Provides guidelines for certificate management issues involved in implementing and operating a healthcare public key infrastructure (PKI). It specifies a structure and minimum requirements for certificate policies, as well as a structure for associated certification practice statements. This Standard also identifies the principles needed in a healthdare security policy for cross-border communication and defines the minimum levels of security required, concentrating on aspects unique to healthcare.