ISO/TS 25237:2008 保健信息学 假名

标准编号：ISO/TS 25237:2008

中文名称：保健信息学 假名

英文名称：Health informatics — Pseudonymization

发布日期：2008-12

标准范围

ISO/TS 25237:2008包含使用假名服务保护个人健康信息的隐私保护原则和要求。ISO/TS 25237:2008适用于声称从事假名化服务的运营值得信赖的组织。/25237:2008:定义了假名化的一个基本概念；概述了可逆和不可逆的假名化的不同用例；定义假名化服务的一种基本方法，包括组织和技术方面；为重新识别提供风险评估指南；为假名化服务的操作指定策略框架和可信实践的最低要求；规定受控重新识别的政策框架和最低要求；为服务接口的互操作性指定接口。

ISO/TS 25237:2008 contains principles and requirements for privacy protection using pseudonymization services for the protection of personal health information. ISO/TS 25237:2008 is applicable to organizations who make a claim of trustworthiness for operations engaged in pseudonymization services.ISO/TS 25237:2008:

• defines one basic concept for pseudonymization;
• gives an overview of different use cases for pseudonymization that can be both reversible and irreversible;
• defines one basic methodology for pseudonymization services including organizational as well as technical aspects;
• gives a guide to risk assessment for re-identification;
• specifies a policy framework and minimal requirements for trustworthy practices for the operations of a pseudonymization service;
• specifies a policy framework and minimal requirements for controlled re-identification;
• specifies interfaces for the interoperability of services interfaces.

标准预览图