ISO/DIS 25237

This Draft International Standard is in the enquiry phase with ISO members.

Will replace ISO 25237:2017

ISO/DIS 25237

CHF 67

Convert Swiss francs (CHF) to your currency

Abstract

ISO 25237:2017 contains principles and requirements for privacy protection using pseudonymization services for the protection of personal health information. This document is applicable to organizations who wish to undertake pseudonymization processes for themselves or to organizations who make a claim of trustworthiness for operations engaged in pseudonymization services.

ISO 25237:2017

- defines one basic concept for pseudonymization (see Clause 5),

- defines one basic methodology for pseudonymization services including organizational, as well as technical aspects (see Clause 6),

- specifies a policy framework and minimal requirements for controlled re-identification (see Clause 7),

- gives an overview of different use cases for pseudonymization that can be both reversible and irreversible (see Annex A),

- gives a guide to risk assessment for re-identification (see Annex B),

- provides an example of a system that uses de-identification (see Annex C),

- provides informative requirements to an interoperability to pseudonymization services (see Annex D), and

- specifies a policy framework and minimal requirements for trustworthy practices for the operations of a pseudonymization service (see Annex E).

General information

Status
: Under development

You can help develop this draft international standard by contacting your national member

Stage
: DIS ballot initiated: 12 weeks [40.20]
Edition
: 2

Number of pages
: 44
Technical Committee :
ISO/TC 215

ICS :
35.240.80
RSS updates

Life cycle

This standard contributes to the following Sustainable Development Goal

Good Health and Well-being

Got a question?

Check out our Help and Support

ISO/DIS 25237

Abstract

General information

Life cycle

Previously

ISO 25237:2017

Now

ISO/DIS 25237

Got a question?