Category Technical Report Organisation International Organization for Standardization (ISO) ID ISO/TR 21332:2021 Type Standard Version 1 Access Fees apply to access Status Active Created Mar-21 Some currently available health information systems were not originally designed to operate in cloud-computing environments. If these systems move to a cloud environment, they must consider the necessary security and privacy precautions.This document provides an overview of security and privacy considerations for electronic health records (EHRs) in a cloud-computing service. It also provides guidance on selecting service providers in the public cloud for safely locating healthcare data, and confidential patient information (including solutions on handling of data off-shoring).Main sections:· Scope· Cloud computing· Overview of considerations for health information in cloud-computing environment· Health information security· Information security policies· Annex A: Example guidance from the UK for selecting and risk managing cloud based digital health services· Annex B: Detailed advice and guidance· Annex C: Service classification recommendations