Provisional Standard Guide on Security Framework for Healthcare Information
|Publication Date:||4 December 1997|
|ICS Code (IT applications in health care technology):||35.240.80|
1.1 This provisional guide covers a framework for the protection of healthcare information. It addresses both storage and transmission of information. It describes existing standards used for information security which can be used in many cases, and describes which (healthcare-specific
1.2 Electronic information exchange and sharing of data in has been the backbone of industries such as financial institutions for several years. Cost cutting measures and a real need for sharing of information are driving healthcare services toward increased use of computer-based information systems. One of the requirements for the ability to share and exchange healthcare information is that the information be protected.
1.3 Selection of standards was performed using the following criteria, which are described in more detail in 4.2.
1.3.1 Security requirements are defined in this framework, and (in some cases) in additional ASTM guidelines.
1.3.2 ASTM standard specifications are used to define protocols and message formats in support of interoperability.
1.3.3 Existing standards will be reused or extended whenever possible.
1.3.4 This framework does not address policy issues. ASTM Subcommittee E31.17 is writing standards that address these issues.
1.4 Provisional standards achieve limited consensus through approval of the sponsoring subcommittee.