ISO/TS 9321:2024

Technical
Specification
ISO/TS 9321
First edition
Health informatics — General
2024-06
requirements of multi-centre
medical data collaborative analysis
Informatique de santé — Exigences générales des analyses
collaboratives multicentriques de données médicales
Reference number
© ISO 2024
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Symbols and abbreviate terms . 2
5 General requirements . 2
5.1 General .2
5.2 D ata isolation .2
5.3 Terminology standardization .2
5.4 Data standardization .2
5.5 Data incremental expansion.2
5.6 Distributed network framework .3
5.7 Network scalability .3
5.8 System modularization .3
5.9 Security .3
6 Architecture and workflow . 3
6.1 Architecture .3
6.2 Workflow .5
6.2.1 Multi-centre collaborative research initiation workflow .5
6.2.2 Multi-centre collaborative research implementation workflow .6
7 Functional framework and requirements . 7
7.1 Functional framework .7
7.1.1 General .7
7.1.2 User layer .8
7.1.3 Service layer .8
7.1.4 Resource layer .8
7.1.5 System security .8
7.2 Functional requirements . .9
7.2.1 General .9
7.2.2 User layer functional requirements .9
7.2.3 Service layer functional requirements .10
7.2.4 Resource layer functional requirements . 12
7.2.5 System security functional requirements . 13
Annex A (informative) Examples of multi-centre medical data collaborative analysis networks . 14
Annex B (informative) Reference implementations .15
Bibliography .18

iii
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out through
ISO technical committees. Each member body interested in a subject for which a technical committee
has been established has the right to be represented on that committee. International organizations,
governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely
with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are described
in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the different types
of ISO document should be noted. This document was drafted in accordance with the editorial rules of the
ISO/IEC Directives, Part 2 (see www.iso.org/directives).
ISO draws attention to the possibility that the implementation of this document may involve the use of (a)
patent(s). ISO takes no position concerning the evidence, validity or applicability of any claimed patent
rights in respect thereof. As of the date of publication of this document, ISO had not received notice of (a)
patent(s) which may be required to implement this document. However, implementers are cautioned that
this may not represent the latest information, which may be obtained from the patent database available at
www.iso.org/patents. ISO shall not be held responsible for identifying any or all such patent rights.
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and expressions
related to conformity assessment, as well as information about ISO's adherence to the World Trade
Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 215, Health informatics.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.html.

iv
Introduction
Medical data collaborative analysis across multiple medical centres plays an important role in enabling
extensive and universally applicable outcomes in medical research. The establishment of multi-centre
medical data collaborative analysis systems aims to enable researchers to securely and efficiently utilize
medical data among medical centres.
This document introduces an architecture for multi-centre medical data collaborative analysis, which differs
from the conventional centralized data analysis approach. Its purpose is to address various challenges
encountered in current practices. These challenges include:
— ensuring that data analysis is performed under robust safety and privacy measures;
— handling data heterogeneity;
— maintaining consistency of research findings;
— implementing effective authority controls;
— meeting general service requirements.
The ultimate objective of this document is to foster trust among researchers and medical centres by
implementing regulated data protections and standardized research processes. It aims to expedite the
results obtained from collaborative analysis efforts of large-scale medical data.
[10]
ISO 29585 provides a framework for healthcare and data reporting, addressing both the opportunities
and the responsibilities of the handling of the data, emphasizing the framework for data governance, privacy,
security, acquisition, processing, loading and reporting. This document, on the other hand, places greater
emphasis on the collaborative analysis of healthcare data and other requirements in multi-centre scenarios.
Specifically, this document presents a detailed scope, elucidates key concepts, outlines the resulting
architecture, and provides comprehensive and standardized instructions to assist medical centres in
establishing or participating in a robust and cohesive multi-centre medical data collaborative analysis system.
This document holds various potential applications, including:
— guiding developers to establish new medical data collaborative analysis systems;
— aiding technicians to seamlessly and securely integrate local medical resources into collaborative
analysis systems;
— supporting supervisors to effectively manage the research processes;
— enabling physicians and medical researchers to conduct multi-centre medical data collaborative analysis;
— providing a fundamental set of functional requirements to ensure the essential functionality and
security, while allowing for gradual enrichment of system features.

v
Technical Specification ISO/TS 9321:2024(en)
Health informatics — General requirements of multi-centre
medical data collaborative analysis
1 Scope
This document outlines the general requirements for conducting a multi-centre medical data collaborative
analysis, covering various aspects such as system architecture, data storage, data standardization,
collaborative research management and security. The data considered in this standard primarily
encompasses electronic health record data for multi-centre collaborative researches, including structured
data, medical text data, image data, etc.
This standard is applicable to a wide range of individuals and institutions, including developers, maintainers,
management personnel, researchers, and data-owning organizations.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content constitutes
requirements of this document. For dated references, only the edition cited applies. For undated references,
the latest edition of the referenced document (including any amendments) applies.
ISO 27799, Health informatics — Information security management in health using ISO/IEC 27002
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminology databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
3.1
multi-centre
consortium of at least two medical centres
3.2
terminology base
collection of formally structured concepts and relationships serving as standardized expressions for specific
entities with the capability to manage and maintain this collection for collaborative research
3.3
multi-centre medical data standardization
protocols and capabilities implemented across multiple centres to ensure the integrity and consistency of
medical data
3.4
interoperability
ability of two or more systems or components to exchange information and use the information that has
been exchanged
[SOURCE: ISO/TS 27790:2009, 3.39]

3.5
cohort
in observational studies, a group of individuals who share a common set of characteristics, such as age, sex,
ethnicity
3.6
common data model
CDM
standardized, systematic approach to structuring and organizing data, ensuring that data from different
sources or systems can be easily integrated, compared and analysed in a consistent manner
4 Symbols and abbreviate terms
CDM common data model
ETL extract-transform-load
API application programming interface
5 General requirements
5.1 General
Participants can conduct medical data collaborative analysis across multiple medical centres while
preserving data privacy. Secure multi-party computing and federated learning methods can be employed
to acquire statistical and meta-analysis results across multiple medical centres, as well as for model
developments and applications.
The multi-centre medical data collaborative analysis system shall incorporate a collaboration network,
function modules, and system security modules to facilitate diverse multi-centre collaborative researches.
The original medical data shall remain within medical centres, adhering to ethical and legal considerations.
The system shall provide robust security, strict confidentiality and exceptional reliability to researchers. It
shall also aim to reduce the cost of medical data collaborative analysis and enhance the quality of research
outcomes. Some existing systems are listed in Annex A. The general requirements are as detailed in 5.2 to 5.9.
5.2 Data isolation
The original medical data of each medical centre shall be stored securely within its internal database,
ensuring it remains within local medical centre and shall not be transferred outside of local centres. Data
isolation shall adhere to ISO 27799. Country-specific legal requirements can apply.
5.3 Terminology standardization
The medical centres shall use standard health terminology for local medical data. Detailed requirements
regarding terminology are listed in 7.2.3.1. The medical centres shall have the capability to standardize
their health terminology to ensure terminology consistency between medical centres.
5.4 Data standardization
The transformed data shall meet the requirements of format consistency, structural consistency and
semantic consistency and be stored in a CDM.
5.5 Data incremental expansion
The transformed database of medical centres shall have the capability to automatically and incrementally
import and store clinical data. The newly imported data shall not impact or conflict with the existing data.

5.6 Distributed network framework
All service modules associated with the original medical data shall be built within the local networks of
each centre. The local medical centre can communicate with the coordination centre and other centres.
5.7 Network scalability
The network framework shall support the enrolment and withdrawal of new medical centres. The access of
additional medical centres shall not impact or conflict with existing network connections.
5.8 System modularization
The system should be decomposed into multiple independent logical entities.
5.9 Security
The system shall implement robust security controls to ensure the reliability of confidentiality and integrity
for medical data, encryption keys, intermediate and final results. The system's security requirements should
[9] [6]
align with ISO/IEC 27001 , while the data security protection requirements should adhere to ISO 22857 .
[2]
The utilization of anonymized data follows the classification outlined in ISO/TS 14265 for effective data
consistency management.
6 Architecture and workflow
6.1 Architecture
Figure 1 presents a detailed architecture of multi-centre medical data collaborative analysis, specifically
focusing on scenarios where the original medical data cannot leave the respective medical centres. The key
components depicted in the figure are as follows.
— ETL: this module is responsible for transforming original medical data into the transformed database
utilizing a CDM.
— Trusted logging tools: these tools record all operations conducted within the system to ensure the
integrity of the records and prevent tampering.
— Health terminology base: the health terminology base manages terminology standardization of the local
medical centres. Functionally, it standardizes the locally-used medical concepts to the global standard
health terminology and stores them to ensure consistency of the terminology across multiple centres.
— Analysis tools: these tools are utilized for conducting multi-centre medical data collaborative analysis
and managing the process of multi-centre collaborative researches.
— Coordination centre: the coordination centre serves as a central hub to facilitate collaborations among
multiple centres. Collaborations between the medical centres and the coordination centre enable the
secure transmission of essential non-original data for collaborative analysis services and applications.
— Terminology management: the terminology management provides protocols and methods for medical
centres and the coordination centre to manage the terminology and maintain terminology consistency,
including standardization, extension and quality control of health terminology.
— Multi-centre medical data standardization: the data standardization provides protocols and methods for
medical centres to perform data cleaning, data standardization, and quality control to ensure integrity
and consistency of medical data for collaborative analysis.
These components collectively enable efficient medical data collaborative analysis while preserving privacy
and data integrity of the original medical data within the respective medical centres.

Figure 1 — Architecture of multi-centre medical data collaborative analysis
With stringent requirements for data isolation, security, and privacy in the use of medical data, collaborative
analysis procedures shall adhere to a general standardized process, as illustrated in Figure 2. “Member
grouping” involves collaborative research centres forming a research team and defining their respective
research tasks. “Review & adjusting” entails conducting research ethics reviews and assigning data access
rights by the medical centre. While “Member grouping ”, “Result reporting”, and “Review & adjusting” are
best discussed and determined within a centralized environment, “Data gathering” and analysis based on
original data shall only be conducted in a distributed environment.

Figure 2 — General process for medical data collaborative analysis
6.2 Workflow
6.2.1 Multi-centre collaborative research initiation workflow
The initiation forms the foundation for multi-centre medical data collaborative analysis. The system
offers users collaborative research functions based on the available data. Users initiate the multi-centre
collaborative research based on the research interests. Figure 3 illustrates the multi-centre collaborative
research initiation workflow. Someone who initiates the research is called the initiator, while the
participants are those who participate in the research.

-------------
...