ISO/TC 215/WG 1 - Architecture, Frameworks and Models

This document: — Specifies clinical information models (CIMs) as health and care concepts that can be used to define and to structure information for various purposes in health care, also enabling information reuse; — Describes requirements for CIMs content, structure and context and specification of their data elements, data element relationships, meta-data and versioning, and provides guidance and examples; — Specifies key characteristics of CIMs used in conceptual and logical analysis for use cases such as (reference) architectures, information layers, EHR and PHR systems, interoperability, systems integration in the health domain, and secondary use of data including for public health reporting; — Defines a Quality Management System (QMS) for a systematic and effective governance, quality management, and measurement of CIMs through their lifecycle of development, testing, distribution, application and maintenance; — Provides principles for the transformation and application of clinical information models through the wide variation of health information technology. This document excludes: — Requirements on the content or application of any particular clinical information model or clinical information modelling methodology; — Specific applications of clinical information models such as for dynamic modelling of workflow; — Specifications for modelling entire domains or aggregates of many CIMs such as complete assessment documents or discharge summaries. It does not specify CIMs compositions; — Specification of how to involve specific clinicians, how to carry out governance including information governance, or how to ensure patient safety.

This document describes a core set of cloud service agreements for customer-oriented health cloud services. This document covers a customer-oriented cloud service agreement that can be used in healthcare organizations and public health centers that use health cloud services. This document defines key characteristics in the health cloud service agreement that are indispensable in providing optimal health/healthcare management functionalities. Privacy and security features are considered outside the scope of this document and are covered in ISO/TR 21332. The purpose of this document is to present matters to be considered (e.g., cloud type, components, key characteristics) by stakeholders involved in the implementation of cloud computing in hospitals or healthcare organizations. The potential users of this document are mainly 1) IT managers of hospitals, 2) hospital management, and 3) cloud service providers and cloud partners that provide services to healthcare institutions.

This document defines the core data set for a patient summary document that supports continuity of care for a person and coordination of their healthcare. It is specifically aimed at supporting the use case’ scenario for ‘unplanned, cross border care’ and is intended to be an international patient summary (IPS). Whilst the data set is minimal and non-exhaustive, it provides a robust, well-defined core set of data items. The tight focus on this use case also enables the IPS to be used in planned care. This means that both unplanned and planned care can be supported by this data set within local and national contexts, thereby increasing its utility and value. It uses the European Guideline from the eHN as the initial source for the patient summary requirements, then takes into consideration other international patient summary projects to provide an interoperable data set specification that has global application. This document provides an abstract definition of a Patient Summary from which derived models are implementable. Due to its nature therefore, readers should be aware that the compliance with this document does not imply automatic technical interoperability; this result, enabled by this document, can be reached with the conformity to standards indicated in the associated technical specification and implementation guides. This document does not cover the workflow processes of data entry, data collection, data summarization, subsequent data presentation, assimilation, or aggregation. Furthermore, this document does not cover the summarization act itself, i.e. the intelligence/skill/competence that results in the data summarization workflow. It is not an implementation guide that is concerned with the various technical layers beneath the application layer. Implementation guidance for specifically jurisdictional concerns, e.g. Directives, terminologies, formats, etc., an example is specified in the associated Technical Specification[3]. In particular, representation by various coding schemes, additional structures and terminologies are not part of this document. Terminology and its binding are addressed in Reference [3]. The Identification of Medicinal Products standards (abbreviated to IDMP) are the recommended target for the Medication Summary related to this document but, prior to IDMP’s full implementation in practice, this IPS standard cannot insist in its use at this point in time and recognizes that interim schemes might be necessary until IDMP becomes established as a norm.

This document enables the advancement of interoperability from the data/information exchange paradigm to knowledge sharing at decreasing level of abstraction, starting at IT concept level (semantic coordination) through business domain concept level (agreed service function level cooperation), domain level (cross-domain cooperation) up to individual context (skills-based end-user collaboration). The document defines a model and framework for a harmonized representation of existing or intended systems with a specific focus on ICT-supported business systems. The Interoperability and Integration Reference Architecture supports ontology harmonization or knowledge harmonization to enable interoperability between, and integration of, systems, standards and solutions at any level of complexity without the demand for continuously adapting/revising those specifications. The approach can be used for analysing, designing, integrating, and running any type of systems. For realizing advanced interoperability, flexible, scalable, business-controlled, adaptive, knowledge-based, intelligent health and social ecosystems need to follow a systems-oriented, architecture-centric, ontology-based and policy-driven approach. The languages for representing the different views on systems such as ontology languages like Common Logic (CL) (ISO/IEC 24707[24]) and Web Ontology Language (OWL)[25] – specifically OWL 2[26] (World Wide Web Consortium (W3C®), languages for modeling and integrating business processes like Business Process Modeling Language (BPML) (OMG®), but also OMG’s Unified Modeling Language (UML, also specified as ISO/IEC 19505[27]) based representation styles for the different ISO/IEC 10746 (all parts) views are outside the scope of this document.

This document outlines the standards needed to identify and label the Subject of Care (SoC) and the Individual Provider on objects such as identification (wrist) bands, identification tags or other objects, to enable automatic data capture using data carriers in the care delivery process. It provides for a unique SoC identification that can be used for other purposes, such as recording the identity of the SoC in individual health records. This document serves as a reference for any organization which plans to implement or improve Automatic Identification and Data Capture (AIDC) in their delivery of care process. It is based on the use of the GS1® system of standards. Other solutions, such as using other identification systems (for example, systems based on ISBT 128), are possible but not addressed by this document. This document describes good practices to reduce/avoid variation and workarounds which challenge the efficiency of AIDC at the point of care and compromise patient safety[5][6]. This document specifies how to manage identifiers in the AIDC process, and completes the information found in ISO/TS 22220 and ISO/TS 27527.

This document presents a methodology which supports and enables the development of standards based business and information architectures that contribute to good quality of healthcare and patient safety. The methodology is used to develop descriptions of healthcare enterprises from different aspects. Those aspects are covering what, how, where, who, when, why[1] and are based on standards.

This document provides guidance and requirements for the description, planning and development of new systems, as well as for the integration of existing information systems, both within one enterprise and across different healthcare organizations, through an architecture integrating the common data and business logic into a specific architectural layer (i.e. the middleware), distinct from individual applications and accessible throughout the whole information system through services, as shown in Figure 2.

This document specifies the fundamental characteristics of the information model implemented by a specific architectural layer (i.e. the service architecture) of the information system to provide a comprehensive and integrated storage of the common enterprise data and to support the fundamental business processes of the healthcare organization, as defined in ISO 12967‑1. The information model is specified in this document without any explicit or implicit assumption on the physical technologies, tools or solutions to adopt for its physical implementation in the various target scenarios. The specification is nevertheless formal, complete and non-ambiguous enough to allow implementers to derive an efficient design of the system in the specific technological environment that will be selected for the physical implementation. This document does not aim at representing a fixed, complete, specification of all possible data that can be necessary for any requirement of any healthcare enterprise. It specifies only a set of characteristics, in terms of overall organization and individual information objects, identified as fundamental and common to all healthcare organizations, and that is satisfied by the information model implemented by the service architecture. Preserving consistency with the provisions of this document, physical implementations are allowed extensions to the standard information model in order to support additional and local requirements. Extensions include both the definition of additional attributes in the objects of the standard model, and the implementation of entirely new objects. Also, this document specification is extensible over time according to the evolution of the applicable standardization initiatives. The specification of extensions is carried out according to the methodology defined in ISO 12967-1:2020, Clause 7.

This document specifies the fundamental characteristics of the computational model implemented by a specific architectural layer of the information system (i.e. the service architecture) to provide a comprehensive and integrated interface to the common enterprise information and to support the fundamental business processes of the healthcare organization, as defined in ISO 12967‑1. The computational model is specified without any explicit or implicit assumption about the physical technologies, tools or solutions to adopt for its physical implementation in the various target scenarios. The specification is nevertheless formal, complete and non-ambiguous enough to allow implementers to derive an efficient design of the system in the specific technological environment which will be selected for the physical implementation. The computational model specified in this document provides the basis for ensuring consistency between different engineering and technology specifications (including programming languages and communication mechanisms) since they are intended to be consistent with the same computational object model. This consistency allows open inter-working and portability of components in the resulting implementation. This document does not aim at representing a fixed, complete, specification of all possible interfaces that might be necessary for any requirement of any healthcare enterprise. It specifies only a set of characteristics — in terms of overall organization and individual computational objects, identified as fundamental and common to all healthcare organizations, and that are satisfied by the computational model implemented by the service architecture. Preserving consistency with the provisions of this document, physical implementations of the computational model specified in this document can allow extensions in order to support additional and local requirements. Extensions can include both the definition of additional properties of the objects of the computational model specified in this document and the implementation of entirely new objects. Also, the computational model specified in this document can be extendable over time according to the evolution of the applicable standardization initiatives, in accordance to the methodology defined in ISO 12967‑1:2020, Clause 7, which identifies a set of healthcare common information services, describing the requirements behind them and the methodology through which they will be used. The information services specified in this document are only the minimal set identifiable according to the identified requirements of the healthcare enterprise, and constituting the service architecture (i.e. the integration platform) to serve as the basis for healthcare applications, e.g. EHR or patient administration.

This document specifies a means for communicating part or all of the electronic health record (EHR) of one or more identified subjects of care between EHR systems, or between EHR systems and a centralised EHR data repository. It can also be used for EHR communication between an EHR system or repository and clinical applications or middleware components (such as decision support components), or personal health applications and devices, that need to access or provide EHR data, or as the representation of EHR data within a distributed (federated) record system. This document defines term lists that each specify the set of values for the particular attributes of the Reference Model defined in ISO 13606-1. It also defines normative and informative Reference Archetypes that enable frequently-occurring instances of EHR data to be represented within a consistent structure when communicated using this document.

This document specifies the information architecture required for interoperable communications between systems and services that need or provide EHR data. This document is not intended to specify the internal architecture or database design of such systems. The subject of the record or record extract to be communicated is an individual person, and the scope of the communication is predominantly with respect to that person's care. Uses of healthcare records for other purposes such as administration, management, research and epidemiology, which require aggregations of individual people's records, are not the focus of this document but such secondary uses could also find the document useful. This document defines a set of interfaces to request and provide: — an EHR_EXTRACT for a given subject of care as defined in ISO 13606-1; — one or more ARCHETYPE(s) as defined in ISO 13606-2; — an EHR_AUDIT_LOG_EXTRACT for a given subject of care as defined in ISO 13606-4. This document defines the set of interactions to request each of these artefacts, and to provide the data to the requesting party or to decline the request. An interface to query an EHR or populations of EHRs, for example for clinical audit or research, are beyond its scope, although provision is made for certain selection criteria to be specified when requesting an EHR_EXTRACT which might also serve for population queries. This document defines the Computational Viewpoint for each interface, without specifying or restricting particular engineering approaches to implementing these as messages or as service interfaces. This document effectively defines the payload to be communicated at each interface. It does not specify the particular information that different transport protocols will additionally require, nor the security or authentication procedures that might be agreed between the communicating parties or required by different jurisdictions.

This document specifies a means for communicating part or all of the electronic health record (EHR) of one or more identified subjects of care between EHR systems, or between EHR systems and a centralised EHR data repository. It can also be used for EHR communication between an EHR system or repository and clinical applications or middleware components (such as decision support components), or personal health applications and devices, that need to access or provide EHR data, or as the representation of EHR data within a distributed (federated) record system. This document will predominantly be used to support the direct care given to identifiable individuals or self-care by individuals themselves, or to support population monitoring systems such as disease registries and public health surveillance. Uses of health records for other purposes such as teaching, clinical audit, administration and reporting, service management, research and epidemiology, which often require anonymization or aggregation of individual records, are not the focus of this document but such secondary uses might also find the document useful. This Part 1 of the multipart series is an Information Viewpoint specification as defined by the Open Distributed Processing ? Reference model: Overview (ISO/IEC 10746-1). This document is not intended to specify the internal architecture or database design of EHR systems.

This document specifies a means for communicating part or all of the electronic health record (EHR) of one or more identified subjects of care between EHR systems, or between EHR systems and a centralised EHR data repository. It can also be used for EHR communication between an EHR system or repository and clinical applications or middleware components (such as decision support components) that need to access or provide EHR data, or as the representation of EHR data within a distributed (federated) record system. This document will predominantly be used to support the direct care given to identifiable individuals, or to support population monitoring systems such as disease registries and public health surveillance. Uses of health records for other purposes such as teaching, clinical audit, administration and reporting, service management, research and epidemiology, which often require anonymization or aggregation of individual records, are not the focus of this standard series but such secondary uses might also find it useful. This document defines an Archetype Model to be used to represent Archetypes when communicated between repositories, and between archetype services. It defines an optional serialised representation, which may be used as an exchange format for communicating individual archetypes. Such communication might, for example, be between archetype libraries or between an archetype service and an EHR persistence or validation service.

The purpose of ISO/TS 18864:2017 is to define objective, reliable and reproducible quality metrics for detailed clinical models (DCM). ISO/TS 18864:2017 specifies the principal metrics which are necessary and sufficient to evaluate DCMs. The intended audiences of this document are: - DCM developers, all users of information represented using DCMs, and evaluators of DCM quality; - clinical and IT professionals of healthcare institutions; - technical staff in the healthcare technology industry; - experts involved in standards development; - national and regional healthcare information technology leadership including certification bodies. ISO/TS 18864:2017 defines a set of quality metrics required to evaluate DCMs objectively. These quality metrics can be used to support rational decision making by DCM developers who will have the essential qualitative and quantitative quality requirements to use as guidelines as they create new content. Clinical users can then use the quantitative assessments as they select models for specific use cases and implement them in their clinical systems.

ISO/TR 19669:2017 specifies a use case development methodology, facilitated by a dynamic catalogue of re-usable components. Use cases are a basic tool in describing requirements for health and healthcare settings, service provision, information technology and software products. Use case development often follows a uniform template with components such as actors, roles, scenarios, event steps, actions, data objects/elements and requirements statements. ISO/TR 19669:2017 includes a basic use case template and the methods of component identification, capture, cataloguing and re-use. This document also includes guidance for software designed to implement the methodology in the form of a use case authoring tool.

ISO/HL7 16527 PHR-S FM:2016 defines a standardized model of the functions that may be present in PHR Systems. It is beyond the scope of the PHR system to control the use (or intended use) of PHR data. On the contrary, it is within the scope of the PHR system to manage the authorization of an individual (or other application). Those parties are then responsible for using the data for appropriate (or intended) purposes. The system manufacturers specify "intended and permitted use of PHR data" in their Terms of Service and Terms of Use agreements. This Functional Model is not: - a messaging specification; - an implementation specification; - a conformance specification; - a specification for the underlying PHR (i.e. the record itself); - an exercise in creating a definition for a PHR; - a conformance or conformance testing metric; - a requirement specification for a single PHR system (see Annex D, Anticipated Uses). The information exchange enabled by the PHR-S supports the retrieval and population of clinical documents and summaries, minimum data sets, and other input/outputs.

ISO/TR 14639:2014 provides a guide to best practice business requirements and principles for countries and their subordinate health authorities planning and implementing the use of information and communications technology (ICT) to support the delivery and development of healthcare. A business reference architecture is described in terms of components and capabilities that health authorities may use as a framework for building their own eHealth architectures and also for measuring the maturity of their health systems' use of ICT to support the delivery and development of healthcare. ISO/TR 14639:2014 also proposes a maturity model and methodology that organizations may consider in developing and evolving their eHealth capacities in specified areas of operational capability from low to medium to high levels. The proposed business reference architecture identifies components and capabilities needed to support various health service activities along with the governance, infostructure, and ICT infrastructure that is necessary for the effective and efficient use of information in the delivery and development of health services.

ISO/TR 14639-1:2012 aims to identify the business requirements of an eHealth architecture as well as providing a generic and comprehensive context description to inform architectural structuring of Health Information Systems (HIS). ISO/TR 14639-1:2012 reviews international experiences in the construction of national eHealth architectures and introduces a methodology for strategic development of HIS.

ISO/TS 22220:2011 indicates the data elements and structure suited to accurate and procedurally appropriate and sensitive identification of individuals in health care in a face-to-face setting supported by computer technology, or through interactions between computer systems. It provides guidelines for improving the positive identification of subjects of care within and between health care organizations. ISO/TS 22220:2011 defines demographic and other identifying data elements suited to capturing subject of care identification in health care settings, and the wide variety of manual and computer enhanced procedures used for this process. It provides guidance on the application of these procedures in the manual and the computer environment and makes recommendations about the nature and form of health care identifiers, the management organization to oversee subject of care identification and computer support to be provided for the identification process.

ISO 18308:2011 defines the set of requirements for the architecture of a system that processes, manages and communicates electronic health record (EHR) information: an EHR architecture. The requirements are formulated to ensure that these EHRs are faithful to the needs of healthcare delivery, are clinically valid and reliable, are ethically sound, meet prevailing legal requirements, support good clinical practice and facilitate data analysis for a multitude of purposes. ISO 18308:2011 does not specify the full set of requirements that need to be met by an EHR system for direct patient care or for other use cases, but the requirements defined by ISO 18308:2011 do contribute to the governance of EHR information within such systems.

ISO 21667:2010 establishes a common health indicators conceptual framework, and is intended to foster a common vocabulary and conceptual definitions for the resultant framework. The framework defines the appropriate dimensions and sub-dimensions required to describe the health of the population and performance of a health care system, is sufficiently broad (high-level) to accommodate a variety of health care systems, and is comprehensive, encapsulating all of the factors related to health outcomes and health system performance and utilization, as well as regional and national variations. ISO 21667:2010 does not identify or describe individual indicators or specific data elements for the health indicators conceptual framework; nor does it address needs analysis, demand analysis or the range of activities that need to be supported for health system management. The definition of benchmarks and/or approaches used in the definition of benchmarks is outside the scope of ISO 21667:2010.

ISO/TS 27527:2010 provides a framework for improving the positive identification of providers. Identification of "providers" encompasses individuals and organizations. ISO/TS 27527:2010 includes data elements needed for identification of individual providers (i.e. individuals) and data elements needed for the identification of organization providers (i.e. organizations). "Identification" in ISO/TS 27527:2010 refers both to the process of being able to identify individuals and organizations, and the data elements required to support that identification manually and from a computer processing perspective. ISO/TS 27527:2010 can be applied to all providers of services, individuals and organizations. It details both data and processes for collection and application of identifying information for providers. It defines demographic and other identifying data elements suited to capture and use for the identification of providers in health care settings and provides guidance on their application. ISO/TS 27527:2010 provides: definitions of data elements to support the identification of individual providers and organizational providers for purposes such as electronic health record authentication and authorization, communications, role definitions, delegation of authority, and the management of certification of individuals where more than one discipline is concerned; guidance on the development, population, governance and ongoing management of provider identifiers from multiple potential sources. This includes identification of processes to support national, multinational and provincial/state or local level identification. Unique identifier structures may differ for different purposes, or with different originating organizations. For this reason, a generic approach to the structure of these identifiers is given in ISO/TS 27527:2010 to support multiple unique identifiers and the ability to link these to the relevant provider. Annex A provides information to support the process of identification and implementation of provider identification in health care information systems. ISO/TS 27527:2010 is primarily concerned with provider identification data for clinical and administrative purposes. ISO/TS 27527:2010 is intended for use by health and health-related establishments that create, use or maintain records on providers. Establishments are intended to use ISO/TS 27527:2010, where appropriate, for collecting data when registering providers. ISO/TS 27527:2010 does not include the process for development of unique identifiers. Standards for the development of identifiers are provided in ISO/TS 22220. Data required to meet identification purposes is highly dependent upon the place and purpose of identification. ISO/TS 27527:2010 identifies a range of data that support the identification of an individual or organization used in different health care environments. ISO/TS 27527:2010 does not attempt to identify all the use cases for which the items included are relevant; however, the data elements are provided to allow their consistent representation where they are found appropriate to support identification activities of the organization or jurisdiction.

ISO/TR 12773-1:2009 is based on a comprehensive review of a series of initiatives and implementations worldwide that for the purposes of this Technical Report are collectively called health summary records (HSRs). Project sponsors and/or authorities were contacted as needed to gather additional information and clarify questions or issues arising out of the review. ISO/TR 12773-1:2009 defines and describes HSRs in general as well as specific instances of HSRs and their most common use cases. It summarises the business requirements driving HSR development and the content that is common across HSRs, as well as issues associated with them. Finally, it recommends some future ISO/TC 215 activities to support international standardization of HSRs. It is important to note that ISO/TR 12773-1:2009 focuses primarily on requirements that are specific (unique) to HSRs. It does not attempt to articulate, other than at a high level, requirements that are generally applicable to all health records or all electronic health records.

ISO/TR 12773-2:2009 reviews a series of initiatives and implementations worldwide that for purposes of this Technical Report are collectively called health summary records (HSRs). It provides an environmental scan and descriptive information on HSR initiatives internationally, including “lessons learned”. The environmental scan was completed by performing web searches and obtaining publicly available documentation on key projects. Project sponsors and/or authorities were contacted as needed to gather additional information and clarify questions and issues arising out of the review

ISO/TR 20514:2005 describes a pragmatic classification of electronic health records, provides simple definitions for the main categories of EHR and provides supporting descriptions of the characteristics of electronic health records and record systems.

ISO TR 17119:2005 provides a common description framework for health informatics standards artefacts. The aim of the health informatics profiling framework (HIPF) is to provide a consistent method for describing and classifying artefacts within the domain of health informatics standards. The HIPF establishes common concepts and a vocabulary for describing the complex domain of various informatics standards initiatives and their supporting artefacts. The use of the HIPF should promote the reuse of health informatics knowledge and improve the identification of opportunities for informatics standards alignment, collaboration and coordination.

ISO/TS 13972:2015: Describes requirements and recommended methods against which clinicians can gather, analyse and, specify the clinical context, content, and structure of Detailed Clinical Models. Defines Detailed Clinical Models (DCMs) in terms of an underlying logical model. They are logical models of clinical concepts and can be used to define and to structure clinical information. Describes requirements and principles for DCMs, meta-data, versioning, content and context specification, data element specification and data element relationships, and provide guidance and examples. Specifies DCM governance principles to ensure conceptual integrity of all DCM attributes and logical model accuracy. Describes DCM development and the methodology principles for use that will support the production of quality DCMs to minimize risk and ensure patient safety.

ISO 10781:2015 provides a reference list of functions that may be present in an Electronic Health Record System (EHR-S). The function list is described from a user perspective with the intent to enable consistent expression of system functionality. This EHR-S Functional Model, through the creation of Functional Profiles for care settings and realms, enables a standardized description and common understanding of functions sought or available in a given setting (e.g. intensive care, cardiology, office practice in one country or primary care in another country).

ISO/TS 18530:2014 outlines the standards needed to identify and label the Subject of Care (SoC) and the Individual Provider on objects such as wrist bands, identification tags or other objects, to enable automatic data capture using data carriers in the care delivery process. ISO/TS 18530:2014 provides for a unique SoC identification that may be used for other purposes, such as recording the identity of the SoC in medical health records. ISO/TS 18530:2014 serves as a reference for any organization which plans to implement or improve Automatic Identification and Data Capture (AIDC) in their delivery of care process. It is to be used in conjunction with the GS1[1] system of standards. ISO/TS 18530:2014 describes good practices to reduce/avoid variation and workarounds which challenge the efficiency of AIDC at the point of care and compromise patient safety. ISO/TS 18530:2014 specifies how to manage identifiers in the AIDC process, and completes the information found in ISO/TS 22220 and ISO/TS 27527. [1] GS1 is a registered trademark. Any trademark used in this document is information given for the convenience of users and does not constitute an endorsement.

ISO/TS 29585:2010 has three sections, 1) general considerations of design and deployment, 2) data aggregation and data modelling and 3) architecture and technology, and is intended to provide an overall set of guidelines for clinical data warehouse deployment supported by useful descriptions concerning different data aggregation and modelling approaches as well as particular aspects of information architecture that contribute to successful deployment. The first section is of particular interest to healthcare decision-makers, including information technology managers, of requirements and procedures that support successful clinical data warehouse deployment. The second section supports the understanding, choice, instigation and evaluation of methods that ensure reliable selection and aggregation of primary data for adequate compilation and presentation to support decisions – this section is of particular interest to statisticians, epidemiologists, healthcare evaluation specialists and others. Section three is of particular interest to informaticians concerned with efficient architectures, data mining methods, dynamic data querying and visualization for clinical data warehouses.

ISO 12967-1:2009 provides guidance for the description, planning and development of new systems, as well as for the integration of existing information systems, both within one enterprise and across different healthcare organizations, through an architecture integrating the common data and business logic into a specific architectural layer (i.e. the middleware), distinct from individual applications and accessible throughout the whole information system through services.

ISO 12967-2:2009 specifies the fundamental characteristics of the information model to be implemented by a specific architectural layer (i.e. the middleware) of the information system to provide a comprehensive and integrated storage of the common enterprise data and to support the fundamental business processes of the healthcare organization, as defined in ISO 12967-1. The information model is specified without any explicit or implicit assumption on the physical technologies, tools or solutions to be adopted for its physical implementation in the various target scenarios. The specification is nevertheless formal, complete and non-ambiguous enough to allow implementers to derive an efficient design of the system in the specific technological environment that will be selected for the physical implementation. This specification does not aim at representing a fixed, complete, specification of all possible data that can be necessary for any requirement of any healthcare enterprise. It specifies only a set of characteristics, in terms of overall organization and individual information objects, identified as fundamental and common to all healthcare organizations, and that is satisfied by the information model implemented by the middleware.

ISO 12967-3:2009 specifies the fundamental characteristics of the computational model to be implemented by a specific architectural layer of the information system (i.e. the middleware) to provide a comprehensive and integrated interface to the common enterprise information and to support the fundamental business processes of the healthcare organization, as defined in ISO 12967-1. The computational model is specified without any explicit or implicit assumption about the physical technologies, tools or solutions to be adopted for its physical implementation in the various target scenarios. The specification is nevertheless formal, complete and non-ambiguous enough to allow implementers to derive an efficient design of the system in the specific technological environment which will be selected for the physical implementation.

ISO/TS 22220:2009 indicates the data elements and structure suited to accurate and procedurally appropriate and sensitive identification of individuals in health care in a face-to-face setting supported by computer technology, or through interactions between computer systems. It provides guidelines for improving the positive identification of subjects of care within and between health care organizations. ISO/TS 22220:2009 defines demographic and other identifying data elements suited to capture, and the wide variety of manual and computer-enhanced procedures used for subject of care identification in health care settings. It also provides guidance on their application in the manual and the computer environment and makes recommendations about the nature and form of health care identifiers, the management organization to oversee subject of care identification, and computer support to be provided for the identification process. The objective of ISO/TS 22220:2009 is to promote uniform good practice in: identifying individuals in a face-to-face or paper-based environment, as well as in and between automated systems; recording and reporting of subject of care identifying data; ensuring that data being associated with any given subject of care, and upon which clinical communication and data aggregation are based, are appropriately associated with that individual or organization and no other. ISO/TS 22220:2009 is primarily concerned with the use of subject of care identification data to support patient care. It should be used by health and health related establishments that create, use or maintain records on subjects of care. Health care organizations should use this Technical Specification where appropriate, for collecting data when registering subjects of care or potential subjects of care and when reporting patient information to other systems, both clinical and administrative.

ISO 13606-1:2008 specifies the communication of part or all of the electronic health record (EHR) of a single identified subject of care between EHR systems, or between EHR systems and a centralized EHR data repository. It may also be used for EHR communication between an EHR system or repository and clinical applications or middleware components (such as decision support components) that need to access or provide EHR data, or as the representation of EHR data within a distributed (federated) record system. ISO 13606-1:2008 will predominantly be used to support the direct care given to identifiable individuals, or to support population monitoring systems such as disease registries and public health surveillance. Use of health records for other purposes such as teaching, clinical audit, administration and reporting, service management, research and epidemiology, which often require anonymization or aggregation of individual records, are not the focus of ISO 13606-1:2008 but such secondary uses might also find this document useful.

The focus of ISO/TR 22221:2006 is clinical databases or other computational services, hereafter referred to as a clinical data warehouse (CDW), which maintain or access clinical data for secondary use purposes. The goal is to define principles and practices in the creation, use, maintenance and protection of a CDW, including meeting ethical and data protection requirements and recommendations for policies for information governance and security. A distinction is made between a CDW and an operational data repository part of a health information system: the latter may have some functionalities for secondary use of data, including furnishing statistics for regular reporting, but without the overall analytical capacity of a CDW. ISO/TR 22221:2006 complements and references standards for electronic health records (EHR), such as ISO/TS 18308, and contemporary security standards in development. ISO/TR 22221:2006 addresses the secondary use of EHR and other health-related and organizational data from analytical and population perspectives, including quality assurance, epidemiology and data mining. Such data, in physical or logical format, have increasing use for health services, public health and technology evaluation, knowledge discovery and education. ISO/TR 22221:2006 describes the principles and practices for a CDW, in particular its creation and use, security considerations, and methodological and technological aspects that are relevant to the effectiveness of a clinical data warehouse. Security issues are extended with respect to the EHR in a population-based application, affecting the care recipient, the caregiver, the responsible organizations and third parties who have defined access. ISO/TR 22221:2006 is not intended to be prescriptive either from a methodological or a technological perspective, but rather to provide a coherent, inclusive description of principles and practices that could facilitate the formulation of CDW policies and governance practices locally or nationally.

ISO 17120:2004 specifies country identifier standards suitable for use within health informatics applications and standards development by health informatics planners, developers, implementers and analysts.

ISO/TS 21667:2004 establishes a common health indicators conceptual framework for the field of health informatics. It is intended to foster a common vocabulary and conceptual definitions for a framework which defines the appropriate dimensions and subdimensions required to describe the health of the population and performance of a health care system, which is sufficiently broad (high-level) to accommodate a variety of health care systems, and which is comprehensive, encapsulating all of the factors that are related to health outcomes and health system performance and utilization, and regional and national variations. ISO/TS 21667:2004 does not identify or describe individual indicators or specific data elements for the health indicators conceptual framework. The definition of benchmarks and/or approaches used in the definition of benchmarks is outside its scope.

The purpose of ISO/TS 18308:2004 is to assemble and collate a set of clinical and technical requirements for an electronic health record architecture (EHRA) that supports using, sharing, and exchanging electronic health records across different health sectors, different countries, and different models of healthcare delivery. It gives requirements for the architecture but not the specifications of the architecture itself.