Provides guidelines for certificate management issues involved in implementing and operating a healthcare public key infrastructure (PKI). It specifies a structure and minimum requirements for certificate policies, as well as a structure for associated certification practice statements. This Standard also identifies the principles needed in a healthdare security policy for cross-border communication and defines the minimum levels of security required, concentrating on aspects unique to healthcare.

AS ISO 17090.3-2003

Health informatics — Public key infrastructure, Part 3: Policy management of certification authority