• Shopping Cart
    There are no items in your cart

ISO/TS 17975:2022

Current

Current

The latest, up-to-date edition.

Health informatics — Principles and data requirements for consent in the collection, use or disclosure of personal health information

Available format(s)

Hardcopy , PDF , PDF 3 Users , PDF 5 Users , PDF 9 Users

Language(s)

English

Published date

02-11-2022

€144.00
Excluding VAT

This document defines the set of frameworks of consent for the collection, use and/or disclosure of personal information by healthcare practitioners or organizations that are frequently used to obtain agreement to process the personal health information of subjects of care. This is in order to provide an informational consent framework which can be specified and used by individual policy domains (e.g. healthcare organizations, regional health authorities, jurisdictions, countries) as an aid to the consistent management of information in the delivery of healthcare services and the communication of electronic health records across organizational and jurisdictional boundaries.

This document is applicable to Personal Health Information (PHI).

Good practice requirements are specified for each framework of informational consent. Adherence to these requirements is intended to ensure any subject of care and any parties that process personal health information that their agreement to do so has been properly obtained and correctly specified.

The document is intended to be used to inform:

— discussion of national or jurisdictional informational consent policies;

— ways in which individuals and the public are informed about how personal health information is processed within organizations providing health services and health systems;

— how to judge the adequacy of the information provided when seeking informational consent;

— design of both paper and electronic informational consent declaration forms;

— design of those portions of electronic privacy policy services and security services that regulate access to personal health data;

— working practices of organizations and personnel who obtain or comply with consent for processing personal health information.

The document does not:

— address the granting of consent to the delivery of healthcare-related treatment and care. Consent to the delivery of care or treatment has its own specific requirements, and is distinct from informational consent.

— specify what consent framework is applicable to a data classification or data purpose as this can vary according to law or policy, although an examples of implementation profile is provided in Annex B;

— specify the data format used when consent status is communicated. The focus is on the information characteristics of consent, and not the technology or medium in which the characteristics are instantiated;

— specify how individuals giving Informed Consent come to be informed of the responsibilities, obligations and consequences related to granting consent;

— specify requirements on how individuals are informed of the specifics of the data, data sharing or data processing concerned;

— specify requirements on how consent itself or the specific activities of the consent process are recorded. Specific requirements on recording consent in EHR systems are given in ISO/TS14441:2013, 5.3.2;

— specify any information security requirements, e.g. the use of encryption or specific forms of user authentication (see e.g. ISO27799).

DocumentType
Technical Specification
Pages
33
PublisherName
International Organization for Standardization
Status
Current
Supersedes

Standards Relationship
DS/ISO/TS 17975:2022 Identical
IS/ISO/TS 17975 : 2022 Identical

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.