Shared care implies sharing information. This requires a common concept of information security among healthcare providers and a system to maintain compliance to the security requirements within the healthcare community.

This paper describes the use of the Code of Practice for Information Security Management ISO/IEC 17799 as a general framework for establishing a set of controls for information security in a particular organisation and as a framework for standards on information security in healthcare and their implementation.