CAN/CSA-Z22857-06

Health Informatics - Guidelines on Data Protection to Facilitate Trans-Border Flows of Personal Health Information (Adopted ISO 22857, first edition, 2004-04-01, with Canadian deviations)

Publication Year 2006
Published by CSA Group
01 Edition
Withdrawn

Available Formats:

PDF

SKU: 2418334

This document is purchased as a PDF (Portable Document Format) and accessed via CSA OnDemand™, where you can view, navigate, and print it, or download it for offline use with Adobe Acrobat Viewer. This PDF contains Digital Rights Management protection and is intended for individual use. Please see Terms of Use for CSA’s copyright license and more information.

Pages: 82

Language:

English

To order this product please contact us

Request Copyright Permissions Contact Us

Preface/Scope

CSA Preface

This is the first edition of CAN/CSA-Z22857, Health informatics - Guidelines on data protection to facilitate trans-border flows of personal health information, which is an adoption, with Canadian deviations, of the identically titled ISO (International Organization for Standardization) Standard 22857 (first edition, 2004-04-01). At the time of publication, ISO 22857:2004 is available from ISO in English only. CSA will publish the French version when it becomes available from ISO.

Scope

This International Standard provides guidance on data protection requirements to facilitate the transfer of personal health data across national borders. It does not require the harmonisation of existing national standards, legislation or regulations. It is normative only in respect of international exchange of personal health data. However it may be informative with respect to the protection of health information within national boundaries and provide assistance to national bodies involved in the development and implementation of data protection principles. The International Standard covers both the data protection principles that should apply to international transfers and the security policy which an organisation should adopt to ensure compliance with those principles.

Where a multilateral treaty between a number of countries has been agreed e.g. the EU Data Protection Directive, the terms of that treaty will take precedence.

This International Standard aims to facilitate international health-related applications involving the transfer of personal health data. It seeks to provide the means by which data subjects, such as patients, may be assured that health data relating to them will be adequately protected when sent to, and processed in, another country.

This International Standard does not provide definitive legal advice but comprises guidance. When applying the guidance to a particular application legal advice appropriate to that application should be sought.

National privacy and data protection requirements vary substantially and can change relatively quickly. Whereas this International Standard in general encompasses the more stringent of international and national requirements it nevertheless comprises a minimum. Some countries may have some more stringent and particular requirements and this should be checked.