Tagasi

EVS-EN ISO 27789:2013

Health informatics - Audit trails for electronic health records (ISO 27789:2013)

Üldinfo
Kehtetu alates 01.11.2021
Alusdokumendid
ISO 27789:2013; EN ISO 27789:2013
Direktiivid või määrused
puuduvad

Standardi ajalugu

Staatus
Kuupäev
Tüüp
Nimetus
01.11.2021
Põhitekst
02.04.2013
Põhitekst
This International Standard specifies a common framework for audit trails for electronic health records (EHR), in terms of audit trigger events and audit data, to keep the complete set of personal health information auditable across information systems and domains. It is applicable to systems processing personal health information which, complying with ISO 27799, create a secure audit record each time a user accesses, creates, updates or archives personal health information via the system. NOTE Such audit records, at a minimum, uniquely identify the user, uniquely identify the subject of care, identify the function performed by the user (record creation, access, update, etc.), and record the date and time at which the function was performed. This International Standard covers only actions performed on the EHR, which are governed by the access policy for the domain where the electronic health record resides. It does not deal with any personal health information from the electronic health record, other than identifiers, the audit record only containing links to EHR segments as defined by the governing access policy. It does not cover the specification and use of audit logs for system management and system security purposes, such as the detection of performance problems, application flaw, or support for a reconstruction of data, which are dealt with by general computer security standards such as ISO/IEC 15408-2[9]. Annex A gives examples of audit scenarios. Annex B gives an overview of audit log services.
*
*
*
PDF
23,18 € koos KM-ga
Paber
23,18 € koos KM-ga
Sirvi standardit alates 2,44 € koos KM-ga
Standardi monitooring

Teised on ostnud veel

Põhitekst

EVS-EN ISO 27799:2016

Health informatics - Information security management in health using ISO/IEC 27002 (ISO 27799:2016)
Uusim versioon Kehtiv alates 05.09.2016
Põhitekst

ISO/TS 21547:2010

Health informatics -- Security requirements for archiving of electronic health records -- Principles
Uusim versioon Kehtiv alates 02.02.2010
Põhitekst

EVS-ISO 15489-1:2017

Informatsioon ja dokumentatsioon. Dokumendihaldus. Osa 1: Mõisted ja põhimõtted
Uusim versioon Kehtiv alates 02.03.2017
Põhitekst

ISO/IEC 27004:2016

Information technology -- Security techniques -- Information security management -- Monitoring, measurement, analysis and evaluation
Uusim versioon Kehtiv alates 15.12.2016