Information System Hazard Analysis and Mitigation

Health information and communication technology (HICT) poses technology specific hazards to patient safety. The FDA´s MAUDE database is one source among many which reports on HICT related patient injuries and deaths. The stagnancy of the safety of these technologies in the ten years following Institute of Medicine warnings indicates a lack understanding of the nature of these hazards. As we have remedied the issues in existing technology, a pandemic of similar issues will soon be on us as more HICT will be deployed in the next ten years than has been in the history of medicine. To address this gap, we have adapted Leveson´s work on socio-technical safety engineering to develop a system theoretic model of information systems that re-imagines them as traditional control systems. We call this model System Theoretic Accidents Models and Processes for Information Systems (STAMP-IS). We have incorporated the model into a systematic safety engineering process we call information system hazard analysis and mitigation (ISHAM). ISHAM consists of an iterative four step process which includes team selection, modelling, analysis, and mitigation. It requires a process under investigation (PUI) as input, and retrospective accident data (RAD) ideally about the PUI itself, though RAD about a substantially similar process can be substituted.