ISO/TR 18638:2017 specifies the essential educational components recommended to establish and deliver a privacy education program to support information privacy protection in healthcare organizations. The primary users of this document are those responsible for planning, establishing and delivering healthcare information privacy education to a healthcare organization.
ISO/TR 18638:2017 provides the components of privacy education within the context of roles and job responsibilities. It is the responsibility of the organization to define and apply privacy protection policies and procedures and, in turn, ensure that all staff in the healthcare organization understands their privacy protection responsibilities.
The scope of ISO/TR 18638:2017 covers:
a) the concept of information privacy in healthcare;
b) the challenges of protecting information practices in the healthcare organization;
c) the components of a healthcare information privacy education program;
d) basic health information privacy educational content.