UNE-CEN ISO/TS 14265:2024

This document defines a set of high-level categories of purposes for which personal health informationcan be processed: collected, used, stored, accessed, analysed, created, linked, communicated, disclosedor retained. This is in order to provide a framework for classifying the various specific purposes thatcan be defined and used by individual policy domains (e.g. healthcare organisation, regional healthauthority, jurisdiction, country) as an aid to the consistent management of information in the deliveryof health care services and for the communication of electronic health records across organisationaland jurisdictional boundaries.Health data that have been irreversibly de-identified are outside the scope of this document, but sincede-identification processes often includes some degree of reversibility, this document can also be usedfor disclosures of de-identified and/or pseudonymised health data whenever practicable.This classification, whilst not defining an exhaustive set of purposes categories, provides a commonmapping target to bridge between differing national lists of purpose and thereby supports authorisedautomated cross-border flows of EHR data.