iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
ISO

ISO/TR 11636:2009

(Main)

Health Informatics — Dynamic on-demand virtual private network for health information infrastructure

Health Informatics — Dynamic on-demand virtual private network for health information infrastructure

ISO/TR 11636:2009 explains the network requirements in the healthcare field, the network security of an open network for the healthcare field, and the minimum guidelines for security management of health information exchange, including personal data, between external institutions. These requirements will assist in understanding the operation of security and evaluation of security issues in the healthcare field, and the usefulness of a managed VPN, like a dynamic on-demand VPN. ISO/TR 11636:2009 introduces examples of security measures taken in a dynamic on-demand VPN for exchange of medical information; it is not intended to specify the dynamic on-demand VPN itself. These examples provide network solutions to potential risks in such a user environment.

Informatique de santé — Réseau privé, virtuel, dynamique, sur demande pour infrastructure d'information de santé

General Information

Status
Published
Publication Date
26-Nov-2009
ICS
35.240.80 - IT applications in health care technology
Technical Committee
ISO/TC 215 - Health informatics
Drafting Committee
ISO/TC 215/WG 4 - Security, Safety and Privacy
Current Stage
6060 - International Standard published
Due Date
27-Nov-2009
Completion Date
27-Nov-2009
Ref Project

Buy Standard

ISO/TR 11636:2009 - Health Informatics -- Dynamic on-demand virtual private network for health information infrastructureISO/TR 11636:2009 - Health Informatics -- Dynamic on-demand virtual private network for health information infrastructure
PreviousNext
Technical report
ISO/TR 11636:2009 - Health Informatics -- Dynamic on-demand virtual private network for health information infrastructure
English language
70 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)


TECHNICAL ISO/TR
REPORT 11636
First edition
2009-12-01
Health Informatics — Dynamic
on-demand virtual private network for
health information infrastructure
Informatique de santé — Réseau privé, virtuel, dymanique, sur
demande pour infrastructure d'information de santé

Reference number
©
ISO 2009
PDF disclaimer
This PDF file may contain embedded typefaces. In accordance with Adobe's licensing policy, this file may be printed or viewed but
shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In
downloading this file, parties accept therein the responsibility of not infringing Adobe's licensing policy. The ISO Central Secretariat
accepts no liability in this area.
Adobe is a trademark of Adobe Systems Incorporated.
Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation
parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In
the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below.

©  ISO 2009
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means,
electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or
ISO's member body in the country of the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland
ii © ISO 2009 – All rights reserved

Contents Page
Foreword .iv
Introduction.v
1 Scope.1
2 Terms and definitions .1
3 Abbreviated terms .3
4 Network features in the healthcare field .4
4.1 Pattern of current or expected information services in the healthcare field .4
4.2 Category of healthcare information to be protected (information assets).5
4.3 Network requirements in the healthcare field .6
5 Concept of network construction in the healthcare field.6
5.1 Overview.6
5.2 Responsibility to manage security of healthcare information exchange including personal
information between independent institutions .7
5.3 Security concepts in network systems for medical institutions .8
6 Threat analysis and measures .9
7 Network construction in the healthcare field .10
7.1 Minimum guidelines for security management of healthcare information exchange
including personal information between external institutions.10
7.2 Technical and operational checklists for evaluation of network security.11
7.3 Application of an on-demand VPN .11
8 Cases of security measures in a dynamic on-demand VPN for exchange of healthcare
information with external institutions .12
8.1 Introduction.12
8.2 Regional healthcare cooperation model with a healthcare portal.12
8.3 Online maintenance model.13
8.4 Regional cooperation model with the lead taken by a regional core hospital.14
8.5 Model for teleradiology, remote maintenance and network conferencing with the
cooperation of university hospitals, research institutions and regional hospitals .15
8.6 University hospital model centred around teleradiology, telepathology and network
conferences conducted between a university hospital and regional hospitals .16
Annex A (informative) Threat analysis and measures .18
Annex B (informative) Security management of medical information exchange including personal
data between independent institutions (see reference [6]) .25
Annex C (informative) Technical and operational checklists for the guideline.35
Annex D (informative) Technology used: Dynamic on-demand VPN.62
Bibliography.70

Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies
(ISO member bodies). The work of preparing International Standards is normally carried out through ISO
technical committees. Each member body interested in a subject for which a technical committee has been
established has the right to be represented on that committee. International organizations, governmental and
non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the
International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
The main task of technical committees is to prepare International Standards. Draft International Standards
adopted by the technical committees are circulated to the member bodies for voting. Publication as an
International Standard requires approval by at least 75 % of the member bodies casting a vote.
In exceptional circumstances, when a technical committee has collected data of a different kind from that
which is normally published as an International Standard (“state of the art”, for example), it may decide by a
simple majority vote of its participating members to publish a Technical Report. A Technical Report is entirely
informative in nature and does not have to be reviewed until the data it provides are considered to be no
longer valid or useful.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. ISO shall not be held responsible for identifying any or all such patent rights.
ISO/TR 11636 was prepared by Technical Committee ISO/TC 215, Health informatics.
iv © ISO 2009 – All rights reserved

Introduction
Currently, healthcare information is normally transferred in the form of paper documents or electronic data
through schemes such as dedicated fixed lines connecting the headquarters and branches within a company,
through public networks such as an Integrated Services Digital Network (ISDN), or through a dedicated
network between specific institutions, enabling a virtual network for the specified users in a dedicated service
network managed by communication providers, such as an Internet Protocol virtual private network (IP-VPN).
Therefore, healthcare information cannot be transferred easily while maintaining security in most cases,
because network configurations adequate to these solutions are limited and the costs are very high.
The uses of various service networks in the healthcare field include online claims for medical fees, online
maintenance of medical devices, and remote medical care, such as teleradiology, telepathology and
healthcare information services for regional healthcare cooperation. To provide such services however, it is
necessary for multiple medical institutions to pass healthcare information to each other. A network in which a
single medical institution is dynamically connected to multiple medical institutions and switched to another
institution is required.
To make such a network available to many medical institutions at low cost, an open network such as the
Internet can be used for connecting with different medical institutions, medical device providers, and patients.
We can use the following VPNs as secure channel systems in an open network:
Internet Protocol Security (IPsec) with Internet key exchange (IKE), described as IPsec + IKE which runs
in the network layer with authentication and exchange of encryption keys, and
Secure Sockets Layer (SSL) protocol, which runs in the session layer with encrypted communication
between a Web browser on a client and SSL servers.
Thus, this is adapted to web applications, but other applications, such as e-mail, File Transfer Protocol (FTP),
and unique client/server systems, cannot be used. On the other hand, the combination of IPsec + IKE can be
used with any application needed by medical institutions to provide secure channels without reconstructing
any application software. In addition, SSL has an inherent risk because it provides no protection methods
against well-known lower-layer attacks, session hijacking, false Address Resolution Protocol (ARP)
statements, and so on.
The conventional VPN using IPsec + IKE however, requires complicated configuration of network devices,
and setting up the system without expertise could result in failure to protect healthcare information. Also, it is a
fixed-type VPN and can only be connected with fixed parties.
Lately, telecommunication carriers and online service providers (OSPs) have been developing systems to
provide services with security on network lines, including setting up network devices to safeguard against
these threats, even for a VPN connected in an open network. When a medical institution uses these types of
service, most of the responsibilities related to managing the communication lines fall to these service
providers (SPs). This reduces the responsibility of the medical institution in terms of its security-related
liabilities, which is well suited for organizations without many IT engineers.
A dynamic on-demand VPN, which this Technical Report describes, is one type of VPN. It is not a fixed
connection like 1-to-1, which is generally used in ordinary VPN services. It can easily change connection to
N-to-N, and the connection parameters are provided automatically by the telecommunication carrier. This
makes it suitable for healthcare network infrastructure, as medical institutes are not required to be responsible
for or have expertise in setting up such networks. Also, utilizing the Internet makes the dynamic on-demand
VPN an inexpensive network and thus readily acceptable to medical institutions in terms of cost.
This Technical Report describes the threats anticipated in a healthcare network, as well as how a dynamic
on-demand VPN is actually applied in the healthcare field.
TECHNICAL REPORT ISO/TR 11636:2009(E)

Health Informatics — Dynamic on-demand virtual private
network for health information infrastructure
1 Scope
This Technical Report explains the network requirements in the healthcare field, the network security of an
open network for the healthcare field, and the minimum guidelines for security management of health
information exchange, including personal data, between external institutions.
These requirements will assist in understanding the operation of security and evaluation of security issues in
the healthcare field, and the usefulness of a managed VPN, like a dynamic on-demand VPN.
This Technical Report introduces examples of security measures taken in a dynamic on-demand VPN for
exchange of medical information; it is not intended to specify the dynamic on-demand VPN itself.
These examples provide network solutions to potential risks in such a user environment.
2 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
2.1
demilitarized zone
DMZ
area of a network in which any data exchange with areas outside is allowed
2.2
high security zone
HSZ
area of a network in which no data is exchanged directly with areas outside, except for the purpose of certain
remote maintenance
2.3
IPsec
standard for cipher communication, a protocol that prevents data tampering and provides confidentiality
functions for each IP packet by using an encryption technique
2.4
internet VPN
VPN created via the Internet
NOTE By using the Internet, connections between remote networks can be managed as connections in a LAN, while
maintaining confidentiality.
2.5
IP-VPN
VPN created via a wide-area IP network owned by a communication carrier
NOTE By using an IP-VPN, connections between remote networks can be managed in the same manner as
connections in a local area network (LAN).
2.6
local area network
LA
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO/TS 81001-2-1:2025(Main)
Health software and health IT systems safety, effectiveness and security — Part 2-1: Coordination — Guidance and requirements for the use of assurance cases for safety and security

This document establishes requirements and gives guidance on assurance case framework for healthcare delivery organizations (HDOs) and for health software and medical device manufacturers (MDMs) and can be used to support the communication and information transfer between all parties. An assurance case can be used to communicate information and knowledge about different risks to other roles. This document establishes: — an assurance case framework for HDOs and health software and MDMs for identifying, developing, interpreting, updating and maintaining assurance cases. — one of the possible means to bridge the gap between manufacturers and HDOs in providing adequate information to support the HDOs risk management of IT-networks; — best practice by leveraging ISO/IEC/IEEE 15026-2 and other standards to identify key considerations and for the structure and contents of an assurance case, e.g. iterative and continuous approaches; — example structure, method and format to improve the consistency and comparability of assurance cases. This document is applicable to all parties involved in the health software and health IT systems life cycle, including: a) organizations, health informatics professionals and clinical leaders specifying, acquiring, designing, developing, integrating, implementing and operating health software and health IT systems, for example health software developers and MDMs, system integrators, system administrators (including cloud and other IT service providers); b) healthcare service delivery organizations, healthcare providers and others who use health software and health IT systems in providing health services; c) governments, health system funders, monitoring agencies, professional organizations and customers seeking confidence in an organization’s ability to consistently provide safe, effective and secure health software, health IT systems and services; d) organizations and interested parties seeking to improve communication in managing safety, effectiveness and security risks through a common understanding of the concepts and terminology used in safety, effectiveness and security management; e) providers of training, assessment or advice in safety, effectiveness and security risk management for health software and health IT systems; f) developers of related safety, effectiveness and security standards. This document is for use by organizations and people who build, acquire, operate, maintain, use or decommission health software and health IT systems (including medical devices). It is applicable to all organizations involved, regardless of size, complexity or business model.

  • Technical specification
    46 pages
    English language
    sale 15% off
ISO
ISO/TS 7122:2024(Main)
Health informatics — Guidelines for exchanging data generated by portable polymerase chain reaction (PCR) devices for point-of-care testing (POCT) between screening centre and clinical laboratory

This document identifies specialized use cases related to the information exchange between clinical laboratories and portable polymerase chain reaction (PCR) devices designed for real-time testing to diagnose infectious diseases. This document introduces the portable PCR devices for point-of-care testing (POCT). Characteristic and differentiated use cases of these devices are listed separately from those that occur with portable POCT devices in existing clinical laboratory. This document is applicable, but not limited, to the following use cases of portable PCR devices for POCT: a) general test; b) reconciliation of patient information; c) cancel and rerun test; d) on-site quality control (QC) process. This document also provides guidelines on how to represent and exchange results from portable PCR testing devices in a POCT environment applicable to the use cases described above. This document is not intended to provide guidelines relating to traditional diagnostic testing results within a clinical laboratory and does not cover cybersecurity aspect.

  • Technical specification
    16 pages
    English language
    sale 15% off
ISO
ISO/TS 17117-3:2024(Main)
Health informatics — Terminological resources — Part 3: Terminology implementation maturity model (TIMM)

The document defines the progression of implementation of terminology capability in information systems. This document does not specify requirements for any specific terminological resource. It is intended to provide a basis for conformance criteria for terminological resources capabilities in specific use cases. This document does not cover in detail the software being used, though the capabilities of that software are included and impact the level of maturity reached. This document is applicable to terminological resources of all types, terminologies, classifications, value sets, code systems, and value domains.

  • Technical specification
    16 pages
    English language
    sale 15% off
ISO
ISO 14199:2024(Main)
Health informatics — Information models — Biomedical Research Integrated Domain Group (BRIDG) Model

This document is complementary to the Biomedical Research Integrated Domain Group (BRIDG) model. It is a high-level overview of BRIDG in general and BRIDG version 5.3.1 in specific. This document also provides necessary links to artifacts that detail the changes between BRIDG v3.2 and BRIDG v5.3.1[5] and to the BRIDG Release Download page.

  • Standard
    8 pages
    English language
    sale 15% off
ISO
ISO/TS 6204:2024(Main)
Health Informatics — Categorial structures for representation of Ayurvedic medicinal water — Decocting process in Ayurveda

This document specifies categorial structures including characterizing categories, domain constraints and semantic links for the representation of preparation of a decoction – an Ayurvedic medicinal water. This document does not cover: — the specification of categorial structures for hot infusion and cold infusion; — the specification of categorial structures for the representation of post-manufacturing processes such as packaging and labelling of Ayurvedic medicinal water; — individual Ayurvedic or herbal medicinal products.

  • Technical specification
    5 pages
    English language
    sale 15% off
ISO
ISO/TS 5788:2024(Main)
Health informatics — Internet healthcare service pattern

This document specifies the core elements, the description model and typical categories of internet healthcare service patterns. This document applies to the development and application of internet healthcare service patterns.

  • Technical specification
    11 pages
    English language
    sale 15% off
ISO
ISO/TS 5384:2024(Main)
Health informatics — Categorial structure and data elements for the identification and exchange of immunization data

This document specifies an immunization categorial structure and data elements for use as the basis for an immunization registry and in digital health solutions that require interaction with the immunization registry and other systems in the management of immunization information. The data set includes data element descriptions, requirements, considerations for implementation and conformance with the following use cases: — populate an immunization registry; — record and/or share a current immunization event; — record and/or share a historic immunization event; — create and/or share an immunization history; — create an immunization reminder; — create anonymized immunization reports; — schedule a new immunization event. This document has adopted data element names from relevant ISO standards and leverages and elaborates on the immunization data element descriptions and constraints provided in HL7 specifications. The structure of the data element definition provides: — business rules and requirements (e.g. rationale for including the data element and how the data element supports the use case); — the meaning of absent data and how it can be addressed; — how to represent the data if more information is required to clarify data type use and will include value set considerations. The use case and related data elements out of scope for this document include adverse event following an immunization.

  • Technical specification
    22 pages
    English language
    sale 15% off
ISO
ISO/IEEE 11073-10471:2024(Main)
Health informatics — Device interoperability — Part 10471: Personal health device communication — Device specialization — Independent living activity hub

Within the context of the ISO/IEEE 11073 family of standards for device communication, this standard establishes a normative definition of the communication between independent living activity hubs and managers (e.g., cell phones, personal computers, personal health appliances, and set top boxes) in a manner that enables plug-and-play interoperability. It leverages appropriate portions of existing standards, including ISO/IEEE 11073 terminology and information models. It specifies the use of specific term codes, formats, and behaviors in telehealth environments restricting ambiguity in base frameworks in favor of interoperability. This standard defines a common core of communication functionality for independent living activity hubs. In this context, independent living activity hubs are defined as devices that communicate with simple situation monitors (binary sensors), normalize information received from the simple environmental monitors, and provide this normalized information to one or more managers. This information can be examined, for example, to determine when a person’s activities/behaviors have deviated significantly from what is normal for them such that relevant parties can be notified. Independent living activity hubs will normalize information from the following simple situation monitors (binary sensors) for the initial release of the proposed standard: fall sensor, motion sensor, door sensor, bed/chair occupancy sensor, light switch sensor, smoke sensor, (ambient) temperature threshold sensor, personal emergency response system (PERS), and enuresis sensor (bed-wetting).

  • Standard
    109 pages
    English language
    sale 15% off
  • Standard
    109 pages
    French language
    sale 15% off
ISO
ISO/IEEE 11073-10701:2024(Main)
Health informatics — Device interoperability — Part 10701: Point-of-care medical device communication — Metric provisioning by participants in a Service-oriented Device Connectivity (SDC) system

This standard specifies a set of Participant Key Purposes (PKPs) pertaining to metric data exchange for the Service-oriented Device Connectivity (SDC) series of standards. PKPs are role-based sets of requirements for products in order to support safe, effective, and secure interoperability in medical IT networks at point-of-care environments such as the intensive care unit (ICU), operating room (OR) or other acute care settings. This standard specifies both product development process and technical requirements.

  • Standard
    33 pages
    English language
    sale 15% off
  • Standard
    38 pages
    French language
    sale 15% off
ISO
ISO/IEEE 11073-10472:2024(Main)
Health informatics — Device interoperability — Part 10472: Personal health device communication — Device specialization — Medication monitor

Within the context of the ISO/IEEE 11073 family of standards for device communication, this standard establishes a normative definition of the communication between medication monitoring devices and managers (e.g., cell phones, personal computers, personal health appliances, set top boxes) in a manner that enables plug-and-play interoperability. It leverages appropriate portions of existing standards, including ISO/IEEE 11073 terminology, information models and application profile. It specifies the use of specific term codes, formats, and behaviors in telehealth environments restricting ambiguity in base frameworks in favor of interoperability. This standard defines a common core of communication functionality for medication monitors. In this context, medication monitors are defined as devices that have the ability to determine and communicate (to a manager) measures of a user’s adherence to a medication regime.

  • Standard
    65 pages
    English language
    sale 15% off
  • Standard
    68 pages
    French language
    sale 15% off