1、BS EN ISO13606-5:2010ICS 35.240.80NO COPYING WITHOUT BSI PERMISSION EXCEPT AS PERMITTED BY COPYRIGHT LAWBRITISH STANDARDHealth informatics Electronic healthrecord communicationPart 5: Interface specification (ISO13606-5:2010)This British Standardwas published under theauthority of the StandardsPolic
2、y and StrategyCommittee on 31 March2010 BSI 2010ISBN 978 0 580 60129 3Amendments/corrigenda issued since publicationDate CommentsBS EN ISO 13606-5:2010National forewordThis British Standard is the UK implementation of EN ISO13606-5:2010.The UK participation in its preparation was entrusted to Techni
3、calCommittee IST/35, Health informatics.A list of organizations represented on this committee can be obtained onrequest to its secretary.This publication does not purport to include all the necessary provisionsof a contract. Users are responsible for its correct application.Compliance with a British
4、 Standard cannot confer immunityfrom legal obligations.EUROPEAN STANDARD NORME EUROPENNE EUROPISCHE NORM EN ISO 13606-5 March 2010 ICS 35.240.80 English Version Health informatics - Electronic health record communication - Part 5: Interface specification (ISO 13606-5:2010) Informatique de sant - Com
5、munication du dossier de sant informatis - Partie 5: Spcification dinterfaces (ISO 13606-5:2010) Medizinische Informatik - Kommunikation von Patientendaten in elektronischer Form - Teil 5: Nachrichten fr den Informationsaustausch (ISO 13606-5:2010) This European Standard was approved by CEN on 13 Fe
6、bruary 2010. CEN members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references concerning such national standards may be
7、obtained on application to the CEN Management Centre or to any CEN member. This European Standard exists in three official versions (English, French, German). A version in any other language made by translation under the responsibility of a CEN member into its own language and notified to the CEN Ma
8、nagement Centre has the same status as the official versions. CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Neth
9、erlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland and United Kingdom. EUROPEAN COMMITTEE FOR STANDARDIZATION COMIT EUROPEN DE NORMALISATION EUROPISCHES KOMITEE FR NORMUNG Management Centre: Avenue Marnix 17, B-1000 Brussels 2010 CEN All rights of exploitation
10、 in any form and by any means reserved worldwide for CEN national Members. Ref. No. EN ISO 13606-5:2010: EBS EN ISO 13606-5:2010EN ISO 13606-5:2010 (E) 3 Foreword This document (EN ISO 13606-5:2010) has been prepared by Technical Committee CEN/TC 251 “Health informatics”, the secretariat of which is
11、 held by NEN, in collaboration with Technical Committee ISO/TC 215 “Health informatics“. This European Standard shall be given the status of a national standard, either by publication of an identical text or by endorsement, at the latest by September 2010, and conflicting national standards shall be
12、 withdrawn at the latest by September 2010. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. CEN and/or CENELEC shall not be held responsible for identifying any or all such patent rights. According to the CEN/CENELEC Internal Regu
13、lations, the national standards organizations of the following countries are bound to implement this European Standard: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Ma
14、lta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland and the United Kingdom. BS EN ISO 13606-5:2010ISO 13606-5:2010(E) ISO 2010 All rights reserved iiiContents Page Foreword iv Introduction.v 1 Scope1 2 Conformance .1 3 Terms and definitions .2 4 Abbrev
15、iated terms .5 5 Interactions 6 6 Interfaces8 6.1 Interface: REQUEST_EHR_EXTRACT .8 6.2 Interface: REQUEST_ARCHETYPES .10 6.3 Interface: REQUEST_EHR_AUDIT_LOG_EXTRACT 12 6.4 Term lists14 Bibliography15 BS EN ISO 13606-5:2010ISO 13606-5:2010(E) iv ISO 2010 All rights reservedForeword ISO (the Interna
16、tional Organization for Standardization) is a worldwide federation of national standards bodies (ISO member bodies). The work of preparing International Standards is normally carried out through ISO technical committees. Each member body interested in a subject for which a technical committee has be
17、en established has the right to be represented on that committee. International organizations, governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of electrotechnical stan
18、dardization. International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2. The main task of technical committees is to prepare International Standards. Draft International Standards adopted by the technical committees are circulated to the member bodies fo
19、r voting. Publication as an International Standard requires approval by at least 75 % of the member bodies casting a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO shall not be held responsible for identifying any or al
20、l such patent rights. ISO 13606-5 was prepared by Technical Committee ISO/TC 215, Health informatics, and by Technical Committee CEN/TC 251, Health informatics in collaboration. ISO 13606 consists of the following parts, under the general title Health informatics Electronic health record communicati
21、on: Part 1: Reference model Part 2: Archetype interchange specification Part 3: Reference archetypes and term lists Part 4: Security Technical Specification Part 5: Interface specification BS EN ISO 13606-5:2010ISO 13606-5:2010(E) ISO 2010 All rights reserved vIntroduction This part of ISO 13606 def
22、ines the interfaces by which an EHR_EXTRACT, an ARCHETYPE or an EHR_AUDIT_LOG_EXTRACT may be requested and provided. The scope of this part of ISO 13606 has been considered carefully in order to achieve several objectives: to specify those interfaces that are unique to the ISO 13606 context, and not
23、 to include more generic health information communication interfaces that might be the scope of other standards and specifications; to specify the interfaces in ways that are compatible with the HISA standard (ISO 12967) and, in particular, to define these interfaces as specializations of HISA ISO 1
24、2967-3 interfaces; to specify the interfaces as a pure RM-ODP Computational Viewpoint, in order to support the wide range of engineering viewpoints that might be adopted by individual vendors or eHealth programmes; (it should be noted that ISO 13606-1, ISO 13606-2 and ISO 13606-4 define the correspo
25、nding Information Viewpoints, and that ISO/TS 18308 defines the corresponding Enterprise Viewpoint); to construct these interfaces such that they might easily be implemented as specializations of standard interfaces within the commonly used engineering languages such as Java, Visual Basic, dotnet, S
26、OAP, ebXML, etc.; to work through the Joint SDO Initiative and Council on the production of Engineering Viewpoint Implementation Guides, that will define more specifically how to implement these interfaces; (e.g. in HL7 3); these guides will be published separately from this part of ISO 13606, to en
27、able them to be maintained and updated more frequently (to reflect implementation experience) than is possible for a standard; to recognise that EHR communication will be implemented within a healthcare communications infrastructure, usually nationally, that will define a generalized approach to man
28、y other complementary and necessary services such as patient demographics registries, provider registries, authentication and authorization policies and services, etc.; these are therefore not part of the formal scope of this part of ISO 13606 but are referred to as being assumed and necessary compl
29、ementary services; to assume that an ISO/TS 22600 (PMAC) compatible architecture or its equivalent will be used for managing security services, and not to duplicate or conflict with these services in this part of ISO 13606; to further support the protection of patient privacy by avoiding the need to
30、 reveal whether any EHR data have been withheld by the provider when responding to a request; to enable each interface and term set to be extended locally to cater for specialized circumstances of EHR communication, in which additional requirement constraints might apply. This part of ISO 13606 defi
31、nes a set of interfaces by which the artefacts defined in ISO 13606-1, ISO 13606-2 and ISO 13606-4 can be requested and provided: a) ISO 13606-1 defines a reference model for an EHR_EXTRACT: part or all of the EHR of a subject of care; b) ISO 13606-2 defines an information model for an ARCHETYPE, an
32、d optionally a serialized form represented using Archetype Definition Language; c) ISO 13606-4 defines an EHR_AUDIT_LOG_EXTRACT to communicate the audit log activity history pertaining to part or all of an EHR. BS EN ISO 13606-5:2010ISO 13606-5:2010(E) vi ISO 2010 All rights reserved(ISO 13606-3 def
33、ines term lists and reference archetypes, to which a direct interface is not required. ISO 13606-4 defines an access policy model to which a direct interface is also not required.) This part of ISO 13606 defines three interfaces, one for each of a) to c) above, as a communication between an EHR_requ
34、ester (wishing to and authorizing the communication of the artefact), an EHR_provider (a repository service that contains and can return the requested artefact) and an EHR_recipient who is intended and authorized to receive the artefact (usually but not always the same as the EHR_requester). In term
35、s of the HISA standard, ISO 12967, these interfaces are all specializations of the Detail Basic Methods defined in ISO 12967-3. These interfaces are all expressed as ODP Computational Viewpoint specifications, and aim to support implementation through many different Engineering Viewpoint (transport)
36、 formalisms, such as message protocols (e.g. EDIFACT, HL7 3) or service protocols (e.g. SOAP, Java RMI). This part of ISO 13606 therefore specifies only the “payload” information to be communicated at each interface. Attributes such as message identifiers, message time-stamping and message version m
37、anagement are normally defined and handled by each kind of transport protocol in particular ways, and this part of ISO 13606 therefore does not define its own duplication of this kind of information. It should be noted that the EHR_EXTRACT defined in ISO 13606-1, the ARCHETYPE defined in ISO 13606-2
38、, and the EHR_AUDIT_LOG_EXTRACT defined in ISO 13606-4 all include time-stamping, authorship and version management information of the payload data as part of their information models. Request acknowledgements and system/communication error messages are routinely handled by most engineering transpor
39、t protocols. It is therefore not appropriate that this part of ISO 13606 duplicate these. An optional exception is defined to communicate back to the EHR_requester a reason why a request has been received but refused, if it is legitimate to reveal this without breaching confidentiality. The EHR_requ
40、ester will need to authenticate to the EHR_provider in ways that are to be locally determined, and will present authorization credentials that are also beyond the scope of this part of ISO 13606 but are specified in ISO/TS 22600 (PMAC). It is recognised that there may be times when an EHR_requester
41、wishes the EHR_provider to “send” the EHR_EXTRACT to a third party. This part of ISO 13606 may be used within a delegation architecture, in which an EHR_requester acts on behalf of another party, but the representation and communication of the hierarchy of authorizations involved in delegation is a
42、matter for the privilege management and access control architecture and does not directly impact on this part of ISO 13606. Alternatively, local arrangements may be made to securely communicate to a third party a unique reference for any particular RECORD_COMPONENT (e.g. for a particular letter or d
43、ischarge summary, via the ehr-id and rc_id of the COMPOSITION) that the third party is recommended to and has permission to access directly, without therefore requiring the use of delegation. A set of Implementation Guides is being developed to define how this part of ISO 13606 should be implemented
44、 within particular communications/transport standards. The first of these is expected to be for HL7 3, to be published and maintained by HL7. BS EN ISO 13606-5:2010INTERNATIONAL STANDARD ISO 13606-5:2010(E) ISO 2010 All rights reserved 1Health informatics Electronic health record communication Part
45、5: Interface specification 1 Scope This part of ISO 13606 specifies the information architecture required for interoperable communications between systems and services that need or provide EHR data. This part of ISO 13606 is not intended to specify the internal architecture or database design of suc
46、h systems. The subject of the record or record extract to be communicated is an individual person, and the scope of the communication is predominantly with respect to that persons care. Uses of healthcare records for other purposes such as administration, management, research and epidemiology, which
47、 require aggregations of individual peoples records, are not the focus of this part of ISO 13606, but such secondary uses could also find this document useful. This part of ISO 13606 defines a set of interfaces to request and provide: an EHR_EXTRACT for a given subject of care as defined in ISO 1360
48、6-1; one or more ARCHETYPE(s) as defined in ISO 13606-2; an EHR_AUDIT_LOG_EXTRACT for a given subject of care as defined in ISO/TS 13606-4.This part of ISO 13606 defines the set of interactions for requesting each of these artefacts, and for providing the data to the requesting party or declining th
49、e request. An interface to query an EHR or populations of EHRs, for example for clinical audit or research, are beyond its scope, although provision is made for certain selection criteria to be specified when requesting an EHR_EXTRACT which might also serve for population queries. This part of ISO 13606 defines the Computational Viewpoint for each interface, without specifying or restricting particular engineering approaches to implement these as messages or as service interfaces. This part of ISO 13606 effectively
