ISO-27789 › Historical Revision Information
Health informatics - Audit trails for electronic health records
The following bibliographic material is provided to assist you with your purchasing decision:
ISO 27789:2013 specifies a common framework for audit trails for electronic health records (EHR), in terms of audit trigger events and audit data, to keep the complete set of personal health information auditable across information systems and domains.
It is applicable to systems processing personal health information which, complying with ISO 27799, create a secure audit record each time a user accesses, creates, updates or archives personal health information via the system.
ISO 27789:2013 covers only actions performed on the EHR, which are governed by the access policy for the domain where the electronic health record resides. It does not deal with any personal health information from the electronic health record, other than identifiers, the audit record only containing links to EHR segments as defined by the governing access policy.
It does not cover the specification and use of audit logs for system management and system security purposes, such as the detection of performance problems, application flaw, or support for a reconstruction of data, which are dealt with by general computer security standards such as ISO/IEC 15408-2.
To find similar documents by classification:
35.240.80 (IT applications in health care technology Including computer tomography)
This document comes with our free Notification Service, good for the life of the document.
This document is available in either Paper or PDF format.
Document Number
ISO 27789:2013
Revision Level
1ST EDITION
Status
Superseded
Publication Date
March 1, 2013
Committee Number
ISO/TC 215