Skip to content

NORMEN: Code of conduct for information security and data protection in the healthcare and care services sector

\"The Code is an industry code which has been prepared and is administered by organisations and enterprises in the healthcare and care services sector. This version of the Code does not have the status of a Code of Conduct under Article 40 of the GDPR. The Code is intended to contribute to a satisfactory level of information security and data protection amongst individual organisations, in joint systems and infrastructure and within the sector generally. The Code is intended to help ensure that an organisation which complies with and follows the Code has appropriate technical and organisational measures in place regarding information security and data protection for its processing of personal health data. A further aim of the Code is to help ensure that organisations can have mutual confidence that the processing of personal health data by other organisations will be carried out with a satisfactory level of security. Those who interact with an enterprise that is obliged to comply with the requirements of the Code shall be able to be confident that the enterprise concerned has appropriate technical and organisational measures in place regarding information security and data protection for its processing of personal health data.\" - NORMEN

Info