Skip to content

Health informatics — Security requirements for archiving of electronic health records — Principles

Name: Health informatics -- Security requirements for archiving of electronic health records -- Principles

Identifier: ISO/TS 21547:2010

Issuing Organisation: ISO

Country: International

Language: English

Organization website (opens in new window):

Link to standard (opens in new window):

Availability: Available to Purchase

Type: Technical specification

Issue Year: 2012

Forward Review Date: Not known

Fields: Digital Health 

Intended Audiences: Private Sector Bodies


he purpose of this Technical Specification is to define the basic principles needed to securely preserve health records in any format for the long term. It concentrates on previously documented healthcare-specific archiving problems. It also gives a brief introduction to general archiving principles. Unlike the traditional approach to standardization work, where the perspective is that of modelling, code sets and messages, this Technical Specification looks at archiving from the angle of document management and related privacy protection. The document management angle has traditionally been used in connection with patient records in paper form and it can also be applied to digitally stored documents. There are different architectural and technical ways to develop and implement long-term preservation of electronic health records. Archiving can be a function of the online record-keeping system, and we can have a separate independent archive or a federated one. Electronic health records are, in many cases, archived in the form of documents, but other technical solutions also exist. In this Technical Specification archiving is understood to be a wider process than just the permanent preservation of selected records. Archiving of EHRs is a holistic process covering records maintenance, retention, disclosure and destruction when the record is not in active use. Archiving also includes tasks the EHR system should perform before the record is sent to the EHR-archive. This Technical Specification defines architecture and technology-independent security requirements for the long-term preservation of EHRs having fixed content. This Technical Specification and a complementary Technical Report, ISO/TR 21548, concentrate on the security requirements (integrity, confidentiality, availability and accountability) necessary for ensuring adequate protection of health information in long-term digital preservation. This Technical Specification will also address privacy protection requirements for both the EHR and eArchiving systems used in the healthcare environment. This Technical Specification defines functional security requirements for long-term archiving of EHRs, but the practical archiving models and technology required are outside the concept of this Technical Specification.

Relevance to Active and Healthy Ageing:

Older Person Specific: Yes

Usage / Adoption status: Not known


How useful was this content?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this content.

We are sorry that this content was not useful for you!

Let us improve this content!

Tell us how we can improve this content?

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Font Resize

By continuing to use the PROGRESSIVE Project website, you agree to its use of cookies, as described in the Privacy Policy. More information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.