Dear Mr Kudakwashe, you might find the standard ISO/FDIS 27799 under development, Health informatics -- Information security management in health using ISO/IEC 27002 http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=41298
Best Regards, Anna Medve medve at almos.vein.hu www.irt.vein.hu/medve T:+36 88 62 48 14 F:+36 88 62 45 26 M: 30/322-9923 University of Pannonia Faculty of Information Technology Department of Information Systems Egyetem u. 10. H-8201 Veszpr?m Hungary > > Kudakwashe Dube wrote: > >> Hi All, >> >> I'm just beginning a research project on >> security/privacy/confidentiality in EHRs. I will greatly appreciate any >> pointers to any material on this topic, especially with respect to >> openEHR. >> >> I've just noted that in the US, HIPAA is driving >> security/privacy/confidentiality implementations in existing EHR systems >> and it seems its is turning out to be a policy/framework-level security >> standard for EHRs in the US that does not prescribe implementation >> issues. I am not sure whether or not EHR standards that incorporate >> HIPAA compliance have emerged yet. >> >> In the EU region, the situation seems different in the absence of >> HIPAA-type punitive legislation for enforcing healthcare information >> security and privacy. A number of EHR standards generally incorporate >> security and privacy considerations. I am not sure whether there are any >> security and privacy compliance requirements spec standards and >> implementation (incl. openEHR) in the EU region. I will appreciate any >> pointer to material in this regard. >> >> Thank you in advance >> >> Regards >> ---- >> Kuda >> >> _______________________________________________ >> openEHR-technical mailing list >> openEHR-technical at openehr.org >> http://lists.chime.ucl.ac.uk/mailman/listinfo/openehr-technical >> >> > _______________________________________________ > openEHR-technical mailing list > openEHR-technical at openehr.org > http://lists.chime.ucl.ac.uk/mailman/listinfo/openehr-technical > > >