NEN 7510-2 Medische informatica - Informatiebeveiliging in de zorg - Deel 2: Beheersmaatregelen 2017

Verberg hoofdstructuurtekst (HLS) Toon HLS Verberg alle toelichting Toon alle toelichting

OPMERKING        Achter de normtitel staat tussen haakjes de eventuele Nederlandse equivalent.

NEN 7513, Medische informatica – Logging – Vastleggen van acties op elektronische patiëntdossiers

ISO/IEC 11770-1, Information technology – Security techniques – Key management – Part 1: Framework (NEN-ISO/IEC 11770-1)

ISO/IEC 11770-2, Information technology – Security techniques – Key management – Part 2: Mechanisms using symmetric techniques (NEN-ISO/IEC 11770-2)

ISO/IEC 11770-3, Information technology – Security techniques – Key management – Part 3: Mechanisms using asymmetric techniques (NEN-ISO/IEC 11770-3)

ISO/IEC TR 13335-3, Information technology – Guidelines for the management of IT Security – Part 3: Techniques for the management of IT Security (NPR-ISO/IEC TR 13335-3) 3)

ISO/TS 14441, Health informatics – Security and privacy requirements of EHR systems for use in conformity assessment (NPR-CEN-ISO/TS 14441)

ISO 15489-1, Information and documentation – Records management – Part 1: Concepts and principles (NEN-ISO 15489-1)

ISO 17090-1, Health Informatics – Public key infrastructure – Part 1: Framework and overview (NEN‑ISO 17090-1)

ISO 17090-2, Health Informatics – Public key infrastructure – Part 2: Certificate profile (NEN‑ISO 17090-2)

ISO 17090-3, Health Informatics – Public key infrastructure – Part 3: Policy management of certification authority

ISO/TR 17791, Health informatics – Guidance on standards for enabling safety in health software (NPR‑ISO/TR 17791)

ISO/TS 17975, Health informatics – Principles and data requirements for consent in the Collection, Use or Disclosure of personal health information

ISO/IEC 18028-4, Information technology – Security techniques – IT network security – Part 4: Securing remote access (NEN-ISO/IEC 18028-4) 3)

ISO/IEC 20000-1, Information technology – Service management – Part 1: Service management system requirements (NEN-ISO/IEC 20000-1, Informatietechnologie – Servicemanagement – Deel 1: Servicemanagementsysteemeisen)

ISO/IEC 20000-2, Information technology – Service management – Part 2: Guidance on the application of service management systems (NEN-ISO/IEC 20000-2, Informatietechnologie – Servicemanagement – Deel 2: Richtlijn voor toepassing van servicemanagementsysteemeisen)

ISO 21091, Health informatics – Directory services for health care providers, subjects of care and other entities (NEN-EN-ISO 21091)

ISO 21298 (Cor. 2017), Health informatics – Functional and structural roles (NEN-EN-ISO 21298 (Cor. 2017-04))

ISO/TS 21547, Health informatics – Security requirements for archiving of electronic health records – Principles (NPR-ISO/TS 21547)

ISO 22301 (Cor. 2012-06), Societal security – Business continuity management systems – Requirements (NEN‑EN‑ISO 22301, Maatschappelijke veiligheid – Managementsystemen voor bedrijfscontinuïteit (business continuity management systems) – Eisen)

ISO 22313, Societal security – Business continuity management systems – Guidance (NEN-EN-ISO 22313, Maatschappelijke veiligheid – Managementsystemen voor bedrijfscontinuïteit (business continuity management systems) – Richtlijnen)

ISO 22600-1, Health informatics – Privilege management and access control – Part 1: Overview and policy management (NEN-EN-ISO 22600-1)

ISO 22600-2, Health informatics – Privilege management and access control – Part 2: Formal models (NEN‑EN-ISO 22600-2)

ISO 22600-3, Health informatics – Privilege management and access control – Part 3: Implementations (NEN‑EN-ISO 22600-3)

ISO 22857, Health informatics – Guidelines on data protection to facilitate trans-border flows of personal health data (NEN-ISO 22857)

ISO 25237, Health informatics – Pseudonymization (NEN-EN-ISO 25237)

ISO/IEC 27000, Information technology – Security techniques – Information security management systems – Overview and vocabulary (NEN-EN-ISO/IEC 27000)

ISO/IEC 27001, Information technology – Security techniques – Information security management systems – Requirements (NEN-EN-ISO/IEC 27001+C11+C1+C2, Informatietechnologie – Beveiligingstechnieken – Managementsystemen voor informatiebeveiliging – Eisen)

ISO/IEC 27002, Information technology – Security techniques – Code of practice for information security controls (NEN-ISO/IEC 27002+C1+C2, Informatietechnologie – Beveiligingstechnieken – Praktijkrichtlijn met beheersmaatregelen op het gebied van informatiebeveiliging)

ISO/IEC 27005, Information technology – Security techniques – Information security risk management (NEN‑ISO/IEC 27005)

ISO/IEC 27007, Information technology – Security techniques – Guidelines for information security management systems auditing (NEN-ISO/IEC 27007)

ISO/IEC TR 27008, Information technology – Security techniques – Guidelines for auditors on information security controls (NEN-ISO/IEC TR 27008)

ISO/IEC 27031, Information technology – Security techniques – Guidelines for information and communication technology readiness for business continuity (NEN-ISO/IEC 27031)

ISO/IEC 27033-1, Information technology – Security techniques – Network security – Part 1: Overview and concepts (NEN-ISO/IEC 27033-1)

ISO/IEC 27033-2 (Cor. 2012-08), Information technology – Security techniques – Network security – Part 2: Guidelines for the design and implementation of network security (NEN-ISO/IEC 27033-2 (Cor. 2012-08))

ISO/IEC 27033-3, Information technology – Security techniques – Network security – Part 3: Reference networking scenarios – Threats, design techniques and control issues (NEN-ISO/IEC 27033-3)

ISO/IEC 27033-4, Information technology – Security techniques – Network security – Part 4: Securing communications between networks using security gateways (NEN-ISO/IEC 27033-4)

ISO/IEC 27033-5, Information technology – Security techniques – Network security – Part 5: Securing communications across networks using Virtual Private Network (VPNs) (NEN-ISO/IEC 27033-5)

ISO/IEC 27035, Information technology – Security techniques – Information security incident management (NEN-ISO/IEC 27035) 4)

ISO/IEC 27036-1, Information technology – Security techniques – Information security for supplier relationships – Part 1: Overview and concepts (NEN-ISO/IEC 27036-1)

ISO/IEC 27036-2, Information technology – Security techniques – Information security for supplier relationships – Part 2: Requirements (NEN-ISO/IEC 27036-2)

ISO/IEC 27036-3, Information technology – Security techniques – Information security for supplier relationships – Part 3: Guidelines for information and communication technology supply chain security (NEN‑ISO/IEC 27036-3)

ISO/IEC 27037, Information technology – Security techniques – Guidelines for identification, collection, acquisition and preservation of digital evidence (NEN-EN-ISO/IEC 27037)

ISO 27789, Health informatics – Audit trails for electronic health records (NEN-EN-ISO 27789)

ISO 27799, Health informatics – Information security management in health using ISO/IEC 27002 (NEN‑EN‑ISO 27799)

ISO/IEC 29100, Information technology – Security techniques – Privacy framework (NEN‑ISO/IEC 29100)

ISO/IEC 29101, Information technology – Security techniques – Privacy architecture framework (NEN‑ISO/IEC 29101)

ISO 31000, Risk management – Principles and guidelines (NEN-ISO 31000, Risicomanagement – Principes en richtlijnen)

IETF RFC 3881, Security Audit and Access Accountability Message XML Data Definitions for Healthcare Applications

IETF RFC 4810, Long-Term Archive Service Requirements

IETF RFC 4998, Evidence Record Syntax (ERS)

Aanbeveling van de Raad van Europa, R (97)5 betreffende de bescherming van medische gegevens, Raad van Europa, Straatsburg, 12 februari 1997



3) Ingetrokken.

4) Ingetrokken en vervangen door ISO/IEC 27035-1 (NEN-ISO/IEC 27035-1) en ISO/IEC 27035-2 (NEN‑ISO/IEC 27035-2).