Rechercher

This document covers the protection of biometric information under various requirements for confidentiality, integrity and renewability/revocability during storage and transfer. It also provides requirements and recommendations for the secure and privacy-compliant management and processing of biometric information. This document specifies the following: — analysis of the threats to and…

This document describes a core set of cloud service agreements for customer-oriented health cloud services. This document covers a customer-oriented cloud service agreement that can be used in healthcare organizations and public health centers that use health cloud services. This document defines key characteristics in the health cloud service agreement that are indispensable in providing optimal…

This Standard specifies minimum requirements for federating the exchange of health information between systems and provides the basis for implementing a user-centric, interoperable health network for the delivery of healthcare services. The scope of this Standard comprises the following: — definition of a trust model (Section 4); — user agency (Section 4.2) — data standards (Section 4.3) —…

1 Scope This document specifies guidelines for developing a cybersecurity framework. It is applicable to cybersecurity framework creators regardless of their organizations’ type, size or nature.

1 Scope The document takes a multiple agency as well as a citizen-centric viewpoint. It provides guidance on: — smart city ecosystem privacy protection; — how standards can be used at a global level and at an organizational level for the benefit of citizens; and — processes for smart city ecosystem privacy protection. This document is applicable to all types and sizes of organizations,…

This document defines how to authenticate users and accessing parties on a web-services interface. It also defines how a resource owner can delegate access to its resources to an accessing party. Within this context, this document also defines the necessary roles and required separation of duties between these in order to fulfil requirements stated on security, data privacy and data protection.…

This document gives guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1 for organizations intending to: a) implement ISO/IEC27001 when ISO/IEC 20000-1 is already implemented, or vice versa; b) implement both ISO/IEC27001 and ISO/IEC 20000-1 together; or c) integrate existing management systems based on ISO/IEC27001 and ISO/IEC 20000-1. This document focuses exclusively…

This document gives guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1 for organizations intending to: a) implement ISO/IEC27001 when ISO/IEC 20000-1 is already implemented, or vice versa; b) implement both ISO/IEC27001 and ISO/IEC 20000-1 together; or c) integrate existing management systems based on ISO/IEC27001 and ISO/IEC 20000-1. This document focuses exclusively…

This document defines the configuration rules required for a hierarchical structure, directory naming rules, and content identifiers for files and documents containing healthcare information. Content can be expressed as ISO/HL7 27931:2009 (also known as HL7 Ver2.5) as the data format to store clinical data such as prescriptions, lab results, and disease classifications, but can also include other…

This document complements and supplements the procedures and general requirements found in ISO/IEC 17025:2017 for laboratories performing testing based on ISO/IEC 19790 and ISO/IEC 24759.