Health software and health IT systems safety, effectiveness and security - Part 1: Principles and co...
This document provides the principles, concepts, terms and definitions for health software and health IT systems, key properties of safety, effectiveness and security, across the full life cycle, from concept to decommissioning, as represented in Figure 1. It also identifies the transition points in the life cycle where transfers of responsibility occur, and the types of multi-lateral…
Health software and health IT systems safety, effectiveness and security — Part 1: Principles and co...
This document provides the principles, concepts, terms and definitions for health software and health IT systems, key properties of safety, effectiveness and security, across the full life cycle, from concept to decommissioning, as represented in Figure 1. It also identifies the transition points in the life cycle where transfers of responsibility occur, and the types of multi-lateral…
Health informatics — Cloud computing considerations for the security and privacy of health informati...
This document provides an overview of security and privacy considerations for Electronic Health Records (EHR) in a cloud computing service that users can leverage when selecting a service provider.
Personal identification — ISO-compliant driving licence — Part 2: Machine-readable technologies
1 Scope
The purpose of storing IDL data on machine-readable media on the IDL is to:
— increase productivity (of data and IDL use),
— facilitate electronic data exchange, and
— assist in authenticity and integrity validation.
This document thus specifies the following:
— mandatory and optional machine-readable data;
— the logical data structure;
— encoding rules for the machine-readable…
Information technology — Common Biometric Exchange Formats Framework — Part 1: Data element specific...
1 Scope
This document defines:
— structures and data elements for biometric information records (BIRs);
— the concept of a domain of use to establish the applicability of a standard or specification that conforms with CBEFF requirements;
— the concept of a CBEFF patron format, which is a published BIR format specification that complies with CBEFF requirements, specified by a CBEFF patron;
—…
Information technology — Business operational view — Part 12: Privacy protection requirements (PPR) ...
1 Scope
This document:
— provides method(s) for identifying, in Open-edi modelling technologies and development of scenarios, the additional requirements in business operational view (BOV) specifications for identifying the additional external constraints to be applied to recorded information in business transactions relating to personal information of an individual, as required by legal and…
Information technology — Online privacy notices and consent
1 Scope
This document specifies controls which shape the content and the structure of online privacy notices as well as the process of asking for consent to collect and process personally identifiable information (PII) from PII principals.
This document is applicable in any online context where a PII controller or any other entity processing PII informs PII principals of processing.
Requirements for bodies providing audit and certification of information security management systems...
This document specifies requirements and provides guidance for bodies providing audit and certification of a privacy information management system (PIMS) according to ISO/IEC 27701 in combination with ISO/IEC 27001, in addition to the requirements contained within ISO/IEC 27006 and ISO/IEC 27701. It is primarily intended to support the accreditation of certification bodies providing PIMS…
Requirements for bodies providing audit and certification of information security management systems...
This document specifies requirements and provides guidance for bodies providing audit and certification of a privacy information management system (PIMS) according to ISO/IEC 27701 in combination with ISO/IEC 27001, in addition to the requirements contained within ISO/IEC 27006 and ISO/IEC 27701. It is primarily intended to support the accreditation of certification bodies providing PIMS…
Information technology, cybersecurity and privacy protection — Cybersecurity framework development g...
This document specifies guidelines for developing a cybersecurity framework. It is applicable to cybersecurity framework creators regardless of their organizations' type, size or nature.