Answer the question
In order to leave comments, you need to log in
Are there technical requirements for information systems for government agencies?
Hello! There is an order from a government agency to develop a system for storing patient data. The system must be accessible via a remote server.
What are the requirements for the system itself and which server is exactly right for this? Will a regular dedicated server from Russian hosting work?
Thank you.
Answer the question
In order to leave comments, you need to log in
Usually insured. Use certified.
Somehow, customers contacted me - the list of requirements is right only for Bitrix and it fits. I refused them - too much hemorrhoids. That is, who fussed, certified himself - that and slippers.
Examples of certified ones:
Rostelecom, Croc, nic.ru
If non-anonymized medical information is stored - this is category K1 personal data, certification by the FSTEC will be required.
If this is a state institution, then you need to read the 17th order of the FSTEC "On approval of the requirements for ... For an
approximate assessment of the measures that should be in your system, see Appendix 2 to this order and the column with the second class of information system security.
So do not forget that you will have to do certification (see paragraph 17 of the order.)
Everything is real, but gemorno.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question