ISO 27799: 2016: Health informatics - Information security management in health using ISO/IEC 27002

A guide to information security standards and practices that includes selection, implementation and management of risk-based controls.

The guidelines supplement implementation of health informatics in ISO/IEC 27002: 2013: Information technology — Security techniques — Code of practice for information security controls.

Health organizations and other bodies that handle medical information may ensure the necessary degree of security on the basis of their operating circumstances to keep personal health information available, complete, and secure.

The standard applies to all sources of private information (images, recordings, documents, etc.) across mediums (print and digital storage), and the method of communications (manual, online, fax).

It should be emphasized that the standard is "indifferent" to technology, given the speed at which it moves forward (every few months!), with the result that the standard is relevant over time and service providers can offer technologies in compliance with the specifications of the standard.

It should also be emphasized that familiarity with ISO/IEC 27002 is essential for understanding ISO 27799.

The standard covers the following subjects:

The road to certification

To initiate the process, we recommend purchasing the standard at the Standards Institution of Israel Information Center.

Certification follows the successful implementation an organization's in-house quality management system pursuant to the requirements of the standard. To start this process, it is recommended to purchase the standard at the Standards Institution of Israel Information Center, study the requirements, and participate in appropriate training. It is also possible to consult with the quality management experts and undergo an audit by Standards Institution of Israel to check for shortcomings.

The process ought to be seen as an opportunity for improvement via the organization team which will receive management commitment and involvement. At the end of the process, independent Standards Institution of Israel auditors will perform an audit that confirms that the organization's management system is compatible to the specifications of the standard.

Click here to obtain a quote

The Standards Institution of Israel – the right choice for you!



Other quality management standards

For further details
To register