Systems Risk Analysis Guide

Increasing Efficiencies without Increasing Errors

Today's medical devices and systems have the potential to play a transformational role in healthcare delivery. These devices and systems, which often include both medical and information technologies, range from integrated IT systems to complex robotics, imaging, telemedicine and micro/nano technologies.

Recognizing the critical need for guidelines that would help healthcare organizations by identifying or providing resources and tools necessary to address the challenge of today's medical technologies, the HIMSS Medical Device & Patient Safety Task Force and the CE-IT Community have collaborated in establishing this site. Here you will find valuable resources that will help to insure that your organization has the information and tools it needs to realize the benefits of today's healthcare technologies while also being prepared to address any of the challenges and vulnerabilities associated with those technologies.

The Systems Risk Analysis Resource Guide web site is being rolled out in Phases.

Phase 1 includes two presentations that may be downloaded and used within your organization*:

Introduction to Complex Systems Analysis

C-Suite Introduction to CSA

Systems Risk Analysis Survey Report

Having recognized the importance of the application of effective risk management by healthcare providers to medical technology, the HIMSS Medical Device and Patient Safety Task Force in cooperation with the CE-IT Community established a project to develop a Risk Analysis Resource Guide. The Guide would provide healthcare providers with information they needed to establish and implement a risk management process for medical technology. In order to formulate an appropriate Guide, HIMSS (with cooperation of AAMI, ACCE, ASHRM) conducted a survey of healthcare organizations to determine the status of their current practices and capabilities with respect to the risk management of medical technology.

Read the full report


Guidance for Medication Reconciliation and System Integration Process:
Identifying points of failure within the medication reconciliation process and determining systematic approaches (via HIT) to overcome barriers.
In order to help facilities plan for and execute a successful implementation of healthcare IT in the area of medication reconciliation, the HIMSS Medical Devices and Patient Safety Task force has written this Guidance Document to:

  1. Educate readers about the causes and effects of failures in the medication reconciliation process through an example
  2. Provide advice on administrative, clinical, and technical approaches to reducing potential failure modes


Tag you're it! You Just Became a FDA Regulated Manufacturer of Medical Device - Effect of new FDA regulations covering Medical Device Data Systems (MDDS) on Healthcare Providers
Did you know…

  • By May 18, 2011 you must register your Medical Device Data System (MDDS) with the FDA
  • If your system qualifies as a MDDS, you must be in compliance by Feb. 18, 2012. Download a flowchart that guides you in determining if your system qualifies as a MDDS.
  • If you don't comply, you could be subject to financial penalties

HIMSS Medical Devices & Patient Safety TF and CE-IT Community are offering an On Demand webinar that provides illustrations of what qualifies as an MDDS, FDA Requirements for MDDS manufacturers, overview of major implications for healthcare providers, timetable for compliance, what you need to know, patient safety implications, cost implications, and resources.

Download the presentation >>
Download the flowchart >>
Listen to the webinar >>
FDA MDDS Forms and information for registering an MDDS

The implications of implementing 80001-1

The implications of implementing 80001-1: a dialogue between an organization's CE-IT (and biomedical device integration oversight group led by physicians and EMR leaders, etc) and Clinical Risk Management
Risk Managers and 80001-1
One organization considering how to implement 80001-1

DOR-Endo MCD2 v6

Standards and Guidelines 2 Mar 2011

If fully realized, the benefits of these technologies can substantially improve the quality and timeliness of patient care while insuring that care is delivered in a safer and more cost-effective manner. Effective integration of these devices/systems can also play a key role in the organizations ability to achieve meaningful use (e.g., device integration into applications such as EMRs, CPOE, e-prescribing, CDS). However, implementation of these medical devices and systems is not without risk. New technologies also bring new challenges and vulnerabilities. Examples of these vulnerabilities and risks include:

  • Increased dependence on new technologies for enhanced patient care and improved workflow processes (i.e., old methodologies and capabilities are abandoned in favor of new)
  • Increased reliance on patients as the technology operators when migrating to tele-health, home health (including patient portals, PHRs) and other remote care venues
  • Introduction of single points of failure (SPOF) … failures of key components of critical systems that can have widespread adverse effects on operations and the ability to deliver care to many patients
  • Complex technologies that are more susceptible to error due to human factors issues
  • Failure of service and support paradigms to keep pace with the rapid evolution of increasingly complex and converged technologies (e.g., lack of a unified model incorporating integrated, collaborative support from clinical engineering and information technology)
  • Failure to accommodate new security and privacy vulnerabilities that arise from increasingly complex and integrated technologies

To address these challenges, the industry must take a strategic rather than an ad-hoc approach to the selection and adoption of new technologies and they must evolve their infrastructures to provide adequate support for those technologies.

The strategic approach to selection and adoption of new technologies involves formal collaboration between those who can assure new technologies are consistent with organizational mission, goals and objectives and those who can evaluate projected benefits against cost/risks using evidence based arguments.
Developing an effective infrastructure to support today's new converged technologies involves integrating clinical engineering, information and telecommunications services strategically and operationally to insure a seamless support paradigm. Accomplishing close collaboration while insuring each of these disciplines retains their native strengths requires an evolution to

  • Shared governance (providing a bridge between services)
  • New hybrid roles and responsibilities (e.g., clinical systems engineer, clinical systems support specialist, radiofrequency spectrum manager)
  • New tools, strategic/operational services, & processes tailored to support new technologies

For more information about the Medical Devices & Patient Safety Task Force, contact Juanita Threat at; for more information about the CE-IT Community, contact Christel Anderson at 1-312-915-9520 or

* If you would like a non-pdf version of these PowerPoints, please contact Juanita Threat at