Take the ISO 27001 course exam and get the EU GDPR course exam for free
LIMITED-TIME OFFER – VALID UNTIL SEPTEMBER 30, 2021

Expert Advice Community

Guest

Security and Privacy

  Quote
Guest
Guest user Created:   Aug 06, 2021 Last commented:   Aug 06, 2021

Security and Privacy

My question was regarding that, what is the difference between 27001 and our ’Security and Privacy’ protection for patients’ data?  I am trying to understand if we get ISO 27001 certificate, do we still need to obtain separated privacy and security protection or not?

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Aug 06, 2021

ISO 27001 is a management framework for the protection of information in general, and does not cover specifics related to privacy and medical data, depending upon the defined requirement (e.g., GDPR, HIPAA, etc.).

Considering that ISO 27001 may not be enough to ensure fulfillment of privacy requirements. In this case, you should consider using additional ISO 27001 supporting standards, like ISO 27701 (for privacy protection) and ISO 27799 (for health organizations).

For further information, see:

Quote
0 1

Comment as guest or Sign in

HTML tags are not allowed

Aug 06, 2021

Aug 06, 2021