BS EN ISO 27799:2016 Health informatics. Information security management in health using ISO/IEC 27002

BS EN ISO 27799:2016

Health informatics. Information security management in health using ISO/IEC 27002

Status : Current, Under review   Published : August 2016



What is this standard about?

It provides guidance on how best to protect the confidentiality, integrity, auditability and availability of personal health information irrespective of the form information takes, its means of storage and any means used to transmit it. This is important for patient privacy and safety to be maintained. 

In addition, healthcare is often time critical so it’s important that health information systems remain operational in the face of natural disasters, system failures and denial-of-service attacks. 

Who is this standard for?

  • Anyone overseeing health information security
  • Healthcare organizations
  • Other custodians of personal health information
  • Security advisors
  • Related consultants, auditors and vendors
  • Third-party service providers

Why should you use this standard? 

This standard complements and is intended to be used with ISO/IEC 27002. BS EN ISO 27799 enables ISO/IEC 27002 to be used within healthcare environments. It tackles the special information security management needs of the health sector and its unique operating environments. Its use will help healthcare environments ensure that:

  • The confidentiality and integrity of data in their care is maintained
  • Critical health information systems remain available
  • Accountability for health information is upheld

In addition, healthcare organizations implementing this standard can expect to see the number and severity of their security incidents reduced, staff morale improve and public trust in the systems that maintain personal health information increase.

The standard provides clear, concise and healthcare-specific guidance on the stringent controls needed to protect health information across a wide range of locations and models of service delivery. 

It also provides additional health-sector-specific requirements and additional guidance in a format that persons responsible for health information security can readily understand and adopt.

What’s changed since the last update?

The standard was systematically reviewed by technical experts to ensure its continued market relevance. This standard is a technical revision of the 2008 version which has been withdrawn.

Standard NumberBS EN ISO 27799:2016
TitleHealth informatics. Information security management in health using ISO/IEC 27002
StatusCurrent, Under review
Publication Date31 August 2016
Normative References(Required to achieve compliance to this standard)ISO/IEC 27000, ISO/IEC 27002
Informative References(Provided for Information)ISO/IEC 27035, ISO/TS 25237, ISO 17090-3, ISO 27789:2013, ISO/TS 17975, ISO/IEC 27033-4, ISO/IEC 11770-2, ISO/IEC 11770-1, ISO/IEC 27031, ISO 22301, ISO/IEC 29100, ISO/TS 21298, ISO/IEC 27036-2, ISO/IEC 27005, ISO 17090-1, ISO/IEC 11770-3, ISO/IEC 27033-2, ISO/IEC 27033-3, ISO/IEC 27007, ISO/TR 17791:2013, ISO 22313, ISO 15489-1, ISO 31000:2018, ISO/IEC 27001:2013, ISO/TS 14441:2013, ISO/IEC 27033-1, ISO 22600-3, ISO 22600-2, ISO/IEC 27033-5, ISO/IEC 27037, ISO/IEC 27036-1, ISO 22857, ISO 17090-2, ISO 22600-1, ISO/IEC 29101, ISO/IEC 27036-3, ISO/IEC 18028-4:2005, ISO 21091, ISO/IEC/TR 27008
ReplacesBS EN ISO 27799:2008
International RelationshipsEN ISO 27799:2016,ISO 27799:2016
Draft Superseded By14/30304350 DC
DescriptorsInformation exchange, Health services, Medical sciences, Planning, Risk assessment, Data, Documents, Data processing, Data security, Computer applications, Management
Title in FrenchInformatique de santé. Management de la sécurité de l'information relative à la santé en utilisant l'ISO/IEC 27002
Title in GermanMedizinische Informatik. Informationsmanagement im Gesundheitswesen bei Verwendung der ISO/IEC 27002
ISBN978 0 580 87253 2
File Size2.843 MB

 Your basket
Your basket is empty

Multi-user access to over 3,500 medical device standards, regulations, expert commentaries and other documents

Worldwide Standards
We can source any standard from anywhere in the world


Access, view and download standards with multiple user access, across multiple sites with BSOL

Tracked Changes

Understand the changes made to a standard with our new Tracked Changes version

Customers who bought this product also bought