70 likes | 265 Views
Security Standardization at ISO and CEN. Bernd Blobel Deputy Head of Delegation to ISO and CEN. Renaming Requests. Work item “27799 Health informatics –Security management in health using ISO/IEC 17799” be renamed “Health informatics –Security management in health using ISO/IEC 27002”
E N D
Security Standardization at ISO and CEN Bernd Blobel Deputy Head of Delegation to ISO and CEN HL7 Security TC Sessions at Group Meeting in Cologne 2007
Renaming Requests • Work item “27799 Health informatics –Security management in health using ISO/IEC 17799” be renamed “Health informatics –Security management in health using ISO/IEC 27002” • Work item “27091 Health informatics – Directory services for security communications and identification of professionals and patients” be renamed “27901 Health informatics – Directory services for professionals, consumers and other entities” • Work item DTS 29321 “Health informatics – Application of risk management to the manufacture of health software” be renamed “Health informatics – Application of clinical risk management to the manufacture of health software” • DTR 29322 “Health Informatics - Guidance on the use of risk management to ensure the patient safety of health software systems in deployment and use” be renamed “Health informatics – Guidance on the management of risk to ensure the patient safety of health software systems in deployment and use” HL7 Security TC Sessions at Group Meeting in Cologne 2007
Circulation Requests • NWIP ballot of “27091 Directory services for professionals, consumers and other entities” for approval as a new work item targeting an International Standard (IS) • CEN 13606-4, “Health informatics – Electronic health record communication --- Part 4: Security” (pending successful NWI ballot) for approval as a Technical Specification • Circulate TS 29321 “Health informatics – Application of risk management to the manufacture of health software “ for informal comments • Circulate TR 292322 “Heath Informatics - Guidance on the management of risk to ensure the patient safety of health software systems in deployment and use “ for informal comments HL7 Security TC Sessions at Group Meeting in Cologne 2007
ISO TS 22600 Privilege Management and Access Control will proceed with Part 3 this year. • ISO TS 21298 Functional and Structural Roles passed. Reconciliation of comments is under way. Decision: US comments will be resolved as much as possible, not changing the basics of the standard, however. The reconciliation will be performed in two meetings (1-2 October in Dublin, 22-25 October in Vienna). HL7 Security TC Sessions at Group Meeting in Cologne 2007
Beside mirroring activities at ISO TC 215, there is only one Work Item:Survey about specification and implementation of Health Professional Cards across the world HL7 Security TC Sessions at Group Meeting in Cologne 2007
EU • Based on the eHealth Action Plan and the eHealth Roadmap recommended in t´he CEN/IEEE eHealth Standardization Focus Group Report, three large scale projects have been started: • ID and Authentication Management for Health Professionals and Citizens/Patients • ePrescription/electronic receipt • Electronic Medical Summary communication HL7 Security TC Sessions at Group Meeting in Cologne 2007
Contact Bernd Blobel Ph.D., Associate Professor Head, eHealth Competence Center University of Regensburg Medical Center Franz-Josef-Strauss-Allee 11 D-93042 Regensburg Germany Email: bernd.blobel@klinik.uni-regensburg.de Email: bernd.blobel@ehealth-cc.de Phone: +49-941-944 6769 Fax: +49-941-944 6766 http://www.ehealth-cc.de HL7 Security TC Sessions at Group Meeting in Cologne 2007