• Shopping Cart
    There are no items in your cart

ISO 25237:2017

Current

Current

The latest, up-to-date edition.

Health informatics — Pseudonymization

Available format(s)

Hardcopy , PDF , PDF 3 Users , PDF 5 Users , PDF 9 Users

Language(s)

French, English

Published date

03-01-2017

€185.00
Excluding VAT

ISO 25237:2017 contains principles and requirements for privacy protection using pseudonymization services for the protection of personal health information. This document is applicable to organizations who wish to undertake pseudonymization processes for themselves or to organizations who make a claim of trustworthiness for operations engaged in pseudonymization services.

ISO 25237:2017

- defines one basic concept for pseudonymization (see Clause 5),

- defines one basic methodology for pseudonymization services including organizational, as well as technical aspects (see Clause 6),

- specifies a policy framework and minimal requirements for controlled re-identification (see Clause 7),

- gives an overview of different use cases for pseudonymization that can be both reversible and irreversible (see Annex A),

- gives a guide to risk assessment for re-identification (see Annex B),

- provides an example of a system that uses de-identification (see Annex C),

- provides informative requirements to an interoperability to pseudonymization services (see Annex D), and

- specifies a policy framework and minimal requirements for trustworthy practices for the operations of a pseudonymization service (see Annex E).

Committee
ISO/TC 215
DevelopmentNote
Supersedes ISO/DIS 25237. (01/2017)
DocumentType
Standard
Pages
68
PublisherName
International Organization for Standardization
Status
Current
Supersedes

ISO/TS 21089:2018 Health informatics Trusted end-to-end information flows
18/30331887 DC : 0 BS ISO/IEC 20889 - INFORMATION TECHNOLOGY- SECURITY TECHNIQUES - PRIVACY ENHANCING DATA DE-IDENTIFICATION TECHNIQUES

ISO/IEC 15408-2:2008 Information technology — Security techniques — Evaluation criteria for IT security — Part 2: Security functional components
ISO/IEC 8825-1:2015 Information technology ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER) Part 1:
ANSI X9.52 : 1998 TRIPLE DATA ENCRYPTION ALGORITHM MODES OF OPERATION
ISO/IEC 27033-1:2015 Information technology Security techniques Network security Part 1: Overview and concepts
ISO 12052:2017 Health informatics — Digital imaging and communication in medicine (DICOM) including workflow and data management
ISO/TS 22220:2011 Health informatics — Identification of subjects of health care
ISO 7498-2:1989 Information processing systems Open Systems Interconnection Basic Reference Model Part 2: Security Architecture
ISO/IEC 2382-8:1998 Information technology Vocabulary Part 8: Security
ISO/IEC 2382:2015 Information technology — Vocabulary
ENV 13608-1:2000 Health informatics - Security for healthcare communication - Part 1: Concepts and terminology
ISO/TR 21089:2004 Health informatics Trusted end-to-end information flows
ISO/IEC 18014-1:2008 Information technology Security techniques Time-stamping services Part 1: Framework
ISO 27799:2016 Health informatics Information security management in health using ISO/IEC 27002
ISO/IEC 29100:2011 Information technology — Security techniques — Privacy framework

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.