1、Designation: E1714 07 (Reapproved 2013)Standard Guide forProperties of a Universal Healthcare Identifier (UHID)1This standard is issued under the fixed designation E1714; the number immediately following the designation indicates the year oforiginal adoption or, in the case of revision, the year of
2、last revision. A number in parentheses indicates the year of last reapproval. Asuperscript epsilon () indicates an editorial change since the last revision or reapproval.1. Scope1.1 This guide covers a set of requirements outlining theproperties required to create a universal healthcare identifier(U
3、HID) system. Use of the UHID is expected to initially befocused on the population of the United States but there is noinherent limitation on how widely these identifiers may beapplied.1.2 This guide sets forth the fundamental considerations fora UHID that can support at least four basic functions ef
4、fec-tively:1.2.1 Positive identification of patients when clinical care isrendered;1.2.2 Automated linkage of various computer-based recordson the same patient for the creation of lifelong electronic healthcare files;1.2.3 Provision of a mechanism to support data security forthe protection of privil
5、eged clinical information; and1.2.4 The use of technology for patient records handling tokeep health care operating costs at a minimum.1.3 This standard does not purport to address all of thesafety concerns, if any, associated with its use. It is theresponsibility of the user of this standard to est
6、ablish appro-priate safety and health practices and determine the applica-bility of regulatory limitations prior to use.1.4 This international standard was developed in accor-dance with internationally recognized principles on standard-ization established in the Decision on Principles for theDevelop
7、ment of International Standards, Guides and Recom-mendations issued by the World Trade Organization TechnicalBarriers to Trade (TBT) Committee.2. Referenced Documents2.1 ASTM Standards:2E1384 Practice for Content and Structure of the ElectronicHealth Record (Withdrawn 2017)3E2553 Guide for Implement
8、ation of a Voluntary UniversalHealthcare Identification System3. Terminology3.1 Definitions:3.1.1 clinical record linkageindividual unit records linkedfor the purpose of documenting the sequence of events or care,or both, for a specific patient.3.1.2 discriminating power of an identifier the capabil
9、ityof an identifier to reduce the possible global population to asmaller number. For example, sex identification reduces thepopulation size to approximately half. Date of birth reduces thepopulation size to approximately one of 25 000 in the UnitedStates. The smaller the population size covered by a
10、n identifier(that is, the greater the discriminating power), the better thatidentifier is.3.1.3 encounteran instance of direct interaction, regard-less of the setting, between a patient and a practitioner vestedwith primary and autonomous responsibility for diagnosing,evaluating, treating, or some c
11、ombination thereof, the patientscondition or providing social worker services (See GuideE1384). (Encounters do not include ancillary services, visits, ortelephone contacts.)3.1.4 episode of carea chain of events over a period oftime during which clinical care is provided for an illness or aclinical
12、problem (See Guide E1384).3.1.5 healthcare identifiera tag for the identification of anindividual created for exclusive use of the health care system.3.1.6 identifiera datum, or a group of data, that allowspositive recognition of a particular individual.3.1.7 management organizationan organization r
13、espon-sible for the management and oversight of the UHID systemand its operations.3.1.8 occasion of servicea specified identifiable instanceof an act of service involved in the care of patients orconsumers (See Guide E1384).1This guide is under the jurisdiction of ASTM Committee E31 on HealthcareInf
14、ormatics and is the direct responsibility of Subcommittee E31.25 on HealthcareData Management, Security, Confidentiality, and Privacy.Current edition approved March 1, 2013. Published March 2013. Originallyapproved in 1995. Last previous edition approved in 2007 as E1714 07. DOI:10.1520/E1714-07R13.
15、2For referenced ASTM standards, visit the ASTM website, www.astm.org, orcontact ASTM Customer Service at serviceastm.org. For Annual Book of ASTMStandards volume information, refer to the standards Document Summary page onthe ASTM website.3The last approved version of this historical standard is ref
16、erenced onwww.astm.org.Copyright ASTM International, 100 Barr Harbor Drive, PO Box C700, West Conshohocken, PA 19428-2959. United StatesThis international standard was developed in accordance with internationally recognized principles on standardization established in the Decision on Principles for
17、theDevelopment of International Standards, Guides and Recommendations issued by the World Trade Organization Technical Barriers to Trade (TBT) Committee.13.1.9 permanent identifiera characteristic feature of anindividual that generally does not change over time, such assex, date of birth, place of b
18、irth, or fingerprint.3.1.10 private universal health care identifier (PUHID) aUHID that has been encoded in order to disidentify the personassociated with that UHID.3.1.11 prospective record linkagesuccessive documenta-tion of clinical encounters so that all records are linked duringthe process of c
19、are to ensure the continuity of patient care.Linkage is performed at the unit record level and occurs duringthe time the patient is receiving care. For electronic healthrecords, prospective record linkage involves linking all patientassessment, diagnostic, treatment, and other information col-lected
20、 by all care providers so that the information is availableat the time the patient is being treated. All records for anindividual patient will be linked accurately since errors will bediscovered and corrected in the process of providing care.3.1.12 retrospective record linkagematching unit recordsin
21、 data files not originally designed to be linked. The purposeof the linkage is to expand the comprehensiveness of each filebeing linked to facilitate evaluations of efficiency and effec-tiveness. Linkage can be performed manually using the actualpaper records if the files are small. Linkage is more
22、efficient ifperformed probabilistically using computerized data if the filesare large and conditions of uncertainty exist concerning whatshould be linked. (H. B. Newcombe was the pioneer developerof retrospective probabilistic record linkage.) Not part of theprocess of patient care, this linkage occ
23、urs some time after thepatient has been discharged and after the records have beencomputerized and merged into data files that may be managedat the facility, regional, or state level. Not all records thatshould link are expected to link because of missing orinaccurate data and missing records. Typic
24、al data files linkedretrospectively include birth and death certificates, diseaseregistries with hospital discharge records, emergency medicalservices (EMS) crash records, and hospital discharge recordsstatewide.3.1.13 temporary patient identifiera unique identifier usedto serve as an interim identi
25、fier when an individuals UHID isnot available. All information linked using the temporarypatient identifier is to be transferred to the appropriate UHIDwhen the correct UHID becomes known.3.1.14 trusted authorityan organization that is able andauthorized to provide UHID services, such as granting ne
26、wUHIDs and supporting UHID status validation services.3.1.15 universal healthcare identifier (UHID) a health-care identifier designed so that a healthcare identifier can beassigned to every individual.3.1.16 universal healthcare identifier computer systemanautomated system that can perform the funct
27、ions needed tosupport a UHID, for example, verifying the validity of a UHID.3.1.17 universal healthcare identifier system theagencies, system, and networks that implement a UHID andconduct associated activities.3.1.18 variable identifierthose personal characteristicsthat may change over time such as
28、 home address, telephonenumber, insurance number, or name.3.1.19 visitthe visit of an outpatient to one or more unitsor facilities located in or directed by the entity maintaining theoutpatient health services (such as a clinic, physicians office,hospital, or medical center) (See Guide E1384). Visit
29、s providea count of the number of patients seen. It is possible for a singlepatient to have more than one encounter and more than oneoccasion of service during a visit.4. Significance and Use4.1 Recent experience with computer-based patient records(CPRs) has revealed many valuable potential benefits
30、, but ithas also become apparent that the effective application of thistechnology creates some new problems. CPRs offer the optionfor lifelong linkage of all records on a patient, from birth todeath. Such longitudinal record linkage would make thepatients entire past health history retrievable. This
31、 could makepossible a quantum leap in the clinical practice of health care,but a reliable patient identifier is essential to make large-scaleregional and nationwide record linkage feasible. The design ofa patient identifier system is not a simple task. Incorrect recordlinkage would create confusion,
32、 at least, or possibly causeserious consequences. To gain the benefits from such anidentifier, it must be used by all relevant organizations. Auniversal patient identifier system must resist unauthorizedaccess to confidential clinical data.Furthermore, the creation of personal identifiers for theent
33、ire population must be a cost-effective process in light ofongoing fiscal constraints. The creation and administration ofpersonal identifiers for the entire population must be accom-plished at a cost that is widely accepted as affordable andjustified. Last, but not least, a time pressure exists. The
34、 solutionto the patient identifier challenge should use technology tofacilitate rapid deployment of the system to permit the expe-ditious implementation of CPRs. A companion document,Guide E2553, provides the implementation strategy concerninghow to actually implement the UHID system.5. Criteria and
35、 Characteristics of a Universal HealthCare Identifier5.1 The UHID should meet at least the following criteria(listed in alphabetical order):5.1.1 AccessibleNew UHIDs should be available when-ever and wherever they are required for assignment.5.1.2 AssignableIt should be possible to assign a UHID toa
36、n individual whenever it is needed. Assignment will beperformed by a UHID trusted authority after receiving aproperly authenticated request for a new UHID.5.1.3 AtomicA UHID should be a single data item. Itshould not contain subelements that have meaning outside thecontext of the entire UHID. Nor sh
37、ould the UHID consist ofmultiple items that must be taken together to constitute anidentifier.5.1.4 ConciseThe UHID should be as short as possible tominimize errors, the time required for use, and the storageneeded.5.1.5 Content-FreeThe UHID should not depend on pos-sibly changing or possibly unknow
38、n information pertaining tothe person.E1714 07 (2013)25.1.6 ControllableIt must be possible to ensure the con-fidentiality of PUHIDs. Only trusted authorities have access toalgorithms and methods used to link PUHIDs and UHIDs.5.1.7 Cost-EffectiveThe UHID system chosen shouldachieve maximum functiona
39、lity while minimizing the invest-ment required to create and maintain it.5.1.8 DeployableThe UHID should be implementableusing a variety of technologies, including magnetic cards, barcode readers, optical cards, smart cards, audio, voice, computerdata files, and paper.5.1.9 DisidentifiableIt should
40、be possible to create anarbitrary number of specialized UHIDs that can be used to linkhealth information concerning specific individuals but thatcannot be used to identify the associated individual. These areprivate universal healthcare identifiers (PUHIDs). With theexception of disidentification, P
41、UHIDs should have all of theproperties attributable to UHIDs, including verification (see5.1.31). It should be clear to all users whether a specificidentifier represents a UHID or a PUHID. The PUHID schemeshould be capable of generating a large number (at leasthundreds) of PUHIDs for a single indivi
42、dual (See Section 7).5.1.10 FocusedThe UHID system should be created andmaintained solely for the purpose of supporting health care. Itsform, usage, and policies should not be influenced by the needsor requirements of other activities.5.1.11 GovernedA management organization shall existthat is respo
43、nsible for overseeing the UHID system. Thisagency will determine the policies that govern the UHIDsystem, manage the trusted authority(ies), and take suchactions as are necessary to ensure that the UHIDs (andPUHIDs) can be used properly and effectively to support healthcare.5.1.12 IdentifiableIt sha
44、ll be possible to identify theperson associated with a valid UHID. Identifying informationmay include such standard items as name, birthdate, sex,address, mothers maiden name, etc. This information is notincorporated in the UHID but is associated with it by linkages.5.1.13 IncrementalThe UHID system
45、 should be capableof being implemented in a phased-in manner. This may includeincremental implementation for a specific institution (sometypes of information linked using UHIDs and some using otheridentifiers), for the information on a specific patient, and for ageographic area.5.1.14 LinkableIt sha
46、ll be possible to use the UHID, orPUHID, to link various health records together in both auto-mated and manual systems.5.1.15 LongevityThe UHID system should be designed tofunction for the foreseeable future. It should not contain knownlimitations that will force the system to be restructured orrevi
47、sed radically.5.1.16 MappableDuring the incremental implementationof a UHID, it shall be possible to create bidirectional linkagesbetween a UHID and existing identifiers used currently by avariety of health care institutions.5.1.17 MergeableIn the (theoretically infrequent) casethat duplicate UHIDs
48、are issued to a single individual, it shallbe possible to merge the two UHIDs to indicate that they bothapply to the same individual.5.1.18 NetworkedThe UHID should be supported by anetwork that makes UHID services universally available whereneeded.5.1.19 PermanentOnce assigned, a UHID should remain
49、with that individual. It should never be reassigned to anotherperson, even after the individuals death.5.1.20 PublicA UHID (but not a PUHID) is meant to bean open data item. The individual it identifies should be able toreveal it to any person or organization.5.1.21 Repository-BasedA secure, permanent repositoryshall exist in support of the UHID system. The repositoryshould contain UHIDs, PUHIDs, and other relevant informa-tion to support the functions of the UHID system.5.1.22 RetirementIt shall be possible to retire a UHID orPUHID tha
