Skip to content
Please enter a keyword to search

  • ISO 25237:2017

    Current The latest, up-to-date edition.

    Health informatics — Pseudonymization

    Available format(s):  Hardcopy, PDF, PDF 3 Users, PDF 5 Users, PDF 9 Users

    Language(s):  French, English

    Published date:  03-01-2017

    Publisher:  International Organization for Standardization

    Add To Cart

    Abstract - (Show below) - (Hide below)

    ISO 25237:2017 contains principles and requirements for privacy protection using pseudonymization services for the protection of personal health information. This document is applicable to organizations who wish to undertake pseudonymization processes for themselves or to organizations who make a claim of trustworthiness for operations engaged in pseudonymization services.

    ISO 25237:2017

    - defines one basic concept for pseudonymization (see Clause 5),

    - defines one basic methodology for pseudonymization services including organizational, as well as technical aspects (see Clause 6),

    - specifies a policy framework and minimal requirements for controlled re-identification (see Clause 7),

    - gives an overview of different use cases for pseudonymization that can be both reversible and irreversible (see Annex A),

    - gives a guide to risk assessment for re-identification (see Annex B),

    - provides an example of a system that uses de-identification (see Annex C),

    - provides informative requirements to an interoperability to pseudonymization services (see Annex D), and

    - specifies a policy framework and minimal requirements for trustworthy practices for the operations of a pseudonymization service (see Annex E).

    General Product Information - (Show below) - (Hide below)

    Committee ISO/TC 215
    Development Note Supersedes ISO/DIS 25237. (01/2017)
    Document Type Standard
    Publisher International Organization for Standardization
    Status Current
    Supersedes

    Standards Referenced By This Book - (Show below) - (Hide below)

    ISO/TS 21089:2018 Health informatics Trusted end-to-end information flows
    18/30331887 DC : 0 BS ISO/IEC 20889 - INFORMATION TECHNOLOGY- SECURITY TECHNIQUES - PRIVACY ENHANCING DATA DE-IDENTIFICATION TECHNIQUES

    Standards Referencing This Book - (Show below) - (Hide below)

    ISO/IEC 15408-2:2008 Information technology — Security techniques — Evaluation criteria for IT security — Part 2: Security functional components
    ISO/IEC 8825-1:2015 Information technology ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER) Part 1:
    ANSI X9.52 : 1998 TRIPLE DATA ENCRYPTION ALGORITHM MODES OF OPERATION
    ISO/IEC 27033-1:2015 Information technology Security techniques Network security Part 1: Overview and concepts
    ISO 12052:2017 Health informatics — Digital imaging and communication in medicine (DICOM) including workflow and data management
    ISO/TS 22220:2011 Health informatics — Identification of subjects of health care
    ISO 7498-2:1989 Information processing systems Open Systems Interconnection Basic Reference Model Part 2: Security Architecture
    ISO/IEC 2382-8:1998 Information technology Vocabulary Part 8: Security
    ISO/IEC 2382:2015 Information technology — Vocabulary
    ENV 13608-1:2000 HEALTH INFORMATICS - SECURITY FOR HEALTHCARE COMMUNICATION - PART 1: CONCEPTS AND TERMINOLOGY
    ISO/TR 21089:2004 Health informatics Trusted end-to-end information flows
    ISO/IEC 18014-1:2008 Information technology Security techniques Time-stamping services Part 1: Framework
    ISO 27799:2016 Health informatics Information security management in health using ISO/IEC 27002
    ISO/IEC 29100:2011 Information technology — Security techniques — Privacy framework
    View more information

    • Access your standards online with a subscription

      Features

      • Simple online access to standards, technical information and regulations
      • Critical updates of standards and customisable alerts and notifications
      • Multi - user online standards collection: secure, flexibile and cost effective