iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
ISO

ISO 22857:2013

(Main)

Health informatics — Guidelines on data protection to facilitate trans-border flows of personal health data

Health informatics — Guidelines on data protection to facilitate trans-border flows of personal health data

ISO 22857:2013 provides guidance on data protection requirements to facilitate the transfer of personal health data across national or jurisdictional borders. It is normative only in respect of international or trans-jurisdictional exchange of personal health data. However it can be informative with respect to the protection of health information within national/jurisdictional boundaries and provide assistance to national or jurisdictional bodies involved in the development and implementation of data protection principles. ISO 22857:2013 covers both the data protection principles that apply to international or trans-jurisdictional transfers and the security policy which an organization adopts to ensure compliance with those principles. ISO 22857:2013 aims to facilitate international and trans-jurisdictional health-related applications involving the transfer of personal health data. It seeks to provide the means by which health data relating to data subjects, such as patients, will be adequately protected when sent to, and processed in, another country/jurisdiction.

Informatique de santé — Lignes directrices sur la protection des données pour faciliter les flux d'information sur la santé du personnel de part et d'autre des frontières

General Information

Status
Published
Publication Date
09-Dec-2013
ICS
35.240.80 - IT applications in health care technology
Technical Committee
ISO/TC 215 - Health informatics
Drafting Committee
ISO/TC 215/WG 4 - Security, Safety and Privacy
Current Stage
9060 - Close of review
Start Date
02-Dec-2029
Ref Project

Relations

Revises
ISO 22857:2004 - Health informatics — Guidelines on data protection to facilitate trans-border flows of personal health information
Effective Date
18-Dec-2008

Buy Standard

ISO 22857:2013 - Health informatics -- Guidelines on data protection to facilitate trans-border flows of personal health dataISO 22857:2013 - Health informatics -- Guidelines on data protection to facilitate trans-border flows of personal health data
PreviousNext
Standard
ISO 22857:2013 - Health informatics -- Guidelines on data protection to facilitate trans-border flows of personal health data
English language
56 pages
sale 15% off
Preview
sale 15% off
Preview
ISO 22857:2013 - Health informatics — Guidelines on data protection to facilitate trans-border flows of personal health data Released:12/10/2013ISO 22857:2013 - Health informatics — Guidelines on data protection to facilitate trans-border flows of personal health data Released:12/10/2013
PreviousNext
Standard
ISO 22857:2013 - Health informatics — Guidelines on data protection to facilitate trans-border flows of personal health data Released:12/10/2013
English language
56 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)


INTERNATIONAL ISO
STANDARD 22857
Second edition
2013-12-15
Health informatics — Guidelines on
data protection to facilitate trans-
border flows of personal health data
Informatique de santé — Lignes directrices sur la protection des
données pour faciliter les flux d’information sur la santé du personnel
de part et d’autre des frontières
Reference number
©
ISO 2013
© ISO 2013
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland
ii © ISO 2013 – All rights reserved

Contents Page
Foreword .v
Introduction .vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Abbreviated terms . 3
5 Structure of this International Standard . 3
6 General principles and roles . 3
6.1 General principles . 3
6.2 Roles . 4
7 Legitimising data transfer . 4
7.1 The concept of “adequate” data protection . 4
7.2 Conditions for legitimate transfer . 5
8 Criteria for ensuring adequate data protection with respect to the transfer of personal
health data . 6
8.1 The requirement for adequate data protection . 6
8.2 Content principles . 6
8.3 Procedural/enforcement mechanisms. 9
8.4 Contracts .10
8.5 Overriding laws .11
8.6 Anonymisation .11
8.7 Legitimacy of consent .12
9 Security policy .12
9.1 General .12
9.2 The purpose of the security policy .12
9.3 The “level” of security policy .13
9.4 High Level Security Policy: general aspects .13
10 High Level Security Policy: the content .14
10.1 Principle One: overriding generic principle .14
10.2 Principle Two: chief executive support .15
10.3 Principle Three: documentation of measures and review .16
10.4 Principle Four: Data protection security officer .16
10.5 Principle Five: permission to process .17
10.6 Principle Six: information about processing .18
10.7 Principle Seven: information for the data subject .20
10.8 Principle Eight: prohibition of onward data transfer without consent .20
10.9 Principle Nine: remedies and compensation .21
10.10 Principle Ten: security of processing .22
10.11 Principle Eleven: responsibilities of staff and other contractors .23
11 Rationale and observations on measures to support Principle Ten concerning security
of processing .24
11.1 General .24
11.2 Encryption and digital signatures for transmission to the data importer .24
11.3 Access controls and user authentication .24
11.4 Audit trails .25
11.5 Physical and environmental security .25
11.6 Application management and network management .25
11.7 Malicious software .25
11.8 Breaches of security .25
11.9 Business continuity plan .25
11.10 Handling very sensitive data .26
11.11 Standards .26
12 Personal health data in non-electronic form .26
Annex A (informative) Key primary international documents on data protection .27
Annex B (informative) National documented requirements and legal provisions in a range
of countries .32
Annex C (informative) Exemplar contract clauses: Controller to controller .37
Annex D (informative) Exemplar contract clauses: Controller to processor .44
Annex E (informative) Handling very sensitive personal health data .53
Bibliography .55
iv © ISO 2013 – All rights reserved

Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the meaning of ISO specific terms and expressions related to conformity
assessment, as well as information about ISO’s adherence to the WTO principles in the Technical Barriers
to Trade (TBT) see the following URL: Foreword - Supplementary information
The committee responsible for this document is ISO/TC 215, Health informatics.
This second edition replaces the first edition (IO 22857:2004), which has been technically revised.
Introduction
In the health context, information about individuals needs to be collected, stored and processed for
many purposes, the main being
— direct delivery of care e.g. patient records;
— insurance;
— clinical research; and
— population health.
[15]
A classification of purposes for processing personal health information is given in ISO/TS 14265 .
The data required depends on the purpose. In the context of identification of individuals, data may be
needed
— to allow an individual to be readily and uniquely identified (e.g. a combination of name, address, age,
sex, identification number);
— to confirm that two data sets belong to the same individual without a
...


INTERNATIONAL ISO
STANDARD 22857
Second edition
2013-12-15
Health informatics — Guidelines on
data protection to facilitate trans-
border flows of personal health data
Informatique de santé — Lignes directrices sur la protection des
données pour faciliter les flux d’information sur la santé du personnel
de part et d’autre des frontières
Reference number
©
ISO 2013
© ISO 2013
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland
ii © ISO 2013 – All rights reserved

Contents Page
Foreword .v
Introduction .vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Abbreviated terms . 3
5 Structure of this International Standard . 3
6 General principles and roles . 3
6.1 General principles . 3
6.2 Roles . 4
7 Legitimising data transfer . 4
7.1 The concept of “adequate” data protection . 4
7.2 Conditions for legitimate transfer . 5
8 Criteria for ensuring adequate data protection with respect to the transfer of personal
health data . 6
8.1 The requirement for adequate data protection . 6
8.2 Content principles . 6
8.3 Procedural/enforcement mechanisms. 9
8.4 Contracts .10
8.5 Overriding laws .11
8.6 Anonymisation .11
8.7 Legitimacy of consent .12
9 Security policy .12
9.1 General .12
9.2 The purpose of the security policy .12
9.3 The “level” of security policy .13
9.4 High Level Security Policy: general aspects .13
10 High Level Security Policy: the content .14
10.1 Principle One: overriding generic principle .14
10.2 Principle Two: chief executive support .15
10.3 Principle Three: documentation of measures and review .16
10.4 Principle Four: Data protection security officer .16
10.5 Principle Five: permission to process .17
10.6 Principle Six: information about processing .18
10.7 Principle Seven: information for the data subject .20
10.8 Principle Eight: prohibition of onward data transfer without consent .20
10.9 Principle Nine: remedies and compensation .21
10.10 Principle Ten: security of processing .22
10.11 Principle Eleven: responsibilities of staff and other contractors .23
11 Rationale and observations on measures to support Principle Ten concerning security
of processing .24
11.1 General .24
11.2 Encryption and digital signatures for transmission to the data importer .24
11.3 Access controls and user authentication .24
11.4 Audit trails .25
11.5 Physical and environmental security .25
11.6 Application management and network management .25
11.7 Malicious software .25
11.8 Breaches of security .25
11.9 Business continuity plan .25
11.10 Handling very sensitive data .26
11.11 Standards .26
12 Personal health data in non-electronic form .26
Annex A (informative) Key primary international documents on data protection .27
Annex B (informative) National documented requirements and legal provisions in a range
of countries .32
Annex C (informative) Exemplar contract clauses: Controller to controller .37
Annex D (informative) Exemplar contract clauses: Controller to processor .44
Annex E (informative) Handling very sensitive personal health data .53
Bibliography .55
iv © ISO 2013 – All rights reserved

Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the meaning of ISO specific terms and expressions related to conformity
assessment, as well as information about ISO’s adherence to the WTO principles in the Technical Barriers
to Trade (TBT) see the following URL: Foreword - Supplementary information
The committee responsible for this document is ISO/TC 215, Health informatics.
This second edition replaces the first edition (IO 22857:2004), which has been technically revised.
Introduction
In the health context, information about individuals needs to be collected, stored and processed for
many purposes, the main being
— direct delivery of care e.g. patient records;
— insurance;
— clinical research; and
— population health.
[15]
A classification of purposes for processing personal health information is given in ISO/TS 14265 .
The data required depends on the purpose. In the context of identification of individuals, data may be
needed
— to allow an individual to be readily and uniquely identified (e.g. a combination of name, address, age,
sex, identification number);
— to confirm that two data sets belong to the same individual without a
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO/IEEE 11073-10421:2024(Main)
Health informatics — Device interoperability — Part 10421: Personal health device communication — Device specialization — Peak expiratory flow monitor (peak flow)

This document establishes a normative definition of communication between personal telehealth peak flow monitoring devices (agents) and managers (e.g., cell phones, personal computers, personal health appliances, and set top boxes) in a manner that enables plug-and-play interoperability. It leverages work done in other ISO/IEEE 11073 standards including existing terminology, information profiles, application profile standards. It specifies the use of specific term codes, formats, and behaviors in telehealth environments restricting optionality in base frameworks in favor of interoperability. This document defines a common core of functionality of a peak-flow monitoring device. The use case is restricted to personal respiratory monitoring and therefore does not include hospital-based spirometry. Continuous and high-acuity monitoring (e.g., for emergency response) are outside the scope of the use case. In the context of personal health devices, a peak flow meter is a device is used to measure the respiratory function of those managing respiratory conditions such as asthma and chronic obstructive pulmonary disease. The ability to identify declining respiratory status prior to the need for acute intervention improves the quality of life for the individual while reducing the overall costs of care. Respiratory status data are collected by a personal respiratory monitoring device and forwarded to a central data repository for review and action by a health care provider. The data are episodic in nature and are forwarded at designated intervals or when the person is symptomatic.

  • Standard
    58 pages
    English language
    sale 15% off
  • Standard
    65 pages
    French language
    sale 15% off
ISO
ISO/TS 9320:2024(Main)
Health informatics — Standardized data set for transfer of hemodialysis patients

The document defines a data set for the safe and timely transfer of haemodialysis procedure for end-stage renal disease (ESRD) patients. The necessary information for dialysis is provided through required, conditionally-required and optional data fields of the data set. Complicated use cases are also described in this document. This document does not cover general quality requirements or system requirements for haemodialysis.

  • Technical specification
    53 pages
    English language
    sale 15% off
ISO
ISO/IEEE 11073-10206:2024(Main)
Health informatics — Device interoperability — Part 10206: Personal health device communication — Abstract content information model
  • Standard
    76 pages
    English language
    sale 15% off
  • Standard
    98 pages
    French language
    sale 15% off
ISO
ISO/TS 9321:2024(Main)
Health informatics — General requirements of multi-centre medical data collaborative analysis

This document outlines the general requirements for conducting a multi-centre medical data collaborative analysis, covering various aspects such as system architecture, data storage, data standardization, collaborative research management and security. The data considered in this standard primarily encompasses electronic health record data for multi-centre collaborative researches, including structured data, medical text data, image data, etc. This standard is applicable to a wide range of individuals and institutions, including developers, maintainers, management personnel, researchers, and data-owning organizations.

  • Technical specification
    18 pages
    English language
    sale 15% off
ISO
ISO/TS 5777:2024(Main)
Health informatics — The architecture of internet healthcare service network

This document provides the architecture of internet healthcare service network, including: — overview of internet healthcare service network; — infrastructure and deployment scheme of internet healthcare service network; — security of internet healthcare service network. This document mainly focuses on the engineering architecture and infrastructure deployment of healthcare information transmission among various healthcare organizations through services, as shown in Figure 1. The implementation of information systems and healthcare services within organizations is demonstrated in Annex A. This document applies to the construction and application of internet healthcare service network.

  • Technical specification
    12 pages
    English language
    sale 15% off
ISO
ISO/TR 6231:2024(Main)
Health informatics — Standardizing graphical content

This document describes the need for standardization of graphics and images in the health informatics domain. It focuses on the current status of adoption and presents an overview of the opportunities as well as challenges in creating sets of standardized images and graphics. A plan of action is proposed to serve as the future roadmap for implementation.

  • Technical report
    17 pages
    English language
    sale 15% off
ISO
ISO 22287:2024(Main)
Health informatics — Workforce roles and capabilities for terminology and terminology services in healthcare (term workforce)

This document specifies the tasks, roles, and key skills, requirements and competencies for personnel involved in terminology services in healthcare organizations. This document specifies: — terminology services in healthcare organizations including the selection, authoring, and deployment and use of terminology subsets, data sets and maps; developing and managing terminology management processes and health information management-related policies; performing terminology business analysis; and supporting the adoption, planning and deployment of terminologies; — workforce needs to perform these services; — job roles in the healthcare organizations and related organizations responsible for performing terminology related tasks; NOTE Examples of these roles include terminologist, terminology standards developer/manager, mapping specialist, data conversion analyst, interface analyst, coding specialist, data developer/designer, data modeller, and content manager [including Clinical Documentation Improvement (CDI) specialist]. — skill and competency level requirements to safely and effectively undertake each task, taking into account the focus of the task from the perspectives of health information and communication technology (HICT), information management, information governance including information privacy and security, clinical practice and healthcare decision making.

  • Standard
    34 pages
    English language
    sale 15% off
ISO
ISO 21549-7:2024(Main)
Health informatics — Patient healthcard data — Part 7: Medication data

This document applies to situations in which such data is recorded on or transported by patient healthcards compliant with the physical dimensions of ID-1 cards defined by ISO/IEC 7810. This document specifies the basic structure of the data contained within the medication data object, but does not specify or mandate particular data sets for storage on devices. The purpose of this document is for cards to provide information to other health professionals and to the patient or its non-professional caregiver. It can also be used to carry a new prescription from the prescriber to the dispenser/pharmacy in the design of its sets. Medication data include the following four components: — medication notes: additional information related to medication and the safe use of medicines by the patient such as medication history, sensitivities and allergies; — medication prescriptions: to carry a new prescription from the prescriber to the dispenser/pharmacy; — medication dispensed: the records of medications dispensed for the patient; — medication references: pointers to other systems that contain information that makes up medication prescription and the authority to dispense. The following topics are beyond the scope of this document: — physical or logical solutions for the practical functioning of particular types of data cards; — how the message is processed further “downstream” of the interface between two systems; — the form which the data takes for use outside the data card, or the way in which such data is visibly represented on the data card or elsewhere. NOTE Not only does the definition of “medicinal products” differ from country to country, but also the same name can relate to entirely different products in some countries. Therefore, it is important to consider the safety of the patient when the card is used across borders. This document describes and defines the Medication data objects used within or referenced by patient-held health data cards using UML, plain text and Abstract Syntax Notation (ASN.1). This document does not describe nor define the common objects defined within ISO 21549-2.

  • Standard
    42 pages
    English language
    sale 15% off
  • Standard
    44 pages
    French language
    sale 15% off
ISO
ISO/TS 5499:2024(Main)
Health informatics — Clinical particulars — Core principles for the harmonization of therapeutic indications terms and identifiers

The objective of this document is to establish common principles for the creation, assessment, selection and maintenance of maps between terminological resources used to describe and code IDMP therapeutic indications for investigational and medicinal products, medical devices, combination products, biologics and companion diagnostics. Core maintenance principles, such as reliability, reproducibility and quality assurance of the maps for future indication terminology use, are also discussed. The intended audience for this document includes: a) Global regulators, pharmaceutical/biopharmaceutical companies, Clinical Research Organizations (CROs) and universities/scientific institutes involved in the development, authorization and marketing of medicinal products b) Implementers of IDMP seeking more information about coding of Therapeutic Indications c) Healthcare providers d) Standards Organizations e) Implementers and software vendors developing and implementing terminology map sets f) Patients

  • Technical specification
    23 pages
    English language
    sale 15% off
ISO
ISO/TS 14265:2024(Main)
Health informatics — Classification of purposes for processing personal health information

This document defines a set of high-level categories of purposes for which personal health information can be processed: collected, used, stored, accessed, analysed, created, linked, communicated, disclosed or retained. This is in order to provide a framework for classifying the various specific purposes that can be defined and used by individual policy domains (e.g. healthcare organisation, regional health authority, jurisdiction, country) as an aid to the consistent management of information in the delivery of health care services and for the communication of electronic health records across organisational and jurisdictional boundaries. Health data that have been irreversibly de-identified are outside the scope of this document, but since de-identification processes often includes some degree of reversibility, this document can also be used for disclosures of de-identified and/or pseudonymised health data whenever practicable. This classification, whilst not defining an exhaustive set of purposes categories, provides a common mapping target to bridge between differing national lists of purpose and thereby supports authorised automated cross-border flows of EHR data.

  • Technical specification
    11 pages
    English language
    sale 15% off