iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
ISO

ISO 22857:2013

(Main)

Health informatics — Guidelines on data protection to facilitate trans-border flows of personal health data

Health informatics — Guidelines on data protection to facilitate trans-border flows of personal health data

ISO 22857:2013 provides guidance on data protection requirements to facilitate the transfer of personal health data across national or jurisdictional borders. It is normative only in respect of international or trans-jurisdictional exchange of personal health data. However it can be informative with respect to the protection of health information within national/jurisdictional boundaries and provide assistance to national or jurisdictional bodies involved in the development and implementation of data protection principles. ISO 22857:2013 covers both the data protection principles that apply to international or trans-jurisdictional transfers and the security policy which an organization adopts to ensure compliance with those principles. ISO 22857:2013 aims to facilitate international and trans-jurisdictional health-related applications involving the transfer of personal health data. It seeks to provide the means by which health data relating to data subjects, such as patients, will be adequately protected when sent to, and processed in, another country/jurisdiction.

Informatique de santé — Lignes directrices sur la protection des données pour faciliter les flux d'information sur la santé du personnel de part et d'autre des frontières

General Information

Status
Published
Publication Date
09-Dec-2013
ICS
35.240.80 - IT applications in health care technology
Technical Committee
ISO/TC 215 - Health informatics
Drafting Committee
ISO/TC 215/WG 4 - Security, Safety and Privacy
Current Stage
9020 - International Standard under periodical review
Start Date
15-Apr-2024
Completion Date
15-Apr-2024
Ref Project

Relations

Revises
ISO 22857:2004 - Health informatics — Guidelines on data protection to facilitate trans-border flows of personal health information
Effective Date
18-Dec-2008

Buy Standard

ISO 22857:2013 - Health informatics -- Guidelines on data protection to facilitate trans-border flows of personal health dataISO 22857:2013 - Health informatics -- Guidelines on data protection to facilitate trans-border flows of personal health data
PreviousNext
Standard
ISO 22857:2013 - Health informatics -- Guidelines on data protection to facilitate trans-border flows of personal health data
English language
56 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

INTERNATIONAL ISO
STANDARD 22857
Second edition
2013-12-15
Health informatics — Guidelines on
data protection to facilitate trans-
border flows of personal health data
Informatique de santé — Lignes directrices sur la protection des
données pour faciliter les flux d’information sur la santé du personnel
de part et d’autre des frontières
Reference number
ISO 22857:2013(E)
©
ISO 2013

---------------------- Page: 1 ----------------------
ISO 22857:2013(E)

COPYRIGHT PROTECTED DOCUMENT
© ISO 2013
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland
ii © ISO 2013 – All rights reserved

---------------------- Page: 2 ----------------------
ISO 22857:2013(E)

Contents Page
Foreword .v
Introduction .vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Abbreviated terms . 3
5 Structure of this International Standard . 3
6 General principles and roles . 3
6.1 General principles . 3
6.2 Roles . 4
7 Legitimising data transfer . 4
7.1 The concept of “adequate” data protection . 4
7.2 Conditions for legitimate transfer . 5
8 Criteria for ensuring adequate data protection with respect to the transfer of personal
health data . 6
8.1 The requirement for adequate data protection . 6
8.2 Content principles . 6
8.3 Procedural/enforcement mechanisms. 9
8.4 Contracts .10
8.5 Overriding laws .
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO 21549-7:2024(Main)
Health informatics — Patient healthcard data — Part 7: Medication data

This document applies to situations in which such data is recorded on or transported by patient healthcards compliant with the physical dimensions of ID-1 cards defined by ISO/IEC 7810. This document specifies the basic structure of the data contained within the medication data object, but does not specify or mandate particular data sets for storage on devices. The purpose of this document is for cards to provide information to other health professionals and to the patient or its non-professional caregiver. It can also be used to carry a new prescription from the prescriber to the dispenser/pharmacy in the design of its sets. Medication data include the following four components: — medication notes: additional information related to medication and the safe use of medicines by the patient such as medication history, sensitivities and allergies; — medication prescriptions: to carry a new prescription from the prescriber to the dispenser/pharmacy; — medication dispensed: the records of medications dispensed for the patient; — medication references: pointers to other systems that contain information that makes up medication prescription and the authority to dispense. The following topics are beyond the scope of this document: — physical or logical solutions for the practical functioning of particular types of data cards; — how the message is processed further “downstream” of the interface between two systems; — the form which the data takes for use outside the data card, or the way in which such data is visibly represented on the data card or elsewhere. NOTE Not only does the definition of “medicinal products” differ from country to country, but also the same name can relate to entirely different products in some countries. Therefore, it is important to consider the safety of the patient when the card is used across borders. This document describes and defines the Medication data objects used within or referenced by patient-held health data cards using UML, plain text and Abstract Syntax Notation (ASN.1). This document does not describe nor define the common objects defined within ISO 21549-2.

  • Standard
    42 pages
    English language
    sale 15% off
  • Standard
    44 pages
    French language
    sale 15% off
ISO
ISO/TS 5499:2024(Main)
Health informatics — Clinical particulars — Core principles for the harmonization of therapeutic indications terms and identifiers

The objective of this document is to establish common principles for the creation, assessment, selection and maintenance of maps between terminological resources used to describe and code IDMP therapeutic indications for investigational and medicinal products, medical devices, combination products, biologics and companion diagnostics. Core maintenance principles, such as reliability, reproducibility and quality assurance of the maps for future indication terminology use, are also discussed. The intended audience for this document includes: a) Global regulators, pharmaceutical/biopharmaceutical companies, Clinical Research Organizations (CROs) and universities/scientific institutes involved in the development, authorization and marketing of medicinal products b) Implementers of IDMP seeking more information about coding of Therapeutic Indications c) Healthcare providers d) Standards Organizations e) Implementers and software vendors developing and implementing terminology map sets f) Patients

  • Technical specification
    23 pages
    English language
    sale 15% off
ISO
ISO/TS 14265:2024(Main)
Health informatics — Classification of purposes for processing personal health information

This document defines a set of high-level categories of purposes for which personal health information can be processed: collected, used, stored, accessed, analysed, created, linked, communicated, disclosed or retained. This is in order to provide a framework for classifying the various specific purposes that can be defined and used by individual policy domains (e.g. healthcare organisation, regional health authority, jurisdiction, country) as an aid to the consistent management of information in the delivery of health care services and for the communication of electronic health records across organisational and jurisdictional boundaries. Health data that have been irreversibly de-identified are outside the scope of this document, but since de-identification processes often includes some degree of reversibility, this document can also be used for disclosures of de-identified and/or pseudonymised health data whenever practicable. This classification, whilst not defining an exhaustive set of purposes categories, provides a common mapping target to bridge between differing national lists of purpose and thereby supports authorised automated cross-border flows of EHR data.

  • Technical specification
    11 pages
    English language
    sale 15% off
ISO
ISO/TR 9143:2023(Main)
Health informatics — Sex and gender in electronic health records

The purpose of this document is to: — describe the current challenges with documenting and sharing sex and gender information in electronic health records. — identify the current state of international standards and specifications that include sex and gender. — summarize the findings and identify opportunities to improve clarity and consistency in the use of sex and gender in electronic health records.

  • Technical report
    25 pages
    English language
    sale 15% off
ISO
ISO 5477:2023(Main)
Health informatics — Interoperability of public health emergency preparedness and response information systems

This document provides business rules for PH EPR information systems. It includes a description of the EPR information systems domain. It also includes an informative framework for mapping existing semantic interoperability standards for emergency preparedness and response to PH EPR information systems. The primary target audience for this document is policy makers (governmental or organizational), regulators, project planners and management of PH EPR information systems, PH EPR data analysts and informaticians. The contents is also of interest to other stakeholders such as incident managers, PH educators, standards developers and academia.

  • Standard
    59 pages
    English language
    sale 15% off
ISO
ISO 18104:2023(Main)
Health informatics — Categorial structures for representation of nursing practice in terminological systems

This document specifies the characteristics of categorial structures, representing nursing practice. The overall aim of this document is to support interoperability in the exchange of meaningful information between information systems in respect of nursing diagnoses, nursing actions and nurse sensitive outcomes. Categorial structures for nursing diagnoses, nursing actions, nurse sensitive outcomes and associated categories support interoperability by providing common frameworks with which to a) analyse the features of different terminologies, including pre- and post-coordinated expressions, those of other healthcare disciplines, and to establish the nature of the relationship between them,[3][4][5][6][7][8] b) develop terminologies for representing nursing diagnoses, nursing actions,[9][10][11][12] and nurse sensitive outcomes, c) develop terminologies that are able to be related to each other,[3][8][13] and d) establish relationships between terminology models, information models, including archetypes, and ontologies in the nursing domain.[14][15][16][45] There is early evidence that the categorial structures can be used as a framework for analysing nursing practice,[17] for developing nursing content of electronic record systems,[18][19] document the value of nursing services provided and to make nursing’s contribution visible[16][36][47][50].

  • Standard
    35 pages
    English language
    sale 15% off
  • Standard
    35 pages
    French language
    sale 15% off
ISO
ISO 16527:2023(Main)
Health informatics — HL7 Personal Health Record System Functional Model, Release 2 (PHR-S FM)

ISO/HL7 16527 PHR-S FM:2016 defines a standardized model of the functions that may be present in PHR Systems. It is beyond the scope of the PHR system to control the use (or intended use) of PHR data. On the contrary, it is within the scope of the PHR system to manage the authorization of an individual (or other application). Those parties are then responsible for using the data for appropriate (or intended) purposes. The system manufacturers specify "intended and permitted use of PHR data" in their Terms of Service and Terms of Use agreements. This Functional Model is not: - a messaging specification; - an implementation specification; - a conformance specification; - a specification for the underlying PHR (i.e. the record itself); - an exercise in creating a definition for a PHR; - a conformance or conformance testing metric; - a requirement specification for a single PHR system (see Annex D, Anticipated Uses). The information exchange enabled by the PHR-S supports the retrieval and population of clinical documents and summaries, minimum data sets, and other input/outputs.

  • Standard
    83 pages
    English language
    sale 15% off
ISO
ISO 10781:2023(Main)
Health informatics — HL7 Electronic Health Record-System Functional Model, Release 2.1 (EHR FM)

This document provides a reference list of functions that may be present in an Electronic Health Record System (EHR-S). The function list is described from a user perspective with the intent to enable consistent expression of system functionality. This EHR-S Functional Model, through the creation of Functional Profiles for care settings and realms, enables a standardized description and common understanding of functions sought or available in a given setting (e.g. intensive care, cardiology, office practice in one country or primary care in another country).

  • Standard
    68 pages
    English language
    sale 15% off
ISO
ISO 21549-5:2023(Main)
Health informatics — Patient healthcard data — Part 5: Identification data

This document describes and defines the basic structure of the identification data objects held on healthcare data cards, but it does not specify particular data sets for storage on devices. This document does not apply to the detailed functions and mechanisms of the following services (although its structures can accommodate suitable data objects elsewhere specified): — security functions and related services that are likely to be specified by users for data cards depending on their specific application, e.g. confidentiality protection, data integrity protection and authentication of persons and devices related to these functions; — access control services; — the initialization and issuing process (which begins the operating lifetime of an individual data card, and by which the data card is prepared for the data to be subsequently communicated to it according to this document). Therefore, this document does not cover: — physical or logical solutions for the practical functioning of particular types of data card; — the forms that data take for use outside the data card, or the way in which such data are visibly represented on the data card or elsewhere.

  • Standard
    8 pages
    English language
    sale 15% off
  • Standard
    8 pages
    French language
    sale 15% off
ISO
ISO/TS 5569:2023(Main)
Health informatics — Conceptual data model for Chinese medicinal herbs

This document specifies a conceptual data model for Chinese medicinal herbs (CMH). The organization of the data model for each CMH consists of its medicinal attributes, plant attributes, geographic attributes and identifications. This document is applicable to the establishment and maintenance of CMH databases.

  • Technical specification
    10 pages
    English language
    sale 15% off