Skip to Content

Notice

Office of the National Coordinator for Health Information Technology (ONC), HHS; Notice of Availability: Secretarial Recognition of Certain Healthcare Information Technology Standards Panel (HITSP) Interoperability Specifications and the Standards They Contain as Interoperability Standards for Health Information Technology

Document Details

Information about this document as published in the Federal Register.

Published Document

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

Start Preamble

AGENCY:

Office of the National Coordinator for Health Information Technology (ONC), HHS.

Start Authority

Authority: Executive Order 13335 (“Incentives for the Use of Health Information Technology and Establishing the Position of the National Health Information Technology Coordinator”), Executive Order 13410 (“Promoting Quality and Efficient Health Care in Federal Government Administered or Sponsored Health Care Programs”), Public Law 110-161 (“Consolidated Appropriations Act, 2008”), continued by Public Law 110-329 (“Consolidated Security, Disaster Assistance, and Continuing Appropriations Act, 2009”), 42 U.S.C. 1395nn(b)(4), 42 U.S.C. 1302(a), and 42 CFR 411.357(w).

End Authority

SUMMARY:

By publication of this document, we are informing the public of the Secretary's recognition of certain Healthcare Information Technology Standards Panel (HITSP) “HITSP Interoperability Specifications” and the standards they contain as “Interoperability Standards” for health information technology. The Secretary accepted these Interoperability Standards in January of 2008, and hereby recognizes them in updated versions one year later, effective January 16, 2009. The lists of recognized Interoperability Standards are provided below and are available at http://www.hitsp.org;​ click on the “View by Status” tab.

End Preamble Start Supplemental Information

SUPPLEMENTARY INFORMATION:

The American Health Information Start Printed Page 3600Community (the “Community”) was a Federal advisory committee that was formed in 2005 to advise the Secretary concerning efforts to develop information technology standards and achieve interoperability of health IT, and to serve as a forum for a broad range of stakeholders to provide input on achieving widespread adoption of interoperable health IT. The final meeting of the Community was held on November 12, 2008. A successor to the Community has been established in the private sector, and it held its first Board meeting on November 13, 2008.

The Healthcare Information Technology Standards Panel (HITSP) was created in 2005 to serve as a cooperative partnership between the public and private sectors for the purpose of harmonizing and integrating standards that will meet clinical and business needs for sharing information among organizations and systems. Under a contract with the Department of Health and Human Services, the American National Standards Institute (ANSI) established HITSP following a neutral and inclusive governance model. The HITSP standards harmonization process was built by vendors, standards development organizations (SDOs), consumers, payers, providers, and other sectors of the industry. HITSP is a multi-stakeholder organization involving more than 600 different healthcare industry organizations and technical experts whose activities to date on these HITSP Interoperability Specifications represent more than 23,000 volunteer hours of effort.

The HITSP Interoperability Specifications are developed through a voluntary consensus-based process as a means to advance the national agenda for secure interoperable health information systems. The HITSP Interoperability Specifications are based on priorities previously recommended by the Community to the Secretary, who in turn considered the Community's advice and directed the advancement of Use Cases to further the priorities he adopted. A Use Case provides a description of the activity of persons or things (actors), a sequence of their actions, and technical specifications for systems and technologies involved when the actors engage in responding or participating in a priority area or scenario.

The HITSP Harmonization Framework defines a set of artifacts, known as “Constructs,” which specify how to integrate and constrain designated standards to meet the business needs of a Use Case; and determines how best to adopt and use emerging standards and to harmonize overlapping standards. A brief description of the Construct types and the relationships among them follows. Additional information on the HITSP Harmonization Framework may be found at http://www.hitsp.org.

HITSP Construct types, in decreasing breadth of scope, include “Interoperability Specifications,” “Transaction Packages,” “Transactions,” and “Components.” Interoperability Specifications describe the integration of all other Constructs used to meet the business needs of a Use Case. Transaction Packages contain a logical grouping of Transactions. Transactions provide a logical grouping of actions that use Components and/or composite standards to realize the actions. Components are logical groupings of base standards that work together, such as message and terminology standards. Specific rules exist for each type of Construct, defining what the Construct type can be used for and how the Construct types can be nested. A Construct may contain other Constructs or Construct types that are less inclusive in scope. A Construct may constrain another Construct or standard that it contains; conversely, a Construct may be constrained by a Construct that contains it. Each Construct is a candidate for reuse and repurposing, if a new set of requirements and context can be fulfilled by the Construct without impacting existing uses of the Construct. Each Construct is uniquely identified and version controlled.

Named Standards are major terminologies, technologies, and messaging formats referenced and/or incorporated in the HITSP Interoperability Specifications, and fall into three categories: Selected Standards, Informative Reference Standards, and Federally Adopted Standards. Selected Standards are those Named Standards that HITSP has determined to be necessary for interoperability and to be used to meet information exchange requirements of associated Constructs. They are “selected” for use in a Construct within the context of the specific Use Case requirements, and their selection for one particular Construct does not necessarily reflect selection in other contexts. Informative Reference Standards are Named Standards that provide additional background information or guidance, and are not required for interoperability or to implement the referencing Construct. Frequently, Informative Reference Standards simply provide illustrative examples that are intended to assist entities in implementing relevant HITSP Interoperability Specifications. The last category of Named Standards, Federally Adopted Standards, are those standards that HITSP has identified in Constructs, which have been adopted by federal regulation or are otherwise required by federal law. All “HITSP Interoperability Specifications” and their components include language that defers to Federally Adopted Standards, wherever they apply.

The term “HITSP Interoperability Specifications” is used here both broadly and inclusively to refer to the specific Use-Case-derived Interoperability Specifications, the Constructs, implementation guidance, and the Selected Standards. Informative Reference Standards are intended solely to provide greater clarity and guidance for implementing the HITSP Interoperability Specifications. Similarly, HITSP Technical Notes, which are used to give additional guidance and direction to the HITSP analysis process as well as background information for implementers, are intended solely for guidance.

The HITSP presented to the Community the following: Three updated sets of HITSP Interoperability Specifications and three sets of new HITSP Interoperability Specifications, along with all of the Selected Standards and Constructs associated with each, as approved by the HITSP and described in the following paragraphs. The Community subsequently recommended that the updated and new HITSP Interoperability Specifications, which include Constructs, and Named Standards, initially be accepted by the Secretary as “Interoperability Standards” as of January 2008 and then be recognized by the Secretary one year later in January 2009. HITSP indicated that it would, in conjunction with the public and private sectors that will be implementing these standards, be refining the components over the course of this year, and that any refinements would consist solely of changes that are minor and of a technical nature. The Secretary has since considered and adopted the Community's recommendations, and in turn, accepted the HITSP Interoperability Specifications in January 2008 while indicating his intention to recognize them one year later, in January 2009, presuming that any changes would be minimal, reflecting public comment and/or of a minor and technical nature.

The updated HITSP Interoperability Specification recommended for acceptance in January 2008 and recognition in January 2009 is IS03 Consumer Empowerment and Access to Clinical Information via Networks (v3). Start Printed Page 3601The new HITSP Interoperability Specifications recommended for acceptance and recognition include IS04 Emergency Responder Electronic Health Record (v1), IS05 Consumer Empowerment and Access to Clinical Information via Portable Media (v1), and IS06 Quality (v1).

The IS04 Emergency Responder Electronic Health Record (v1) and related standards address the deployment of standardized, widely available and secure solutions for accessing and exchanging current and historical patient-specific health information in both small- and large-scale emergency care incidents. Both of the Consumer Empowerment Interoperability Specifications and related standards address the support of consumer interactions to reconcile identifiers and access, view, and share registration summaries and clinical information with personal health records; they are distinguished by the modes of exchange, via networks (IS03 v3) or portable media (IS05 v1). The IS06 Quality (v1) and related standards enable interoperable, electronic quality monitoring and improvement.

A series of Constructs referenced in the HITSP Security and Privacy Technical Note (TN900) supports existing and developing polices for the security of electronic health information by providing an initial infrastructure of standards and implementation guidance that can be used with a variety of different methodologies and approaches that are currently employed. These data and technical standards do not define policies, but provide an infrastructure that can support policy implementation. The Constructs referenced in TN900 have been integrated into all of the accepted HITSP Interoperability Specifications, as well as into all existing Interoperability Standards, and will continue to be reused for future use cases. The updated Interoperability Standards previously recognized in January 2008 now incorporate the security and privacy constructs from TN900. These include IS01 Electronic Health Records Laboratory Results Reporting (v3) and IS02 Biosurveillance (v3), as well as the previously mentioned IS03 Consumer Empowerment and Access to Clinical Information via Networks (v3).

The Interoperability Standards associated with the HITSP Biosurveillance Interoperability Specification (HITSP v2 2007 IS02), or “BIO,” were recognized by the Secretary in December 2007. The Hospital Availability Exchange Standard (HAVE), which was referenced in the HITSP Interoperability Specification, was not ready for secretarial recognition in June 2008 as anticipated, but since its content has been previously included in the accepted HITSP Interoperability Specifications and it has achieved final ballot by the Standards Development Organization, it is being recognized.

Over the course of the year between “acceptance” and “recognition,” all refinements to the HITSP Interoperability Specifications have been solely of a minor and technical nature. In addition, further mappings of existing policies were conducted to ensure that there were no issues or conflicts.

Inserted below are lists of the HITSP Interoperability Specifications, including the Constructs and Selected Standards referenced by each Construct, which the Secretary is recognizing, effective January 16, 2009. For the newly recognized Interoperability Standards (i.e., IS04, IS05, and IS06), all Constructs and Selected Standards are listed. For the previously recognized Interoperability Standards that have been updated, only the minor, technical changes are listed for clarity and convenience. The full text of the HITSP Interoperability Specifications, Constructs, and references to the Selected Standards, along with the related Use Cases can be found at http://www.hitsp.org.

IS01—Electronic Health Records Laboratory Results Reporting V3

Below is a list of the HITSP constructs that have been added as referenced by this HITSP Interoperability Specification since previously recognized.

  • HITSP/C19 Entity Identity Assertion Component (V1)
  • HITSP/T14 Send Laboratory Result Message Transaction (V2)
  • HITSP/T15 Collect and Communicate Security Audit Trail Transaction (V1)
  • HITSP/T16 Consistent Time Transaction (V1)
  • HITSP/T17 Secured Communication Channel Transaction (V1)
  • HITSP/TP20 Access Control Transaction Package (V1)
  • HITSP/TP30 Manage Consent Directives Transaction Package (V1)

Below is a list of Selected Standards that have been added for this HITSP Interoperability Specification since previously recognized.

  • Health Level Seven (HL7) U.S. Realm—Interoperability Specification: Lab Result Message to EHR (ORU-R01) (HL7 Version 2.5.1) September, 2007
  • Health Level Seven (HL7) V3 RBAC, R1-2008, HL7 Version 3 Standard: Role Based Access Control (RBAC) Healthcare Permissions Catalog, Release 1, February 2008
  • Health Level Seven (HL7) Version 2.3.1
  • Health Level Seven (HL7) Version 2.5.1
  • Health Level Seven (HL7) Version 3.0 Privacy Consent related specifications RCMR_RM010001—Data Consent
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Volume 2 Supplement 2007-2008 Cross-Enterprise User Assertion (XUA)
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0, Audit Trail and Node Authentication (ATNA) Integration Profile
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0, Consistent Time (CT) Integration Profile
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0, Patient Demographics Query (PDQ) Integration Profile
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (TF) Supplement—ITI-25 Notification of Document Availability (NAV) Jun 28, 2005
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0, Section 10 Cross-Enterprise Document Sharing (XDS.a)
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Volume 2 Supplement 2007-2008 Cross-Enterprise Document Sharing-B (XDS.b)
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Supplement 2007-2008 Basic Patient Privacy Consents (BPPC)—Trial Implementation
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework Supplement 2008-2009, Pediatric Demographics, Draft for Trial Implementation (August 22, 2008)
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0, Patient Identifier Cross-Referencing Integration Profile (PIX)
  • Integrating the Healthcare Enterprise (IHE) Laboratory Technical Framework Volume 3 (LAB TF-3) Document-based Transactions, Revision Start Printed Page 36022.0—For Trial Implementation, August 16, 2007
  • Internet Engineering Task Force (IETF) Hypertext Transfer Protocol (HTTP) over Transport Layer Security (TLS) (RFC) # 2818, May 2000
  • Internet Engineering Task Force (IETF) Network Time Protocol (Version 3) Specification, Implementation and Analysis, “Request for Comment” (RFC) # 1305, March, 1992
  • Internet Engineering Task Force (IETF) Simple Network Time Protocol (SNTP) Version 4, “Request for Comment” (RFC) # 2030, October, 1996
  • Organization for the Advancement of Structured Information Standards (OASIS) Security Assertion Markup Language (SAML) v2.0 OASIS Standard; ITU-T X.1141
  • Organization for the Advancement of Structured Information Standards (OASIS) WS-Federation Web Services Federation Language (WS-Federation), Version 1.1, December 2006
  • Organization for the Advancement of Structured Information Standards (OASIS) WS-Trust Version 1.3, March 2007
  • Organization for the Advancement of Structured Information Standards (OASIS) eXtensible Access Control Markup Language (XACML), ITU-T Recommendation X.1142, February 2005

Below is a list of standards that have been removed, re-categorized, or expanded on for this HITSP Interoperability Specification since previously recognized.

  • Clinical Laboratory Improvement Amendments (CLIA) of 1988
○ Designated as Federally Adopted Standards
  • Health Insurance Portability and Accountability Act (HIPAA)—Administrative Simplification
○ Designated as Federally Adopted Standards
  • Hypertext Transfer Protocol Secure (HTTPS) 443/tcp
○ Removed from Interoperability Specification
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 3.0
○ Has been expanded upon to add more detail/clarity
  • Health Level Seven (HL7) Version 2.5/2.5.1
○ Has been expanded upon to add more detail/clarity
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0
○ Has been expanded upon to add more detail/clarity
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (TF) Supplement
○ Has been expanded upon to add more detail/clarity
  • Integrating the Healthcare Enterprise (IHE) Laboratory Technical Framework Supplement 2006-2007 Revision 1.0
○ Removed from Interoperability Specification
  • International Organization for Standardization (ISO) Electronic business eXtensible Markup Language (ebXML), Technical Specification #15000—Part 4: Registry services specification (ebRS), May, 2004
○ Removed from Interoperability Specification

IS02—Biosurveillance V3

Below is a list of the HITSP constructs that have been added as referenced by this HITSP Interoperability Specification since previously recognized.

  • HITSP/C19 Entity Identity Assertion Component (V1)
  • HITSP/C26 Nonrepudiation of Origin Component (V1)
  • HITSP/T15 Collect and Communicate Security Audit Trail Transaction (V1)
  • HITSP/T16 Consistent Time Transaction (V1)
  • HITSP/T17 Secured Communication Channel Transaction (V1)
  • HITSP/TP20 Access Control Transaction Package (V1)
  • HITSP/TP30 Manage Consent Directives Transaction Package (V1)

Below is a list of Selected Standards that have been added for this HITSP Interoperability Specification since previously recognized.

  • American Society for Testing and Materials (ASTM) Standard Guide for Electronic Authentication of Health Care Information: # E1762-95(2003)
  • European Telecommunications Standards Institute (ETSI) Technical Specification TS 101 903: XML Advanced Electronic Signatures (XadES)
  • Health Level Seven (HL7) U.S. Realm—Interoperability Specification: Lab Result Message to EHR (ORU⁁R01) (HL7 Version 2.5.1) September, 2007
  • Health Level Seven (HL7) V3 RBAC, R1-2008, HL7 Version 3 Standard: Role Based Access Control (RBAC) Healthcare Permissions Catalog, Release 1, February 2008
  • Health Level Seven (HL7) Version 2.3.1
  • Health Level Seven (HL7) Version 2.5.1
  • Health Level Seven (HL7) Version 3.0 Privacy Consent related specifications RCMR_RM010001—Data Consent
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0, Audit Trail and Node Authentication (ATNA) Integration Profile
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0, Consistent Time (CT) Integration Profile
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0, Section 10 Cross-Enterprise Document Sharing (XDS.a)
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (TF) Supplement—ITI-25 Notification of Document Availability (NAV) Jun 28, 2005
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Volume 2 Supplement 2007-2008 Cross-Enterprise User Assertion (XUA)
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Volume 2 Supplement 2007-2008 Cross-Enterprise Document Sharing-B (XDS.b)
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Supplement 2007-2008 Basic Patient Privacy Consents (BPPC)—Trial Implementation
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (TF) Supplement Volume 3—Document Digital Signature (DSG) Content Profile
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (TF) 2007-2008 Supplement, Retrieve Form for Data Capture (RFD)
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework Supplement 2008-2009, Pediatric Demographics, Draft for Trial Implementation (August 22, 2008)
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0, Patient Identifier Cross-Referencing Integration Profile (PIX)
  • Integrating the Healthcare Enterprise (IHE) Laboratory Technical Framework Volume 3 (LAB TF-3) Document-based Transactions, Revision 2.0—For Trial Implementation, August 16, 2007
  • Integrating the Healthcare Enterprise (IHE) Patient Care Start Printed Page 3603Coordination (PCC), Revision 3.0, 2007-2008, Cross-Enterprise Sharing of Medical Summaries (XDS-MS) Integration Profile
  • Integrating the Healthcare Enterprise (IHE) Radiology Technical Framework Revision 8.0
  • Internet Engineering Task Force (IETF) Network Time Protocol (Version 3) Specification, Implementation and Analysis, “Request for Comment” (RFC) #1305, March, 1992
  • Internet Engineering Task Force (IETF) Simple Network Time Protocol (SNTP) Version 4, “Request for Comment” (RFC) #2030, October, 1996
  • Organization for the Advancement of Structured Information Standards (OASIS) Security Assertion Markup Language (SAML) v2.0 OASIS Standard; ITU-T X.1141
  • Organization for the Advancement of Structured Information Standards (OASIS) WS-Federation Web Services Federation Language (WS-Federation), Version 1.1, December 2006
  • Organization for the Advancement of Structured Information Standards (OASIS) WS-Trust Version 1.3, March 2007
  • Organization for the Advancement of Structured Information Standards (OASIS) eXtensible Access Control Markup Language (XACML), ITU-T Recommendation X.1142, February 2005

Below is a list of standards that have been removed, re-categorized, or expanded on for this HITSP Interoperability Specification since previously recognized.

  • Clinical Care Classification (CCC) Version 2.0 [formerly known as the Home Healthcare Classification (HHCC) System]
○ Removed from Interoperability Specification
  • Clinical Laboratory Improvement Amendments (CLIA) of 1988
○ Designated as Federally Adopted Standards
  • Digital Imaging and Communications in Medicine (DICOM) Attribute Level Confidentiality Supplement: # 55
○ Removed from Interoperability Specification
  • Health Insurance Portability and Accountability Act (HIPAA)—Administrative Simplification
○ Designated as Federally Adopted Standards
  • Health Level Seven (HL7) Version 2.5/2.5.1
○ Has been expanded upon to add more detail/clarity
  • Health Level Seven (HL7) Version 3.0
○ Has been expanded upon to add more detail/clarity
  • Healthcare Common Procedure Coding System (HCPCS) Level II Code Set
○ Removed from Interoperability Specification
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (TF) Supplement
○ Has been expanded upon to add more detail/clarity
  • Integrating the Healthcare Enterprise (IHE) Laboratory Technical Framework Supplement 2006-2007 Revision 1.0
○ Removed from Interoperability Specification
  • Integrating the Healthcare Enterprise (IHE) Patient Care Coordination (PCC) Technical Framework Revision 3.0
○ Has been expanded upon to add more detail/clarity
  • Integrating the Healthcare Enterprise (IHE) Radiology Technical Framework Revision 7.0
○ Has been expanded upon to add more detail/clarity
  • International Organization for Standardization (ISO) Electronic business eXtensible Markup Language (ebXML), Technical Specification # 15000—Part 4: Registry services specification (ebRS), May 2004
○ Removed from Interoperability Specification
  • National Library of Medicine (NLM) Unified Medical Language System (UMLS) RxNorm
○ Removed from Interoperability Specification
  • Organization for the Advancement of Structured Information Standards (OASIS) Emergency Data Exchange Language (EDXL) Distribution Element (DE)
○ Removed from Interoperability Specification

IS03—Consumer Empowerment and Access to Clinical Information via Networks V3

Below is a list of the HITSP constructs that have been added as referenced by this HITSP Interoperability Specification since previously recognized.

  • HITSP/C19 Entity Identity Assertion Component (V1)
  • HITSP/C26 Nonrepudiation of Origin Component (V1)
  • HITSP/C35 Lab Result Terminology Component (V2)
  • HITSP/C37 Lab Report Document Component (V2)
  • HITSP/T15 Collect and Communicate Security Audit Trail Transaction (V1)
  • HITSP/T16 Consistent Time Transaction (V1)
  • HITSP/T17 Secured Communication Channel Transaction (V1)
  • HITSP/TP20 Access Control Transaction Package (V1)
  • HITSP/TP30 Manage Consent Directives Transaction Package (V1)

Below is a list of Selected Standards that have been added for this HITSP Interoperability Specification since previously recognized.

  • American Society for Testing and Materials (ASTM) Standard Guide for Electronic Authentication of Health Care Information: # E1762-95 (2003)
  • European Telecommunications Standards Institute (ETSI) Technical Specification TS 101 903: XML Advanced Electronic Signatures (XadES)
  • Health Level Seven (HL7) V3 RBAC, R1-2008, HL7 Version 3 Standard: Role Based Access Control (RBAC) Healthcare Permissions Catalog, Release 1, February 2008
  • Health Level Seven (HL7) Version 2.3.1
  • Health Level Seven (HL7) Version 2.5.1
  • Health Level Seven (HL7) Version 3.0 Privacy Consent related specifications RCMR_RM010001—Data Consent
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0, Section 10 Cross-Enterprise Document Sharing (XDS.a)
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Volume 2 Supplement 2007-2008 Cross-Enterprise Document Sharing-B (XDS.b)
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0, Patient Identifier Cross-Referencing Integration Profile (PIX)
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0, Audit Trail and Node Authentication (ATNA) Integration Profile
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0, Consistent Time (CT) Integration Profile
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Supplement 2007-2008 Basic Patient Privacy Consents (BPPC)—Trial Implementation
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Start Printed Page 3604Technical Framework (ITI-TF) Volume 2 Supplement 2007-2008 Cross-Enterprise User Assertion (XUA)
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (TF) Supplement Volume 3—Document Digital Signature (DSG) Content Profile
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework Supplement 2008-2009, Pediatric Demographics, Draft for Trial Implementation (August 22, 2008)
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0, Patient Demographics Query (PDQ) Integration Profile
  • Integrating the Healthcare Enterprise (IHE) Laboratory Technical Framework Volume 3 (LAB TF-3) Document-based Transactions, Revision 2.0—For Trial Implementation, August 16, 2007
  • International Health Terminology Standards Development Organisation (IHTSDO) Systematized Nomenclature of Medicine Clinical Terms (SNOMED CT®)
  • Internet Engineering Task Force (IETF) Network Time Protocol (Version 3) Specification, Implementation and Analysis, “Request for Comment” (RFC) # 1305, March, 1992
  • Internet Engineering Task Force (IETF) Simple Network Time Protocol (SNTP) Version 4, “Request for Comment” (RFC) # 2030, October, 1996
  • Organization for the Advancement of Structured Information Standards (OASIS) Security Assertion Markup Language (SAML) v2.0 OASIS Standard; ITU-T X.1141
  • Organization for the Advancement of Structured Information Standards (OASIS) WS-Federation Web Services Federation Language (WS-Federation), Version 1.1, December 2006
  • Organization for the Advancement of Structured Information Standards (OASIS) WS-Trust Version 1.3, March 2007
  • Organization for the Advancement of Structured Information Standards (OASIS) eXtensible Access Control Markup Language (XACML), ITU-T Recommendation X.1142, February 2005
  • Unified Code for Units of Measure (UCUM)

Below is a list of standards that have been removed, re-categorized, or expanded on for this HITSP Interoperability Specification since previously recognized.

  • Accredited Standards Committee (ASC) X12 Insurance Subcommittee (X12N) Implementation Guides Version 004010 plus Addenda 004010A1
○ Removed from Interoperability Specification
  • Accredited Standards Committee (ASC) X12 Standards Release 004010
○ Removed from Interoperability Specification
  • American Society for Testing and Materials (ASTM) Standard Specification for Coded Values Used in the Electronic Health Record: # E1633-02
○ Removed from Interoperability Specification
  • American Society for Testing and Materials (ASTM) Standard Specification for Continuity of Care Record (CCR): # E2369-05
○ Removed from Interoperability Specification
  • CDC Race and Ethnicity Code Sets
○ Removed from Interoperability Specification
  • Council for Affordable Quality Healthcare (CAQH) Committee on Operating Rules for Information Exchange (CORE) Phase I Operating Rules
○ Designated as Informative Reference
  • Federal Medication Terminologies
○ Removed from Interoperability Specification and replaced by specific named terminologies
  • Health Level Seven (HL7) HER System Functional Model Draft Standard for Trial use (DSTU)
○ Removed from Interoperability Specification
  • Health Level Seven (HL7) Version 2.5/2.5.1
○ Has been expanded upon to add more detail/clarity
  • Health Level Seven (HL7) Version 3.0
○ Has been expanded upon to add more detail/clarity and listed as Informative Reference
  • U.S. National Uniform Claims Committee Health Care Provider Taxonomy Code Set
○ Removed from Interoperability Specification
  • International Organization for Standardization (ISO) Electronic business eXtensible Markup Language (ebXML), Technical Specification # 15000—Part 4: Registry services specification (ebRS), May, 2004
○ Removed from Interoperability Specification
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 3.0
○ Removed from Interoperability Specification
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0
○ Has been expanded upon to add more detail/clarity and listed as Informative Reference
  • Integrating the Healthcare Enterprise (IHE) Patient Care Coordination (PCC) Technical Framework Revision 3.0
○ Removed from Interoperability Specification
  • National Council for Prescription Drug Programs (NCPDP) SCRIPT Standard Version 8.1
○ Removed from Interoperability Specification
  • Revisions to the Standards for the Classification of Federal Data on Race and Ethnicity
○ Designated as Informative Reference

IS04—Emergency Responder Electronic Health Record V1

Below is a list of the HITSP constructs used by this HITSP Interoperability Specification.

  • HITSP/C19 Entity Identity Assertion Component (V1)
  • HITSP/C28 Emergency Care Summary Document Using IHE Emergency Department Encounter Summary (EDES) Component (V1)
  • HITSP/C32 Summary Documents Using HL7 Continuity of Care Document (CCD) Component (V2)
  • HITSP/C39 Encounter Message Component (V2)
  • HITSP/C48 Encounter Document Using IHE Medical Summary (XDS-MS) Component (V2)
  • HITSP/T15 Collect and Communicate Security Audit Trail Transaction (V1)
  • HITSP/T16 Consistent Time Transaction (V1)
  • HITSP/T17 Secured Communication Channel Transaction (V1)
  • HITSP/T23 Patient Demographics Query Transaction (V2)
  • HITSP/TP13 Manage Sharing of Documents Transaction Package (V2)
  • HITSP/TP20 Access Control Transaction Package (V1)
  • HITSP/TP22 Patient ID Cross-Referencing Transaction Package (V2)
  • HITSP/TP30 Manage Consent Directives Transaction Package (V1)

Below is a list of Selected Standards for this HITSP Interoperability Specification.

  • Federal Information Processing Standards (FIPS) Codes for the Identification of the States, the District of Columbia and the Outlying Areas of the United States, and Associated Areas Publication # 5-2, May 1987
  • Health Level Seven (HL7) Implementation Guide: CDA Release 2—Start Printed Page 3605Continuity of Care Document (CCD), April 01, 2007
  • Health Level Seven (HL7) V3 RBAC, R1-2008, HL7 Version 3 Standard: Role Based Access Control (RBAC) Healthcare Permissions Catalog, Release 1, February 2008
  • Health Level Seven (HL7) Version 2.3.1
  • Health Level Seven (HL7) Version 2.5
  • Health Level Seven (HL7) Version 3.0 Clinical Document Architecture (CDA/CDA R2)
  • Health Level Seven (HL7) Version 3.0 Privacy Consent related specifications RCMR_RM010001—Data Consent
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0, Audit Trail and Node Authentication (ATNA) Integration Profile
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0, Consistent Time (CT) Integration Profile
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Volume 2 Supplement 2007-2008 Cross-Enterprise User Assertion (XUA)
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0, Patient Demographics Query (PDQ) Integration Profile
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0, Section 10 Cross-Enterprise Document Sharing (XDS.a)
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Volume 2 Supplement 2007-2008 Cross-Enterprise Document Sharing-B (XDS.b)
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0—Registry Stored Query Transaction for XDS Profile Supplement [ITI-18]
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0 XCA Supplement
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Supplement 2007-2008 Basic Patient Privacy Consents (BPPC)—Trial Implementation
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework Supplement 2008-2009, Pediatric Demographics, Draft for Trial Implementation (August 22, 2008)
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0, Patient Identifier Cross-Referencing Integration Profile (PIX)
  • Integrating the Healthcare Enterprise (IHE) Patient Care Coordination (PCC)—Emergency Department Encounter Summary (EDES), Technical Framework Supplement, Volume I, Revision 3.0, 2007-2008.
  • Integrating the Healthcare Enterprise (IHE) Patient Care Coordination (PCC), Revision 3.0, 2007-2008, Cross-Enterprise Sharing of Medical Summaries (XDS-MS) Integration Profile
  • International Classification of Diseases, 10th Revision, Procedure Coding System (ICD-10-PCS)
  • International Classification of Diseases, 10th Revision, Related Health Problems (ICD-10-CM)
  • International Classification of Diseases, 9th Revision, Clinical Modifications (ICD-9-CM)
  • International Health Terminology Standards Development Organisation (IHTSDO) Systematized Nomenclature of Medicine Clinical Terms (SNOMED CT®)
  • Internet Engineering Task Force (IETF) Network Time Protocol (Version 3) Specification, Implementation and Analysis, “Request for Comment” (RFC) # 1305, March, 1992
  • Internet Engineering Task Force (IETF) Simple Network Time Protocol (SNTP) Version 4, “Request for Comment” (RFC) # 2030, October, 1996
  • Logical Observation Identifiers Names and Codes (LOINC®)
  • National Uniform Billing Committee (NUBC) Uniform Bill Version 1992 (UB-92) Current UB Data Specification Manual Field 22, Patient Discharge Status, Codes
  • Organization for the Advancement of Structured Information Standards (OASIS) Security Assertion Markup Language (SAML) v2.0 OASIS Standard; ITU-T X.1141
  • Organization for the Advancement of Structured Information Standards (OASIS) WS-Federation Web Services Federation Language (WS-Federation), Version 1.1, December 2006
  • Organization for the Advancement of Structured Information Standards (OASIS) WS-Trust Version 1.3, March 2007
  • Organization for the Advancement of Structured Information Standards (OASIS) eXtensible Access Control Markup Language (XACML), ITU-T Recommendation X.1142, February 2005
  • Unified Code for Units of Measure (UCUM)

IS05—Consumer Empowerment and Access to Clinical Information via Media V1

Below is a list of the HITSP constructs used by this HITSP Interoperability Specification.

  • HITSP/C19 Entity Identity Assertion Component (V1)
  • HITSP/C32 Summary Documents Using HL7 Continuity of Care Document (CCD) Component (V2)
  • HITSP/C35 Lab Result Terminology Component (V2)
  • HITSP/C37 Lab Report Document Component (V2)
  • HITSP/T15 Collect and Communicate Security Audit Trail Transaction (V1)
  • HITSP/T16 Consistent Time Transaction (V1)
  • HITSP/T23 Patient Demographics Query Transaction (V2)
  • HITSP/T33 Transfer of Documents on Media Transaction (V1)
  • HITSP/TP20 Access Control Transaction Package (V1)
  • HITSP/TP22 Patient ID Cross-Referencing Transaction Package (V2)
  • HITSP/TP30 Manage Consent Directives Transaction Package (V1)

Below is a list of Selected Standards for this HITSP Interoperability Specification.

  • Digital Imaging and Communications in Medicine (DICOM) Part 3.12: Media Formats and Physical Media for Media Interchange
  • Health Level Seven (HL7) Clinical Document Architecture Release 2 (CDA R2)
  • Health Level Seven (HL7) Implementation Guide: CDA Release 2—Continuity of Care Document (CCD), April 01, 2007
  • Health Level Seven (HL7) Implementation Guide: CDA Release 2—Continuity of Care Document (CCD), April 01, 2007
  • Health Level Seven (HL7) Implementation Guide: CDA Release 2—Continuity of Care Document (CCD), April 01, 2007
  • Health Level Seven (HL7) V3 RBAC, R1-2008, HL7 Version 3 Standard: Role Based Access Control (RBAC) Healthcare Permissions Catalog, Release 1, February 2008
  • Health Level Seven (HL7) V3 RBAC, R1-2008, HL7 Version 3 Standard: Role Based Access Control (RBAC) Healthcare Permissions Catalog, Release 1, February 2008
  • Health Level Seven (HL7) Version 2.3.1 Start Printed Page 3606
  • Health Level Seven (HL7) Version 2.5
  • Health Level Seven (HL7) Version 2.5.1
  • Health Level Seven (HL7) Version 3.0 Privacy Consent related specifications RCMR_RM010001—Data Consent
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Volume 2 Supplement 2007-2008 Cross-Enterprise User Assertion (XUA)
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Volume 2 Supplement 2007-2008 Cross-Enterprise User Assertion (XUA)
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0, Audit Trail and Node Authentication (ATNA) Integration Profile
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0, Consistent Time (CT) Integration Profile
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0, Patient Demographics Query (PDQ) Integration Profile
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0, Patient Identifier Cross-Referencing Integration Profile (PIX)
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0, Section 10 Cross-Enterprise Document Sharing (XDS.a)
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Volume 2 Supplement 2007-2008 Cross-Enterprise Document Sharing-B (XDS.b)
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0—Registry Stored Query Transaction for XDS Profile Supplement [ITI-18]
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0 XCA Supplement
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Supplement 2007-2008 Basic Patient Privacy Consents (BPPC)—Trial Implementation
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework Supplement 2008-2009, Pediatric Demographics, Draft for Trial Implementation (August 22, 2008)
  • Integrating the Healthcare Enterprise (IHE) Laboratory Technical Framework Volume 3 (LAB TF-3) Document-based Transactions, Revision 2.0—For Trial Implementation, August 16, 2007
  • International Health Terminology Standards Development Organisation (IHTSDO) Systematized Nomenclature of Medicine Clinical Terms (SNOMED CT ®)
  • International Organization for Standardization (ISO) Health informatics—9660 Level 1
  • Internet Engineering Task Force (IETF) Network Time Protocol (Version 3) Specification, Implementation and Analysis, “Request for Comment” (RFC) # 1305, March, 1992
  • Internet Engineering Task Force (IETF) Simple Network Time Protocol (SNTP) Version 4, “Request for Comment” (RFC) # 2030, October, 1996
  • Logical Observation Identifiers Names and Codes (LOINC ®)
  • Organization for the Advancement of Structured Information Standards (OASIS) Security Assertion Markup Language (SAML) v2.0 OASIS Standard; ITU-T X.1141
  • Organization for the Advancement of Structured Information Standards (OASIS) WS-Trust Version 1.3, March 2007
  • Organization for the Advancement of Structured Information Standards (OASIS) WS-Federation Web Services Federation Language (WS-Federation), Version 1.1, December 2006
  • Organization for the Advancement of Structured Information Standards (OASIS) eXtensible Access Control Markup Language (XACML), ITU-T Recommendation X.1142, February 2005
  • Unified Code for Units of Measure (UCUM)
  • USB Removable Device Type 2.0 (USB Implementers Forum)
  • XDM Supplement to the Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF)

IS06—Quality V1

Below is a list of the HITSP constructs used by this HITSP Interoperability Specification.

  • HITSP/C19 Entity Identity Assertion Component (V1)
  • HITSP/C25 Anonymize Component (V2)
  • HITSP/C26 Nonrepudiation of Origin Component (V1)
  • HITSP/C34 Patient Level Quality Data Message Component (V1)
  • HITSP/C38 Patient Level Quality Data Document Using IHE Medical Summary (XDS-MS) Component (V1)
  • HITSP/T15 Collect and Communicate Security Audit Trail Transaction (V1)
  • HITSP/T16 Consistent Time Transaction (V1)
  • HITSP/T17 Secured Communication Channel Transaction (V1)
  • HITSP/T23 Patient Demographics Query Transaction (V2)
  • HITSP/T24 Pseudonymize Transaction (V2)
  • HITSP/T29 Notification of Document Availability Transaction (V2)
  • HITSP/T31 Document Reliable Interchange Transaction (V1)
  • HITSP/TP13 Manage Sharing of Documents Transaction Package (V2)
  • HITSP/TP20 Access Control Transaction Package (V1)
  • HITSP/TP21 Query for Existing Data Transaction Package (V1)
  • HITSP/TP22 Patient ID Cross-Referencing Transaction Package (V2)
  • HITSP/TP30 Manage Consent Directives Transaction Package (V1)
  • HITSP/TP50 Retrieve Form for Data Capture Transaction Package (V2)

Below is a list of Selected Standards for this HITSP Interoperability Specification.

  • American Medical Association (AMA) Current Procedural Terminology (CPT ®) Fourth Edition (CPT-4); CPT Evaluation and Management Codes
  • American Society for Testing and Materials (ASTM) Standard Guide for Electronic Authentication of Health Care Information: #E1762-95(2003)
  • Centers for Medicare and Medicaid Services (CMS) National Provider Identifier (NPI)
  • Digital Imaging and Communications in Medicine (DICOM)—Part 16: Content Mapping Resource
  • European Telecommunications Standards Institute (ETSI) Technical Specification TS 101 903: XML Advanced Electronic Signatures (XadES)
  • Federal Information Processing Standards (FIPS) Codes for the Identification of the States, the District of Columbia and the Outlying Areas of the United States, and Associated Areas Publication #5-2, May, 1987
  • Health Level Seven (HL7) Version 2.3.1
  • Health Level Seven (HL7) Version 2.5
  • Health Level Seven (HL7) Version 3.0
  • Health Level Seven (HL7) Version 3.0 Privacy Consent related Start Printed Page 3607specifications RCMR_RM010001—Data Consent
  • Health Level Seven (HL7) V3 RBAC, R1-2008, HL7 Version 3 Standard: Role Based Access Control (RBAC) Healthcare Permissions Catalog, Release 1, February 2008
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0, Section 10 Cross-Enterprise Document Sharing (XDS.a)
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Volume 2 Supplement 2007-2008 Cross-Enterprise Document Sharing-B (XDS.b)
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0—Registry Stored Query Transaction for XDS Profile Supplement [ITI-18]
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0 XCA Supplement
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0, Patient Demographics Query (PDQ) Integration Profile
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (TF) Supplement—ITI-25 Notification of Document Availability (NAV) Jun 28, 2005
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework Supplement 2008-2009, Pediatric Demographics, Draft for Trial Implementation (August 22, 2008)
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) 2006-2007 Trial Implementation Supplement Cross-Enterprise Document Reliable Interchange (XDR)
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0, Patient Identifier Cross-Referencing Integration Profile (PIX)
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0, Audit Trail and Node Authentication (ATNA) Integration Profile
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Revision 4.0, Consistent Time (CT) Integration Profile
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF) Volume 2 Supplement 2007-2008 Cross-Enterprise User Assertion (XUA)
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (TF) Supplement Volume 3—Document Digital Signature (DSG) Content Profile
  • Integrating the Healthcare Enterprise (IHE) IT Infrastructure Technical Framework (TF) 2007-2008 Supplement, Retrieve Form for Data Capture (RFD)
  • Integrating the Healthcare Enterprise (IHE) Patient Care Coordination (PCC) Technical Framework Volume 1, Revision 3.0 2007-2008
  • Integrating the Healthcare Enterprise (IHE) Patient Care Coordination (PCC), Revision 3.0, 2007-2008, Cross-Enterprise Sharing of Medical Summaries (XDS-MS) Integration Profile
  • International Classification of Diseases, 10th Revision, Procedure Coding System (ICD-10-PCS)
  • International Classification of Diseases, 9th Revision, Clinical Modifications (ICD-9-CM)
  • International Health Terminology Standards Development Organisation (IHTSDO) Systematized Nomenclature of Medicine Clinical Terms (SNOMED CT ®)
  • International Organization for Standardization (ISO) Health Informatics—Pseudonymisation, Unpublished Technical Specification #25237
  • International Organization for Standardization (ISO) Health Informatics—Pseudonymization, Unpublished Technical Specification #25237
  • Internet Engineering Task Force (IETF) Network Time Protocol (Version 3) Specification, Implementation and Analysis, “Request for Comment” (RFC) #1305, March 1992
  • Internet Engineering Task Force (IETF) Simple Network Time Protocol (SNTP) Version 4, “Request for Comment” (RFC) #2030, October 1996
  • Logical Observation Identifiers Names and Codes (LOINC ®)
  • National Library of Medicine (NLM) Unified Medical Language System (UMLS) RxNorm
  • National Uniform Billing Committee (NUBC) Uniform Bill Version 2007 (UB-04) Current UB Data Specification Manual Field 22, Patient Discharge Status, Codes
  • Organization for the Advancement of Structured Information Standards (OASIS) Simple Object Access Protocol (SOAP) Version 1.1, 1.2
  • Organization for the Advancement of Structured Information Standards (OASIS) Security Assertion Markup Language (SAML) v2.0 OASIS Standard; ITU-T X.1141
  • Organization for the Advancement of Structured Information Standards (OASIS) WS-Federation Web Services Federation Language (WS-Federation), Version 1.1, December 2006
  • Organization for the Advancement of Structured Information Standards (OASIS) WS-Trust Version 1.3, March 2007
  • Organization for the Advancement of Structured Information Standards (OASIS) eXtensible Access Control Markup Language (XACML), ITU-T Recommendation X.1142, February 2005
  • Unified Code for Units of Measure (UCUM)

Certain legal obligations may flow from the recognition of these Interoperability Standards. First, pursuant to Executive Order 13410 (EO 13410) dated August 22, 2006, recognition of Interoperability Standards would require each Federal agency that administers or sponsors a Federal health care program (as defined in that Executive Order), as it implements, acquires, or upgrades health information technology systems used for the direct exchange of health information between agencies and with non-Federal entities, to utilize, where available and as permitted by applicable law, health information technology systems and products that meet interoperability standards recognized by the Secretary. Therefore, those Federal agencies would be required to appropriately consider health information technology systems and products that comply with these Interoperability Standards, once recognized, when implementing, acquiring, or upgrading such items or systems.

Similarly, the EO 13410 also directs those Federal agencies to contractually require, to the extent permitted by law, certain entities with whom they do business, to use, where available, health information technology systems and products that meet Interoperability Standards recognized by the Secretary.

In addition, the regulations promulgated on August 8, 2006 (see 71 FR 45140 and 71 FR 45110) established exceptions and safe harbors to the physician self-referral law and the anti-kickback statute, respectively, for certain arrangements involving the donation of electronic prescribing and electronic health records (EHR) Start Printed Page 3608technology and services. The EHR exception and safe harbor require that the software be “interoperable” as defined in the regulations. The rules also provide that certain software will be deemed to be “interoperable” if that software has been certified by a certifying body recognized by the Secretary within 12 months prior to the donation. Under the interim guidance for the recognition of certifying bodies published by the ONC (“Office of the National Coordinator for Health Information Technology (ONC) Interim Guidance Regarding the Recognition of Certification Bodies”), for an organization to be recognized as a recognized certifying body (RCB), the organization must, among other characteristics:

  • Have in place a demonstrated process for and experience in certifying products to be in compliance with criteria recognized by the Secretary;
  • Have a method by which it can incorporate all applicable standards and certification criteria recognized by the Secretary into its certification processes; and
  • Have the ability to adapt its processes to emerging certification criteria recognized by the Secretary.

The RCBs would therefore have to certify such products in conformity with, among other provisions, these Interoperability Standards, once recognized, for the certified products to be deemed interoperable under the physician self-referral exception and anti-kickback safe harbor, respectively, and, thus, eligible for donation to certain health care providers under the physician self-referral law and the anti-kick back statute.

The Department is mindful that the ability of software to be interoperable evolves as technology develops. Consequently, if an enforcement action is initiated for an allegedly improper donation of EHR non-certified software, the Department would review whether the software was interoperable at the time of donation, as defined in the regulations. The Department would consider the prevailing state of technology at the time the items or services were provided to the recipient. As explained in the regulations, the Department understands that parties should have a reasonable basis for determining whether the EHR software is interoperable. We therefore indicated that “it would be appropriate—and, indeed, advisable—for parties to consult any standards and criteria related to interoperability recognized by the Department.” Compliance with these standards and criteria, as we explained in the regulations, “will provide greater certainty to donors and recipients that products meet the interoperability requirement, and may be relevant in an enforcement action.” (See 71 FR 45156 and 71 FR 45127.)

The Department believes that the one-year period between acceptance in January 2008 and recognition in January 2009 provided both the public and private sectors with adequate time to review, test, and provide input on the identified HITSP Interoperability Specifications prior to their recognition. Based on the above, the Secretary has now recognized these HITSP Interoperability Specifications.

Start Further Info

FOR FURTHER INFORMATION CONTACT:

Judith Sparrow at (202) 690-7151.

Start Signature

Dated: January 14, 2009.

Marc R. Weisman,

Executive Director, Office of the National Coordinator for Health Information Technology.

End Signature End Further Info End Supplemental Information

[FR Doc. E9-1068 Filed 1-16-09; 8:45 am]

BILLING CODE 4150-45-P