1、 I n t e r n a t i o n a l T e l e c o m m u n i c a t i o n U n i o n ITU-T H.812 TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (07/2016) SERIES H: AUDIOVISUAL AND MULTIMEDIA SYSTEMS E-health multimedia services and applications Personal health systems Interoperability design guidelines for perso
2、nal health systems: Services interface: Common certified capability class Recommendation ITU-T H.812 ITU-T H-SERIES RECOMMENDATIONS AUDIOVISUAL AND MULTIMEDIA SYSTEMS CHARACTERISTICS OF VISUAL TELEPHONE SYSTEMS H.100H.199 INFRASTRUCTURE OF AUDIOVISUAL SERVICES General H.200H.219 Transmission multipl
3、exing and synchronization H.220H.229 Systems aspects H.230H.239 Communication procedures H.240H.259 Coding of moving video H.260H.279 Related systems aspects H.280H.299 Systems and terminal equipment for audiovisual services H.300H.349 Directory services architecture for audiovisual and multimedia s
4、ervices H.350H.359 Quality of service architecture for audiovisual and multimedia services H.360H.369 Telepresence H.420H.429 Supplementary services for multimedia H.450H.499 MOBILITY AND COLLABORATION PROCEDURES Overview of Mobility and Collaboration, definitions, protocols and procedures H.500H.50
5、9 Mobility for H-Series multimedia systems and services H.510H.519 Mobile multimedia collaboration applications and services H.520H.529 Security for mobile multimedia systems and services H.530H.539 Security for mobile multimedia collaboration applications and services H.540H.549 Mobility interworki
6、ng procedures H.550H.559 Mobile multimedia collaboration inter-working procedures H.560H.569 BROADBAND, TRIPLE-PLAY AND ADVANCED MULTIMEDIA SERVICES Broadband multimedia services over VDSL H.610H.619 Advanced multimedia services and applications H.620H.629 Ubiquitous sensor network applications and
7、Internet of Things H.640H.649 IPTV MULTIMEDIA SERVICES AND APPLICATIONS FOR IPTV General aspects H.700H.719 IPTV terminal devices H.720H.729 IPTV middleware H.730H.739 IPTV application event handling H.740H.749 IPTV metadata H.750H.759 IPTV multimedia application frameworks H.760H.769 IPTV service d
8、iscovery up to consumption H.770H.779 Digital Signage H.780H.789 E-HEALTH MULTIMEDIA SERVICES AND APPLICATIONS Personal health systems H.810H.819 Interoperability compliance testing of personal health systems (HRN, PAN, LAN, TAN and WAN) H.820H.859 Multimedia e-health data exchange services H.860H.8
9、69 For further details, please refer to the list of ITU-T Recommendations. Rec. ITU-T H.812 (07/2016) i Recommendation ITU-T H.812 Interoperability design guidelines for personal health systems: Services interface: Common certified capability class Summary The Continua Design Guidelines (CDG) define
10、s a framework of underlying standards and criteria that ensure the interoperability of devices and data used for personal connected health services. Recommendation ITU-T H.812 contains an overview of the Services interface (Services-IF), common design guidelines for all Services-IF Certified Capabil
11、ity Classes (CCC) and the design guidelines for Consent Enabled Personal Health Gateway (PHG) and Services CCCs. The design guidelines which support the following Certified Capability Classes (CCC) are defined in separate Recommendations, as follows: Observation Upload capability in ITU-T H.812.1 Qu
12、estionnaires capability in ITU-T H.812.2 Capability Exchange capability in ITU-T H.812.3 Authenticated Persistent Session capability in ITU-T H.812.4 Recommendation ITU-T H.812 is part of the “ITU-T H.810 interoperability design guidelines for personal connected health systems“ subseries that covers
13、 the following areas: ITU-T H.810 Interoperability design guidelines for personal connected health systems: System overview ITU-T H.811 Interoperability design guidelines for personal connected health systems: Personal Health Devices interface design guidelines ITU-T H.812 Interoperability design gu
14、idelines for personal connected health systems: Services interface design guidelines ITU-T H.812.1 Interoperability design guidelines for personal connected health systems: Services interface: Observation Upload capability ITU-T H.812.2 Interoperability design guidelines for personal connected healt
15、h systems: Services interface: Questionnaires capability ITU-T H.812.3 Interoperability design guidelines for personal connected health systems: Services interface: Capability Exchange capability ITU-T H.812.4 Interoperability design guidelines for personal connected health systems: Services interfa
16、ce: Authenticated Persistent Session capability ITU-T H.813 Interoperability design guidelines for personal connected health systems: Healthcare Information System interface design guidelines History Edition Recommendation Approval Study Group Unique ID* 1.0 ITU-T H.812 2015-11-29 16 11.1002/1000/12
17、653 2.0 ITU-T H.812 2016-07-14 16 11.1002/1000/12913 * To access the Recommendation, type the URL http:/handle.itu.int/ in the address field of your web browser, followed by the Recommendations unique ID. For example, http:/handle.itu.int/11.1002/1000/11830-en. ii Rec. ITU-T H.812 (07/2016) FOREWORD
18、 The International Telecommunication Union (ITU) is the United Nations specialized agency in the field of telecommunications, information and communication technologies (ICTs). The ITU Telecommunication Standardization Sector (ITU-T) is a permanent organ of ITU. ITU-T is responsible for studying tec
19、hnical, operating and tariff questions and issuing Recommendations on them with a view to standardizing telecommunications on a worldwide basis. The World Telecommunication Standardization Assembly (WTSA), which meets every four years, establishes the topics for study by the ITU-T study groups which
20、, in turn, produce Recommendations on these topics. The approval of ITU-T Recommendations is covered by the procedure laid down in WTSA Resolution 1. In some areas of information technology which fall within ITU-Ts purview, the necessary standards are prepared on a collaborative basis with ISO and I
21、EC. NOTE In this Recommendation, the expression “Administration“ is used for conciseness to indicate both a telecommunication administration and a recognized operating agency. Compliance with this Recommendation is voluntary. However, the Recommendation may contain certain mandatory provisions (to e
22、nsure, e.g., interoperability or applicability) and compliance with the Recommendation is achieved when all of these mandatory provisions are met. The words “shall“ or some other obligatory language such as “must“ and the negative equivalents are used to express requirements. The use of such words d
23、oes not suggest that compliance with the Recommendation is required of any party. INTELLECTUAL PROPERTY RIGHTSITU draws attention to the possibility that the practice or implementation of this Recommendation may involve the use of a claimed Intellectual Property Right. ITU takes no position concerni
24、ng the evidence, validity or applicability of claimed Intellectual Property Rights, whether asserted by ITU members or others outside of the Recommendation development process. As of the date of approval of this Recommendation, ITU had not received notice of intellectual property, protected by paten
25、ts, which may be required to implement this Recommendation. However, implementers are cautioned that this may not represent the latest information and are therefore strongly urged to consult the TSB patent database at http:/www.itu.int/ITU-T/ipr/. ITU 2017 All rights reserved. No part of this public
26、ation may be reproduced, by any means whatsoever, without the prior written permission of ITU. Rec. ITU-T H.812 (07/2016) iii Table of Contents Page 0 Introduction vi 0.1 Organization vi 0.2 Guideline releases and versioning . vi 0.3 Whats new. vi 1 Scope 1 2 References 1 3 Definitions . 2 4 Abbrevi
27、ations and acronyms . 2 5 Conventions . 2 6 End-to-end reference architecture 2 7 Use cases 6 7.1 Consent management use cases . 6 7.1.1 Upload consent to the server . 6 7.1.2 Retrieve the already completed patient consent from the server 6 7.1.3 Upload updated consent to the server . 7 7.2 Consent
28、enforcement use case . 7 7.2.1 Content encryption before upload . 7 7.3 Other CCC use cases . 7 8 Behavioural models . 7 8.1 Common Services-IF message exchange behaviour . 7 8.2 Common security model for REST based CCC implementations 8 8.3 Consent management behavioural model 9 8.4 Consent enforce
29、ment behavioural model 10 9 Implementation 10 9.1 Consent representation 10 9.2 Transport protocols 11 9.2.1 Transport protocol using hData over HTTP 11 9.2.2 Transport protocol using IHE XDR 11 9.3 Consent enforcement . 11 9.3.1 Consent enforcement using XML encrypiton . 11 9.3.2 Consent enforcemen
30、t using IHE DEN 11 Annex A Normative guidelines overview . 12 iv Rec. ITU-T H.812 (07/2016) Page Annex B General security guidelines for Services-IF CCCs 14 Annex C Normative guidelines for consent management . 16 Appendix I ATOM feed elements for consent management 24 I.1 Information for consent in
31、 the root.xml . 24 Appendix II Examples of consent management using SOAP 25 Appendix III OAuth example . 28 Appendix IV Consent enabled PHG questionnaire response association . 30 Bibliography 32 List of Tables Page Table A.1 Certified capability classes . 12 Table A.3 Requirements common to all CCC
32、s . 13 Table B.1 PHG security guidelines using REST 14 Table B.2 Health users of this Recommendation are therefore encouraged to investigate the possibility of applying the most recent edition of the Recommendations and other references listed below. A list of the currently valid ITU-T Recommendatio
33、ns is regularly published. The reference to a document within this Recommendation does not give it, as a stand-alone document, the status of a Recommendation. ITU-T H.810 Recommendation ITU-T H.810 (2016), Interoperability design guidelines for personal health systems. 2 Rec. ITU-T H.812 (07/2016) A
34、ll referenced documents can be found in clause 2 of ITU-T H.810. 3 Definitions This Recommendation uses terms defined in ITU-T H.810. 4 Abbreviations and acronyms This Recommendation uses abbreviations and acronyms defined in ITU-T H.810. 5 Conventions This Recommendation follows the conventions def
35、ined in ITU-T H.810. 6 Architecture In this end-to-end (E2E) reference architecture, the Services interface (Services-IF) connects a personal health gateway (PHG) to a health and fitness service. Figure 6-1 shows the Services interface in the Continua E2E architecture and Figure 6-2 shows an example
36、 of a Services-IF. The Services-IF design guidelines are focused on enabling the interoperable exchange of information across a Services interface. A set of Services-IF related Certified Capability Classes is defined for the PHG and the health and fitness service to enable interoperability for a num
37、ber of different use cases, including the uploading of measurement data, completing of questionnaires and executing of commands. Figure 6-1 Services interface in the Continua E2E architecture Rec. ITU-T H.812 (07/2016) 3 Figure 6-2 Services-IF example In addition to the Services-IF, the end-to-end r
38、eference architecture also defines the healthcare information system interface (HIS-IF). The Services-IF is designed to enable granular information exchange between a PHG (typically a PC, laptop, tablet, mobile phone or other type of embedded device), which is a device close to the user/patient and
39、a health and fitness service (typically a backend cloud based service) which collects the information from such users and makes it available for further usage. In contrast the HIS-IF is designed to enable aggregated information exchange between two backend systems, e.g., a disease management system
40、and an electronic health record (EHR)1. The HIS-IF is defined in ITU-T H.813. It is also expected that a PHG may be deployed to in-home or user-carried applications, which places a number of constraints on the Services-IF design. Due to the difficulty in maintaining and/or upgrading these devices “i
41、n the field“, a PHG should be robust and stand-alone and simple enough to keep costs low and technical operational experience or expertise requirements to a minimum. Because of this focus, the Services-IF allows the majority of the contextual metadata associated with the exchange of observations to
42、reside outside of the PHG. On the other hand, it is expected that a health and fitness service will be hosted by a more capable system such as a server or personal computer. Therefore, the design of the Services-IF aims to push complexity and maintainability issues to the health and fitness service
43、as this means that the issues can be avoided on the PHG. The Services-IF is an abstract channel composed of one or more CCC pairs that connect a PHG application with a health and fitness service application. Each CCC pair has a component that resides in the health and fitness service application and
44、 a component that resides in the PHG application. Continua defines Certified Capability Classes on both sides of the Services-IF. This version of the Services-IF guidelines enables the following Certified Capability Classes: the uploading of observations from the PHG to the health and fitness servic
45、e in two different styles: web services (SOAP) and REST (data) ITU-T H.812.1; the uploading of consent information from the PHG to the health and fitness service in two different styles: web services (SOAP) and REST (data) ITU-T H.812; 1 NOTE Within the end-to-end architecture both the Services and
46、the Healthcare Information System (HIS) interfaces can be implemented on a device close to the user/patient (PC, laptop, mobile phone, etc.) in order to exchange information with entities that are geographically distant from such devices. The guidelines place no restrictions on the deployment of cer
47、tified capability classes on specific hardware. 4 Rec. ITU-T H.812 (07/2016) the downloading of to-be-completed questionnaires from the health and fitness Service to the PHG and the uploading of completed questionnaires from the PHG to the health and fitness service ITU-T H.812.2; the exchange of in
48、formation (e.g., unsolicited commands) between the health and fitness service and the PHG over an authenticated persistent session ITU-T H.812.4; the exchange of supported certified capability class information (capability exchange) between the PHG and the health and fitness service as an enabler fo
49、r the other use cases ITU-T H.812.3. A PHG can support one or more applications that each implement one or more Continua Certified Capability Classes. Figure 6-3 depicts the Continua Services-IF, showing a PHG application and a health and fitness service application in which all of the possible Services-IF Certified Capability Classes are implemented. Figure 6-3 Continua Services-IF showing the Services-IF Certified Capability Classes The intent of thes
