BS EN ISO 22600-1:2014
Current
The latest, up-to-date edition.
Health informatics. Privilege management and access control Overview and policy management
Hardcopy , PDF
English
31-10-2014
Important note : Users cannot be edited or removed once added to your Multi user PDF.
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Abbreviated terms
5 Goal and structure of privilege management
and access control
6 Policy agreement
7 Documentation
Annex A (informative) - Example of a documentation
template
Annex B (informative) - Example of an information
exchange policy agreement
Bibliography
Describes principles and also specifies services needed for managing privileges and access control to data and/or functions.
| Committee |
IST/35
|
| DevelopmentNote |
Supersedes DD ISO/TS 22600-1 & 12/30271001 DC. (11/2014)
|
| DocumentType |
Standard
|
| Pages |
38
|
| PublisherName |
British Standards Institution
|
| Status |
Current
|
| Supersedes | |
| UnderRevision |
This multi-part International Standard defines principles and specifies services needed for managing privileges and access control to data and/or functions.
It focuses on communication and use of health information distributed across policy domain boundaries. This includes healthcare information sharing across unaffiliated providers of healthcare, healthcare organizations, health insurance companies, their patients, staff members, and trading partners by both individuals and application systems ranging from a local situation to a regional or even national situation.
It specifies the necessary component-based concepts and is intended to support their technical implementation. It will not specify the use of these concepts in particular clinical process pathways.
This part of ISO22600 proposes a template for the policy agreement. It enables the comparable documentation from all parties involved in the information exchange.
This part of ISO22600 excludes platform-specific and implementation details. It does not specify technical communication services and protocols which have been established in other standards. It also excludes authentication techniques.
| Standards | Relationship |
| ISO 22600-1:2014 | Identical |
| EN ISO 22600-1:2014 | Identical |
| ENV 13606-3 : DRAFT 2000 | HEALTH INFORMATICS - ELECTRONIC HEALTHCARE RECORD COMMUNICATION - PART 3: DISTRIBUTION RULES |
| ISO/IEC 9798-3:1998 | Information technology Security techniques Entity authentication Part 3: Mechanisms using digital signature techniques |
| ISO/TS 17090-1:2002 | Health informatics Public key infrastructure Part 1: Framework and overview |
| ISO/TS 21091:2005 | Health informatics Directory services for security, communications and identification of professionals and patients |
| ISO/IEC 10181-1:1996 | Information technology Open Systems Interconnection Security frameworks for open systems: Overview |
| ISO/IEC 9594-8:2017 | Information technology Open Systems Interconnection The Directory Part 8: Public-key and attribute certificate frameworks |
| ISO 21091:2013 | Health informatics — Directory services for healthcare providers, subjects of care and other entities |
| ISO 7498-2:1989 | Information processing systems Open Systems Interconnection Basic Reference Model Part 2: Security Architecture |
| ISO/IEC 2382-8:1998 | Information technology Vocabulary Part 8: Security |
| ENV 13608-1:2000 | Health informatics - Security for healthcare communication - Part 1: Concepts and terminology |
| ENV 13729 : DRAFT 2000 | HEALTH INFORMATICS - SECURE USER IDENTIFICATION - STRONG AUTHENTICATION USING MICROPROCESSOR CARDS |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.