Information security standards for medical devices
Assign topic to the user
Answer:
For the protection of personal health information and compliance with medical-related regulations, I suggest you to consider ISO 27001 together with ISO 27299 and ISO 13485.
ISO 27799 has the objective to provide security controls to protect personal health information, presenting guidance for this specific sector.
ISO 13485 has the objective to specify requirements for a Quality Management System where an organization needs to demonstrate its ability to provide medical devices and related services that consistently meet customer and applicable regulatory requirements.
These articles will provide you further explanation about these standards:
- What is ISO 27001 https://advisera.com/27001academy/what-is-iso-27001/
- How ISO 27001 and ISO 27799 complement each other in health organizations https://advisera.com/27001academy/blog/2016/06/13/how-iso-27001-and-iso-27799-complement-each-other-in-health-organizations/
- What is ISO 13485? https://advisera.com/13485academy/what-is-iso-13485/
Comment as guest or Sign in
Oct 28, 2018