Risk Management Report: Launching New Medical Device at Lectocomp

Verified

Added on 2022/12/23

AI Summary

This report provides a comprehensive risk management plan for the launch of a new medical device by Lectocomp Manufacturing Company. The report begins with an introduction and justification for the project, emphasizing the increasing use of computer-generated products in healthcare and the associated risks, including device malfunction, security threats, patient injury, privacy and cyber security, and regulatory compliance. The objectives of the project are outlined, which include creating a project charter, a risk register, and identifying mitigation techniques. The report includes a timeline duration table, budget estimations, and potential funding sources, followed by an analysis of various risks and constraints, such as patient injury, privacy and cyber security, regulatory risks, technology risks, limited expenditure on cyber security, high demand of the health records in the black market, ransomware, BYOD policy, employee negligence, moisture concerns, battery life, health risk, communication risk, resource risk, and customer experience risk. The report also details the project organization, including roles and responsibilities of project manager, technical steward, business steward, security steward, and stakeholders. Finally, the report concludes by emphasizing the importance of risk analysis and mitigation to ensure the successful development and launch of the medical device. The report is supported by references to relevant literature.

Running head: RISK MANAGEMENT
Risk Management
Name of the Student
Name of the University
Author note:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1RISK MANAGEMENT
Table of Contents
Introduction......................................................................................................................................2
Justification......................................................................................................................................2
Objectives:...................................................................................................................................2
Deliverables:................................................................................................................................2
Timeline Duration table...................................................................................................................3
Budget estimation:...........................................................................................................................4
Funding source.............................................................................................................................4
Assumptions, risks and constraints:.................................................................................................4
Project organization:........................................................................................................................7
Roles and responsibilities:...........................................................................................................7
Conclusion.......................................................................................................................................8

2RISK MANAGEMENT
Introduction:
Lectocomp Manufacturing Company manufactures computer boards which are used by
the customers in various products. As decided in the quarterly meeting, a new product has to be
launched in the upcoming year. This product is expected to fulfill some purposes of the medical
devices. Computer generated products are prone to various risks (Wu, Chen & Olson, 2014). As
a manager of this project, it is the duty to analyze the risk and find solution for the mitigation of
the risks awaiting in this project.
Justification:
With the increasing trends in technology, there is an abundance in usage of computer
generated products. These products reduces the human error and gives more accuracy. Despite of
being more beneficial, these are also having some constraints. They are machines, and they have
all the possibility to malfunction. If such devices are used in the purpose of medical needs, they
are expected to give a desirable outcome without any malfunctioning. Another major problem in
these devices are security threats (Lam, 2014). There is a possibility of data theft from the
system. Hence, a project chartered is created to analyze the threats in the system and take actions
against the ones that are having high risk level and need immediate attention.
Objectives:
1. To create a project charter for the given scenario.
2. To create a risk register for analyzing the risk.
3. To look for the mitigation techniques in the system.
Deliverables:
 Computer generated health care product (Demirkan, 2013)

3RISK MANAGEMENT
 A report on the risk management
Timeline Duration table:
Figure 1: Timeline Duration and Execution Table

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4RISK MANAGEMENT
Budget estimation:
Budget estimation for developing the device depends upon the complexity of the device.
The cost for making one unit is $83 on an average.
Funding source
As the budget is high, sponsors may be needed for the purpose.
Assumptions, risks and constraints:
For undertaking any project, there are risk. There are always certain risks that prevails
when a device is designed for the health care. They can vary from device failure and can be as
severe as life risk due to that. Identification of these risk is important as these has to be fixed.
1. Patient injury: Injuries can happen due to many reasons– technical failure, a hack, or
due to human. Because technology powers the delivery and support of many types of
health care, there are numerous ways in which claims can be made. This cause a lot of
harm to the organization as it affects the company’s reputation and causes financial issues
to the company as well.
2. Privacy and cyber security
One of the most common issue in the using computer generated device is privacy threat
(Sun, Zhang, Xiong, & Zhu, 2014). The increasing number of ransom-ware, data
breaches and DDoS attacks is a threat to the information in the health record. This affect
the reputation of the organization as well as the Firm.

5RISK MANAGEMENT
3. Regulatory risk HIPAA and data breaches are the most significant problems arising in
the system. Many organizations are there which have their own rules and regulatory
policies. Above all, following the different rules of the local as well as the state regulators
may have some negative impact on the organization. They have different sets of rules and
priorities. Following both is not exactly possible. Instead, a specific business have to be
followed first (Abouelmehdi et al., 2018).
4. Technology risk: The speed at which technology is advancing and new devices are
being introduced, the fear of failure prevails. With every up gradation of the usable
technology, there is always a 50% chance that it may fail. If the Firm is responsible for
the risk, it is not only a financial issue but also an issue of the reputation of the Firm as
well as the Health care organization.
5. Limited expenditure on cyber security:
The main reason of repeated cyber-attack in the health care industry is due to low
allocation of the budget. Identity theft occurs due to that.
6. High demand of the health records in the black market
The black market price for the Electronics health record is $50 whereas the stolen
credit card detail is worth $1 only. There are crucial details about the patient in the EHR
that can be used by the fraud setters to create duplicate id (Allodi, Shim, & Massacci,
2013).
7. Ransom-ware:
These are some malwares that are inserted into the company’s server, so that the
company cannot access some crucial areas of the server (Scaife et al., 2016). The cyber
criminals’ demands money in exchange of the information hacked or to provide them

6RISK MANAGEMENT
access of the locked data. These payments are not made by usual methods like cash or
credit cards; bit coins are demanded for these purposes. Bit coins are expensive as well as
the difficult to track.
8. Bring your own device policy (BYOD)
The health care institutions allow the individual employees to access the devices and
wearable using their own private device, like cell phones and tablets (Stephens et al.,
2017). The institution takes no step to secure there devices or networks. The networks of
the BYOD are open networks usable by all. Hence the data used are often exposed to risk
of getting tracked, lost or hacked (Moyer, 2013).
9. Employee negligence:
There are certain attacks that can be avoided if the employees are aware of what is
happening around them. The wearable devices or the computer generated health devices
have a lots of data that are stored in the device as well as the server for the patients’ and
the doctors’ usage purpose (Klaus, & Maklan, 2013). Hence, carelessly accessing mails
without security verifications can lead to a malware file getting opened in the server and
the rest is classified.
10. Moisture concerns:
The device developed may get damaged by the moisture due to sweat. If the
device is wearable, it is evident to be exposed to sweat. There are parts of the device that
cannot prevent the seepage of the sweat.
11. Battery life:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7RISK MANAGEMENT
Wearable devices runs on batteries. If the device is not charged or the batteries are
not replaced in time, the device will not serve on time.
12. Health Risk:
Electronics devices like the smart health monitors those are wearable generates
the radiations (Brix, Nekolla, Borowski & Noßke, 2014). This is because, these devices
sends messages through radio signals or detects problems with the help of sensor and this
also happens with the help of radiation which is not good for health.
13. Communication risk:
The communication between the client and the developer must be established and
should be regular. Miscommunication leads to the failure of the desired product.
14. Resource risk:
Availability of the resources are important. Unavailability results in incomplete
product development and delayed delivery.
15. Customer experience risk:
After a product launch, customer may not like it. It may not fulfill the customer
requirements as desired (Rawson, Duncan & Jones, 2013).
Project organization:
Roles and responsibilities:
Sl. No Roles Responsibilities:
1 Project Manager Handles the Project completely along with the daily work flow
2 Technical steward Check the technical aspects of the project on a daily basis

8RISK MANAGEMENT
3 Business Steward Division Director of the Company entirely responsible for the
project
4 Security Steward Person responsible for the information security of the company
5 Stake holders Performs the behavioral research. He is the person who invest in
development of the device.
Conclusion:
Development of every device both hardware and software requires technically skilled
people. Though these people are skilled enough there are certain risk in the field of the market,
finance and the IT industry which cannot be avoided. Hence steps must be taken to analyze them
and mitigate them when detected so that the negative aspect prevailing of the organization can be
removed for good.

9RISK MANAGEMENT
References:
Abouelmehdi, K., Beni-Hessane, A., & Khaloufi, H. (2018). Big healthcare data: preserving
security and privacy. Journal of Big Data, 5(1), 1.
Allodi, L., Shim, W., & Massacci, F. (2013, May). Quantitative assessment of risk reduction
with cybercrime black market monitoring. In 2013 IEEE Security and Privacy
Workshops (pp. 165-172). IEEE.
Brix, G., Nekolla, E. A., Borowski, M., & Noßke, D. (2014). Radiation risk and protection of
patients in clinical SPECT/CT. European journal of nuclear medicine and molecular
imaging, 41(1), 125-136.
Demirkan, H. (2013). A smart healthcare systems framework. It Professional, 15(5), 38-45.
Klaus, P. P., & Maklan, S. (2013). Towards a better measure of customer
experience. International Journal of Market Research, 55(2), 227-246.
Lam, J. (2014). Enterprise risk management: from incentives to controls. John Wiley & Sons.
Moyer, J. E. (2013). Managing mobile devices in hospitals: A literature review of BYOD
policies and usage. Journal of Hospital Librarianship, 13(3), 197-208.
Rawson, A., Duncan, E., & Jones, C. (2013). The truth about customer experience. Harvard
Business Review, 91(9), 90-98.
Scaife, N., Carter, H., Traynor, P., & Butler, K. R. (2016, June). Cryptolock (and drop it):
stopping ransomware attacks on user data. In 2016 IEEE 36th International Conference
on Distributed Computing Systems (ICDCS) (pp. 303-312). IEEE.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

10RISK MANAGEMENT
Stephens, K., Zhu, Y., Harrison, M., Iyer, M., Hairston, T., & Luk, J. (2017, January). Bring
your own mobile device (BYOD) to the hospital: Layered boundary barriers and
divergent boundary management strategies. In Proceedings of the 50th Hawaii
International Conference on System Sciences.
Sun, Y., Zhang, J., Xiong, Y., & Zhu, G. (2014). Data security and privacy in cloud
computing. International Journal of Distributed Sensor Networks, 10(7), 190903.
Wu, D. D., Chen, S. H., & Olson, D. L. (2014). Business intelligence in risk management: Some
recent progresses. Information Sciences, 256, 1-7.