Subgroup | Indicator | Priority | Complexity |
Performance of connected medical devices | No of residual risks identified | ||
No of risk control measures* | |||
No of probable risks identified | |||
No of potential risks identified | |||
Effectiveness of connected medical devices | No of incidents in which data was lost | ||
No of incidents in which the required information technology (IT) service was not available | |||
No of emergency operations caused by the connection to the IT network* | |||
No of incidents in which patient data were not available | |||
No of errors in patient data caused by the connection to the IT network | |||
Technical infrastructure | Average age of medical devices which are connected to IT network | ||
No of malfunctions of medical devices which are connected to IT network | |||
No of failures of the medical IT network* | |||
No of deliberate acts | No of data thefts and data protection incidents* | ||
No of blackmail attempts | |||
No of hacker attacks | |||
No of unauthorised or undetected connections | |||
No of malware activities (Trojans, worms, viruses, etc) | |||
No of unauthorised data changes and accesses |
*Indicators evaluated in the case study.