International Organization for Standardization (ISO)
Latest
ISO 22600-1:2014
Scope
This multi-part International Standard defines principles and specifies services needed for managing privileges and access control to data and/or functions.
It focuses on communication and use of health information distributed across policy domain boundaries.
This includes healthcare information sharing across unaffiliated providers of healthcare, healthcare organizations, health insurance companies, their patients, staff members, and trading partners by both individuals and application systems ranging from a local situation to a regional or even national situation.
It specifies the necessary component-based concepts and is intended to support their technical implementation. It will not specify the use of these concepts in particular clinical process pathways.
This part of ISO 22600 proposes a template for the policy agreement. It enables the comparable documentation from all parties involved in the information exchange.
This part of ISO 22600 excludes platform-specific and implementation details. It does not specify technical communication services and protocols which have been established in other standards. It also excludes authentication techniques.
ISO 22600-1:2014 Referenced Document
ISO 17090-1:2013 Health informatics.Public key infrastructure.Part 1: Overview of digital certificate services
ISO 17090-2:2008 Health informatics - Public key infrastructure - Part 2: Certificate profile
ISO 17090-3:2008 Health informatics - Public key infrastructure - Part 3: Policy management of certification authority
ISO 21091:2013 Health informatics - Directory services for healthcare providers, subjects of care and other entities
ISO 7498-2:1989 Information processing systems; Open Systems Interconnection; basis reference model; Part 2: Security architecture
ISO/IEC 10181-1:1996 Information technology - Open Systems Interconnection - Security frameworks for open systems - Overview