Tuesday, July 10, 2007

Update On ISO 27799: ISO 27789?

ISO 27799 will be the health sector specific version of ISO 17799/27002. The above though is a bit of a misleading title, because it is still under approval and there is no 'update' at all!

However, whilst scanning the airways for progress we identified another health sector related ISO 27000 standard. This is ISO 27789. Like ISO27799 it is specific to the health sector. Its provisional title is: Audit trails for electronic health records. The planned publication date is late 2009.

It looks therefore like the ISO 277nn prefix may have been bagged by the health sector.

TO WATCH:
In the US, the relationship between ISO27799 and HIPAA (Health Insurance Portability and Accountability Act). Will HIPAA become a driver for the adoption of ISO 27799? Will 27799 be used as an example of due diligence with respect to certain aspects of the act? Time will tell.

Labels: , , , ,

posted by ISO 27001 Reporter @ 5:10 AM   0 Comments