used. The best solution can only be achieved through a dialogue with the end user,’ Armin Gärtner concluded.
The ICE 80001 plots the course towards safe and stable networks, but it is up to hospitals to decide on the actual implementation.
* Appointed official telemedicine representative at Sana MTSZ Stuttgart, during this year’s PACS and More seminar, held during the DICOM meeting in June, at Schloss Waldthausen, Mainz, Germany.