RFID technology is widely used in healthcare environments to ensure patient safety. Therefore, the testing of RFID tags, such as performance tests and security evaluations, is necessary to ensure inter-operational functional compatibility with standards. A survey of the literature shows that while standards that are around RFID performance tests have been addressed, but the same is not true for security evaluations. Therefore, in this paper, we introduce the Common Criteria security evaluation methodology, also known as ISO/IEC 15408, for the security evaluation of RFID tags and propose a framework as a minimal requirement for RFID tags to improve security assurance.