ISO/TR 11636:2009 explains the network requirements in the healthcare field, the network security of an open network for the healthcare field, and the minimum guidelines for security management of health information exchange, including personal data, between external institutions.
These requirements will assist in understanding the operation of security and evaluation of security issues in the healthcare field, and the usefulness of a managed VPN, like a dynamic on-demand VPN.
ISO/TR 11636:2009 introduces examples of security measures taken in a dynamic on-demand VPN for exchange of medical information; it is not intended to specify the dynamic on-demand VPN itself.
These examples provide network solutions to potential risks in such a user environment.
Status: Under development
Technical Committee: ISO/TC 215 Health informatics