SIST EN ISO 21549-4:2014

SLOVENSKI STANDARD
SIST EN ISO 21549-4:2014
01-julij-2014
1DGRPHãþD
SIST EN ISO 21549-4:2007
=GUDYVWYHQDLQIRUPDWLND3RGDWNLRSDFLHQWXQD]GUDYVWYHQLNDUWLFLGHO
5D]ãLUMHQLNOLQLþQLSRGDWNL,62
Health informatics - Patient healthcard data - Part 4: Extended clinical data (ISO 21549-
4:2014)
Medizinische Informatik - Patientendaten auf Karten im Gesundheitswesen - Teil 4:
Erweiterter Datensatz der klinischen Daten (ISO 21549-4:2014)
Informatique de santé - Données relatives aux cartes de santé des patients - Partie 4:
Données cliniques étendues (ISO 21549-4:2014)
Ta slovenski standard je istoveten z: EN ISO 21549-4:2014
ICS:
35.240.15 Identifikacijske kartice in Identification cards and
sorodne naprave related devices
35.240.80 Uporabniške rešitve IT v IT applications in health care
zdravstveni tehniki technology
SIST EN ISO 21549-4:2014 en,fr,de
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------

SIST EN ISO 21549-4:2014

---------------------- Page: 2 ----------------------

SIST EN ISO 21549-4:2014

EUROPEAN STANDARD
EN ISO 21549-4

NORME EUROPÉENNE

EUROPÄISCHE NORM
February 2014
ICS 35.240.80 Supersedes EN ISO 21549-4:2006
English Version
Health informatics - Patient healthcard data - Part 4: Extended
clinical data (ISO 21549-4:2014)
Informatique de santé - Données relatives aux cartes de Medizinische Informatik - Patientendaten auf Karten im
santé des patients - Partie 4: Données cliniques étendues Gesundheitswesen - Teil 4: Erweiterter Datensatz der
(ISO 21549-4:2014) klinischen Daten (ISO 21549-4:2014)
This European Standard was approved by CEN on 13 December 2013.

CEN members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European
Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references concerning such national
standards may be obtained on application to the CEN-CENELEC Management Centre or to any CEN member.

This European Standard exists in three official versions (English, French, German). A version in any other language made by translation
under the responsibility of a CEN member into its own language and notified to the CEN-CENELEC Management Centre has the same
status as the official versions.

CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania,
Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United
Kingdom.





EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION

EUROPÄISCHES KOMITEE FÜR NORMUNG

CEN-CENELEC Management Centre: Avenue Marnix 17, B-1000 Brussels
© 2014 CEN All rights of exploitation in any form and by any means reserved Ref. No. EN ISO 21549-4:2014 E
worldwide for CEN national Members.

---------------------- Page: 3 ----------------------

SIST EN ISO 21549-4:2014
EN ISO 21549-4:2014 (E)
Contents Page
Foreword .3

2

---------------------- Page: 4 ----------------------

SIST EN ISO 21549-4:2014
EN ISO 21549-4:2014 (E)
Foreword
This document (EN ISO 21549-4:2014) has been prepared by Technical Committee ISO/TC 215 “Health
informatics” in collaboration with Technical Committee CEN/TC 251 “Health informatics” the secretariat of
which is held by NEN.
This European Standard shall be given the status of a national standard, either by publication of an identical
text or by endorsement, at the latest by August 2014, and conflicting national standards shall be withdrawn at
the latest by August 2014.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. CEN [and/or CENELEC] shall not be held responsible for identifying any or all such patent rights.
This document supersedes EN ISO 21549-4:2006.
According to the CEN-CENELEC Internal Regulations, the national standards organizations of the following
countries are bound to implement this European Standard: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech
Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece,
Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal,
Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kingdom.
Endorsement notice
The text of ISO 21549-4:2014 has been approved by CEN as EN ISO 21549-4:2014 without any modification.

3

---------------------- Page: 5 ----------------------

SIST EN ISO 21549-4:2014

---------------------- Page: 6 ----------------------

SIST EN ISO 21549-4:2014
INTERNATIONAL ISO
STANDARD 21549-4
Second edition
2014-02-15
Health informatics — Patient
healthcard data —
Part 4:
Extended clinical data
Informatique de santé — Données relatives aux cartes de santé des
patients —
Partie 4: Données cliniques étendues
Reference number
ISO 21549-4:2014(E)
©
ISO 2014

---------------------- Page: 7 ----------------------

SIST EN ISO 21549-4:2014
ISO 21549-4:2014(E)

COPYRIGHT PROTECTED DOCUMENT
© ISO 2014
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland
ii © ISO 2014 – All rights reserved

---------------------- Page: 8 ----------------------

SIST EN ISO 21549-4:2014
ISO 21549-4:2014(E)

Contents Page
Foreword .iv
Introduction .vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 2
4 Symbols and abbreviated terms . 2
5 Basic data object model for a healthcare data card . 2
5.1 Patient HDC data object structure . 2
5.2 Basic data objects for referencing . 3
6 Functional requirements on card information for extended clinical data .4
6.1 Overview of supported uses . 4
6.2 Clinical message transfer between healthcare parties . 4
7 Extended clinical data . 4
7.1 General . 4
7.2 The clinical event description . 5
7.3 The mapped clinical message. 6
Annex A (normative) ASN.1 Data definitions . 8
Annex B (informative) Rationale of extended clinical data structure . 9
Annex C (informative) Type and subtype of clinical event .14
Bibliography .17
© ISO 2014 – All rights reserved iii

---------------------- Page: 9 ----------------------

SIST EN ISO 21549-4:2014
ISO 21549-4:2014(E)

Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2. www.iso.org/directives
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received. www.iso.org/patents
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
The committee responsible for this document is ISO/TC 215, Health informatics.
This second edition cancels and replaces the first edition (ISO 21549-4:2006), which has undergone a
minor revision. The following changes have been made.
— Foreword: mention of CEN collaboration is removed.
— Scope: first paragraph is reworded.
— Scope: requirements “shall“ are replaced by “are“ in the third paragraph.
— Normative references: references that are not cited normatively are moved to the Bibliography.
— Terms and definitions, subclause 3.1: the second sentence is removed.
— Clause 5: paragraph after Figure 1 is reworded.
— Clause 7: references to figures and tables are added; the class ExtendedEmergencyData is moved to
Part 3.
— Annexes B and C: requirements “shall“ are replaced by “should“.
— Annex B, subclause B.2: syntax errors are corrected.
— Bibliography: created to list all the documents cited that are not in the normative references.
ISO 21549 consists of the following parts, under the general title Health informatics — Patient healthcard
data:
— Part 1: General structure
— Part 2: Common objects
— Part 3: Limited clinical data
— Part 4: Extended clinical data
— Part 5: Identification data
— Part 6: Administrative data
iv © ISO 2014 – All rights reserved

---------------------- Page: 10 ----------------------

SIST EN ISO 21549-4:2014
ISO 21549-4:2014(E)

— Part 7: Medication data
— Part 8: Links
© ISO 2014 – All rights reserved v

---------------------- Page: 11 ----------------------

SIST EN ISO 21549-4:2014
ISO 21549-4:2014(E)

Introduction
With a more mobile population, greater healthcare delivery in the community and at patients’ homes,
together with a growing demand for improved quality of ambulatory care, portable information
systems and stores have increasingly been developed and used. Such devices are used for tasks ranging
from identification, through portable medical record files, and on to patient-transportable monitoring
systems.
The functions of such devices are to carry and to transmit person-identifiable information between
themselves and other systems; therefore, during their operational lifetime they may share information
with many technologically different systems which differ greatly in their functions and capabilities.
Healthcare administration increasingly relies upon similar automated identification systems. For
instance prescriptions may be automated and data exchange carried out at a number of sites using
patient transportable computer readable devices.
The advent of remotely accessible databases and support systems has led to the development and use of
“Healthcare Person” identification devices that are also able to perform security functions and transmit
digital signatures to remote systems via networks.
With the growing use of data cards for practical everyday healthcare delivery, the need has arisen for a
standardised data format for interchange.
The person related data carried by a data card can be categorised in three broad types: identification
(of the device itself and the individual to whom the data it caries relates), administrative and clinical.
It is important to realize that a given healthcare data card “de facto” has to contain device data and
identification data and may in addition contain administrative, clinical, medication and linkage data.
Device data are defined to include:
— identification of the device itself;
— identification of the functions and functioning capabilities of the device.
Identification data may include:
— unique identification of the device holder or of all other persons to whom the data carried by the
device are related.
Administrative data may include:
— complementary person(s) related data;
— other data (distinguishable from clinical data) that are necessary for the purpose of healthcare
delivery.
Clinical data may include:
— items that provide information about health and health events;
— their appraisal and labelling by a healthcare provider (HCP);
— related actions planned requested or performed.
Because a data card essentially provides specific answers to definite queries while having at the same
time a need to optimize the use of memory by avoiding redundancies “high level” Object Modelling
Technique (OMT) has been applied with respect to the definition of healthcare data card data structures.
This part of ISO 21549 describes and defines the Extended Clinical Data objects used within or referenced
by patient held health data cards using UML, plain text and Abstract Syntax Notation (ASN.1).
vi © ISO 2014 – All rights reserved

---------------------- Page: 12 ----------------------

SIST EN ISO 21549-4:2014
ISO 21549-4:2014(E)

This part of ISO 21549 does not describe and define the common objects defined within ISO 21549-2
even though they are referenced and utilized within this part of ISO 21549.
© ISO 2014 – All rights reserved vii

---------------------- Page: 13 ----------------------

SIST EN ISO 21549-4:2014

---------------------- Page: 14 ----------------------

SIST EN ISO 21549-4:2014
INTERNATIONAL STANDARD ISO 21549-4:2014(E)
Health informatics — Patient healthcard data —
Part 4:
Extended clinical data
1 Scope
This part of ISO 21549 is applicable to situations in which clinical data additional to the limited clinical
data defined in ISO 21549-3 is recorded on or transported by patient healthcare data cards compliant
with the physical dimensions of ID-1 cards defined by ISO/IEC 7810.
This part of ISO 21549 specifies the basic structure of the data contained within the data object extended
clinical data, but does not specify or mandate particular data sets for storage on devices.
In order to facilitate interoperability, whenever an application is built for use in the healthcare domain
in compliance with this part of ISO 21549, data items required for that application are drawn from the
list of objects (some of which are extensible) as provided in Clause 5. These are used in conjunction with
other data defined in other parts of this International Standard.
The detailed functions and mechanisms of the following services are not within the scope of this part of
ISO 21549, (although its structures can accommodate suitable data objects elsewhere specified).
— The encoding of free text data.
— Security functions and related services which are likely to be specified by users for data cards
depending on their specific application, for example: confidentiality protection, data integrity
protection, and authentication of persons and devices related to these functions.
— Access control services which may depend on active use of some data card classes such as
microprocessor cards.
— The initialisation and issuing process (which begins the operating lifetime of an individual data
card, and by which the data card is prepared for the data to be subsequently communicated to it
according to this part of ISO 21549).
The following topics are therefore beyond the scope of this part of ISO 21549:
— physical or logical solutions for the practical functioning of particular types of data cards;
— how the message is processed further ‘downstream’ of the interface between two systems;
— the form which data takes for use outside the data card, or the way in which such data are visibly
represented on the data card or elsewhere.
2 Normative references
The following documents, in whole or in part, are normatively referenced in this document and are
indispensable for its application. For dated references, only the edition cited applies. For undated
references, the latest edition of the referenced document (including any amendments) applies.
ISO 21549-1, Health informatics — Patient healthcard data — Part 1: General structure
ISO 21549-2, Health informatics — Patient healthcard data — Part 2: Common objects
ISO 21549-3, Health informatics — Patient healthcard data — Part 3: Limited clinical data
© ISO 2014 – All rights reserved 1

---------------------- Page: 15 ----------------------

SIST EN ISO 21549-4:2014
ISO 21549-4:2014(E)

3 Terms and definitions
For the purposes of this document the terms and definitions given in ISO 21549-1, ISO 21549-2,
ISO 21549-3 and the following apply.
3.1
clinical information
information about a patient, relevant to the health or treatment of that patient, that is recorded by or on
behalf of a healthcare professional
[SOURCE: ENV 1613]
3.5
healthcare party
organization or person responsible for the direct or indirect provision of healthcare to an individual, or
involved in the provision of healthcare-related services
[SOURCE: ENV 1613]
3.9
relaying agent
party agreed to be acting as an intermediary, communicating messages between the requesting and
requested healthcare parties in both directions when direct communication is not possible as the
requested healthcare party’s identity is not known, being dependent on individual patient’s choice
[SOURCE: ENV 13607]
4 Symbols and abbreviated terms
ASN.1 Abstract Syntax Notation version 1
HCP Healthcare Person
HDC Healthcare Data Card
UML Unified Modelling Language
UTC Universal Time Coordinated
5 Basic data object model for a healthcare data card
5.1 Patient HDC data object structure
A set of basic data objects have been designed to facilitate the storage of clinical data in a flexible structure,
allowing for future application-specific enhancements. These tools should help the implementation
of common accessory characteristics of stored data in a way that allows efficient use of memory, an
important feature for many types of data cards.
The tools consist of a generic data structure based on an object-oriented model represented as an UML
class diagram as shown below in Figure 1.
2 © ISO 2014 – All rights reserved

---------------------- Page: 16 ----------------------

SIST EN ISO 21549-4:2014
ISO 21549-4:2014(E)

PatientHealthcardData
1
1 0.1 0.1 0.1
DeviceData IdentiicationData ClinicalData Links PatientHealthcardSecurityData
0.1 0.1
AdministrativeData MedicationData
0.1 0.1
LimitedClinicalData ExtendedClinicalData
Figure 1 — Patient healthcard data: overall structure
The content of this object-oriented structure described in Clause 7 and Annex A will also require the use
of data objects not defined within this part of ISO 21549.
NOTE It is possible to take the data objects and recombine them while preserving their context-specific tags,
and to define new objects, while still preserving interoperability.
In addition to the capability of building complex aggregate data objects from simpler building blocks,
this part of ISO 21549 allows for associations between certain objects, so that information can be shared.
This feature is mainly used to allow, for example, a set of accessory attributes to be used as services to
several stored information objects.
5.2 Basic data objects for referencing
5.2.1 Overview
A series of generally useful data type definitions have been made that have no intrinsic value in
themselves, but which are used to define other objects within this part of ISO 21549. Operations may be
performed with these objects in association with other information objects to “add value”. These objects
have formal definitions within ISO 21549-2.
5.2.2 Coded data
Coded values are understood by reference to the coding scheme to which they apply. The general
principle in this part of ISO 21549 is that it is not mandatory to use a particular coding scheme, unless
specified within this part of ISO 21549, when such codes act as parameters. One example is the use of
ISO 3166-1 for country codes.
When a coding scheme is exclusively specified within this part of ISO 21549 no alternative coding
scheme shall be allowed. Any references to coding schemes not so specified may however be modified in
the future independent of the rest of this International Standard.
The data object CodedData shall be constructed according to the definition contained in ISO 21549-2.
5.2.3 Device and data security attributes
Data stored in data cards used in health care may be personally sensitive. For this reason this part
of ISO 21549 utilizes a series of security attributes, defined in ISO 21549-2. The actual data content
(value) is not within the scope of this part of ISO 21549, nor are the mechanisms that make use of these
data elements. It is emphasized that the security attributes cannot satisfy given security requirements
without the implementation of the appropriate security functions and mechanisms within the data card.
Such access privileges are attributable to specific individuals with respect to discrete data items. These
privileges will be defined by application developers and can be controlled by automated systems such as
© ISO 2014 – All rights reserved 3

---------------------- Page: 17 ----------------------

SIST EN ISO 21549-4:2014
ISO 21549-4:2014(E)

healthcare professional cards. The privileges may be defined at the application level thereby providing
application and potential country specificity.
The data object SecurityServices provides for the storage of data required to deliver these security
functions and mechanisms. This data can be “attached” to individual data elements thereby preserving
the original author’s security requirements when the data object is transferred between different forms
of data card. This mechanism may therefore ensure that in the process of transferring data from active
to passive media and then back to active media, the original security requirements are regenerated.
This ability also allows exact replication of a data card such as on regeneration after failure.
5.2.4 Accessory attributes
The data object AccessoryAttributes shall consist of an ordered set of data that is essential to record an
audit trail regarding both the originator of the information and the means via which it arrives to the
recipient as defined in ISO 21549-2.
6 Functional requirements on card information for extended clinical data
6.1 Overview of supported uses
The major consideration in this part of ISO 21549 is for HDC:
— to carry the clinical messages (orders, referrals and reports) between the loosely coupled healthcare
parties (i.e. parties that are not able to establish network connections or do not have the third
trusted party yet);
— to carry the links and access keys to clinical messages between the tightly coupled healthcare
parties (i.e. the parties that are able to establish network connection and have the third trusted
party);
— to carry coded summaries of diagnosis and procedures extending limited clinical data set described
in ISO 21549-3. These summaries may be considered as the national or even institutional extensions
of limited clinical data.
6.2 Clinical message transfer between healthcare parties
HDC designed to transfer clinical messages between healthcare parties shall be considered as a secure
data media for a relaying agent. Such HDC may receive clinical messages without a predefined target
healthcare party and may also play a role in authenticating the eligibility of the healthcare party to
retrieve these clinical data.
7 Extended clinical data
7.1 General
The ExtendedClinicalData object is specifically divided into two separate data objects, index of
clinical events (class ClinicalEventDescription), and sequence of mapped clinical messages (class
MappedClinicalMessage). Because of their groupings each of these can have differing security settings
including access rights as determined by the provisions contained within accessory attributes (class
AccessoryAttributes).
Figure 2 and Table 1 define ExtendedClinicalData data object.
4 © ISO 2014 – All rights reserved

---------------------- Page: 18 ----------------------

SIST EN ISO 21549-4:2014
ISO 21549-4:2014(E)

ExtendedClinicalData
+clinicalEventDescription : ClinicalEventDescription [0.*]
+mappedClinicalMessage : MappedClinicalMessage [0.*]
Figure 2 — The structure of ExtendedClinicalData
Table 1 — The specification of individual entities within the object ExtendedClinicalData
Object name Object Type Multiplicity Comments
clinicalEventDescription ClinicalEventDescription 0.* This class holds the description of a
clinical event registered onto HDC
mappedClinicalMessage MappedClinicalMessage 0.* This class holds a mapped clinical
message carrying information of the
registered clinical event
7.2 The clinical event description
An object ClinicalEventDescription shall consist of a set of data consisting of a clinical event identifier,
a type and a subtype (control code) of this event and also date, time and place of event. This object may
contain the optional element AccessoryAttributes. This object is intended to support the process of a
selection of the relevant clinical message.
According to Figure 3 an instance of ClinicalEventDescription may reference an instance of the
MappedClinicalMessage and an instance of EventPlace. Table 2 defines the specification of individual
entities within the object ClinicalEventDescription.
ClinicalEventDescription
+eventID : OCTET STRING [1]
+eventType : CodedData [1]
+eventSubtype : CodedData [0.1]
1
+eventDateTime : UTCTime [0.1]
+accessoryAttributes : AccessoryAttributes [0.1]
+clinMessPointer 0.1
1
MappedClinicalMessage
+eventPlace0.1
EventPlace
Figure 3 — The structure of ClinicalEventDescription
© ISO 2014 – All rights reserved 5

---------------------- Page: 19 ----------------------

SIST EN ISO 21549-4:2014
ISO 21549-4:2014(E)

Table 2 — The specification of individual entities within the object ClinicalEventDescription
Object name Data Type Multiplicity Comments
eventID OCTET STRING 1 This identifies a clinical event in a manner
allowing the originator of the related clinical
message to identify this event uniquely.
eventType CodedData 1 This identifies type of the clinical event
(order, referral, discharge, result of clinical
investigation and so on).
eventSubtype CodedData 0.1 This identifies subtype of the clinical event
or control (new order, cancel order and so
on).
even
...