The distributed architecture of shared care information systems is increasingly based on networks. For meeting the interoperability challenge, the use of standardised user interfaces, tools and protocols, and therefore their platform independence, the number of really open information systems based on corporate networks, virtual private networks has been rapidly growing during the last couple of years.
This multi part International Standard shall define privilege management and access control services required for communication and use of distributed health information across policy domain boundaries. The document introduces principles and specifies services needed for managing privileges and access control. It specifies the necessary component based concepts and is intended to support their technical implementation. It will not specify the use of these concepts in particular clinical process pathways.
This International Standard is strongly related to other ISO/TC 215 work such as ISO 17090 “Health Informatics – Public Key Infrastructure”, ISO 22857 “Health Informatics – Guidelines on data protection to facilitate trans-border flows of personal health information” and ISO 21091 ”Health informatics - Directory services for security, communications and identification of professional and patient”. It is also related to ISO/TS 21298 “Health informatics – Functional and structural roles”.
This International Standard is intended to support the needs of healthcare information sharing across unaffiliated providers of healthcare, healthcare organisations, health insurance companies, their patients, staff members and trading partners.
This International Standard is intended to support inquiries from both individuals and application systems.
This multi part International Standard defines methods for managing authorization and access control to data and/or functions. It is allowing policy bridging. It is based on a conceptual model where local authorization manager servers ...