醫療健康
(43 項標準)行業: 醫療健康
ISO/IEC 27001:2022
Information security management systems — Requirements
SOC 2 Type II
Service Organization Control 2 — Trust Services Criteria
GDPR
General Data Protection Regulation (EU) 2016/679
HIPAA
Health Insurance Portability and Accountability Act of 1996
PCI DSS 4.0
Payment Card Industry Data Security Standard
CCPA/CPRA
California Consumer Privacy Act & California Privacy Rights Act
LGPD
Lei Geral de Proteção de Dados Pessoais — Brazil General Data Protection Law
PIPL
Personal Information Protection Law — 中华人民共和国个人信息保护法
ISO 13485:2016
Medical devices — Quality management systems — Requirements for regulatory purposes
ISO/IEC 27017:2015
Information technology — Security techniques — Code of practice for information security controls based on ISO/IEC 27002 for cloud services
ISO/IEC 27018:2019
Information technology — Security techniques — Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors
ISO/IEC 27701:2019
Security techniques — Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management — Requirements and guidelines
ISO/IEC 42001:2023
Information technology — Artificial intelligence — Management system
ISO 9001:2015
Quality management systems — Requirements
ISO 14001:2015
Environmental management systems — Requirements with guidance for use
ISO 45001:2018
Occupational health and safety management systems — Requirements with guidance for use
ISO 31000:2018
Risk management — Guidelines
ISO 14971:2019
Medical devices — Application of risk management to medical devices
IEC 60601-1 Ed.3.2 (2020)
Medical electrical equipment — Part 1: General requirements for basic safety and essential performance
IEC 62366-1:2015+AMD1:2020
Medical devices — Part 1: Application of usability engineering to medical devices
ISO 50001:2018
Energy management systems — Requirements with guidance for use
EU AI Act
Regulation (EU) 2024/1689 — Artificial Intelligence Act
ISO 22301:2019
Security and resilience — Business continuity management systems — Requirements
EU MDR 2017/745
European Medical Devices Regulation — Regulation (EU) 2017/745
FDA 510(k)
Premarket Notification — US Medical Device Clearance Program
NIST CSF 2.0
Cybersecurity Framework 2.0 — Framework for Improving Critical Infrastructure Cybersecurity
NIS2 Directive
Directive (EU) 2022/2555 — Measures for a High Common Level of Cybersecurity Across the Union
SOX
Sarbanes-Oxley Act of 2002 — U.S. Public Company Accounting Reform and Investor Protection Act
GMP (cGMP)
Good Manufacturing Practice — WHO Guidelines & FDA 21 CFR 210/211
IEC 62304:2006+A1:2015
Medical device software — Software life cycle processes
ISO/IEC 17025:2017
General requirements for the competence of testing and calibration laboratories
CSA STAR
Cloud Security Alliance Security, Trust, Assurance and Risk Program
Cyber Essentials
UK Government-Backed Cyber Security Certification Scheme
ISO 15189:2022
Medical laboratories — Requirements for quality and competence
ISO/IEC 27002:2022
Information security, cybersecurity and privacy protection — Information security controls
ISO 37301:2021
Compliance management systems — Requirements with guidance for use
PDPA (Singapore)
Personal Data Protection Act 2012 — Singapore Data Protection Law
APPI
Act on the Protection of Personal Information — 個人情報の保護に関する法律
PIPEDA
Personal Information Protection and Electronic Documents Act — Canadian Federal Privacy Law
HITRUST CSF
HITRUST Common Security Framework — Healthcare-Focused Certifiable Security & Privacy Framework
NIST AI RMF 1.0
AI Risk Management Framework — NIST AI 100-1
Colorado AI Act
SB24-205 — Consumer Protections for Artificial Intelligence
India DPDP Act
Digital Personal Data Protection Act 2023 and DPDP Rules 2025