Use of the ISO/IEC 17799 framework in healthcare information security management.

Shared care implies sharing information. This requires a common concept of information security among healthcare providers and a system to maintain compliance to the security requirements within the healthcare community. This paper describes the use of the Code of Practice for Information Security Management ISO/IEC 17799 as a general framework for establishing a set of controls for information security in a particular organisation and as a framework for standards on information security in healthcare and their implementation.