iTeh Standards logo
EURUSD
Your shopping cart is empty.
ISO

ISO/DTS 27790

(Main)

Health informatics — Document registry framework

Health informatics — Document registry framework

ISO/TS 27790:2009 specifies a general purpose document registry framework for transmitting, storing and utilizing documents in clinical and personalized health environments. It is quite broad in its applicability to realise the goal of sharing health related documents spanning a broad spectrum of health domains such as healthcare specialities covering laboratory, cardiology, eye care, etc and the many areas of personalized health. ISO/TS 27790:2009 also references a number of companion standards-based specifications that offer optional extensions to enhance the basic capabilities offered by IHE XDS. It references the support of the following. An XDS extension supporting the fragmentation of the content of the documents into two parts: a header fragment and a body fragment. This separation scheme enhances confidentiality because the gathering both of header and body and their relational information involves cracking into multiple repository servers. This has been developed as an IHE Korean Extension on the IHE XDS Profile. A series of security- and privacy-related IHE profiles, such as Patient Identification Cross-Referencing (PIX), Patient Demographics Query (PDQ), Basic Patient Privacy Consent (BPPC), Cross-Enterprise User Assertion (XUA).

Informatique de santé — Cadre d'enregistrement de document

General Information

Status
Not Published
ICS
35.240.80 - IT applications in health care technology
Technical Committee
ISO/TC 215 - Health informatics
Drafting Committee
ISO/TC 215 - Health informatics
Current Stage
5020 - FDIS ballot initiated: 2 months. Proof sent to secretariat
Start Date
21-Oct-2025
Completion Date
21-Oct-2025
Ref Project

Relations

Revises
ISO/TS 27790:2009 - Health informatics — Document registry framework
Effective Date
28-Jan-2023
ISO/DTS 27790 - Health informatics — Document registry framework Released:10/7/2025ISO/DTS 27790 - Health informatics — Document registry framework Released:10/7/2025
PreviousNext
Draft
ISO/DTS 27790 - Health informatics — Document registry framework Released:10/7/2025
English language
12 pages
sale 15% off
sale 15% off
REDLINE ISO/DTS 27790 - Health informatics — Document registry framework Released:10/7/2025REDLINE ISO/DTS 27790 - Health informatics — Document registry framework Released:10/7/2025
PreviousNext
Draft
REDLINE ISO/DTS 27790 - Health informatics — Document registry framework Released:10/7/2025
English language
12 pages
sale 15% off
sale 15% off

Standards Content (Sample)


FINAL DRAFT
Technical
Specification
ISO/TC 215
Health informatics — Document
Secretariat: ANSI
registry framework
Voting begins on:
Informatique de santé — Cadre d'enregistrement de document 2025-10-21
Voting terminates on:
2025-12-16
RECIPIENTS OF THIS DRAFT ARE INVITED TO SUBMIT,
WITH THEIR COMMENTS, NOTIFICATION OF ANY
RELEVANT PATENT RIGHTS OF WHICH THEY ARE AWARE
AND TO PROVIDE SUPPOR TING DOCUMENTATION.
IN ADDITION TO THEIR EVALUATION AS
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO­
LOGICAL, COMMERCIAL AND USER PURPOSES, DRAFT
INTERNATIONAL STANDARDS MAY ON OCCASION HAVE
TO BE CONSIDERED IN THE LIGHT OF THEIR POTENTIAL
TO BECOME STAN DARDS TO WHICH REFERENCE MAY BE
MADE IN NATIONAL REGULATIONS.
Reference number
FINAL DRAFT
Technical
Specification
ISO/TC 215
Health informatics — Document
Secretariat: ANSI
registry framework
Voting begins on:
Informatique de santé — Cadre d'enregistrement de document
Voting terminates on:
RECIPIENTS OF THIS DRAFT ARE INVITED TO SUBMIT,
WITH THEIR COMMENTS, NOTIFICATION OF ANY
RELEVANT PATENT RIGHTS OF WHICH THEY ARE AWARE
AND TO PROVIDE SUPPOR TING DOCUMENTATION.
© ISO 2025
IN ADDITION TO THEIR EVALUATION AS
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO­
LOGICAL, COMMERCIAL AND USER PURPOSES, DRAFT
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
INTERNATIONAL STANDARDS MAY ON OCCASION HAVE
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
TO BE CONSIDERED IN THE LIGHT OF THEIR POTENTIAL
or ISO’s member body in the country of the requester.
TO BECOME STAN DARDS TO WHICH REFERENCE MAY BE
MADE IN NATIONAL REGULATIONS.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland Reference number
ii
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Document registry framework . . 4
4.1 Overview .4
4.2 General structure of the framework based on IHE XDS .4
4.2.1 General .4
4.2.2 Information model (ebRIM) and service (ebRS) web services .4
4.2.3 Cross-enterprise document sharing (IHE-XDS) .5
4.2.4 Patient identification, security and privacy profiles .6
4.3 General structure of the framework based on IHE MHD or IHE MHDS .6
4.3.1 General .6
4.3.2 HL7 FHIR Document related resources .6
4.3.3 Mobile access to Health Documents (IHE MHD) .6
4.3.4 Mobile Health Document Sharing (IHE MHDS) .7
4.4 Document content profiles .8
Bibliography .10

iii
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out through
ISO technical committees. Each member body interested in a subject for which a technical committee
has been established has the right to be represented on that committee. International organizations,
governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely
with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are described
in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the different types
of ISO documents should be noted. This document was drafted in accordance with the editorial rules of the
ISO/IEC Directives, Part 2 (see www.iso.org/directives).
ISO draws attention to the possibility that the implementation of this document may involve the use of (a)
patent(s). ISO takes no position concerning the evidence, validity or applicability of any claimed patent
rights in respect thereof. As of the date of publication of this document, ISO had not received notice of (a)
patent(s) which may be required to implement this document. However, implementers are cautioned that
this may not represent the latest information, which may be obtained from the patent database available at
www.iso.org/patents. ISO shall not be held responsible for identifying any or all such patent rights.
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and expressions
related to conformity assessment, as well as information about ISO’s adherence to the World Trade
Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 215, Health informatics.
This second edition cancels and replaces the first edition (ISO/TS 27790:2009), which has been technically
revised.
The main changes are as follows:
— Annex A was removed as only one country, the Republic of Korea, was included in it originally;
— updated to reflect the latest changes in the IHE document sharing profiles, such as the addition of Mobile
Health Document (MHD), addition of IHE Integration Profile, Mobile Health Document Sharing (MHDS)
IHE Integration Profile, and corrections to Cross-Enterprise Document Sharing (XDS.b) IHE Integration
Profile. These profiles facilitate the registration, distribution and access across health enterprises of
patient electronic health records.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.html.

iv
Introduction
Development and implementation of electronic health records (EHR) are rapidly progressing around the
world. An appropriate deployment of EHR will enhance various aspects of healthcare delivery in the future.
EHR are thought to enable the provision of essential care information to providers at point-of-care through
information and telecommunications technologies. This includes a broad spectrum of capabilities including
acquisition, storage, presentation and management of patient information (represented in different digital
forms such as video, audio or data) and communication of this information between care facilities with the
use of communications links.
Recent development of health information exchange where the patients’ EHR are accessed securely whenever
necessary (sharing EHR information at point-of-care and by the consumer citizen) requires that electronic
health records of an individual, although they originate from various health-related subjects distributed
over space and time, remain accessible irrespective of their centralized or distributed storage. The use of
centralized registry systems pointing to such records can greatly facilitate the discovery of their locations
to allow effective access to the appropriate and secured EHR.
Many organizations with operational large-scale deployments implement this foundational approach
in sharing health data among existing systems as a simple and effective service. However, these initial
projects identified several issues or gaps in document sharing that limited their deployment (e.g. lack of
standardization, fragmentation of health data, difficulty in locating distributed records, inconsistencies
in abilities to search records produced across many care delivery organization). The proposed framework
addresses such issues by offering consistent search data among data stored with various degrees of
granularity. There have been enough operational deployments across more than 20 countries with hundreds
of different health information systems and several millions of clinical documents shared to confirm the
robustness and efficiency of such a standards-based document sharing framework.
This document is targeted at policy makers, architects of national ehealth infrastructure, health IT
product managers and designers. It describes the principles and specification of interoperability needed
to support a registry system for locating and accessing records grouped into shared documents. The
supported documents may contain any type of person-centric health information, whether structured (e.g.
coded patient summary, numeric lab results) or unstructured (e.g. scanned images, free-text documents),
depending on the source standard for their content. The clinical document architecture (CDA), the Fast
Healthcare Interoperability Resources (FHIR), Digital Imaging and Communications in Medicine (DICOM)
are standards that are likely companions to this document. This document does not address the security
and privacy considerations in detail but refers to related interoperability standards and profiles designed
to be used in conjunction. The document is not intended to be prescriptive either from a methodological or a
technological perspective but rather to provide a coherent inclusive description of principles and practices
that can facilitate the formulation of policies and governance practices locally or nationally.
The web services-based registry framework includes a document registry and associated repository to
allow the sharing of any form of health documents including HL7 CDA, FHIR documents and DICOM objects.
The registry framework specializes in health two different application programming interfaces (API):
— The W3C Web Services Standards, ISO 15000 (ebXML registry standards) and OASIS ebXML Registry
Information Model 3.0 through the use of the IHE Cross-Enterprise Document Sharing (XDS) from the
Integrating the Healthcare Enterprise (IHE) Information Technology Infrastructure (ITI) technical
framework, summarizing from the Cross-Enterprise Document Sharing (XDS) Profile:
“The Cross-Enterprise Document Sharing IHE Integration Profile facilitates the registration, distribution
and access across health enterprises of patient and citizen electronic health records. Cross-Enterprise
Document Sharing (XDS) is focused on providing a standards-based specification for managing the
sharing of documents between all health enterprises, ranging from private physician offices to clinics
to acute care in-patient facilities to personal heath record systems. The XDS IHE Integration Profile
assumes that these enterprises belong to one or more affinity domains. An affinity domain is a group of
healthcare enterprises that have agreed to work together using a common set of policies and that share
a common registry infrastructure.”

v
— The HL7 FHIR Document Reference resources through the use of the IHE Mobile access to Health
Document (MHD) or the more extensive IHE Mobile Health Document Sharing (MHDS) from the
Integrating the Healthcare Enterprise (IHE) Information Technology Infrastructure (ITI) technical
framework, summarizing from the Mobile access to Health Document Sharing (MHDS) Profile:
[38]
“The Mobile access to Health Documents (MHD ) Profile defines a standardized API for mobile
devices, like smartphones and tablets, to share health documents. It simplifies the document sharing
process originally used in XDS and XCA, making it easier for mobile and simple systems to submit, query,
and retrieve health documents.
[39]
The MHDS Profile provides a framework for communities to exchange health information by using
a combination of other IHE profiles. It covers essential functions like patient identification, document
management and storage, and privacy and security, all to ensure a standardized and interoperable
approach to health information sharing.”
[9]
This document also references a number of companion standards-based specifications that offer optional
extensions to enhance the basic capabilities offered by IHE XDS, namely a series of security-related and
[9]
privacy-related IHE profiles, such as Patient Identification Cross-Referencing (PIX ), Patient Demographics
[9] [9] [9]
Query (PDQ ), Basic Patient Privacy Consent (BPPC ), and Cross-Enterprise User Assertion (XUA ).
NOTE The use of IHE Audit trail and Node Authentication (ATNA) as well as Consistent Time (CT) is required as
part of IHE XDS. These Profiles are therefore not listed above.

vi
FINAL DRAFT Technical Specification ISO/DTS 27790:2025(en)
Health informatics — Document registry framework
1 Scope
This document specifies a general-purpose document registry framework for transmitting, storing and
utilizing documents in clinical and personalized health environments. It is quite broad in its applicability to
realise the goal of sharing health-related documents spanning a broad spectrum of health domains such as
healthcare specialities covering laboratory, cardiology, eye care, etc. and the many areas of personalized health.
This document also supports shared document registration and retrieval via the federation of documents’
registries (IHE Cross-Community Access) in terms of individual users to reduce health information extrusion
possibilities.
This document supports the sharing of documents of any standardized content in the context of healthcare
and well-being. It describes the means of locating and accessing shared documents among a diverse set of
health organizations. It is designed to leverage existing health informatics for structuring and semantically
rich health information, if so desired. It does not require the development of new health informatics
standards.
2 Normative references
There are no normative references in the document.
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminology databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at http:// www .electropedia .org/
3.1
actor
user of the system-of-interest interacting with the system in a particular usage context or role
3.2
architecture
set of design artefacts or descriptive representations that are relevant for describing an object such that it
can be produced to requirements (quality) as well as maintained over the period of its useful life (change)
3.3
authentication
act of verifying the claimed identity of an entity
[SOURCE: ISO/IEC 10181-2:1996, 3.3, modified — “provision of assurance” was changed to “act of verifying”.]
3.4
authorization
granting of rights, including the granting of access based on access rights
[SOURCE: ISO 7498-2:1989, 3.3.10]

3.5
clinical document
defined and complete information object that can include text, images, sounds, and other multimedia content
EXAMPLE Discharge, summary, progress note, procedure report, a medical image.
Note 1 to entry: A clinical document has six characteristics: persistence, stewardship, potential for authentication,
context, wholeness and human readability.
Note 2 to entry: Adapted from Reference [32].
3.6
consumer
person requiring, scheduled to receive, receiving or having received a healthcare service
Note 1 to entry: Consent can be revoked at any time and may be context-specific, particularly relevant for
implementations involving patient portals and mobile applications.
3.7
document registry
function or system designed to store, index and enable discovery of clinical documents based on metadata,
supporting queries and access policies
3.8
electronic health record
EHR
longitudinal collection of personal health information of a single individual, entered or accepted by
healthcare providers, and stored electronically
Note 1 to entry: The record may be made available at any time to providers, who have been authorized by the
individual, as a tool in the provision of health care services. The individual has access to the record and can request
changes to its contents. The transmission and storage of the record is under strict security.
Note 2 to entry: Patient-controlled EHR access via third-party applications, consistent with FHIR and global patient
empowerment trends may be supported.
Note 3 to entry: Adapted from ISO/IEEE 11073-10103:2025.
3.9
encounter
patient contact
contact between a clinician and patient
3.10
event
change in device status that is communicated by a notification reporting service
3.11
framework
logical structure for classifying and organizing complex information
3.12
information model
structured specification of the information requirements of a project
3.14
interoperability
ability of two or more systems or components to exchange information and to use the information that has
been exchanged
3.15
model
abstraction used to express the relevant concepts and interdependencies of a project

3.16
operation
function or transformation that may be applied to or by objects in a class
Note 1 to entry: Sometimes also called service.
3.17
participant
data exporter and data importer
3.18
patient
individual person who is a subject of care
Note 1 to entry: Patient are clinical care recipients
3.19
privacy
freedom from intrusion into the private life or affairs of an individual when that intrusion results from
undue or illegal gathering and use of data about that individual
Note 1 to entry: Privacy includes key privacy principles such as data minimization, purpose limitation, and informed
consent under modern regulatory frameworks.
3.20
record
collection of data
3.21
registry
collection of all the official records relating to something, or the place where they are kept
3.22
repository
place where something is safely kept
3.23
security
combination of confidentiality, integrity and availability
3.24
service
specific behaviour that a communication party in a specific role is responsible for exhibiting
3.25
shared document
byte sequence managed by actors in document sharing profiles
Note 1 to entry: There is no concept of equivalent Documents. If the byte sequence is different, then the Documents are
different. A Shared document may include a variety of content such as textual representation, images or a composition
of clinical information that contains
...


ISO/TC 215/WG 2
Secretariat: ANSI
Date: 2025-0810-06
Health informatics — Document registry framework
Informatique de santé — Cadre d'enregistrement de document

ISO #####-#:####(X/DTS 27790:(en)
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication
may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying,
or posting on the internet or an intranet, without prior written permission. Permission can be requested from either ISO
at the address below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: + 41 22 749 01 11
EmailE-mail: copyright@iso.org
Website: www.iso.orgwww.iso.org
Published in Switzerland
© ISO #### 2025 – All rights reserved
ii
Contents
Foreword . iv
Introduction . v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Document registry framework . 4
4.1 Overview . 4
4.2 General structure of the framework based on IHE XDS . 4
4.3 General structure of the framework based on IHE MHD or IHE MHDS . 8
4.4 Document content profiles . 12
Bibliography . 14

© ISO #### 2025 – All rights reserved
iii
ISO #####-#:####(X/DTS 27790:(en)
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out through
ISO technical committees. Each member body interested in a subject for which a technical committee has been
established has the right to be represented on that committee. International organizations, governmental and
non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the
International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are described
in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the different types of
ISO documentdocuments should be noted. This document was drafted in accordance with the editorial rules
of the ISO/IEC Directives, Part 2 (see www.iso.org/directiveswww.iso.org/directives).).
ISO draws attention to the possibility that the implementation of this document may involve the use of (a)
patent(s). ISO takes no position concerning the evidence, validity or applicability of any claimed patent rights
in respect thereof. As of the date of publication of this document, ISO [had/had not] received notice of (a)
patent(s) which may be required to implement this document. However, implementers are cautioned that this
may not represent the latest information, which may be obtained from the patent database available at
www.iso.org/patentswww.iso.org/patents. ISO shall not be held responsible for identifying any or all such
patent rights.
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and expressions
related to conformity assessment, as well as information about ISO'sISO’s adherence to the World Trade
Organization (WTO) principles in the Technical Barriers to Trade (TBT), see
www.iso.org/iso/foreword.htmlwww.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 215, Health informatics, .
This second edition cancels and replaces the first edition (ISO/TC TS 27790:2009), which has been technically
revised.
The main changes are as follows:
— — Annex A was removed as only one country, the Republic of Korea, was included in it originally;
— — Updatedupdated to reflect the latest changes in the IHE document sharing profiles, such as the addition
of Mobile Health Document (MHD), addition of IHE Integration Profile, Mobile Health Document Sharing
(MHDS) IHE Integration Profile, and corrections to Cross-Enterprise Document Sharing (XDS.b) IHE
Integration Profile which facilitates. These profiles facilitate the registration, distribution and access
across health enterprises of patient electronic health records.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.html.
© ISO #### 2025 – All rights reserved
iv
Introduction
Development and implementation of electronic health records (EHR) are rapidly progressing around the
world. An appropriate deployment of EHR will enhance various aspects of healthcare delivery in the future.
EHR are thought to enable the provision of essential care information to providers at point-of-care through
information and telecommunications technologies. This includes a broad spectrum of capabilities including
acquisition, storage, presentation, and management of patient information (represented in different digital
forms such as video, audio or data) and communication of this information between care facilities with the
use of communications links.
Recent development of health information exchange where the patients’ EHR are accessed securely whenever
necessary (sharing EHR information at point-of-care and by the consumer citizen) requires that electronic
health records of an individual, although they originate from various health-related subjects distributed over
space and time, remain accessible irrespective of their centralized or distributed storage. The use of
centralized registry systems pointing to such records can greatly facilitate the discovery of their locations to
allow effective access to the appropriate and secured EHR.
Many organizations with operational large-scale deployments implement this foundational approach in
sharing health data among existing systems as a simple and effective service. However, these initial projects
identified several issues or gaps in document sharing that limited their deployment (e.g. lack of
standardization, fragmentation of health data, difficulty in locating distributed records, inconsistencies in
abilities to search records produced across many care delivery organization). The proposed framework
addresses such issues by offering consistent search data among data stored with various degrees of
granularity. There have been enough operational deployments across more than 20 countries with hundreds
of different health information systems and several millions of clinical documents shared to confirm the
robustness and efficiency of such a standards-based document sharing framework.
This document is targeted at policy makers, architects of national ehealth infrastructure, health IT product
managers and designers. It describes the principles and specification of interoperability needed to support a
registry system for locating and accessing records grouped into shared documents. The supported documents
may contain any type of person-centric health information, whether structured (e.g. coded patient summary,
numeric lab results) or unstructured (e.g. scanned images, free-text documents), depending on the source
standard for their content. The clinical document architecture (CDA), the Fast Healthcare Interoperability
Resources (FHIR), Digital Imaging and Communications in Medicine (DICOM) are standards that are likely
companions to this document. This document does not address the security and privacy considerations in
detail but refers to related interoperability standards and profiles designed to be used in conjunction. The
document is not intended to be prescriptive either from a methodological or a technological perspective but
rather to provide a coherent inclusive description of principles and practices that couldcan facilitate the
formulation of policies and governance practices locally or nationally.
The web services-based registry framework includes a document registry and associated repository to allow
the sharing of any form of health documents including HL7 CDA, FHIR documents, and DICOM objects.
The registry framework specializes in health two different application programming interfaces (API);):
— The W3C Web Services Standards, ISO 15000 (ebXML registry standards) and OASIS ebXML Registry
Information Model 3.0 through the use of the IHE Cross-Enterprise Document Sharing (XDS) from the
Integrating the Healthcare Enterprise (IHE) Information Technology Infrastructure (ITI) technical
framework, quotingsummarizing from the Cross-Enterprise Document Sharing (XDS) Profile:
“The Cross-Enterprise Document Sharing IHE Integration Profile facilitates the registration, distribution
and access across health enterprises of patient and citizen electronic health records. Cross-Enterprise
Document Sharing (XDS) is focused on providing a standards-based specification for managing the
sharing of documents between all health enterprises, ranging from private physician offices to clinics to
© ISO #### 2025 – All rights reserved
v
ISO #####-#:####(X/DTS 27790:(en)
acute care in--patient facilities to personal heath record systems. The XDS IHE Integration Profile assumes
that these enterprises belong to one or more affinity domains. An affinity domain is a group of healthcare
enterprises that have agreed to work together using a common set of policies and that share a common
registry infrastructure.”
— The HL7 FHIR Document Reference resources through the use of the IHE Mobile access to Health
Document (MHD) or the more extensive IHE Mobile Health Document Sharing (MHDS) from the
Integrating the Healthcare Enterprise (IHE) Information Technology Infrastructure (ITI) technical
framework, quotingsummarizing from the Mobile access to Health Document Sharing (MHDS) Profile:
[38 ]
“The Mobile access to Health Documents (MHD ) ) Profile defines a standardized API for mobile devices,
like smartphones and tablets, to share health documents. It simplifies the document sharing process
originally used in XDS and XCA, making it easier for mobile and simple systems to submit, query, and
retrieve health documents.
[39]
The MHDS Profile provides a framework for communities to exchange health information by using a
combination of other IHE profiles. It covers essential functions like patient identification, document
management and storage, and privacy and security, all to ensure a standardized and interoperable
approach to health information sharing.”
[9 ]
This document also references a number of companion standards-based specifications [9] that offer optional
extensions to enhance the basic capabilities offered by IHE XDSnamelyXDS, namely a series of security-related
[9 ]
and privacy-related IHE profiles, such as Patient Identification Cross-Referencing (PIX [9]), ), Patient
[9 ] [9 ]
Demographics Query (PDQ [9]), ), Basic Patient Privacy Consent (BPPC [9]), ), and Cross-Enterprise User
[9 ]
Assertion (XUA [9]). ).
NoteNOTE The use of IHE Audit trail and Node Authentication (ATNA) as well as Consistent Time (CT) is required as part
of IHE XDS. These Profiles are therefore not listed above.
© ISO #### 2025 – All rights reserved
vi
Health informatics — Document registry framework
1 Scope
This document specifies a general-purpose document registry framework for transmitting, storing and
utilizing documents in clinical and personalized health environments. It is quite broad in its applicability to
realise the goal of sharing health-related documents spanning a broad spectrum of health domains such as
healthcare specialities covering laboratory, cardiology, eye care, etc. and the many areas of personalized
health.
This document also supports shared document registration and retrieval via the federation of documents’
registries (see IHE Cross-Community Access) in terms of individual users to reduce health information
extrusion possibilities.
This document supports the sharing of documents of any standardized content in the context of healthcare
and well-being. It describes the means of locating and accessing shared documents among a diverse set of
health organizations. It is designed to leverage existing health informatics for structuring and semantically
rich health information, if so desired. It does not require the development of new health informatics standards.
2 Normative references
There are no normative references in the document.
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminology databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https://www.iso.org/obp
— — IEC Electropedia: available at http://www.electropedia.org/
3.1 3.1
actor
user of the system-of-interest interacting with the system in a particular usage context or role
3.2 3.2
architecture
set of design artefacts or descriptive representations that are relevant for describing an object such that it can
be produced to requirements (quality) as well as maintained over the period of its useful life (change)
3.3 3.3
authentication
act of verifying the claimed identity of an entity
[SOURCE: ISO/IEC 10181-2:1996, 3.3, modified — “provision of assurance” was changed to “act of verifying”.]
3.4 3.4
authorization
granting of rights, including the granting of access based on access rights
[SOURCE: ISO 7498--2:1989, 3.3.10]
© ISO #### 2025 – All rights reserved
3.5 3.5
clinical document
defined and complete information object that can include text, images, sounds, and other multimedia content
EXAMPLES EXAMPLE Discharge, summary, progress note, procedure report, a medical image, etc.
Note 1 to entry: A clinical document has six characteristics: persistence, stewardship, potential for authentication,
context, wholeness and human readability.
Note 2 to entry: Adapted from Reference [32[32].].
3.6 3.6
consumer
person requiring, scheduled to receive, receiving or having received a healthcare service
Note 1 to entry: Consent can be revoked at any time and may be context-specific, particularly relevant for
implementations involving patient portals and mobile applications.
3.7 3.7
document registry
function or system designed to store, index, and enable discovery of clinical documents based on metadata,
supporting queries and access policies
3.8 3.8
electronic health record
EHR
longitudinal collection of personal health information of a single individual, entered or accepted by healthcare
providers, and stored electronically
Note 1 to entry: The record may be made available at any time to providers, who have been authorized by the individual,
as a tool in the provision of health care services. The individual has access to the record and can request changes to its
contents. The transmission and storage of the record is under strict security.
Note 2 to entry: Patient-controlled EHR access via third-party applications, consistent with FHIR and global patient
empowerment trends may be supported.
[Note 3 to entry: Adapted from ISO/IEEE 11073-10103:2014, 3.1.14].2025.
3.9 3.9
encounter
patient contact
contact between a clinician and patient
3.10 3.10
event
change in device status that is communicated by a notification reporting service
3.11 3.11
framework
logical structure for classifying and organizing complex information
3.12 3.12
information model
structured specification of the information requirements of a project
© ISO #### 2025 – All rights reserved
3.13 3.14
interoperability
ability of two or more systems or components to exchange information and to use the information that has
been exchanged
3.14 3.15
model
abstraction used to express the relevant concepts and interdependencies of a project
3.15 3.16
operation
function or transformation that may be applied to or by objects in a class
Note 1 to entry: Sometimes also called service.
[SOURCE: ISO/TS 24541:2020, 3.16]
3.16 3.17
participant
data exporter and data importer
3.17 3.18
patient
individual person who is a subject of care
Note 1 to entry: Patient are clinical care recipients
[SOURCE: ISO/TR 21835:2020, 3.12]
3.18 3.19
privacy
freedom from intrusion into the private life or affairs of an individual when that intrusion results from undue
or illegal gathering and use of data about that individual
Note 1 to entry: Privacy includes key privacy principles such as data minimization, purpose limitation, and informed
consent under modern regulatory frameworks.
3.19 3.20
record
collection of data
3.20 3.21
registry
collection of all the official records relating to something, or the place where they are kept
3.21 3.22
repository
place where something is safely kept
3.22 3.23
security
combination of confidentiality, integrity and availability
3.23 3.24
service
specific behaviour that a communication party in a specific role is responsible for exhibiting
© ISO #### 2025 – All rights reserved
3.24 3.25
shared document
byte sequence managed by actors in Document Sharingdocument sharing profiles
Note 1 to entry: There is no concept of equivalent Documents. If the byte sequence is different, then the Documents are
different. A Shared document may include a variety of content such as textual representation, images or a composition of
clinical information that contains observations and services for the purpose of exchange with the following
characteristics: Persistence, Stewardship, Potential for Authentication, and Wholeness. Shared documents may be
exchanged by IHE profiles such as XDS or MHD.
[38 ]
Note 2 to entry: Adapted from IHE IT Infrastructure Framework – Mobile Health Documents (MHD ). ).
3.25 3.26
system
demarcated part of the perceivable universe, existing in time and space, that maycan be regarded as a set of
elements and relationships between these elements
Note 1 to entry: A system is composed of actors and is an entity that operates through messages between actors.
4 Document registry framework
4.1 Overview
This framework is built upon widely adopted standards such as the FHIR Document Reference resource MHD
1)
Document Reference Comprehensive ‒ Mobile access to Health Documents (MHD) v4.2.2 and the HL7 CDA
® 2)
header/body structure. HL7 Standards Product Brief ‒ CDA Release 2 ǀ HL7 International . They have
contributed to the design and function of the registry framework, especially in terms of metadata alignment,
document querying, and exchange mechanisms.
4.2 General structure of the framework based on IHE XDS
4.2.1 General
The document registry framework includes a number of specification components organized as shown in
Figure 1Figure 1. These are specified in 4.2.24.2.2 to 4.2.44.2.5 and 4.44.4. .

1) https://profiles.ihe.net/ITI/MHD/index.html
2) https://www.hl7.org/implement/standards/index.cfm?ref=nav.
© ISO #### 2025 – All rights reserved
-----------
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

Loading comments...

This May Also Interest You

ISO
ISO/TR 18728:2025(Main)
Health informatics — Global medicinal product and ingredient and batch registration as part of identification of medicinal products (IDMP)

This document showcases existing practices to monitor supply chains as implemented in the healthcare supply chains, by making use of medicines verification or authentication systems, or both, traceability tools, safe communication technology solutions, and more. This document also discusses the potential benefits of expanding the identification of medicinal products (IDMP) to provide global identifiers for medicinal products, ingredients and batches. It also addresses potential pathways to a global registration system.

  • Technical report
    13 pages
    English language
    sale 15% off
ISO
ISO/TR 14872:2025(Main)
Health informatics — Identification of medicinal products — Core principles for maintenance of identifiers and terms

This document describes the core principles for supporting the development, implementation and ongoing maintenance of IDMP identifiers and terminologies. This document provides considerations for the evaluation and/or design when considering current or future operations and service level agreements for systems and terminology support services in conformity with IDMP.

  • Technical report
    15 pages
    English language
    sale 15% off
ISO
ISO 17117-1:2025(Main)
Health informatics — Terminological resources — Part 1: Characteristics

This document defines universal and specialized characteristics of health terminological resources that make them fit for the purposes required of various applications. It covers only terminological resources that are primarily designed to be used for clinical concept representation or to those parts of other terminological resources designed to be used for clinical concept representation. This document helps users to assess whether a terminology has the characteristics or provides the functions that will support their specified requirements. In order to do that, this document focuses on defining characteristics and functions of terminological resources in healthcare that can be used to identify different types of terminological resources for categorization purposes. NOTE 1 Categorization of healthcare terminological systems according to the name of the system might not be helpful and has caused confusion in the past. The following aspects are not covered in this document: — evaluations of terminological resources; — health service requirements for terminological resources and evaluation criteria based on the characteristics and functions; — the nature and quality of mappings between different terminologies; NOTE 2 It is unlikely that a single terminology will meet all the terminology requirements of a healthcare organization: some terminology providers produce mappings to administrative or classification systems such as the International Classification of Diseases (ICD). The presence of such maps would be a consideration in the evaluation of the terminology. — the nature and quality of mappings between different versions of the same terminology; NOTE 3 To support data migration and historical retrieval, terminology providers can provide maps between versions of their terminology. The presence of such maps would be a consideration in the evaluation of the terminology. — terminology server requirements and techniques and tools for terminology developers; — characteristics for computational biology terminology.

  • Standard
    23 pages
    English language
    sale 15% off
  • Standard
    25 pages
    French language
    sale 15% off
ISO
ISO 16843-1:2025(Main)
Health informatics — Categorial structures for representation of acupuncture — Part 1: Acupuncture points

This document specifies the categorial structure within the subject field of acupuncture by defining a set of domain constraints of sanctioned characteristics, each composed of a semantic link and an applicable characterizing category, in order to represent the concept of acupuncture point.

  • Standard
    10 pages
    English language
    sale 15% off
ISO
ISO/IEEE 11073-10103:2025(Main)
Health informatics — Device interoperability — Part 10103: Nomenclature, implantable device, cardiac

This document extends the base nomenclature provided in ISO/IEEE 11073-10101:2020 to support terminology for implantable cardiac devices. Devices within the scope of this nomenclature are implantable devices such as pacemakers, defibrillators, devices for cardiac resynchronization therapy, and implantable cardiac monitors. This nomenclature defines the terms necessary to convey a clinically relevant summary of the information obtained during a device interrogation. The nomenclature extensions may be used in conjunction with other IEEE 11073 standard components (e.g., ISO/IEEE 11073-10201 [B2] ) or with other standards, such as Health Level Seven International (HL7).

  • Standard
    128 pages
    English language
    sale 15% off
  • Standard
    146 pages
    French language
    sale 15% off
ISO
IEC/TS 81001-2-2:2025(Main)
Health software and health IT systems safety, effectiveness and security — Part 2-2: Guidance for the implementation, disclosure and communication of security needs, risks and controls

This document presents an informative set of common, high-level security-related capabilities and additional considerations to be used across the life cycle of health software and health IT systems, for the information exchange between the health software manufacturers (including medical device manufacturers), healthcare delivery organizations (HDOs) and other stakeholders. It is applicable to health software running on any platform and in any environment such as cloud, on premise or hybrid. While important security topics, the following are outside the scope of this document: a) the security policies of the HDO, b) the product and services security policies of the manufacturer, c) determinations of risk tolerance by the HDO or manufacturer, and d) clinical studies where there is a need to secure personal data. As security risks can be caused by any product on health IT systems and health IT Infrastructure, considerations in this document can be applied for other products that are not health software. IEC TS 81001-2-2:2025 withdraws and replaces: – IEC TR 80001-2-2, Application of risk management for IT-networks incorporating medical devices – Part 2-2: Guidance for the communication of medical device security needs, risks and controls – IEC TR 80001-2-8, Application of risk management for IT-networks incorporating medical devices – Part 2-8: Application guidance – Guidance on standards for establishing the security capabilities identified in IEC TR 80001-2-2 This document includes the following significant changes: a) Combines and updates the contents of IEC TR 80001-2-2 and IEC TR 80001-2-8; b) Extends the scope to health software instead to only medical device software; c) Aligns contents and definitions to ISO 81001-1:2021 and the updated IEC 80001-1; d) Removed the Configuration of Security Features (CNFS) capability, as any configurable security capability shall be clearly communicated. e) Provide security control mappings to several new standards, e.g. IEC TR 60601-4-5, IEC 62443-4-2, ISO/IEEE 11073-40102 and the recent versions of previous standards, e.g. ISO/IEC 27002 and NIST 800-53 version 5.

  • Technical specification
    96 pages
    English language
    sale 15% off
ISO
ISO 27269:2025(Main)
Health informatics — International patient summary

This document defines the core data set for a concise international patient summary (IPS), which supports continuity of care for a person and assists with coordination of their care. This document provides an abstract definition of a patient summary from which derived models are implementable. This document does not cover the workflow processes of data entry, data collection, data summarization, subsequent data presentation, assimilation, or aggregation. Furthermore, this document does not cover the summarization act itself, i.e. the intelligence, skills and competences, that results in the data summarization workflow. It is not an implementation guide that is concerned with the various technical layers beneath the application layer. Representation by various coding schemes, additional structures and terminologies are not part of this document.

  • Standard
    76 pages
    English language
    sale 15% off
  • Standard
    83 pages
    French language
    sale 15% off
ISO
ISO 17523:2025(Main)
Health informatics — Requirements for electronic prescriptions

The scope of this document is constrained to the content of the electronic prescription (ePrescription) itself, the digital document which is issued by a prescribing healthcare professional and received by a dispensing healthcare professional. The prescribed medicinal product is to be dispensed through an authorized healthcare professional with the aim of being administered to a human patient. The ePrescription in the administrative workflow of reimbursement is not covered in this document. This document specifies the requirements that apply to ePrescriptions. It describes generic principles that are considered important for all ePrescriptions. This document is applicable to ePrescriptions of medicinal products for human use. Although other kinds of products (e.g. medical devices, wound care products) can be ordered by means of an ePrescription, the requirements in this document are aimed at medicinal products that have a market authorization and at pharmaceutical preparations which are compounded in a pharmacy. This document does not limit the scope to any setting (community, institutional) and leaves it to the national bodies to decide on this matter. This document specifies a list of data elements that can be considered as essential for ePrescriptions, depending on jurisdiction or clinical setting (primary healthcare, hospital, etc.). Ensuring the authenticity of these data elements is in scope and will have impact on the requirements of information systems. Other messages, roles and scenarios (e.g. validation of a prescription, administration, medication charts, EHR of the patient, reimbursement of care and dispensed products) are not covered in this document, because they are country-specific or region-specific, due to differences in culture and in legislation of healthcare. However, requirements and content of ePrescriptions within the context of jurisdictions have a relationship with these scenarios. This document also does not cover the way in which ePrescriptions are made available or exchanged, and the process of prescribing itself. The logistic process of prescribing itself is not part of the scope. A prescription can either be sent (pushed) to a dispenser or either be retrieved (pulled) at the dispenser. However, the requirement for the prescription is described, that it will be able to function in both environments.

  • Standard
    24 pages
    English language
    sale 15% off
  • Standard
    27 pages
    French language
    sale 15% off
ISO
ISO/TS 5615:2025(Main)
Health informatics — Accelerating safe, effective and secure remote connected care and mobile health through standards-based interoperability solutions addressing gaps revealed by pandemics

This document reviews the structural changes that have been precipitated by the COVID-19 pandemic in Remote Connected Care and Mobile Health (RCC-MH). The impact of the COVID-19 pandemic on care settings such as home and community care, acute care and outpatient care are reviewed discussing how well these healthcare environments were prepared to address the encountered connectivity challenges from a standards point of view. The current standards landscape is reviewed and gaps are identified leading to recommendations for future standards work.

  • Technical specification
    92 pages
    English language
    sale 15% off
ISO
ISO/PAS 24305:2025(Main)
Health informatics — Guidelines for implementation of HL7 FHIR based on ISO 13940:2015, ISO 13606-1:2019 and ISO 13606-3:2019

This document provides guidance on how four complementary international standards can be used in combination by developers of health ICT systems and infrastructures. These standards, three published by CEN and ISO and one by HL7, are — ISO 13940:2015, — ISO 13606-1:2019, — ISO 13606-3:2019, and — HL7 Fast Health Interoperability Resources (FHIR) Release 4. This document defines mappings between these standards: between ISO 13940 and HL7 FHIR in both directions, between ISO 13606 and HL7 FHIR in both directions, it proposes the content of an HL7 FHIR profile corresponding to the ISO 13606-1:2019 “COMPOSITION” class. It also provides guidance and worked examples of the mapping between ISO 13606-3 Reference Archetypes corresponding to ISO 13940 and HL7 FHIR. This document also summarizes the extent to which the source concept is broader than or narrower than the best fit target concept. It also highlights mapping issues that adopters will need to be mindful of, where the representation capability of the standards differs.

  • Technical specification
    225 pages
    English language
    sale 15% off