ISO 27799 Information security management in Health using ISO/IEC 27002

(Non accredited or referenced on the 27001 certificate as add-on)

The ISO/IEC 27799 is a standard that establishes information security practices for healthcare organizations. It is based on ISO/IEC 27002, a leading standard for information security. ISO/IEC 27799 is specifically tailored to the needs of healthcare organizations, taking into account the sensitive information related to medical data and health information.

This standard provides a set of guiding principles and control measures to ensure information security in healthcare organizations, helping them manage the challenges associated with handling these highly sensitive data.

A prerequisite for implementing this standard is certification or simultaneous certification according to the ISO/IEC 27001 standard.