EN ISO 27799
|
DIN EN ISO 27799 |
|---|---|
| Area | Medical informatics |
| title | Information security management in healthcare according to ISO / IEC 27002 IT security procedures |
| Latest edition | 2016-12 |
| ISO | 27799 |
The international standard EN ISO 27799 Medical Informatics - Safety Management in Health Care when using ISO / IEC 27002 specifies the requirements for an information security management system in health care. As a scope specialization , it addresses the peculiarities in the health care system that are not considered in the general ISO 27000 series of standards , and, in contrast to its parent standard, emphasizes must instead of should criteria, especially in the area of the confidentiality of the data of the persons treated .
The standard is published in Germany as DIN standard DIN EN ISO 27799.
Outline of the standard
The standard is structured as follows
- content
- Preface
- introduction
- scope of application
- Normative references
- Terms
- Abbreviations
- Health information security
- Practical work plan for the implementation of ISO / IEC 27002
- Implications from ISO / IEC 27002 for health care
- Appendix A (informative) Threats to the Security of Health Information
- Appendix B (informative) Tasks and related documents of the information security management system