ISO/TR 28380-1:2014

TECHNICAL ISO/TR
REPORT 28380-1
First edition
2014-02-15
Health informatics — IHE global
standards adoption —
Part 1:
Process
Informatique de santé — Adoption des normes globales IHE —
Partie 1: Procédé
Reference number
ISO/TR 28380-1:2014(E)
©
ISO 2014

---------------------- Page: 1 ----------------------
ISO/TR 28380-1:2014(E)

COPYRIGHT PROTECTED DOCUMENT
© ISO 2014
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland
ii © ISO 2014 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/TR 28380-1:2014(E)

Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Terms and definitions . 1
3 Abbreviations. 3
4 Global standards adoption process overview . 3
4.1 General . 3
4.2 Development and deployment process . 4
4.3 Levels of requirements. 5
4.4 Stakeholder participation and overall structure . 7
5 Development process . 8
6 Deployment-validation process .10
7 Principle and policies .12
8 Overview of the Technical Framework .12
8.1 Relationship to real-world architectures .12
8.2 Structure of the Technical Frameworks .13
8.3 Relationship to base standards .13
8.4 IHE Technical Framework development and maintenance process .14
8.5 Implementation of the Technical Framework .14
Annex A (informative) IHE Integration Statement template .15
Annex B (informative) IHE sponsoring organizations .17
© ISO 2014 – All rights reserved iii

---------------------- Page: 3 ----------------------
ISO/TR 28380-1:2014(E)

Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the meaning of ISO specific terms and expressions related to conformity
assessment, as well as information about ISO’s adherence to the WTO principles in the Technical Barriers
to Trade (TBT) see the following URL: Foreword - Supplementary information.
The committee responsible for this document is ISO/TC 215, Health informatics.
ISO/TR 28380 consists of the following parts, under the general title Health informatics — IHE global
standards adoption:
— Part 1: Process
— Part 2: Integration and content profiles
The following parts are under preparation:
— Part 3: Deployment
iv © ISO 2014 – All rights reserved

---------------------- Page: 4 ----------------------
ISO/TR 28380-1:2014(E)

Introduction
1)
This part of ISO/TR 28380 describes how the Integrating Healthcare Enterprise (IHE ) process specifies
and facilitates adoption of profiles of selected standards to support carefully defined healthcare tasks
that depend on electronic information exchange. It accelerates the worldwide adoption of standards
targeted to achieving the interoperability of healthcare information between software applications
within healthcare enterprises and across various care settings.
IHE is an initiative designed to stimulate the integration of electronic information systems that support
the delivery of modern healthcare. Its fundamental objective is to facilitate the standards-based
exchange of authorized and relevant health information for citizens as consumers of health services and
for healthcare professionals in the care of their patients. Integrating these systems and devices both
within the healthcare enterprise, across a variety of care settings, and personal health management
services will empower patients and health professionals with efficient access to necessary health
information.
The information exchange between IT systems, applications, and devices in healthcare is a complex
process due to the wide range of medical specialities, the rapid evolution of knowledge, use of technology
in the delivery service, and the broad range of stakeholders that need to cooperate.
Stakeholders include legislative institutions, governmental entities, insurers, vendors, employers, and
care providers organized in a variety of entities ranging from the small physician practice to large
hospital networks. Interoperability standards have proven quite complex to develop, driven by a
wide range of standard development organizations each effective at engaging a subset of these many
stakeholders.
In such a complex environment, standards require flexibility to account for a variety of environments
within which they can be used. Removing this flexibility would only result in further fragmentation. An
agreed upon process to rationalize the implementation of combined sets of these standards is required
in order to address some of the most common cases of information exchange in a defined manner that
can be tested.
This part of ISO/TR 28380 summarizes the successful work done by the IHE initiative, in which several
of the ISO/TC 215 member countries are engaged. This part of ISO/TR 28380 is intended to provide all
ISO members with an understanding of the valuable experience gained, as well as access to the results
achieved. The IHE is both a process and a forum that rationalizes at a multi-national level the adoption
of interoperability standards that can be profiled and combined to meet healthcare needs.
IHE draws on established healthcare-specific standards such as those developed by ISO/TC 215, as well
as general purpose IT standards, to define technical frameworks for the implementation of information
exchange to further address specific healthcare improvement or clinical goals. It includes a rigorous
testing process for the implementation of these technical frameworks. It also organizes educational
sessions and exhibits at major meetings of healthcare professionals to demonstrate the benefits of these
frameworks and encourages their adoption by the healthcare industry, the technology industry, and
other stakeholders worldwide. These elements are further discussed in this part of ISO/TR 28380.
By facilitating the adoption of internationally recognized standards (e.g. ISO, HL7, DICOM, IEEE, IETF,
and OASIS) in healthcare, IHE is doing what “Wi-Fi” has done in the field of wireless networking to the
adoption and deployment of the IEEE 802.11 standard. The IHE process produces detailed implementation
guides called “Integration Profiles or Content Profiles”.
Each profile references foundation standards from Standards Development Organizations (SDOs) and
constrains them as allowed by the parent SDO.
IHE makes configuration choices where necessary in these standards to ensure that IT systems or
devices commonly used in healthcare can easily exchange information in the context of the specific
but broadly required use case. When clarifications or gaps are identified in the standards, IHE refers
1) Information on IHE may be found at www.ihe.net.
© ISO 2014 – All rights reserved v

---------------------- Page: 5 ----------------------
ISO/TR 28380-1:2014(E)

recommendations to the relevant standards bodies. To this end, IHE maintains liaison relationships
with all major SDOs involved in healthcare (e.g. ISO, HL7, CEN, DICOM and IEEE).
The intended audience for this part of ISO/TR 28380 includes, but is not limited to, the following:
— IT departments of healthcare institutions;
— technical and marketing staff in the healthcare information technology industry;
— experts involved in standards development;
— those interested in integrating healthcare information systems and workflows;
— leadership in national and regional healthcare information exchange projects.
vi © ISO 2014 – All rights reserved

---------------------- Page: 6 ----------------------
TECHNICAL REPORT ISO/TR 28380-1:2014(E)
Health informatics — IHE global standards adoption —
Part 1:
Process
1 Scope
This part of ISO/TR 28380 describes how the Integrating the Healthcare Enterprise (IHE) process
specifies and facilitates profiles of selected standards to support carefully defined healthcare tasks that
depend on electronic information exchange. It accelerates the worldwide adoption of standards targeted
at achieving interoperability between software applications within healthcare enterprises and across
healthcare settings. The Integration and Content Profiles are specified in ISO 28380-2.
2 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
2.1
actor
functional component of a system that exchanges transactions with other actors as defined in an IHE
Integration Profile
2.2
Content Profile
coordinated set of standards-based information content exchanged between the functional components
of communicating healthcare IT systems and devices
Note 1 to entry: It also specifies a specific element of content (e.g. a document) that can be conveyed through the
transactions of one or more associated Integration Profile(s).
2.3
Connectathon
testing event at which developers have registered their system implementations for supervised
interoperability testing with other systems implementations
Note 1 to entry: Each participating system is tested for each registered combination of an IHE Actor and IHE
Integration or Content Profile.
2.4
deployment-production process
part of the IHE process that deploys into production healthcare delivery systems that effectively support
end users with standards-based interoperability as specified by IHE
Note 1 to entry: Although the IHE process is not directly responsible to conduct these deployment projects in
production, it expects that such projects will continuously provide feedback to the development process.
2.5
deployment-validation process
part of the IHE process that builds upon IHE Profile specifications produced by the development process
Note 1 to entry: The process starts with the testing of working implementations of these profiles, demonstrates
successful interoperability between independent implementations, and concludes with the means for developers
of IT products to state their compliance to one or more profiles.
© ISO 2014 – All rights reserved 1

---------------------- Page: 7 ----------------------
ISO/TR 28380-1:2014(E)

2.6
development process
part of the IHE process that identifies and prioritizes use cases, selects interoperability standards,
defines the necessary constraints and documents these specifications in the form of either an Integration
Profile or a Content Profile
2.7
Domain
field of clinical or healthcare technology-related activities
2.8
draft supplement for public comment
specification candidate for addition to an IHE Domain Technical Framework (e.g. a new profile) that is
issued for comment by any interested party
2.9
Integration Profile
IHE Integration Profile specifies the information exchanges to support a specific business process
Note 1 to entry: It is a coordinated set of interactions exchanged between the functional components of
communicating healthcare IT systems and devices. These functional components are called IHE Actors. An IHE
Integration Profile specifies their interactions in terms of a set of coordinated, standards-based transactions.
2.10
Technical Framework
collection of profile specifications related to an IHE Domain and its specific clinical or technological
focus
Note 1 to entry: Profiles within a Technical Framework and across Technical Frameworks can be combined.
2.11
transaction
specification for a set of messages exchanged between pairs of actors in support of an Integration Profile
2.12
Trial Implementation Supplement
specification candidate for addition to an IHE Domain Technical Framework (e.g. a new profile) that is
issued for early implementation by any interested party
Note 1 to entry: The authoring Technical Committee expects developers’ feedback.
2.13
use case
textual and graphical depiction of the actors and operations that address information exchange in the
context of a set of specific tasks for a workflow performed by different systems or devices
2 © ISO 2014 – All rights reserved

---------------------- Page: 8 ----------------------
ISO/TR 28380-1:2014(E)

3 Abbreviations
ANSI American National Standards Institute
ASTM American Society for Testing and Materials
CDA Clinical Document Architecture
CDISC Clinical Data Interchange Standards Consortium
CEN European Committee for Standardization
DICOM Digital and Imaging Communications in Medicine
EHR Electronic Health Record
HIS Hospital Information System
HL7 Health Level Seven
IETF Internet Engineering Task Force
IEEE Institute of Electrical and Electronics Engineers
IHE Integrating the Healthcare Enterprise
IHTSDO International Health Terminology Standards Development Organisation
LOINC Logical Observation Identifiers Names and Codes
OASIS Organization for the Advancement of Structured Information Standards
PDQ Patient Demographics Query
PIX Patient Identifier Cross-Referencing
RIS Radiology Information System
SDO Standard Development Organization
SNOMED Systematized NOmenclature of MEDicine
XDS Cross-Enterprise Document Sharing
W3C World Wide Web Consortium
4 Global standards adoption process overview
4.1 General
The IHE standards adoption process is entirely driven by the definition of requirements for interoperability,
often called “use cases”. These standards are a means of addressing these interoperability problems.
Therefore this section provides:
— an overview of the main steps of the IHE process
— a definition of the level of requirements at which this process operates, and
— the involvement of stakeholders and the overall structure in which the process is performed.
© ISO 2014 – All rights reserved 3

---------------------- Page: 9 ----------------------
ISO/TR 28380-1:2014(E)

4.2 Development and deployment process
The IHE process comprises a development process and a deployment process as depicted in Figure 1.
The development feeds the deployment-validation process, which in turn enables the deployment-
production process resulting in implementation projects with successful interoperability. As additional
requirements are identified during implementations, the IHE process is intended to repeat itself by
expanding the information exchange capabilities year after year.
Figure 1 — IHE development and deployment process
The development process starts with a set of documented use cases; it proceeds to the selection of relevant
standards that support the use case and documents in a structured manner the subset or “profile” of
these base standards with a significant reduction of options. These profiles are then published in the
corresponding IHE Technical Framework for the domain. As a result, the implementers of an IHE profile
are ensured to achieve the intended level of interoperability within the context of the corresponding use
case by receiving the necessary detailed implementation guidance for the selected standards.
The deployment process builds upon profile specifications produced by the development process.
It starts with the validation process which includes the testing of working implementations of these
profiles, demonstrates successful interoperability between independent implementations at various
exhibitions, and concludes with the means for developers of IT products to state their compliance to one
of more profiles.
The deployment into production of healthcare delivery systems leverages interoperable health IT
products by integrating them in care management or delivery systems. This effective support of end
users is where the benefits of standards-based interoperability are realized. Although the IHE process
is not directly responsible for conducting these deployment projects in production, it expects that
such projects will continuously provide feedback to the development process. It does this by supplying
additional use case requirements in order to expand the richness of interoperability and by issuing
Change Proposals to the profile maintenance process when implementers discover interoperability
issues.
The profile development process is distinguished from the profile deployment-validation process for
several reasons:
— The development process is executed at the global level in order to produce internationally agreed
upon Integration and Content Profiles
4 © ISO 2014 – All rights reserved

---------------------- Page: 10 ----------------------
ISO/TR 28380-1:2014(E)

— The deployment-validation process is carried out at the level of specific countries or a group of
countries, which reflects the different mix of implementers and is close to the health organizations
that deploy the technology and need to achieve interoperability.
— Some national extensions to the globally agreed upon profiles are often necessary and are specified
by the deployment-validation process generally at the national level and are documented into a
specific part of the Technical Frameworks.
— It is a good engineering quality approach to keep some balance of power between the two parts of
the process, each challenging the other to improve the quality of its outcome.
4.3 Levels of requirements
One significant challenge in standards adoption is to offer an approach that balances the broad and
unbounded need for interoperability and the necessity to solve specific but common interoperability
problems involving different health IT systems or devices.
The definition of interoperability requirements can be performed at different level of granularity. In
order to clarify the level at which the IHE Global Standards Adoption Process operates, four levels of
requirements initially proposed by the United States EHR Vendor Association in its Interoperability
Roadmap provide an effective breakdown:
a) Business Use Case Level — This level corresponds to the business view of IT systems such as
“chronic disease management system” or “patient empowerment with a medication history
system”. There are many ways of identifying and structuring use cases at the Business Level Use
Case, which contributes to the challenge of accepting a certain fuzziness and flexibility. Business
Level Use Cases are most successful when they select a small and therefore achievable scope for
implementing requirements, each providing value while remaining achievable. This is increasingly
occurring in a number of regional and national projects around the world. However, as the number
of use cases providing incremental interoperability requirements increases, it becomes apparent
that they overlap, each potentially reusing a subset of an earlier one (e.g. in our example below,
“chronic disease management” would have significant overlap with a “patient empowerment with
a medication history” use case. This needs to be accepted, and factoring will happen at the lower
requirements levels.
b) Interoperability Service Level — An interoperability service defines a number of related means
and constraints to exchange specific types of health information for the purpose of communicating
this information from one or more systems to another or accessing it in remote systems. One
defines at this level core interoperability services that are most likely to be needed to support a
broad range of business level use cases. This is a use case driven approach at an intermediate level,
which facilitates the support of business requirements with specific purpose, data, and exchange
requirements. The range of services is large but can be more easily organized and bounded than at
the business use case level. An example of this further refinement is in the terms used to describe
the services themselves: “electronic drug prescribing”, “sharing of patient’s medical summaries”,
and “access to a patient’s current immunization list”.
c) Integration and Content Profile Level — This level is more granular than the interoperability
service level in order to provide maximum flexibility in terms of implementation architectures.
This architecture independence is achieved by combining actors from multiple Integration Profiles.
Integration Profiles are common interoperability building blocks, easily implemented in various
software architectures [e.g. can be mapped to components in a service-oriented architecture (SOA)]
that can be effectively factored in order to maximize reuse of specification and implementation
methods, as well as allowing for evolutionary growth. Standards generally operate at a domain-
focused level in that multiple standards are generally needed to define an Integration Profile.
The Integration and Content Profile level is the level at which it is most practical to perform
interoperability conformance testing. It is the level at which IHE manages its requirements.
d) Base Standard Level — Base standards are in some cases healthcare specific, and in other cases
used across a wide range of industries to achieve fundamental IT communication or security
management. Base standards are foundations that enable the creation of elementary services,
© ISO 2014 – All rights reserved 5

---------------------- Page: 11 ----------------------
ISO/TR 28380-1:2014(E)

messages, and documents to support any possible use case in their domain. Like the other three
levels, base standards development is also use-case driven, but is faced with the significant
challenge of anticipating a greater variety of needs and market evolution. The large number of
SDOs working on base standards means there is the risk of overlaps and inconsistencies between
approved standards. Since these standards are not necessarily specific to healthcare, their use in
this setting requires a number of constraints that are provided at the profile level (e.g., selection
among competing standards to identify healthcare suitable options). The required flexibility of
base standards makes their development a long-term activity with often unpredictable delivery
schedules. For this reason, standards development and profile development are generally separate
activities that operate on different schedules and consensus processes but with strong two-way
collaboration that allows for approved standards to be updated with newly identified content as
these standards make their way into profiles.
Figure 2 illustrates how these four levels support each other by adding specific technical depth as one
moves from the level of business use cases (at the left side of the diagram) to the middle levels where it
is possible to accomplish effective, testable, and robust interoperability (at the IHE Level), all the way to
the most granular details provided by the base standards (at the right).
Business level use cases (furthest to the left) are many, varied, and naturally overlapping. Base standards
(furthest to the right) are also varied and complex foundational specifications delicate to combine. The
middle two layers are where a critical rationalization and the definition of common “solutions building
blocks” are best conducted. These four levels are not intended to propose a systems requirement
analysis process but simply a high-level identification of the granularity and scope of interoperability
requirements. Applying these four levels to an example is illustrated in Table 1.
Figure 2 — Example of four levels of requirements
6 © ISO 2014 – All rights reserved

---------------------- Page: 12 ----------------------
ISO/TR 28380-1:2014(E)

Table 1 — Business use case level
Business Use Case Level: Chronic Disease Management system
  • Interoperability Service: Patient Identification Service
               • Profile: Patient ID Cross-referencing (PIX)
                              • Standard: HL7 V2.5
               • Profile: Patient Demographics Query (PDQ)
                              • Standard: HL7 V3
  • Interoperability Service: Secured Channel between Trusted Nodes
               • Profile: Audit Trail and Node Authentication
                              • Standard: DICOM- HL7-ASTM-IETF-RFC 3881
               • Profile: Consistent Time (CT)
                              • Standard: IETF-NTP
  • Interoperability Service: Sharing of Care Summaries
               • Profile: Cross-Enterprise Document Sharing (XDS)
                              • Standard: ISO 15000, OASIS
                              • Standard: CEN 13606
                              • Standard: HL7 V2.5, HL7 CDA
               • Profile: Medical Summary (XDS-MS)
                              • Standard: HL7 CDA
                              • Standard: HL7-ASTM CCD
                              • Standard: SNOMED
  • Interoperability Service: Laboratory Orders and Test Results Workflow

...