DIN EN 61300-2-15-1998 光纤互联装置和无源部件.基本试验和测量程序.第2-15部分:试验:耦合机构的抗扭强度(IEC61300-2-15:1995);德文版本EN61300-2-15:1997

上一篇: ISO/IEC TR 13335-3-1998 信息技术IT安全管理指南第3部分:IT安全的管理技术
下一篇: IEEE C 63.17-1998 未经注册个人通讯服务装置电磁和操作兼容性测量方法

【英文标准名称】:Healthinformatics-InformationsecuritymanagementinhealthusingISO/IEC27002(ISO27799:2008);EnglishversionofDINENISO27799:2008-10
【原文标准名称】:健康信息学.使用ISO/IEC27002的健康信息安全管理
【标准号】:DINENISO27799-2008
【标准状态】:现行
【国别】:德国
【发布日期】:2008-10
【实施或试行日期】:
【发布单位】:德国标准化学会(DE-DIN)
【起草单位】:
【标准类型】:()
【标准水平】:()
【中文主题词】:代码表示;危险;数据处理;数据保护;数据安全;定义;英语;信息交换;信息技术;医疗信息学;医学科学;计划;资料保护;公共卫生;安全;安全管理;使用
【英文主题词】:Codedrepresentation;Danger;Dataprocessing;Dataprotection;Datasecurity;Definition;Definitions;Englishlanguage;Informationinterchange;Informationtechnology;Medicalinformatics;Medicalsciences;Planning;Protectionofinformation;Publichealth;Risk;Safety;Securitymanagement;Use
【摘要】:ThisInternationalStandarddefinesguidelinestosupporttheinterpretationandimplementationinhealthinformaticsofISO/IEC27002andisacompaniontothatstandard2).ThisInternationalStandardspecifiesasetofdetailedcontrolsformanaginghealthinformationsecurityandprovideshealthinformationsecuritybestpracticeguidelines.ByimplementingthisInternationalStandard,healthcareorganizationsandothercustodiansofhealthinformationwillbeabletoensureaminimumrequisitelevelofsecuritythatisappropriatetotheirorganization'scircumstancesandthatwillmaintaintheconfidentiality,integrityandavailabilityofpersonalhealthinformation.ThisInternationalStandardappliestohealthinformationinallitsaspects,whateverformtheinformationtakes(wordsandnumbers,soundrecordings,drawings,videoandmedicalimages),whatevermeansareusedtostoreit(printingorwritingonpaperorelectronicstorage)andwhatevermeansareusedtotransmitit(byhand,viafax,overcomputernetworksorbypost),astheinformationmustalwaysbeappropriatelyprotected.ThisInternationalStandardandISO/IEC27002takentogetherdefinewhatisrequiredintermsofinformationsecurityinhealthcare;theydonotdefinehowtheserequirementsaretobemet.Thatistosay,tothefullestextentpossible,thisInternationalStandardistechnology-neutral.Neutralitywithrespecttoimplementingtechnologiesisanimportantfeature.Securitytechnologyisstillundergoingrapiddevelopmentandthepaceofthatchangeisnowmeasuredinmonthsratherthanyears.Bycontrast,whilesubjecttoperiodicreview,standardsareexpectedonthewholetoremainvalidforyears.Justasimportantly,technologicalneutralityleavesvendorsandserviceprovidersfreetosuggestnewordevelopingtechnologiesthatmeetthenecessaryrequirementsthatthisInternationalStandarddescribes.Asnotedintheintroduction,familiaritywithISO/IEC27002isindispensableforanunderstandingofthisInternationalStandard.1.2ScopeexclusionsThefollowingareasofinformationsecurityareoutsidethescopeofthisInternationalStandard:a)methodologiesandstatisticaltestsforeffectiveanonymizationofpersonalhealthinformation;b)methodologiesforpseudonymizationofpersonalhealthinformation(seebibliographicReference[10]foranexampleofanISOTechnicalSpecificationthatdealsspecificallywiththissubject);c)networkqualityofserviceandmethodsformeasuringavailabilityofnetworksusedforhealthinformatics;d)dataquality(asdistinctfromdataintegrity).
【中国标准分类号】:C07
【国际标准分类号】:35_240_80
【页数】:66P.;A4
【正文语种】:英语