ISO 27799 — Health Informatics Security
What is ISO 27799? ISO 27799:2016 is an international standard that provides guidance on implementing ISO 27002 controls specifically within the health informatics sector. It addresses the particular information security requirements of health organisations — including the protection of personal health information (PHI) in electronic form. While HIPAA addresses US-specific legal requirements for health data, […]
HITRUST CSF
What is HITRUST? The Health Information Trust Alliance (HITRUST) is a private organisation founded in 2007 that develops and maintains the HITRUST Common Security Framework (CSF) — a certifiable security and privacy framework designed specifically for the healthcare industry. HITRUST was created to address the unique challenges of healthcare organisations that must comply with multiple […]
HIPAA — Health Insurance Portability and Accountability Act
What is HIPAA? The Health Insurance Portability and Accountability Act (HIPAA) is a US federal law enacted in 1996 that establishes national standards for protecting sensitive patient health information. Originally passed to improve the portability of health insurance coverage, HIPAA evolved into the primary legal framework governing the privacy and security of health data in […]