ISO 17090-1:2021

INTERNATIONAL ISO
STANDARD 17090-1
Third edition
2021-02
Health informatics — Public key
infrastructure —
Part 1:
Overview of digital certificate services
Informatique de santé — Infrastructure de clé publique —
Partie 1: Vue d'ensemble des services de certificat numérique
Reference number
©
ISO 2021
© ISO 2021
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting
on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address
below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO 2021 – All rights reserved

Contents Page
Foreword .v
Introduction .vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
3.1 Healthcare context terms . 1
3.2 Security services terms . 3
3.3 Public key infrastructure related terms . 6
4 Abbreviations. 9
5 Healthcare context . 9
5.1 Certificate holders and relying parties in healthcare . 9
5.2 Examples of actors .10
5.2.1 Regulated health professional .10
5.2.2 Non-regulated health professional.10
5.2.3 Patient/consumer .10
5.2.4 Sponsored healthcare provider.10
5.2.5 Supporting organization employee .10
5.2.6 Healthcare organization .10
5.2.7 Supporting organization .11
5.2.8 Devices .11
5.2.9 Applications .11
5.3 Applicability of digital certificates to healthcare .11
6 Requirements for security services in healthcare applications .12
6.1 Healthcare characteristics .12
6.2 Digital certificate technical requirements in healthcare.12
6.2.1 General.12
6.2.2 Authentication .13
6.2.3 Integrity .13
6.2.4 Confidentiality .13
6.2.5 Digital signature .13
6.2.6 Authorization .13
6.2.7 Access control .13
6.3 Healthcare-specific needs and the separation of authentication from data
encipherment .14
6.4 Health industry security management framework for digital certificates .14
6.5 Policy requirements for digital certificate issuance and use in healthcare .14
7 Public key cryptography .14
7.1 Symmetric vs. asymmetric cryptography .14
7.2 Digital certificates.15
7.3 Digital signatures .15
7.4 Protecting the private key .16
8 Deploying digital certificates .17
8.1 Necessary components .17
8.1.1 General.17
8.1.2 CP .17
8.1.3 CPS.17
8.1.4 CA .17
8.1.5 RA .17
8.2 Establishing identity using qualified certificates .18
8.3 Establishing speciality and roles using identity certificates .18
8.4 Using attribute certificates for authorization and access control .19
9 Interoperability requirements .20
9.1 Overview .20
9.2 Options for deploying healthcare digital certificates across jurisdictions .20
9.2.1 General.20
9.2.2 Option 1 — Single hierarchy of CAs .20
9.2.3 Option 2 — Relying party management of trust .20
9.2.4 Option 3 — Cross-recognition .21
9.2.5 Option 4 — Cross-certification .21
9.2.6 Option 5 — Bridge CA .22
9.3 Option usage .22
Annex A (informative) Scenarios for the use of digital certificates in healthcare .23
Bibliography .40
iv © ISO 2021 – All rights reserved

Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www .iso .org/ patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www .iso .org/
iso/ foreword .html.
This document was prepared by Technical Committee ISO/TC 215, Health informatics.
This third edition cancels and replaces the second edition (ISO 17090-1:2013), of which it constitutes a
minor revision. The changes compared to the previous edition are as follows:
— update to references;
— editorial update.
A list of all parts in the ISO 17090 series can be found on the ISO website.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www .iso .org/ members .html.
Introduction
The healthcare industry is faced with the challenge of reducing costs by moving from paper-based
processes to automated electronic processes. New models of healthcare delivery are emphasizing the
need for patient information to be shared among a growing number of specialist healthcare providers
and across traditional organizational boundaries.
Healthcare information concerning individual citizens is commonly interchanged by means of
electronic mail, remote database access, electronic data interchange, and other applications. The
Internet provides a highly cost-effective and accessible means of interchanging information, but it
is also an insecure vehicle that demands additional measures be taken to maintain the privacy and
confidentiality of information. Threats to the security of health information through unauthorized
access (either inadvertent or deliberate) are increasing. It is essential to have available to the healthcare
system reliable information security services that minimize the risk of unauthorized access.
How does the healthcare industry provide appropriate protection for the data conveyed across the
Internet in a practical, cost-effective way? Public key infrastructure (PKI) and digital certificate
technology seek to address this challenge.
The proper deployment of digital certificates requires a blend of technology, policy, and administrative
processes that enable the exchange of sensitive data in an unsecured environment by the use of
“public key cryptography” to protect information in transit and “certificates” to confirm the identity
of a person or entity. In healthcare environments, this technology uses authentication, encipherment,
and digital signatures to facilitate confidential access to, and movement of, individual health records
to meet both clinical and administrative needs. The services offered by the deployment of digital
certificates (including encipherment, information integrity, and digital signatures) are able to address
many of these security issues. This is especially the case if digital certificates are used in conjunction
with an accredited information security standard. Many individual organizations around the world
have started to use digital certificates for this purpose.
Interoperability of digital certificate technology and supporting policies, procedures, and practices
is of fundamental importance if information is to be exchanged between organizations and between
jurisdictions in support of healthcare applications (for example between a hospital and a community
physician working with the same patient).
Achieving interoperability between different digital certificate implementations requires the
establishment of a framework of trust, under which parties responsible for protecting an individual’s
information rights may rely on the policies and practices and, by extension, the validity of digital
certificates issued by other established authorities.
Many countries are deploying digital certificates to support secure communications within their
national boundaries. Inconsistencies will arise in policies and procedures between the certification
authorities (CAs) and the registration authorities (RAs) of different countries if standards development
activity is restricted to within national boundaries.
Digital certificate technology is still evolving in certain aspects that are not specific to healthcare.
Important standardization efforts and, in some cases, supporting legislation are ongoing. On the other
hand, healthcare providers in many countries are already using or planning to use digital certificates.
This document seeks to address the need for guidance of these rapid international developments.
This document describes the common technical, operational, and policy requirements that need to be
addressed to enable digital certificates to be used in protecting the exchange of healthcare information
within a single domain, between domains, and across jurisdictional boundaries. Its purpose is to create
a platform for global interoperability. It specifically supports digital certificate-enabled communication
across borders, but could also provide guidance for the national or regional deployment of digital
certificates in healthcare. The Internet is increasingly used as the vehicle of choice to support the
movement of healthcare data between healthcare organizations and is the only realistic choice for
cross-border communication in this sector.
vi © ISO 2021 – All rights reserved

This document should be approached as a whole, with the three parts all making a contribution
to defining how digital certificates can be used to provide security services in the health industry,
including authentication, confidentiality, data integrity, and the technical capacity to support the
quality of digital signature.
This document defines the basic concepts underlying the use of digital certificates in healthcare and
provides a scheme of interoperability requirements to establish digital certificate-enabled secure
communication of health information.
ISO 17090-2 provides healthcare specific profiles of digital certificates based on the International
[14]
Standard X.509 and the profile of this specified in IETF/RFC 3280 for different types of certificates.
ISO 17090-3 deals with management issues involved in implementing and using digital certificates
in healthcare. It defines a structure and minimum requirements for certificate policies (CPs) and a
structure for associated certification practice statements. ISO 17090-3 is based on the recommendations
of the informational IETF/RFC 3647 and identifies the principles needed in a healthcare security policy
for cross border communication. It also defines the minimum levels of security required, concentrating
on the aspects unique to healthcare.
INTERNATIONAL STANDARD ISO 17090-1:2021(E)
Health informatics — Public key infrastructure —
Part 1:
Overview of digital certificate services
1 Scope
This document defines the basic concepts underlying the use of digital certificates in healthcare and
provides a scheme of interoperability requirements to establish a digital certificate-enabled secure
communication of health information. It also identifies the major stakeholders who are communicating
health-related information, as well as the main security services required for health communication
where digital certificates can be required.
This document gives a brief introduction to public key cryptography and the basic components needed
to deploy digital certificates in healthcare. It further introduces different types of digital certificates
— identity certificates and associated attribute certificates for relying parties, self-signed certification
authority (CA) certificates, and CA hierarchies and bridging structures.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
ISO 17090-2, Health informatics — Public key infrastructure — Part 2: Certificate profile
ISO 17090-3, Health informatics — Public key infrastructure — Part 3: Policy management of certification
authority
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at http:// www .electropedia .org/
3.1 Healthcare context terms
3.1.1
application
identifiable computer running software process that is the holder of a private encipherment key
Note 1 to entry: Application, in this context, can be any software process used in healthcare information systems,
including those without any direct role in treatment or diagnosis.
Note 2 to entry: In some jurisdictions, including software, processes can be regulated medical devices.
3.1.2
device
identifiable computer-controlled apparatus or instrument that is the holder of a private encipherment key
Note 1 to entry: This includes the class of regulated medical devices that meet the above definition.
Note 2 to entry: Device, in this context, is any device used in healthcare information systems, including those
without any direct role in treatment or diagnosis.
3.1.3
healthcare actor
actor
regulated health professional, non-regulated health professional, sponsored healthcare provider,
supporting organization employee, patient/consumer, healthcare organization, device, or application
that acts in a health-related communication and requires a certificate for a digital certificate-enabled
security service
3.1.4
healthcare organization
officially registered organization that has a main activity related to healthcare services or health
promotion
EXAMPLE Hospitals, Internet healthcare website providers, and healthcare research institutions.
Note 1 to entry: The organization is recognized to be legally liable for its activities but need not be registered for
its specific role in health.
Note 2 to entry: An internal part of an organization is called here an organizational unit, as in X.501.
3.1.5
non-regulated health professional
person employed by a healthcare organization who is not a regulated health professional
EXAMPLE Medical receptionist who organizes appointments or nurses aid who assists with patient care.
Note 1 to entry: The fact that the employee is not authorized by a body independent of the employer in his/
her professional capacity does, of course, not imply that the employee is not professional in conducting his/her
services.
3.1.6
organization employee
person employed by a healthcare organization or a supporting organization
EXAMPLE Medical records transcriptionists, healthcare insurance claims adjudicators, and pharmaceutical
order entry clerks.
3.1.7
patient
consumer
person who is the receiver of health-related services and who is an actor in a health information system
3.1.8
privacy
freedom from intrusion into the private life or affairs of an individual when that intrusion results from
undue or illegal gathering and use of data about that individual
[SOURCE: ISO/IEC 2382:2015, 2126263]
2 © ISO 2021 – All rights reserved

3.1.9
regulated health professional
person who is authorized by a nationally recognized body to be qualified to perform certain health
services
EXAMPLE Physicians, registered nurses, and pharmacists.
Note 1 to entry: The types of registering or accrediting bodies differ in different countries and for different
professions. Nationally recognized bodies include local or regional governmental agencies, independent
professional associations, and other formally and nationally recognized organizations. They may be exclusive or
non-exclusive in their territory.
Note 2 to entry: A nationally recognized body in this definition does not imply one nationally controlled system
of professional registration but, in order to facilitate international communication, it would be preferable for one
nationwide directory of recognized health professional registration bodies to exist.
3.1.10
sponsored healthcare provider
health services provider who is not a regulated professional in the jurisdiction of his/her practice, but
who is active in his/her healthcare community and sponsored by a regulated healthcare organization
EXAMPLE A drug and alcohol education officer who is working with a particular ethnic group, or a healthcare
aid worker in a developing country.
3.1.11
supporting organization
officially registered organization which is providing services to a healthcare organization, but which is
not providing healthcare services
EXAMPLE 1 EXAMPLE
EXAMPLE 2 Healthcare financing bodies such as insurance institutions, suppliers of pharmaceuticals and
other goods.
3.2 Security services terms
3.2.1
access control
means of ensuring that the resources of a data processing system can be accessed only by authorized
entities in authorized ways
[SOURCE: ISO/IEC 2382:2015, 2126294, modified — Notes to entry removed.]
3.2.2
accountability
property that ensures that the actions of an entity may be traced uniquely to the entity
[SOURCE: ISO 7498-2:1989, 3.3.3]
3.2.3
asymmetric cryptographic algorithm
algorithm for performing encipherment or the corresponding decipherment in which the keys used for
encipherment and decipherment differ
[SOURCE: ISO/IEC 10181-1:1996, 3.3.1, modified — Note to entry removed.]
3.2.4
authentication
process of reliably identifying security subjects by securely associating an identifier and its
authenticator
[SOURCE: ISO 7498-2:1989]
Note 1 to entry: See also data origin authentication and peer entity authentication.
3.2.5
authorization
granting of rights, which includes the granting of access based on access rights
[SOURCE: ISO 7498-2:1989, 3.3.10]
3.2.6
availability
property of being accessible and useable upon demand by an authorized entity
[SOURCE: ISO 7498-2:1989, 3.3.11]
3.2.7
ciphertext
data produced through the use of encipherment, the semantic content of which is not available
[SOURCE: ISO 7498-2:1989, 3.3.14, modified — Note to entry removed.]
3.2.8
confidentiality
property that information is not made available or disclosed to unauthorized individuals, entities, or
processes
[SOURCE: ISO 7498-2:1989, 3.3.16]
3.2.9
cryptography
discipline which embodies principles, means, and methods for the transformation of data in order to
hide its information content, prevent its undetected modification, and/or prevent its unauthorized use
[SOURCE: ISO 7498-2:1989, 3.3.20, modified — Note to entry removed.]
3.2.10
cryptographic algorithm
cipher
method for the transformation of data in order to hide its information content, prevent its undetected
modification, and/or prevent its unauthorized use
[SOURCE: ISO 7498-2:1989]
3.2.11
data integrity
property that data have not been altered or destroyed in an unauthorized manner
[SOURCE: ISO 7498-2:1989, 3.3.21]
3.2.12
data origin authentication
corroboration that the source of data received is as claimed
[SOURCE: ISO 7498-2:1989, 3.3.22]
4 © ISO 2021 – All rights reserved

3.2.13
decipherment
decryption
process of obtaining, from a ciphertext, the original corresponding data
[SOURCE: ISO/IEC 2382:2015, 2126281, modified — Notes 2 and 3 to entry removed.]
Note 1 to entry: A ciphertext may be enciphered a second time, in which case a single decipherment does not
produce the original plaintext.
3.2.14
digital signature
data appended to, or a cryptographic transformation (see cryptography) of, a data unit that allows a
recipient of the data unit to prove the source and integrity of the data unit and protect against forgery,
e.g. by the recipient
[SOURCE: ISO 7498-2:1989, 3.3.26]
3.2.15
encipherment
encryption
cryptographic transformation of data (see cryptography) to produce ciphertext
[SOURCE: ISO 7498-2:1989, 3.3.27]
3.2.16
identifier
piece of information used to claim an identity, before a potential corroboration by a corresponding
authenticator
[SOURCE: ENV 13608-1]
3.2.17
integrity
proof that the message content has not been altered, deliberately or accidentally, in any way during
transmission
Note 1 to entry: Adapted from ISO 7498-2:1989.
3.2.18
key
sequence of symbols that controls the operations of encipherment and decipherment
[SOURCE: ISO 7498-2:1989, 3.3.32]
3.2.19
key management
generation, storage, distribution, deletion, archiving, and application of keys in accordance with a
security policy
[SOURCE: ISO 7498-2:1989, 3.3.33]
3.2.20
non-repudiation
service providing proof of the integrity and origin of data (both in an unforgeable relationship), which
can be verified by any party
Note 1 to entry: Adapted from Reference [18].
3.2.21
private key
key that is used with an asymmetric cryptographic algorithm and whose possession is restricted
(usually to only one entity)
[SOURCE: ISO/IEC 10181-1:1996, 3.3.10]
3.2.22
public key
key that is used with an asymmetric cryptographic algorithm and that can be made publicly available
[SOURCE: ISO/IEC 10181-1:1996, 3.3.11]
3.2.23
role
set of behaviours that is associated with a task
3.2.24
security
combination of availability, confidentiality, integrity, and accountability
[SOURCE: ENV 13608-1]
3.2.25
security policy
plan or course of action adopted for providing computer security
[SOURCE: ISO/IEC 2382:2015, 2126246, modified — Notes to entry removed.]
3.2.26
security service
service, provided by a layer of communicating open systems, which ensures adequate security of the
systems or of data transfers
[SOURCE: ISO 7498-2:1989, 3.3.51]
3.3 Public key infrastructure related terms
3.3.1
attribute authority
AA
authority which assigns privileges by issuing attribute certificates
[SOURCE: RFC 5280]
3.3.2
attribute certificate
data structure, digitally signed by an attribute authority, that binds some attribute values with
identification about its holder
[SOURCE: RFC 5280]
3.3.3
authority certificate
certificate issued to a certification authority or to an attribute authority
Note 1 to entry: Adapted from RFC 5280.
3.3.4
certificate
public key certificate
6 © ISO 2021 – All rights reserved

3.3.5
certificate distribution
act of publishing certificates and transferring certificates to security subjects
3.3.6
certificate extension
extension fields (known as extensions) in X.509 certificates that provide methods for associating
additional attributes with users or public keys and for managing the certification hierarchy
Note 1 to entry: Certificate extensions may be either critical (i.e. a certificate-using system has to reject the
certificate if it encounters a critical extension it does not recognize) or non-critical (i.e. it may be ignored if the
extension is not recognized).
3.3.7
certificate generation
act of creating certificates
3.3.8
certificate profile
specification of the structure and permissible content of a certificate type
3.3.9
certificate revocation
act of removing any reliable link between a certificate and its related owner (or security subject owner)
because the certificate is not trusted any more, even though it is unexpired
3.3.10
certificate holder
entity that is named as the subject of a valid certificate
3.3.11
certification
procedure by which a third party gives assurance that all or part of a data processing system conforms
to security requirements
[SOURCE: ISO/IEC 2382:2015, 2126258, modified — Notes to entry removed.]
3.3.12
certification authority
CA
certificate issuer
authority trusted by one or more relying parties to create and assign certificates and which may,
optionally, create the relying parties' keys
Note 1 to entry: Adapted from ISO/IEC 9594-8:2021.
Note 2 to entry: Authority in the CA term does not imply any government authorization but only denotes that it
is trusted.
Note 3 to entry: Certificate issuer may be a better term, but CA is very widely used.
3.3.13
certificate policy
CP
named set of rules that indicates the applicability of a certificate to a particular community and/or
class of application with common security requirements
[SOURCE: IETF/RFC 3647]
3.3.14
certification practices statement
CPS
statement of the practices which a certification authority employs in issuing certificates
[SOURCE: IETF/RFC 3647]
3.3.15
public key certificate
PKC
X.509 public key certificates (PKCs) which bind an identity and a public key
Note 1 to entry: The identity may be used to support identity-based access control decisions after the client
proves that it has access to the private key that corresponds to the public key contained in the PKC.
Note 2 to entry: Adapted from IETF/RFC 3280.
3.3.16
public key infrastructure
PKI
infrastructure used in the relation between a key holder and a relying party that allows a relying party
to use a certificate relating to the key holder for at least one application using a public key dependent
security service and that includes a certification authority, a certificate data structure, means for the
relying party to obtain current information on the revocation status of the certificate, a certification
policy, and methods to validate the certification practice
3.3.17
qualified certificate
certificate whose primary purpose is identifying a person with a high level of assurance in public non-
repudiation services
Note 1 to entry: The actual mechanisms that will decide whether a certificate should or should not be considered
to be a “qualified certificate” in regard to any legislation are outside the scope of this document.
3.3.18
registration authority
RA
entity that is responsible for identification and authentication of certificate subjects, but that does not
sign or issue certificates (i.e. an RA is delegated certain tasks on behalf of a CA)
[SOURCE: IETF/RFC 3647]
3.3.19
relying party
recipient of a certificate who acts in reliance on that certificate and/or digital signature verified using
that certificate
[SOURCE: IETF/RFC 3647]
3.3.20
third party
party, other than data originator or data recipient, required to perform a security function as part of a
communication protocol
8 © ISO 2021 – All rights reserved

3.3.21
trusted third party
TTP
third party which is considered trusted for purposes of a security protocol
[SOURCE: ENV 13608-1]
Note 1 to entry: This term is used in many ISO/IEC International Standards and other documents describing
mainly the services of a CA. The concept is, however, broader and includes services such as time-stamping and
possibly escrowing.
4 Abbreviations
ECG electrocardiogram
EHR electronic health record
5 Healthcare context
5.1 Certificate holders and relying parties in healthcare
For the purposes of facilitating the discussion on digital certificate requirements, the following classes
of healthcare actors are introduced. This does not imply that other classes and definitions are not more
appropriate in other contexts.
The focus here is on actors who are directly involved in a health-related communication and may
require a certificate for a PKI-enabled security service. The following actors are defined in 3.1.
Persons: regulated health professional;
non-regulated health professional;
patient/consumer;
sponsored healthcare provider;
supporting organization employee.
Organizations: healthcare organization;
supporting organization.
Other entities: devices;
regulated medical devices;
applications.
In addition to these actors, the wide-scale deployment of digital certificates requires CAs and RAs to be
part of the total system and these organizations become important certificate holders in their own right.
Some healthcare workers are associated with multiple healthcare organizations. There is a primary
need in healthcare to avoid duplicate or redundant registration with its inherent costs and multiplicity
of certificates.
Within the healthcare context, the role of RAs is to identify the actor as either a valid health professional
performing a given role or to identify a consumer as the person with rights to his or her own information.
There also needs to be a way of registering support staff for physicians in private practice (medical
receptionists, billing clerks, file clerks, etc.). Such individuals are not associated with institutions such
as hospitals that are covered by national, state, or provincial health authorities.
5.2 Examples of actors
5.2.1 Regulated health professional
Examples of regulated health professionals are physicians, dentists, registered nurses, and pharmacists.
There are many different classifications of officially regulated/accredited professions in healthcare in
different countries. It is an important task to create a global mapping for this but, for the purposes of this
document, it is assumed that only very broad classes can be recognized internationally. In ISO 17090-2,
a data structure is presented that allows a broad international classification to be used in parallel with
a more detailed defined classification that may be national or may follow other jurisdictions, since
regulated health professionals are regulated in provinces or states in some countries.
5.2.2 Non-regulated health professional
Non-regulated health professionals are persons who are employed by a healthcare organization but
who are not regulated health professionals, and include medical secretaries and record assistants,
transcription clerks (i.e. those who type from a dictated voice recording), billing clerks, and assistant
nurses. For the purpose of this document, it is important to include the relationship between the
employing healthcare organization and the employee in a certificate for security services. For the
healthcare professionals, it is important to include the relationship with the professional registration
body in the structure of the digital certificate, but a possible employment or other affiliation of, for
example, a physician may also be important.
There are many different types of roles or occupations of healthcare employees and this document
makes no attempt to provide a classification scheme.
NOTE The fact that the employee is not registered by a body independent of the employer in his professional
capacity does, of course, not imply that the employee is not professional in conducting his services.
5.2.3 Patient/consumer
The person who receives health-related services is, in most cases, called the patient but, in some
situations, it is more appropriate, in the case of a healthy person and when considering the contractual
relations with the healthcare providers, to call such a person a consumer of health services. Only the
patient/consumer who is also a direct user of a health information system is considered in this context.
5.2.4 Sponsored healthcare provider
There are some types of persons who are providers of health services that are not regulated in the
jurisdiction but who are active in a community and where their professional role may be certified
and sponsored by a registered healthcare organization. Examples are, in some countries, midwives
(who may be sponsored by obstetricians or other physicians), physiotherapists of different types, and
various persons active in community care for disabled and elderly (who may be sponsored by a general
practitioner or a hospital).
5.2.5 Supporting organization employee
A supporting organization employee is a person who is working for a supporting organization and who
is not a regulated or non-regulated health professional.
5.2.6 Healthcare organization
Examples of officially registered organizations that have a main activity related to healthcare services
or health promotion are healthcare providers, healthcare financing bodies (insurance companies or
administrators of governmental public health financing), and healthcare research institutions.
10 © ISO 2021 – All rights reserved

5.2.7 Supporting organization
Supporting organizations perform services for healthcare organizations but do not perform direct
healthcare services.
5.2.8 Devices
Devices are equipment such as ECG machines, laboratory automation equipment, and different portable
diagnostic aids that measure various physiological parameters of a patient; included also are computer
devices such as electronic mail servers, web servers, and application servers.
5.2.9 Applications
Applications are computer software programs running on individual machines and/or networks.
Within the healthcare context, applications relying upon digital certificates could include integrated
clinical management systems, EHR applications, emergency department information systems, imaging
systems, and prescribing, drug profiling, and medication management systems.
5.3 Applicability of digital certificates to healthcare
This document applies to the healthcare industry, both within and between jurisdictional boundaries.
It is intended to cover public (government) health authorities and private healthcare providers across
the entire range of settings including hospitals, community health, and general practice. It also applies
to health insurance organizations, healthcare educational institutions, and health-related activities
(such as home care).
While the primary aim is to develop a framework where health professionals, healthcare organizations,
and insur
...