Category
Technical Report
Organisation
ID
ISO/TR 21332:2021
Type
Standard
Version
1
Access
Fees apply to access
Status
Active
Created
Mar-21
Some currently available health information systems were not originally designed to operate in cloud-computing environments. If these systems move to a cloud environment, they must consider the necessary security and privacy precautions.
This document provides an overview of security and privacy considerations for electronic health records (EHRs) in a cloud-computing service. It also provides guidance on selecting service providers in the public cloud for safely locating healthcare data, and confidential patient information (including solutions on handling of data off-shoring).
Main sections:
· Scope
· Cloud computing
· Overview of considerations for health information in cloud-computing environment
· Health information security
· Information security policies
· Annex A: Example guidance from the UK for selecting and risk managing cloud based digital health services
· Annex B: Detailed advice and guidance
· Annex C: Service classification recommendations
This document provides an overview of security and privacy considerations for electronic health records (EHRs) in a cloud-computing service. It also provides guidance on selecting service providers in the public cloud for safely locating healthcare data, and confidential patient information (including solutions on handling of data off-shoring).
Main sections:
· Scope
· Cloud computing
· Overview of considerations for health information in cloud-computing environment
· Health information security
· Information security policies
· Annex A: Example guidance from the UK for selecting and risk managing cloud based digital health services
· Annex B: Detailed advice and guidance
· Annex C: Service classification recommendations