ISO 22857:2013
Current
The latest, up-to-date edition.
Health informatics — Guidelines on data protection to facilitate trans-border flows of personal health data
Hardcopy , PDF , PDF 3 Users , PDF 5 Users , PDF 9 Users
English
10-12-2013
Important note : Users cannot be edited or removed once added to your Multi user PDF.
ISO 22857:2013 provides guidance on data protection requirements to facilitate the transfer of personal health data across national or jurisdictional borders.
It is normative only in respect of international or trans-jurisdictional exchange of personal health data. However it can be informative with respect to the protection of health information within national/jurisdictional boundaries and provide assistance to national or jurisdictional bodies involved in the development and implementation of data protection principles.
ISO 22857:2013 covers both the data protection principles that apply to international or trans-jurisdictional transfers and the security policy which an organization adopts to ensure compliance with those principles.
ISO 22857:2013 aims to facilitate international and trans-jurisdictional health-related applications involving the transfer of personal health data. It seeks to provide the means by which health data relating to data subjects, such as patients, will be adequately protected when sent to, and processed in, another country/jurisdiction.
| DevelopmentNote |
Supersedes ISO/DIS 22857. (12/2013)
|
| DocumentType |
Standard
|
| Pages |
56
|
| PublisherName |
International Organization for Standardization
|
| Status |
Current
|
| Supersedes |
| Standards | Relationship |
| IS/ISO 22857 : 2019 | Identical |
| NEN ISO 22857 : 2014 | Identical |
| BS ISO 22857:2013 | Identical |
| IS 17797 : 2022 | Identical |
| CSA Z22857 : 2006 | Identical |
| I.S. EN ISO 27799:2016 | HEALTH INFORMATICS - INFORMATION SECURITY MANAGEMENT IN HEALTH USING ISO/IEC 27002 |
| 16/30313398 DC : 0 | BS ISO/IEC 15944-12 - INFORMATION TECHNOLOGY - BUSINESS OPERATIONAL VIEW - PART 12: PRIVACY PROTECTION REQUIREMENTS ON INFORMATION LIFE CYCLE MANAGEMENT (ILCM) AND EDI OF PERSONAL INFORMATION |
| PD ISO/TS 17975:2015 | Health informatics. Principles and data requirements for consent in the Collection, Use or Disclosure of personal health information |
| ISO/TR 22221:2006 | Health informatics - Good principles and practices for a clinical data warehouse |
| I.S. EN 13606-4:2007 | HEALTH INFORMATICS - ELECTRONIC HEALTH RECORD COMMUNICATION - PART 4: SECURITY |
| DD ISO/TS 22600-3:2009 | Health informatics. Privilege management and access control Implementations |
| 14/30304350 DC : 0 | BS EN ISO 27799 - HEALTH INFORMATICS - INFORMATION SECURITY MANAGEMENT IN HEALTH USING ISO/IEC 27002 |
| 06/30144361 DC : 0 | ISO 27799 - HEALTH INFORMATICS - SECURITY MANAGEMENT IN HEALTH USING ISO/IEC 17799 |
| BS EN 13606-4:2007 | Health informatics. Electronic health record communication Security |
| ISO/TS 13606-4:2009 | Health informatics Electronic health record communication Part 4: Security |
| PD ISO/TR 22221:2006 | Health informatics. Good principles and practices for a clinical data warehouse |
| BS EN ISO 27799:2008 | Health informatics. Information security management in health using ISO/IEC 27002 |
| ISO/TS 22600-3:2009 | Health informatics Privilege management and access control Part 3: Implementations |
| ISO/IEC 29187-1:2013 | Information technology — Identification of privacy protection requirements pertaining to learning, education and training (LET) — Part 1: Framework and reference model |
| EN ISO 27799:2016 | Health informatics - Information security management in health using ISO/IEC 27002 (ISO 27799:2016) |
| EN 13606-4:2007 | Health informatics - Electronic health record communication - Part 4: Security |
| BS ISO/IEC 15944-8:2012 | Information technology. Business Operational View Identification of privacy protection requirements as external constraints on business transactions |
| 10/30180220 DC : 0 | BS ISO/IEC 15944-8 - BUSINESS OPERATIONAL VIEW - PART 8: IDENTIFICATION OF PRIVACY PROTECTION REQUIREMENTS AS EXTERNAL CONSTRAINTS ON BUSINESS TRANSACTIONS |
| ISO/TS 17975:2015 | Health informatics — Principles and data requirements for consent in the Collection, Use or Disclosure of personal health information |
| ISO/IEC 15944-8:2012 | Information technology — Business operational view — Part 8: Identification of privacy protection requirements as external constraints on business transactions |
| ISO 17090-1:2013 | Health informatics Public key infrastructure Part 1: Overview of digital certificate services |
| ISO/TS 25237:2008 | Health informatics Pseudonymization |
| ISO/TS 22600-1:2006 | Health informatics Privilege management and access control Part 1: Overview and policy management |
| ISO/TS 14265:2011 | Health Informatics - Classification of purposes for processing personal health information |
| ISO 17090-2:2015 | Health informatics Public key infrastructure Part 2: Certificate profile |
| ISO 27789:2013 | Health informatics Audit trails for electronic health records |
| ISO 21091:2013 | Health informatics — Directory services for healthcare providers, subjects of care and other entities |
| ISO 17090-3:2008 | Health informatics Public key infrastructure Part 3: Policy management of certification authority |
| ISO/TS 22600-2:2006 | Health informatics Privilege management and access control Part 2: Formal models |
| ISO/TS 22600-3:2009 | Health informatics Privilege management and access control Part 3: Implementations |
| ISO/TS 21298:2008 | Health informatics Functional and structural roles |
| ISO 27799:2016 | Health informatics Information security management in health using ISO/IEC 27002 |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.