Search in Boards

Search the entire site bulletin board

References

Contact Us

Tel. +82 2 6749 0701

AM 9:00 ~ PM 6:00

Saturday,Sunday,Holiday :
Days Off

02.6749.0711
info@igcert.org

Resources

자료파일 배너


ISO 27799:2016 Health Informatics – Information security management in…

Page Information

profile_image
Writer igc인증원
Comment 0Times Lookup 3,705psc Date Created 21-12-31 07:58

Contents

ISO 27799:2016 Health Informatics

– Information security management in health using ISO/IEC 27002

[ ISO 27799:2016 Introduction ]

Medical institutions and medical service providers keep data, including sensitive personal information, such as patient medical history and medical history.

Such information includes data or documented personal key information of patients, and we can often find problems in the management of patients' personal information data around us.

ISO 27799:2016 provides implementation guidelines for the controls described in ISO/IEC 27002 to prevent such problems, and supplements them if necessary, so that they can be effectively used in health information security management.

In addition, the appropriateness of the health information security management organization and the relevant health information, data (images, videos, etc.) and the means used to store it (printed, electronic copies) and the means used to transmit such information (fax, files, etc.) We help ensure the minimum level of security required to maintain confidentiality and confidentiality.

ISO 27799:2016< ISO 27799:2016 >

[ Necessity of ISO 27799:2016 ]

  • •  Confidentiality of patient personal information can be maintained
  • •  It is possible to obtain customer trust by preventing possible risks.
  • •  Acquisition of safety through medical service safety and data security system establishment
  • •  Ensure interoperability of medical data in medical institutions

[ ISO 27799:2016 Contents ]

  • Scope
  • Normative References
  • Terms and definitions
  • Structure of this International Standard
  • Information security policies
  • Organization of information security
  • Human resource security
  • Asset management
  • Access control
  • Cryptography
  • Physical and environmental security
  • Operations security
  • Communications security
  • System acquisition, development and support processes
  • Supplier relationships
  • Information security incident management
  • Information security aspects of business continuity management
  • Compliance

If you have any questions, please contact us at the following email address.

E-mail: info@igcert.org

Comment list

There are no registered comments.