HL7 Security TC Sessions at

1
Security Standardization at ISO and CEN

• Bernd Blobel
• Deputy Head of Delegation to ISO and CEN

2
Renaming Requests

• Work item 27799 Health informatics Security
  management in health using ISO/IEC 17799 be
  renamed Health informatics Security management
  in health using ISO/IEC 27002
• Work item 27091 Health informatics Directory
  services for security communications and
  identification of professionals and patients be
  renamed 27901 Health informatics Directory
  services for professionals, consumers and other
  entities
• Work item DTS 29321 Health informatics
  Application of risk management to the manufacture
  of health software be renamed Health
  informatics Application of clinical risk
  management to the manufacture of health software
  
• DTR 29322 Health Informatics - Guidance on the
  use of risk management to ensure the patient
  safety of health software systems in deployment
  and use be renamed Health informatics
  Guidance on the management of risk to ensure the
  patient safety of health software systems in
  deployment and use

3
Circulation Requests

• NWIP ballot of 27091 Directory services for
  professionals, consumers and other entities for
  approval as a new work item targeting an
  International Standard (IS)
• CEN 13606-4, Health informatics Electronic
  health record communication --- Part 4 Security
  (pending successful NWI ballot) for approval as
  a Technical Specification
• Circulate TS 29321 Health informatics
  Application of risk management to the manufacture
  of health software for informal comments
• Circulate TR 292322 Heath Informatics - Guidance
  on the management of risk to ensure the patient
  safety of health software systems in deployment
  and use for informal comments

4

• ISO TS 22600 Privilege Management and Access
  Control will proceed with Part 3 this year.
• ISO TS 21298 Functional and Structural Roles
  passed. Reconciliation of comments is under way.
  Decision US comments will be resolved as much as
  possible, not changing the basics of the
  standard, however. The reconciliation will be
  performed in two meetings (1-2 October in Dublin,
  22-25 October in Vienna).

5

• Beside mirroring activities at ISO TC 215, there
  is only one Work ItemSurvey about specification
  and implementation of Health Professional Cards
  across the world

6
EU

• Based on the eHealth Action Plan and the eHealth
  Roadmap recommended in the CEN/IEEE eHealth
  Standardization Focus Group Report, three large
  scale projects have been started
• ID and Authentication Management for Health
  Professionals and Citizens/Patients
• ePrescription/electronic receipt
• Electronic Medical Summary communication

7
Contact

• Bernd Blobel Ph.D., Associate Professor
• Head, eHealth Competence Center
• University of Regensburg Medical Center
• Franz-Josef-Strauss-Allee 11
• D-93042 Regensburg
• Germany
• Email bernd.blobel_at_klinik.uni-regensburg.de
• Email bernd.blobel_at_ehealth-cc.de
• Phone 49-941-944 6769
• Fax 49-941-944 6766
• http//www.ehealth-cc.de