The WHO Collaborating Center for the Classification of Diseases for North America, located at the National Center for Health Statistics, is responsible for the coordination of all official disease classification activities in the United States relating to the ICD and its use, interpretation and periodic revision.
ANSI Accreditation:
The WHO Collaborating Center for North America is not an ANSI accredited body. The Collaborating Center is part of an international network of Collaborating Centers coordinated by the World Health Organization (WHO).
There are no separate templates for ICD-9 and ICD-10. On the following page, however, is a template developed by the National Center for Health Statistics (NCHS) for ICD-9 CM and ICD-10 CM.
International Classification of Diseases, Ninth Revision, Clinical Modification (ICD-9-CM)
International Classification of Diseases, Tenth Revision, Clinical Modification (ICD-10-CM)
International Classification of Diseases Procedure Coding System (ICD-10-PCS)
Name of Standard: (1) International Classification of Diseases (ICD); Ninth Revision, Clinical Modification (ICD-9-CM) currently in use for morbidity reporting.
Marjorie S. Greenberg (MSG1@NCH11A.EM.CDC.GOV, 301-436-4253 Ext. 107, Fax 301-436-4233) or Donna Pickett (DFP4@NCH11A.EM.CDC.GOV, 301-436-7050 Ext.142, Fax 301-436 4233)
The ICD-9-CM is the latest version of a classification that originated as the International List of Causes of Deaths, adopted in 1893 by the International Statistical Institute. The classification was revised at ten-yearly intervals and at the Sixth Revision Conference in 1948, the first undertaken by the WHO, its scope was extended to include non-fatal conditions and its use was recommended for morbidity statistics as well as for mortality. Subsequent revisions have enhanced its usefulness for morbidity applications by increasing the specificity of rubrics and by emphasizing manifestations of disease. Effective January 1979, the ICD-9-CM became the sole classification system used for morbidity reporting in the United States.
The ICD-9-CM, widely accepted and used in the health care industry, has been adopted by the federal government and the private sector for a number of purposes: data collection, quality of care analyses, resource utilization, research and reimbursement, and statistical reporting.
ICD-10-CM is currently under development, with a planned implementation date of October 1, 2000.
There are official coding guidelines used to instruct users on the classification. The ICD-9-CM classification and the guidelines are in the public domain and are available on CDROM from the Government Printing Office.
Is it implementable? (If so, is it fully or partially implementable?, explain)
The guidelines and classification are both in current use.
How can the standard be obtained?
The ICD-9-CM classification and the official national coding guidelines are in the public domain and are widely available. Both can be obtained through the Government Printing Office or through various publishers.
Does it require a separate implementation guide? (If so is the guide approved by the SDO?
Not applicable
Is there only one implementation guideline (or are there major options that impact compatibility)?
Not applicable
Not applicable
Not applicable
Not applicable
If the standard is under development, what parts of it are ready now?
Work on the clinical modification (CM) of the International Classification of Diseases and Related Health Problems (ICD-10) is currently underway; it will undergo review in the Department of Health and Human Services in 1997. The final version is scheduled to be available by October 1, 1998.
What extensions are now under development?
What are the projected dates for final balloting and/or implementation?
The planned implementation of ICD-10-CM, in conjunction with the Health Care Financing Administration's Procedure Coding System (ICD-10-PCS), is tentatively scheduled for October 1, 2000.
Please note any other indicators of readiness that may be appropriate.
Both the classification and guidelines for it are in wide use with thousands of copies being used nationally for the submission of health insurance claims and for statistical data collection, performance measures, research, etc.
If the standard is an implementable standard, how many vendors, healthcare organizations and/or government agencies are using it?
N/A
The ICD-9 is used internationally for cause of death tabulation. The ICD-9-CM, the morbidity version of the ICD-9, is used in the United States primarily, but Australia and Israel use the ICD-9-CM for morbidity. These countries will be implementing the ICD-10 for both morbidity and mortality prior to the United States.
Please note any other relevant indicator of market acceptance within the public or private sector.
Many private vendors produce a variety of software and book products based on the ICD-9-CM.
Level of Specificity
If your standard is a guideline, how detailed is it?A.
The guidelines for the ICD-9-CM are broad guidelines for coding. They are not teaching manuals.
If it is an implementable standard, describe how detailed its framework is and its level of granularity.
N/A
Does the standard(s) reference or assume other standards to achieve more specificity?
N/A
The ICD-9-CM is code set.
A medical statistical classification
The ICD-9-CM classification and the official national coding guidelines are in the public domain and are widely available. Both can be obtained through the Government Printing Office or through various publishers.
Is there a users' guide or some other assistance available on the code set?
WHO published an official rule book for mortality rules. The U.S. publishes official guidelines for the use of the ICD-9-CM for morbidity applications.
If the code set is currently in use, what is the extent of its use (e.g., approximate number of users)?
All health care claims must list the ICD-9-CM diagnosis code.
If the code set is under development, what are the projected dates of completion and implementation?
N/A
Volume 3 of ICD-9-CM is the classification of procedures used in the inpatient setting. CPT is used by physicians and hospital-based outpatient departments for the coding of procedures. The Health Care Financing Administration is developing ICD-10-PCS to replace Volume 3.
Identify specific standards reconciliation or coordination activities.
NCHS serves as the North American Collaborating Center for the Classification of Diseases (ICD) and for the International Classification of Impairments, Disabilities, and Handicaps (ICIDH). NCHS is responsible for the coordination of all official disease classification activities in the United States relating to the ICD and its use, interpretation and periodic revision. [See also III (A)].
The ICD-9-CM Coordination and Maintenance Committee is the process by which the classification (Volumes 1, 2, and 3) is maintained and updated each year. The Coordination and Maintenance process ensures stability of the classification system and it s comparability with its parent system, ICD-9. Established in 1985, this Committee was formed to provide a public forum to discuss possible updates and revisions to the ICD-9-CM.
What portion of the specification and functionality is affected by this coordination? N/A
What conditions are assumed in order for this coordination to be effective?
All requests for modification are handled through the ICD-9-CM Coordination and Maintenance Committee. The Committee discusses such topics as the need to update the ICD-9-CM due to changes in medical technology, the need to provide greater specificity in classifying diagnoses (adding clinical detail and accuracy), and the need to correct inaccuracies in the classification. No official changes are made without being brought before this committee.
Although the Committee is a federal committee, suggestions for modifications come from both the public and private sectors, and interested parties are asked to submit recommendations for modification prior to a scheduled meeting.
Modifications are not considered without the expert advice of clinicians, epidemiologists, and nosologists (both public and private sectors).
Is this standard consistent with international standards? If so, which standards?
Yes. The ICD-9-CM is consistent with ICD-9, and ICD-10-CM similarly will be consistent with ICD-10.
What gaps remain among related standards that should be addressed?
Notes: ICD-10-CM
A. Please indicate the cost or your best estimate for the following:
- Cost of licensure
None, the classification is in the public domain
A two-year timeframe is planned to allow for training and system modifications and software development for the transition to ICD-10-CM.
- Please note any other cost considerations.
Physicians' Current Procedural Terminology , Fourth Edition (CPT) is a listing of descriptive terms and identifying codes for reporting medical services and procedures. The purpose of the terminology is to provide a uniform languages that will accurately describe medical, surgical and diagnostic services, and will thereby provide an effective means for reliable nationwide communication among health professionals, patients and third-parties. The first edition of CPT appeared in 1966.
CPT was created and is authored by the American Medical Association (AMA).
The AMA is a member of ANSI. CPT is copyrighted by the AMA.
Physicians' Current Procedural Terminology, Fourth Edition (CPT)
CPT contains the American Medical Association's listing of descriptive terms and identifying codes. It also contains numeric modifiers, notes, guidelines and an index designed to provide explanatory information and facilitate the correct usage of the coding system.
Celeste G. Kirschner
Director, Coding and Nomenclature
American Medical Association
515 N. State Street
Chicago, IL 60610
Phone: 312-464-5932
Fax: 312-464-5849
CPT is used as the reporting mechanism by physicians and many other health professionals in the United States. It is the coding system used by Medicare and virtually all third party payors, including workers compensation and Medicaid. Hospitals use CPT codes to report outpatient service to Medicare. Its usage internationally is growing, particularly by United States companies that have international components. CPT was recently selected as the coding system of choice by the Medical Association of South Africa. CPT is Level I of HCPCS (HCFA Common Procedure Coding System).
CPT contains over 7300 codes to describe medical and surgical procedures. CPT is divided into 6 major sections, including Evaluation and Management Services, Anesthesia, Surgery, Radiology, Pathology and Medicine. The section heads, subheads, and titles provide an implicit hierarchy. The Surgery section is subdivided anatomically. The Medicine Section is divided by medical subspecialties. A series of two digit modifiers are also included to make the coding system more specific, to allow the reporting of a procedure under specific circumstances. For example, modifiers may be used to describe the use of assistant surgeons, a bilateral procedure, or a return to the operating room during the postoperative period.
CPT is authored by the American Medical Association. The CPT Editorial Panel is made up of 15 physicians, 10 nominated by the AMA and one each nominated by the Blue Cross and Blue Shield Association, the Health Insurance Association of America, the Health Care Financing Administration and the American Hospital Association. A non-physician representative of the Health Care Professionals Advisory Committee (HCPAC) also serves as a member of the Panel.
The Panel's Executive Committee includes the chairman, the vice chairman and three other members of the Panel, as elected by the entire Panel. One of the three members-at-large of the executive committee must be a third-party payer representative. The AMA provides staff support for the CPT Editorial Panel and appoints a staff secretary.
Supporting the Editorial Panel in its work is the CPT Advisory Committee. Committee members are primarily physicians nominated by the national medical specialty societies represented in the AMA House of Delegates. The Health Care Professional Advisory Committee allows for participation of organizations representing limited license practitioners and allied health professionals. Most members of the Advisory Committee serve as Chair of a specialty society committee and thus form a network of approximately 1000 physicians and other health professionals actively working to maintain the clinical integrity of the system.
Current Procedural Terminology (CPT) is available in the following print and electronic formats:
1 volume spiral-bound edition;
1 volume soft bound edition;
1 volume spiral-bound Professional edition;
1 volume three-ring bound Professional edition
Electronic versions in EBCDIC or ASCII for full and short description magnetic tape formats; also available in diskette format, short or long description which can be used with any software that allows import of an ASCII file. A CD-ROM version, that includes CPT, is available for 1997.
In addition, CPT is currently licensed to many software system vendors and publishing companies.
CPT is available at low cost through the AMA or through the AMA's licensing activities. CPT can be purchased from the AMA in print formats for as low as $38. CPT can be licensed from the AMA in electronic formats for as low as $149. Licenses are granted to those that distribute CPT in print and electronic formats. Licenses for CPT in print products are granted for as low as $10 per product. Licenses for CPT in electronic products are granted for $50 per product license with a minimal additional user fee for multi-user versions. The codes are revised yearly.
Systematized Nomenclature of Human and Veterinary Medicine (SNOMED) International:
SNOMED® International is recognized throughout the world as a comprehensive, multiaxial nomenclature classification system created for the indexing of the entire medical vocabulary, including symptoms, diagnoses, and procedures. Its design provides the framework for representing the activities, observations, and diagnoses found in the medical record and coding them into a computer-processable form. The structure of SNOMED® International, together with its ability to index and retrieve comprehensive patient information, makes this system a strong candidate for the standard vocabulary and data model that is essential for the computer-based patient record.
SNOMED® International is owned and managed by the College of American Pathologists (CAP). The CAP is a national medical specialty society serving more than 15,000 physician members and the laboratory community in the United States and internationally. College fellows elect a 12-member Board of Governors and three officers who serve as the governing body. Supporting the Board of Governors are a hierarchy of Councils, Commissions and Committees. These groups develop and oversee College and projects and programs. Administrative support and overall coordination and implementation of College programs is provided by staff located at the CAP Headquarters office in Northfield, Illinois.
The Council on Practice and Education is responsible for the operation of several CAP committees including the SNOMED® Editorial Board (SEB). Through the work of the SNOMED® Editorial Board chaired by College member, Roger A. Cote, MD, new terms and codes are continuously added to the SNOMED® vocabulary, with at least two updates provided annually. Via relationships with other medical specialty societies, the SEB is responsible for the design, development and maintenance of the SNOMED® vocabulary.
SNOMED® International is not a standard. It is a registered trademark owned and copyrighted by the College of American Pathologists. As an organization, the CAP is not directly involved in standards development.
SNOMED® International
Contact For More Information:
Karen Kudla
SNOMED Program Manager
College of American Pathologists
325 Waukegan Road
Northfield, IL 60093
Phone: 847-832-7446
Fax: 847-832-8170
E-Mail: kkudla@cap.org
SNOMED® International is a comprehensive, multiaxial nomenclature classification system created for the indexing of the entire medical vocabulary, including signs and symptoms, diagnoses, and procedures. Introduced in September 1993 and traceable to its roots in the early 1960s as the Systematized Nomenclature of Pathology (SNOP), SNOMED® is being rapidly accepted worldwide as the standard for indexing medical record information. It has been translated from English into 12 other languages. The American Veterinary Medical Association and the American Dental Association have recognized SNOMED®'s strength as a comprehensive nomenclature and have endorsed its use. In addition, the American College of Radiology/National Equipment Manufacturers Association will be using a subset of SNOMED® in their Digital Imaging and Communications in Medicine standard (DICOM).
Of the major factors required for successful computer-based patient record development, a common medical vocabulary for use in records and standards for integrating multiple and disparate sources of information are critical elements. The eleven modules of the current version of SNOMED® contain more than 144,000 terms and term codes, with new updates provided to SNOMED® users at least twice per year. Many electronic records proponents are concluding that SNOMED® International offers the best prospects for a standardized vocabulary.
SNOMED® International is available in the following print and electronic formats: four-volume hard-bound printed set electronic version on CD-ROM in a tab-delimited ASCII format
In addition, the following information systems vendors are licensed to distribute SNOMED® International:
ACT Medisys
ANATROL
Antrim Corporation
Cerner Corporation
Citation Computer Systems
Collaborative Medical Systems
Computer Trust Corp.
Dentente Corporation
Dynacor Inc.
Dynamic Healthcare Tech, Inc.
Galen Group, Ltd.
Health Data Science Corp.
Healthpoint GP
Kaiser Permanente
Laboratory Consulting, Inc.
MedicaLogic
Orbis Systems
Psyche Systems
Science Applications Int'l Corp.
Sunquest Information Systems
Univ. Of Alabama at Birmingham
SNOMED® International is widely used and distributed throughout the United States and worldwide. SNOMED® International was ranked on top in a study conducted by the Computer-based Patient Record Institute (CPRI) which evaluated all available coding systems for their ability to be used as a common medical terminology.
SNOMED® International has been translated into Greek, Chinese, Czech, French, German, Hungarian, Italian, Japanese, Norwegian, Portuguese, Russian, Slovakian, and Spanish.
The American Veterinary Medical Association and the American Dental Association have recognized SNOMED®'s strength as a comprehensive nomenclature and have endorsed its use. In addition, the American College of Radiology/National Equipment Manufacturers Association will be using a subset of SNOMED® in their Digital Imaging and Communications in Medicine standard (DICOM).
SNOMED® International is a detailed coded nomenclature and classification of preferred medical terms and concepts, consisting of more than 144,000 terms and term codes divided into eleven linked hierarchical modules: Topography; Morphology; Function; Living Organisms; Chemicals, Drugs, and Biological Products; Physical Agents, Activities and Forces; Social Context; Diseases/Diagnoses; Procedures; and general Linkage Modifiers
SNOMED® International is available to individuals for a single fee.
In addition, licenses are granted to distribute SNOMED® International for commercial or institutional use. Licensing fees are determined by the number of users per site, and are renewed annually
American Dental Association (ADA)
The ADA's Current Dental Terminology (CDT) is a manual that is intended to be of practical use to those in dental offices who deal with patients' dental plans, by providing assistance in accurately reporting dental treatment and procedures to third-party payers. The document used for reporting treatment is the American Dental Association's Code on Dental Procedures and Nomenclature which is contained in the CDT. The Code is structured so that it can be used by dentists and/or their staff to report care provided to patients. Within CDT, many code numbers are accompanied by additional information or explanations to help clarify how the codes should be applied.
CDT is maintained by the American Dental Association through its Council on Dental Benefit Programs.
CDT is not a standard. It is a copyrighted document of the American Dental Association. However, as an organization, the ADA is directly involved in standards development as sponsor and secretariat of the ASC MD156.
Current Dental Terminology (CDT)
Thomas Conway
American Dental Association
211 East Chicago Avenue
Chicago, Illinois 60611
Phone: 312/440-2752
Fax: 312/440-2520
eMail: conwayt@ada.org
The CDT contains the American Dental Association's codes for dental procedures and nomenclature and is the nationally accepted set of numeric codes and descriptive terms for reporting dental treatments. CDT also contains a description of the ADA Dental Claim Form; clinical and dental benefit terminology; and a description of the tooth numbering system.
CDT is available in the following print and electronic formats:
1 volume spiral bound manual;
Electronic version in MS DOS diskette, an ASCII file, and a database program. Must have IBM compatible computer with at least 512K RAM.
In addition, CDT is currently licensed to many practice management software systems vendors.
CDT is used as a reporting tool by all practicing dentists in the United States. It is also used by third-party payers for claims processing. The ADA's procedure codes are also included in the HCFA Procedural Coding System (HCPCS) as the dental (D) codes.
CDT includes the ADA's Code on Dental Procedures and Nomenclature consisting of over 400 distinct dental procedures. The codes and nomenclature have been divided into 12 categories of service: Diagnostic, Preventive, Restorative, Endodontics, Periodontics, Prosthodontics; removable, Maxillofacial Prosthetics, Implant Services, Prosthodontics;fixed, Oral Surgery, Orthodontics, and Adjunctive General Services.
CDT is available to individuals for $29.95. Licenses are granted for $500 for a five year period to those that distribute CDT in software systems, continuing education programs and other products. The codes are revised on a five-year cycle.
Advisory Committee on Dental Electronic Nomenclature Indexing and Classification (ACODENIC)
The American Dental Association established this advisory committee to develop standardized clinical terminology for the dental profession in an electronic environment. All segments of the health care process must be addressed, such as patient history, presenting conditions, physical findings, services, risk factors, outcomes, or other important details. In addition, all facets of health care, independent of profession, discipline or specialty must be included in standardized terminology. Therefore, the Advisory Committee has engaged in the difficult task of creating a clinical terminology and coding system which will provide the dental profession with varying degrees of utility.
In order to accomplish this charge, the American Dental Association recognized the strength of the SNOMED International system and began working with the College of American Pathologists on the development of a microglossary of SNOMED for dentistry. The ADA's Microglossary is currently in development and is expected to be completed in 1997. The ADA is participating with a sample of terms from the Microglossary in the Large Scale Vocabulary Test conducted by the National Library of Medicine (NLM). The proposed dental terms are being tested against the NLM's Unified Medical Language System (UMLS). The goal of the NLM Large Scale Vocabulary Test is to contribute to an understanding of the controlled terminology that will be needed for electronic health care systems, whether these are for direct patient care, clinical or health services research, or public health surveillance. The Test seeks to determine the extent to which a combination of existing health-related terminologies cover vocabulary needed in health information systems. The terminology that the participants submit to should provide the basis for realistic resouce estimates for developing and maintaining a comprehensive "standard" health vocabulary that is based on existing terminologies. In addition, the ADA's dental terms were recently used to update the dental terminology for the NLM's 1997 Medical Subject Headings (MeSH). MeSH is the vocabulary used to index articles in the National Library of Medicine's MEDLINE database and its derivative publications, including Index Medicus and the American Dental Association's Index to Dental Literature.
The ADA's procedure codes will also be mapped to the SNOMED terms in the Dental Microglossary.
3) Comprehensive Glossary of Dental Terms - Standardized terminology must have explicit definitions. A collective guide is important for consistent interpretation of terms by the profession and aggregate data analysts. Therefore, the American Dental Association's ACODENIC is also developing a comprehensive glossary of dental terms. In addition to defining the terms in the Microglossary, the definitions will be useful for the NLM's MeSH and UMLS knowledge sources.
Center for Nursing Classification, University of Iowa College of Nursing
The Nursing Interventions Classification (NIC) is a comprehensive, standardized language describing treatments that nurses perform in all settings and in all specialties. NIC interventions include both the physiological (e.g. Acid-Base Management) and the psychosocial (e.g. Anxiety Reduction). There are interventions for illness treatment (e.g. Hyperglycemia Management), illness prevention (e.g. Fall Prevention), and health promotion (e.g. Exercise Promotion). Interventions are for individuals or for families (e.g. Family Integrity Promotion). Indirect care interventions (e.g. Emergency Cart Checking) and some interventions for communities (e.g. Environmental Management: Community) are also included.
Each NIC intervention has a unique number which can facilitate computerization. NIC interventions have been linked with NANDA nursing diagnoses and the Omaha System problems and are in the process of being linked with Nursing Outcomes Classification (NOC) patient outcomes . There is a form and a review system for submitting suggestions for new or modified interventions.
The classification work is part of the Center for Nursing Classification at the University of Iowa College of Nursing. Research methods used to develop the Classification include content analysis, expert survey, focus group review, similarity analysis, hierarchical cluster analysis, multidimensional scaling, and field testing. More than 40 national nursing organizations have reviewed NIC and assisted with intervention development and validation and taxonomy construction and validation. The research, conducted by a large team of investigators, has been partially supported for the past seven years by the National Institute of Nursing Research, National Institutes of Health.
NIC is not a standard. It is a standardized language organized in a 3 level taxonomic structure for ease of use. It is published by Mosby Year Book who owns the copyright. Neither the University of Iowa which produces NIC nor Mosby is involved in the development of standards.
Nursing Interventions Classification (NIC)
William Donahue, Program Associate
Center for Nursing Classification
College of Nursing
The University of Iowa
Iowa City, IA 52240
Phone: 319-335-7054/7051
Fax: 319-335-7051
E-mail william-donahue@uiowa.edu
OR classification-center@uiowa.edu
NIC contains 433 interventions each with a definition and a detailed set of activities that describe what it is a nurse does to implement the intervention. Each intervention is coded with a unique number. The interventions are organized in 26 classes and 7 domains. NIC facilitates the implementation of a Nursing Minimum Data Set. The use of NIC to plan and document care will facilitate the collection of large data bases which will allow us to study the effectiveness and cost of nursing treatments. The use of standardized language provides for the continuity of care and enhances communication among nurses and among nurses and other providers. NIC provides nursing with the treatment language that is essential for the computerized health care record. The domains and classes provide a description of the essence of nursing. NIC is helpful in representing nursing to the public and in socializing students to the profession. The coded interventions can be used in documentation and in reimbursement. The language is comprehensive and can be used by nurses in all settings and in all specialties.
NIC is available in the following print publication: Iowa Intervention Project (1996). Nursing Interventions Classification (NIC), 2nd ed. St. Louis: Mosby Year Book.
The following vendors are licensed to distribute NIC: ERGO, Mission, Kansas, 319: 384-3377.
JRS Clinical Technology, Stamford, CT, 203:322-1823.
In addition, there are numerous journal publications about NIC that detail aspects of development or use. An anthology of NIC publications and an implementation manual containing helpful guides and forms related to implementation from selected user agencies are available from the Center for Nursing Classification.
NIC is recognized by the American Nurses' Association and is included in the National Library of Medicine's Metathesaurus for a Unified Medical Language. Both the Cumulative Index to Nursing Literature(CINAHL) and Silver Platter have added NIC to their nursing indexes. NIC is included in the Joint Commission on Accreditation for Health Care Organization's (JCAHO) as one nursing classification system that can be used to meet the standard on uniform data. The National League for Nursing has made a 40 minute video about NIC to facilitate teaching of NIC to nursing students and practicing nurses. Many health care agencies are adopting NIC for use in standards, care plans, and nursing information systems; nursing education programs are beginning to use NIC; authors of major texts are beginning to use NIC to discuss nursing treatments; and researchers are using NIC to study the effectiveness of nursing care. Interest in NIC has been demonstrated in several other countries, notably, Canada, Denmark, Iceland, Japan, Korea, Switzerland, and The Netherlands.
NIC groups approximately 13,000 nurse activities into 433 standardized intervention terms each with a unique code. NIC has numerous uses including in care planning, documentation, standards construction, critical paths, competency evaluation, job descriptions, curriculum and course syllabus construction. The use of NIC in nursing information systems allows for the collection of standardized data to be used in effectiveness research and in determining the costs of nursing.
NIC is available in book form to individuals for a single fee, which in January 1997 was $35.95. In addition, licenses are granted to distribute NIC for commercial or institutional use by contacting Robin Carter at Mosby Year Book, 800:325-4177, ext. 4412 (robin.carter@mosby.com) Licensing fees are determined by the number of users per site and are renewed with each new edition of the book (approximately every 4 years). Permission to use NIC in printed material can be obtained by contacting Liz Fathman at Mosby Year Book, 800:325-4177, ext. 4866 (liz.fathman@mosby.com).
Representation includes: US Food and Drug Administration
European Union
Japan's Ministry of Health and Welfare
PhRMA (Pharmaceutical Research and Manufacturers of America)
JPMA (Japanese Pharmaceutical Manufacturers Association)
EFPIA (European Federation of Pharmaceutical Industries
Association)
Not ANSI Accredited
Kathryn A. Huntley
Standardized Nomenclature Program Manager
Food and Drug Administration
HF-21 Rm 16B-45
5600 Fishers Lane
Rockville, MD 20857
(301) 594-6491 (voice)
(301) 594-0829 (fax)
khuntley@bangate.fda.gov
The International Medical Terminology (IMT) is a medical terminology designed to support the classification, retrieval, presentation, and communication of medical information throughout the medical product regulatory cycle. The foundation of the IMT is the Medical Dictionary for Drug Regulatory Affairs (MEDDRA) developed by the UK Medicines Control Agency (MCA) in its Adverse Drug Reactions On-line Information Tracking System (ADROIT).
The IMT is superior to other medical terminologies in its scope, size, and specificity. Included in the IMT are terms describing diseases, diagnoses, signs, symptoms, therapeutic indication names, and qualitative results of investigations (e.g. laboratory tests, radiological studies), medical and surgical procedures, and terms describing medical, social, and family history. The IMT consists of a five level hierarchy, starting with 26 System Organ Classes (SOCs), that represent the highest level groupings of the terminology. Including all levels it contains approximately 40,000 terms. The Preferred term (PT) is the internationally agreed upon level at which regulatory information is to be exchanged. The IMT contains approximately 8,800 PTs, vastly improving the specificity of exchanged regulatory information over previous thesauri.
The current version of the IMT is available in multiple formats:
A.This is not a guideline
B.The implementable version will be a combination of products, the terminology and a maintenance organization. The terminology will be completed March 1997 the maintenance organization will be operational December 1997.
C.The 1.5 version of the terminology is obtainable through the FDA at no cost. The final version will be available through the maintenance organization.
D.There will be a user manual, help desk support etc. through the maintenance organization.
E.There will be a single version, multiple translations i.e. Japanese, Spanish, French and German to begin.
F.No
G.No.
H.None
I.The 1.5 version of the terminology is available for review. The FDA has rewritten 8 of the 26 System Organ Classes. The structure of terminology will not change just the terms populating the various levels below the System Organ Class level.
J.The final review of the US proposals, and the review and repopulation of the mid-levels to aid in data aggregation and display as well as the assignment of codes.
AA. ICH Expert Working Group meeting the first week of January 1997, the presentation to the ICH Steering Committee the first week of March 1997.
BB. ICH Steering Committee meeting March 1997, Selection of the Maintenance Organization July 1997, Terminology available December 1997
CC. none
A. 308 copies of Version 1.0 and 386 copies of Version 1.5 have been distributed in North America to date. There are also distribution points in Japan and Europe.
B. none currently
C.A closely related product is currently being used in the ADROIT system of the UK's Medicines Control Agency.
D.The development of this standard under the ICH umbrella is very important in that once agreed upon by the regulators they are committed to implementing it. That means the regulatory authorities of Europe, United states and Japan will implement therefore the industries in those regions will also implement it. It is being reviewed by the World Health Organization for use by WHO countries and also by the WHO Drug Monitoring Program in Upsala Sweden.
Within the US, the National Cancer Institute's Cancer Therapy Evaluation Program is planning to adopt this terminology for use in collecting cancer clinical trial data.
(A) The IMT is not a guideline.
(B) The IMT's hierarchy consists of five levels and was designed to facilitate both coding and retrieval of medical information. These levels include System Organ Class (SOC), the broadest term; High Level Group Term (HLGT); High Level Term (HLT); Preferred Term (PT); and Lowest Level Term (LLT). Concepts in the vocabulary are grouped based upon inclusive relationships. The hierarchy can be used to locate concepts at a desired degree of specificity.
The following is a description of the IMT hierarchical levels from the most specific, or granular, to the broadest.
LLT - The Lowest Level Terms provide the most specific terms in the vocabulary. The LLTs are not used for reporting, but help define the scope of the preferred term to which they are linked, and provide a collection of terms used in verbatim reports to describe adverse experiences or medical history. In the IMT, the LLTs contain both synonyms and quasi-synonyms. In a strictly controlled thesaurus, the finest division of vocabulary consists only of synonyms and lexical variants (spelling and word order variations). In practical medical coding vocabularies, however, this rule is not rigorously enforceable. Terms that have similar meanings, or which describe similar concepts, are often grouped under the same preferred term.
PT - The preferred term is the internationally agreed upon level at which regulatory information is to be exchanged. The PT represents a single, unambiguous, clinical concept. Terms at this level should be at a level of specificity to code regulated indications and to capture signals of specific significant adverse events. The LLTs under each PT indicate the intended scope of the term. A PT may be linked to one or more SOCs, but is assigned to only one Primary SOC under which it is grouped for cumulative data outputs to prevent duplicate counting.
HLT - A High Level Term groups together PTs which are related by anatomy, pathology, physiology, etiology or function for data retrieval and presentation purposes only. An HLT may be linked to one or more HLGT(s) or SOC(s).
HLGT - High Level Group Terms, like the HLTs, are broad concepts used for grouping clinically related terms for data retrieval and presentation. They may be linked to one or more SOC(s).
SOC - The System Organ Class represents the broadest collection of concepts for retrieval in the vocabulary. SOCs group concepts according to anatomical or physiological system, e.g. Gastrointestinal disorders; body organ, e.g. Disorders of the eye; mechanism, e.g. Infections and infestations; and purposes, e.g. Surgical and medical procedures.
It does not reference other standards.
FDA recommendation for the IMT coding scheme (this is only a recommendation and has not been finalized):
User Guide to be developed.
Schedule for IMT Implementation:
Terms from other commonly used medical thesauri have also been added to the IMT to make the transition from these other vocabularies to the IMT easier. These include the Food and Drug Administration Coding Symbols for a Thesaurus of Adverse Reaction Terms (COSTART), the World Health Organizations Adverse Reaction Terminology (WHO-ART), the International Classification of Diseases, version 9, Clinical Modifications (ICD-9-CM), the Japanese Adverse Reaction Thesaurus (JART), and the Hoechst Adverse Reaction Terminology (HARTS).
There are some medical concepts that are not included in the IMT. The following areas are considered outside the scope of this regulatory terminology:
Cost of licensure is yet undetermined but the goal is to make the internationally maintained terminology as inexpensive and readily available as possible. In all regions consideration must be given to the developing nations under WHO as well as the start up and specialty industries throughout the world.
Health Care Claim Adjustment Reason Code/Health Care Claim Status Code Committee
Health Care Claim Adjustment Reason Codes and Health Care Claim Status Codes are considered external codes by ANSI ASC X12, and the Committee is not an SDO. The committee was formed in 1994 by industry representatives to X12, to create a mechanism for management of the codes used for the enumerated transactions.
A series of standard alphanumeric codes, and messages, that detail the reason why the payer made and adjustment to the health care claim payment. These codes are used in the ANSI ASC X12 Claim (837) and Payment/Advice (835) transaction sets, and in the UB92 and NSF flat file claim and associated payment transactions.
These codes are developed and maintained by the Health Care Claim Adjustment Reason Code/Claim Status Code Committee. This committee is comprised of one voting member from the following groups:
The committee is responsible for maintaining the quality and business applicability of the code lists for an electronic data interchange environment. It's objective is to meet the business needs of the user community while eliminating redundancy in the codes. The Blue Cross and Blue Shield Association serves as Secretariat for the committee.
Frank Pokorny
Manager, Electronic Commerce and National Standards
Blue Cross and Blue Shield Association
676 North St. Clair
Chicago, IL 60611
Phone: 312-330-6223
Fax: 312-440-5674
E-mail: us993fjp@ibmmail.com
A series of approximately 175 standard numeric and alphanumeric codes, and messages, that detail the reason why the payer made and adjustment to the health care claim payment. An individual code may be up to three characters long. A set of that apply equally to services, products, drugs and equipment. Codes for Medicare A have the letter "A" in the first position; Medicare B show the letter "B".
Codes are currently in use and revisions are made thrice annually, effective on February 28, June 30 and October 31 of each year. The most recent version of the code list will be able to be applied to all versions of the ASC X12 Draft Standards, except as limited within the code lists.
Health Care Claim Adjustment Reason Codes and the Health Care Claim Status Codes are available in electronic and print formats:
Electronic file -
Washington Publishing Company World Wide Web Site
http://www.wpc-edi.com
Paper Copy -
Blue Cross and Blue Shield Association
Inter-Plan Teleprocessing Service
676 North St. Clair
Chicago, IL 60611
Health Care Claim Adjustment Reason Code is currently in wide use within the health care community for both EDI and flat file transactions, and for both private/commercial and government programs. Codes are developed and agreed upon by committee action
A set of approximately 175 numeric and alphanumeric codes that apply equally to services, products, drugs and equipment. Codes for Medicare A have the letter "A" in the first position; Medicare B show the letter "B". Codes are available on lists in simple ascending order, and by functional groups: treatment; insurance procedural; insurance contractual; other.
Code lists are available at no charge from either the Washington Publishing Web Site or the Blue Cross and Blue Shield Association.
A series of standard alphanumeric codes, and messages, that detail the status of a claim that has been submitted for payment. These codes are used in the ANSI ASC X12 Claim Status Response (277) and Payment/Advice (835) transaction sets, and in the flat file transactions associated with the UB92 and NSF formats.
A composite data element comprised of the following aphanumeric and numeric data elements:
An individual code may be up to seven (7) characters long.
Health Care Claim Adjustment Reason Code and Health Care Claim Status Codes are available in electronic and print formats:
Electronic file -
Washington Publishing Company World Wide Web Site
http://www.wpc-edi.com
Paper Copy -
Blue Cross and Blue Shield Association
Inter-Plan Teleprocessing Service
676 North St. Clair
Chicago, IL 60611
Health Care Claim Status Code is currently in wide use within the health care community for both EDI and flat file transactions, and for both private/commercial and government programs. Codes are developed and agreed upon by committee action.
Health Care Claim Status Category Code is a 2 position alphanumeric field that is mandatory. These codes are divided into six broad categories:
Health Care Claim Status Code is a three position numeric code that is mandatory. There are approximately 450 codes currently available. Each code's description is understood to automatically refer to service, procedure, treatment, supply, test, visit and medication.
Entity Identfier Code is a two position alphanumeric field that is optional - Used when an entity is associated with the Health Care Claim Status Code
An individual code may be up to seven (7) characters long.
Code lists are available at no charge from either the Washington Publishing Web Site or the Blue Cross and Blue Shield Association.
LOINC is a consortium of laboratories, system vendors, hospitals, and academic institutions organized by the Regenstrief Institute and supported by grants from the John A. Hartford Foundation of New York, the Agency for Health Care Policy and Research, and the National Library of Medicine.
LOINC is a consortium, not a formal SDO. However, it is designed to work in conjunction with the HL7/ASTM and CEN observation (result) messages.
Logical Observation Identifiers Names and Codes (LOINC).
Stan Huff <coshuff@ihc.com>
36 South State St, Suite 800
Salt Lake City, UT 84111
Phone: 801 442 4885
Fax: 801 263 3657
Clem McDonald <clem@regen.rg.iupui.edu>
Regenstrief Institute
Indiana University School of Medicine
1001 W. 10th St. 5th fl RHC
Indianapolis, IN 46202
Phone: 317 630 7070
Fax: 317 630 6962
To obtain the Users' Guide, and full LOINC database in report, ASCII text, or dBase formats:
http://www.mcis.duke.edu/standards/termcode/loinc.htm
(1) Laboratory LOINC
LOINC concentrates on the identification and naming of test and clinical observations, things like diastolic blood pressure, serum glucose, blood culture, or "heart physical exam." LOINC does not deal formally with the values reported for these observations/measurements, some of which are valued as numbers, and some of which are valued as codes or text. Most of these coded answers are expected to be provided from other sources, such as SnoMed, CPT4, ICD9CM, and other code systems.
The laboratory component of the data base is fairly complete with respect to the tests listed in Table 1.
|
Chemistry Coagulation Hematology Microbiology including cultures, microscopic examinations, RNA and DNA probes, Antibody and antigen measures Antimicrobial susceptibility testing Toxicology and drug testing Surgical pathology Blood banking Blood counts and Urinalysis Fertility |
Each record in the LOINC data base identifies one distinct observation. Each record contains the LOINC identifier, which is a meaningless number with a self check digit, and a multi-part formal name which includes component (e.g., glucose, intra-arterial diastolic), type of property (e.g., mass concentration, pressure), timing (e.g., point measure 24 hour), system (e.g., serum, brachial artery), scale (e.g., quantitative, qualitative), and method (e.g., dip stick, ausculatory).
In addition, the data base contains related names (near synonyms), molecular weights, indicators of terms that have been retired, a pointer to the terms that replace them, and related codes from other systems, e.g., the chemical abstract code for chemical substances.
With the data base comes a manual that provides formal rules for naming the parts of an observation, and a full definition of the data base.
LOINC does not yet include names for order sets, e.g., CHEM12.
|
1919-0 ASPARTATE AMINOTRANSFERASE:CCNC:PT:FLU:QN 3255-7 FIBRINOGEN:MCNC:PT:PPP:QN:COAG 4531-0 COMPLEMENT TOTAL HEMOLYTIC:PT:BLD:QN 9782-4 ADENOVIRUS SP IDENTIFIED:PRID:PT:XXX:QL:ORGANISM SPECIFIC CULTURE 4991-6 BORRELIA BURGDORFERI DNA:ACNC:PT:XXX:SQ:AMP/PROBE 6324-8 BRUCELLA ABORTUS AB:TITR:PT:SER:QN:AGGL 6337-0 CANDIDA ALBICANS AG:ACNC:PT:SER:SQ:ID 9822-8 MICROORGANISM IDENTIFIED PRID:PT:DIAF:QL:STERILE BODY FLUID CULTURE 6981-5 AZITHROMYCIN:SUSC:PT:ISLT:SQN:GRADIENT STRIP 5573-1 ALUMINUM:MFR:PT:HAR:QN 6473-3 MICROSCOPIC OBSERVATION:PRID:PT:TISS:QL:TRICHROME STAIN |
The same general approach has been applied to common clinical measures as to laboratory observations. The same six major parts of the name, some with subparts, are used.
|
Blood pressure (systolic, diastolic, and mean) Heart rate (and character of the pulse wave) Respiratory rate Critical care measures (Cardiac output, resistance, stroke work, ejection fraction, etc.) Body Weight (and measures used to estimate ideal body weight) Body Height Body temperature Circumference of chest, thighs, legs, etc. Intake and output Major headings of history and physical Major headings of discharge summary Major headings of an operative note Electrocardiographic measures |
Clinical LOINC code numbers are taken from the same sequence of numbers as the Lab LOINC codes.
For many clinical measures, measurements are distinguished for estimated, reported, and measured values. (E.g., a patient's report of his or her body weight is a different variable from a measured result or the physician's estimate.) Also varying degrees of pre-coordination are provided for the observation, the body site at which it was obtained, and the method. E.g., a cardiac output based on the Fick method is distinguished from a cardiac output based on a 2D cardiac echo.
Physiologic measures are often monitored continuously over time, and the instrument reports summary "statistics" over that reporting period. The summary statistics can include minimum, maximum, and mean over a time period for vital signs measurements and fluid intake and output. When we address measures taken over time, we usually include 1 hour, 8 hour, 10 hour, 12 hour, and 24 hour summaries. The middle three durations are included to cover the varying durations of work shifts within and across institutions.
The parts of clinical measurement names are the same as for laboratory measures. The fourth part, the system, usually identifies an organ system or a particular part of the anatomy. For a measure of systolic left ventricular pressure, the system would be "Cardiac ventricle.left." In contrast to laboratory tests, where the component is usually some chemical entity, the clinical measurement component usually identifies the specific aspect of a property that is measured. For example, the property type might be pressure. Then the component would identify the pressure measured as intravascular diastolic. In general the component is used to distinguish the various points or ranges, or inflections of a physiologic tracing, and to define precisely which of a number of possible dimensions of length or area are being measured in imaging.
Laboratory measures tend to be more regular than clinical measures. The system is usually a specimen and the component a chemical or molecular moiety. For most clinical measurements, the component is also an attribute of a patient or an organ system within a patient. However, attributes of non-patient entities are often of interest in the case of clinical measurements. For example, we might want to know the class of instrument used to obtain the measurement.
|
8285-5 CIRCUMFERENCE.OCCIPITAL-FRONTAL:LEN:PT:HEAD:QN:TAPE MEASURE 8496-2 INTRAVASCULAR DIASTOLIC:PRES:PT:BRACHIAL ARTERY:QN 9940-8 Q WAVE DURATION:TIME:PT:LEAD V1:QN:EKG 8660-3 HISTORY OF SYMPTOMS & DISEASES:FIND:PT:CARDIOVASCULAR SYSTEM:QL:REPORTED 8651-2 HOSPITAL DISCHARGE DX:IMP:PT:^PATIENT:QL 9129-8 FLUID OUTPUT.CHEST TUBE:VOL:PT:PLEURAL SPACE:QN |
The LOINC database of over 10,000 observations/measurement/test result codes is available for free use on the Internet.
There is only one official version of the LOINC standard. Codes are never re-used when the meaning of a term changes. Updates and additions are made at two to three month intervals.
The laboratory component of LOINC was installed on the Internet in April of 1995, and has been greeted enthusiastically since. It has been endorsed by the American Clinical Laboratory Association (ACLA) and recommended for adoption by its members. The ACLA is the association of large referral laboratories, and its members are responsible for more than 60% of US outpatient laboratory volume. Corning MetPath and LabCorp, two of the largest commercial laboratories, have adopted LOINC as their code system for reportable test results, as has LifeChem and Associated Regional and University Pathologists (ARUP). In addition, Indiana University labs, University of Colorado, Intermountain Health Care, University of Missouri, and Barnes/Jewish Hospital are in the process of converting their reporting to LOINC codes. The province of Ontario, Canada has made a tentative commitment to the LOINC codes for a province-wide coding standard.
The LOINC codes have been used as the basis for HCFA's ICD10-PCS laboratory codes. They have been incorporated in HCFA's quality assurance testing pilot software, and they have been adopted by the Centers for Disease Control and Prevention/State and Territorial Epidemiologist project for transmitting communicable diseases reports electronically.
The identifiers are specific in up to eight dimensions. The goal is to match the level of specificity provided by the master files of the systems that report these kinds of results. Laboratory test results are distinguished (and specific) to the analyte (e.g., glucose), the type of property (e.g., mass concentration), the timing aspects (e.g., 24 hour specimen), the specimen, (e.g., urine), and the method - as needed. In the case of serology tests, which tend to include method information in their name, LOINC includes the methods. In the case of chemistry tests, that tend not to include method information in their name, the LOINC codes tend not to be specific about method. The data base now includes over 10,000 laboratory and clinical observations.
The LOINC data base and Users' Guide is available for free use for any purpose by users and vendors from the Internet Web site listed above. It is copywritten in order to prevent the development of multiple variants.
Home Health Care Classification (HHCC) System is a system designed to assess and document home health and ambulatory care using its standardized HHCC nomenclature. Its documentation method tracks home health and ambulatory care. It is based on a conceptual framework using the nursing process to access a patient holistically. HHCC nomenclature consists of six data dictionaries:
A patient/client is also assessed using 20 medical diagnoses and/or surgical procedure categories, and 10 socio-demographic data elements.
HHCC System can be used to identify: (a) care needs in terms of care components and their respective nursing diagnoses and interventions; and (b) resource use in terms of nursing and other health providers (physical, occupational, and speech therapy, medical social worker, and home health aide). The medical assessment categories and socio-demographic data elements are descriptive variables that can be correlated with clinical care data.
HHCC is also designed to record the clinical care pathways for an entire episode of care. The care events can be used to determine care costs, and can provide a payment method for managed care services. HHCC System runs on microcomputer using a portable notebook to facilitate ease of use for data collection and then downloaded to a computer-based workstation for processing.
References are available upon request.
Purpose: The Home Health Care Classification (HHCC) - Nursing Diagnoses and Nursing Interventions was developed by Saba as part of the Georgetown University Home Car Project. It was developed to classify, code for computer processing and analyze study data. The HHCC is being used to document and describe home health nursing care, as well as determine cost and measure outcomes.
Structure: The Home Health Care Classification (HHCC) - Nursing Diagnoses and Nursing Interventions are classified according to 20 Home Health Care Components:
HHCC of Nursing Diagnoses: The scheme consist of 145 nursing diagnoses (50 two digit major categories and 95 three-digit subcategories). Each nursing diagnosis has a modifier to code three possible expected outcomes: 1=improved, 2=stabilized, or 3=deteriorated.
HHCC of Nursing Interventions: It consists of 160 unique nursing interventions (60 two digit major categories and 95 three-digit subcategories). Each nursing intervention has a modifier to code four types of nursing action: 1=access, 2-direct care, 3=teach, and/or 4=manage. The type of action modifier adds the implementation facet to the HHCC of Nursing Intervention Taxonomy expanding it to 640 possible nursing intervention codes.
The HHCC is structured according to the Tenth Revision of the International Classification of Diseases (ICD-10). Each classification label consists of a five character alphanumeric code. The HHCC Care Component is alphabetic and the first character, the Nursing Diagnosis or Nursing Intervention is represented by a second and third digit for major categories, and in some instances a fourth numeric digit for minor subcategories, and the fifth digit is used to represent a modifier for each scheme.
Availability: Virginia K. Saba, EdD, RN, FAAN
Georgetown University
School of Nursing
3700 Reservoir Road, NW
Washington, DC 20007
Tel: (202) 687-46479
This perspective was presented to the ANSI HISB on December 13, 1996 by Christopher Chute, M.D., co-chairman of the Codes and Vocabulary Sub-committee of the ANSI HISB TCC.
Data Standards Roster
Code Sets within Transaction Standards
The Codes and Vocabulary Sub-committee reports the obvious finding that existing Transactions Standards have embedded within their specification scores of implicit and explicit value tables for data elements. Common examples include values for demographic variables such as race, gender, or marital status. More clinically pertinent codes include Admission Type and Condition Codes. Some standards contain large numbers of specified codes, for example the ANSI X12 837 Health Care Claim template includes or references 441 discreet code tables within that single standard.
Two problems present themselves: 1) Cross mapping named fields or elements among transaction standards; and 2) for each cross mapped element, resolving the code set values among embedded codes sets across transaction standards. The Table below simplistically illustrates a result of this process for one of the 441 code tables in X12N 837 - Admission Type.
Admission Type |
|
UB-92 |
X12N |
HL/7 |
Values |
|
A |
Accident | ||
|
1 |
=UB92 |
E |
Emergency |
|
L |
Labor and Delivery | ||
|
R |
Routine | ||
|
2 |
=UB92 |
Urgent | |
|
3 |
=UB92 |
Elective |
Table: Code values for fields "Admission Type"
This subcommittee recommends that HHS assume or commission a detailed evaluation of the complex problem of embedded code sets among transactions standards. For the major transaction standards and their clinical systems sources (e.g. X12N, UB-92, NSF, HL/7, and ASTM E-1384) we suggest:
The resultant report would be an enormously valuable resource for Standards Developer Organizations and the overall ANSI HISB to review and collaboratively revise. DHHS might then act upon the revised recommendations from the Standards community to adopt common code table standards across transaction records and their clinical source systems.
Purpose & Scope
The purpose of the Unique Health Identifiers is to uniquely identify Individuals, Employers, Health Plans and Health Care Providers within the health care system.
A. Individuals
Current practice consists of Medical Record Numbers issued and maintained by individual provider organizations which is also known as Master Patient Index (MPI). HIS vendors have begun to develop software to facilitate cross reference to MPIs across an enterprise often known as Corporate MPI.
1.1. Unique Identifier Standards for Individuals:
1.1.1. UHID by ASTM
ASTM is the only Standards Development Organization that has developed and published standards in this area. Other options listed below are candidate identifiers frequently discussed by industry experts.
1.2. Other Unique Identifier Options for Individuals:
1.2.1. Social Security Number (SSN)
1.2.2. Biometrics IDs
1.2.3. Directory Service
1.2.4. Personal Immutable Properties
1.2.5. Patient Identification System based on existing Medical Record Number and Practitioner Prefix
1.2.6. Public Key - Private Key Cryptography Method
Employers, Health Plans and Health Care Providers
None of the Standards Developing Organizations have developed standards in the area of identifying employers, health plans and health care providers. However, HCFA and several other organizations have developed identifiers in this area with input from Federal and state agencies that administer health programs and other stake holders of the industry including standards developing organizations (SDOs).
B. Employers:
2.1 Unique Identifier Standards for Employers:
None Exists
2.2 Unique Identifier Options for Employers:
2.1.1. PAYERID
C. Health Plans:
3.1 Unique Identifier Standards for Health Plans:
None Exists
3.2 Unique Identifier Options for Health Plans:
3.2.1. PAYERID
D. Health Care Providers:
4.1. Unique Identifier Standards for Health Care Providers:
None Exists
4.2. Unique Identifier Options for Health Care Providers:
4.2.1. National Provider Identifier
4.2.2. Unique Physician Identifiers (UPIN)
4.2.3. NABP Pharmacy Number (NABP#)
4.2.4. Health Industry Number (HIN)
Unique Identifier Standards for Individuals:
1.1.1. UHID by ASTM
Unique Identifiers (including allowed uses) for Individuals
II. Standard Development Organization (SDO): ASTM
III. ANSI Accreditation, ANSI Accreditation applied for or not
ANSI Accredited
ANSI Accredited
IV. Name of the Standard
Standard Guide for Properties of a Universal Health
Identifier (UHID) "E1734"
V. Contact for more information
Name: Terry Luthy
Address: ASTM 100 Barr Harbor Drive
West Conshohocken, PA 19428
E-mail: tluthy@local.astm.org
Phone: 610-832-9737
Fax: 610-832-9666
VI. Description of Standard
The UHID Scheme consists of a sequential identifier, a delimiter, check digits and an encryption scheme to support data security. This Standards Guide covers a set of requirements outlining the properties of a national system of Universal Health Identifier (limited to the population of United States). It includes positive identification of patients, automated linkage of various computer-based records, mechanism to support data security of privileged clinical information and the use of technology to keep health care operating cost at a minimum.
VII. Readiness of Standard
The Guide provides a detailed implementation sample for the UHID and evaluates the implementation against the criteria outlined by the standards. The method is being implemented by two (2) VA hospitals in Florida.
VIII. Indicators of Market Acceptance
ASTM E1714 is an approved American National Standard. Regarded as an ideal standards guide for the Unique Patient Identifier. The VA hospital network (VISN) is planning to expand the implementation of ASTM Standards based identifier. More than 350 copies of the standards have been distributed.
IX. Level of Specificity
The UHID Scheme consists of a sequential identifier, a delimiter, check digits and an encryption scheme to support data security. It supports multiple encrypted IDs for an individual.
X) Relationship With Other Standards
N/A
XI) Identifiable Costs
ASTM Standards volume 14.01 for Health care informatics that include this Standards Guide can be purchased for a nominal fee.
1.2. Other Unique Identifier Options for Individuals:
1.2.1. Social Security Number (SSN)
I. Description of Standard
The original scope of SSN was to function as a Social Security Account Number (SSAN). Its scope since the 1935 legislation has been expanded. It is now in use as a personal identifier in a wide area of applications including use by local, state and federal authorities, financial institutions, and numerous consumer organizations.
II. Readiness of Standard
Strength: The existing SSA structures, trained personnel, detailed standard procedural guidelines, cost economies, rapid implementation etc. are all in favor of the use of SSN as a valid patient identifier.
Weakness: Many organizations including those who support the use of SSN as a Health Identifier have identified several serious defects that must be fixed before it can be used as a valid Unique Health Identifier. Examples are:
6. Lack of capacity for future growth
7. Lack of mechanism for emergency use and timely issue.
8. Provision for non citizens, etc.
The Computer-based Record Institute (CPRI) supports a modified SSN with important changes to the process of issue of SSN including check-digits, encryption scheme, a trusted authority, and legislative measures, etc..
III. Contact for more information:
Social Security Administration
6401 Security Blvd, Baltimore, MD 21235
IV. Indicators of Market Acceptance
Used by VA hospitals and Medicare Administration as a patient identifier. Used by many health care organizations as part of the patient demographic information.
V. Identifiable costs: Expenditure borne by the Government.
1.2.2. Biometrics IDs
I. Description of Standard
Several sophisticated methods of biometrics identification methods have been proposed, including finger print, retinal pattern analysis, voice pattern identification and DNA analysis.
II. Readiness of Standard
Law enforcement and Immigration departments use some of the biometrics identification methods. However, the necessary standards, procedures, and guidelines are non-existent for use in health care. Some of the concerns relating to this option are organ transplant, amputation and diseases affecting organs e.g. retinopathy.
III. Contact for more information:
N/A
IV. Indicators of Market Acceptance
N/A
V. Identifiable costs: Considered very expensive. Specific details not available.
I. Description of Standard
This method is proposed by Dr. William L. McMullen of Mitre Corporation. It will use existing patient identifiers to provide linkages to records of individuals across systems. The system includes social characteristics (name, SSN, address, driver license etc.) human characteristics (finger print, retina scan etc.) and other groupings such as sex, race, DOB, etc. The directory service would reconcile interactively and heuristically the proper association of the patient identification data at the current point of care with any one of the other prior points of care. This step would be supported by automated capabilities that would facilitate locating the other patient records for which a record linkage is valid. The current point of care location would then be linked with any of the other selected point of care locations by electronically exchanging their network addresses.
II. Readiness of Standard
N/A
III. Contact for more information:
The Mitre Corporation
7525 Colshire Drive
McLean, VA 22102-3481
IV. Indicators of Market Acceptance
N/A
V. Identifiable costs: Considered expensive. Specific
details not available.
1.2.4. Personal Immutable Properties
I. Description of Standard
Dr. Paul Carpenter and Dr. Chris Chute of Mayo Clinic have proposed a model Unique Patient Identifier (UPI) which consists of a series of three universal immutable values plus a check digit. The three values are a seven-digit date of birth field, a six-digit place of birth code, a five-digit sequence code (to identify the individual born on the same date in the same geographic area) and 4) a single-check digit. For emergency situations the use of temporary UPI with the prefix "T" is recommended.
II. Readiness of Standard
N/A
III. Contact for more information:
Dr. Paul Carpenter or Dr. Chris Chute
Mayo Clinic
Rochester, MN 55905
IV. Indicators of Market Acceptance
N/A
V. Identifiable costs: N/A
1.2.5. Patient Identification System Based on Existing Medical Record Number
and Practitioner Prefix:
I. Description of Standard
Medical Records Institute proposes the use of existing provider institution generated medical record number with a provider number prefix. The solution requires consensus on a practitioner identification system but eliminates the cost of creating, implementing and maintaining nationwide (patient) numbering system. The unique practitioner ID would identify the location of the patient database, and the medical record number would identify the patient's record within that database. The solution also includes the patient designation of a practitioner of choice to be the curator who functions as the gateway for the linking and updating of information.
II. Readiness of Standard
N/A
III. Contact for more information:
Medical Records Institute
567 Walnut Street, P.O. Box 600770
Newton, MA 02160
IV. Indicators of Market Acceptance
N/A
V. Identifiable costs: N/A
1.2.6. Public Key - Private Key Cryptography Method
3. Cryptography-based health care identifiers:
Dr. Peter Szolovits, Massachusetts Institute of Technology proposes a Health care Identifier System based on public-key cryptography method. Anyone who wants to use this method needs to acquire two keys that allow arbitrary messages to be encoded and decoded. These two keys contain mathematical functions that are inverses of each other. The method consists of a patient private-key and a organizational (provider) public-key together generating and maintaining IDs that are both organization specific as well as unique to individual patients within that organization. The ID can be revealed to other institutions or practitioners only with the private-key of the patient. Both centralized and decentralized controls are possible. Under the decentralized scheme the patient has the ultimate control over the degree to which the lifetime collection of medical information is made available to others. Under the centralized scheme an umbrella organization (trusted authority) handles all patient private-keys via an ID Server, and the patient will have the public-key.
At the request of authorized institutions the ID Server will generate Patient ID with the use of both the patient's private-key and public-key. Under both schemes, the use of smart card and computer are required.
II. Readiness of Standard
N/A
III. Contact for more information:
Dr. Peter Szolovits
Massachusetts Institute of Technology
Laboratory for Computer Science
545 Technology Square
Cambridge MA 02139
IV. Indicators of Market Acceptance
N/A
V. Identifiable costs: N/A
2.1 Unique Identifier Standards for Employers:
None Exists
2.2 Unique Identifier Options for Employers:
2.1.1. PAYERID
I. Description of Standard
The PAYERID has a nine numeric digit identifier which includes a 6-digit base number, a 2-digit suffix and a check digit. For those plans and employers requiring many different numbers the ID is issued as a 6-digit base number, a 2-digit suffix and a check digit. For those not requiring different numbers, it is issued in the form of one or more 8-digit numbers with a check-digit. The PAYERID was planned a national identification system to facilitate health care claims. In view of the HIPAA 1996 Legislation, HCFA will be proposing PAYERID as the standard health identifier for both health plans and employers.
II. Readiness of Standard
HCFA's Schedule for implementing PAYERID is listed below.
Notice of Proposed Rule Making (NPRM) February '97
Voluntary use of PAYERID for Medicare Claims April '97
Publish Final Regulation July '97
Require for Medicare January '98
Require for Industry July '99
III. Contact for more information:
Robert Moore
HCFA
7500 Security Blvd.
Baltimore, MD 21244
IV. Indicators of Market Acceptance
N/A
V. Identifiable costs: N/A
3.1 Unique Identifier Standards for Health Plans:
None Exists
3.2 Unique Identifier Options for Health Plans:
3.2.1. PAYERID
Same as 2.2.1 above.
4.1. Unique Identifier Standards for Health Care Providers:
None Exists
4.2. Unique Identifier Options for Health Care Providers:
4.2.1. National Provider Identifier (NPI)
I. Description of Standard
The NPI is an eight-position alphanumeric identifier. The eighth position is an International Standards Organization-approved check digit, which will allow a calculation to detect keying or transmission errors. The National Provider System will assign the NPI and will also assign two-position alphanumeric location identifiers to indicate practice locations of the provider. Neither the NPI nor the location identifiers will have embedded intelligence. That is, information about the provider, such as the type of provider or state where the provider is located, will not be conveyed by the NPI. This information will be recorded in the system, but will not be part of the identifier. Individual and group providers will receive location identifiers for their office practice locations. Individuals and groups will not receive location identifiers for the hospitals or other organization providers where they practice, since these organization providers will receive their own NPIs. The NPIs of individual providers who are members of a group will be linked to the NPI of the group. The relationships defined among organization providers differ, depending upon the specific business rules of different health programs. The National Provider System will enumerate organization providers at the elemental level, so that different health programs can link these providers according to their program-specific business rules. Each organization provider in a separate location will receive a separate NPI. Each member of an organization chain and each part of an organization provider that needs to be identified will receive a separate NPI. The National Provider System will have a query facility that will link organization providers that have a common Employer Identification Number. Organization providers will have only one active location identifier.
II. Readiness of Standard
HCFA's schedule for implementation of NPI is listed below.
Notice of Proposed Rule Making Published in
Federal Register 02/21/97
Final Regulation Published in Federal Register 07/02/97
NPIs Issued to Medicare Providers No Later Than 08/01/97
Required Use of NPI for Medicare claims 12/01/97
III. Contact for more information
Robert Moore
HCFA
7500, Security Blvd.
Baltimore, MD 21244
IV. Indicators of Market Acceptance
N/A
V. Identifiable costs
None
4.2.2. Unique Physician Identifier Number (UPIN)
HCFA created UPIN as required by COBRA to identify physicians who provide services for which payment is made under Medicare. UPIN is a six-place alphanumeric identifier. The UPIN Registry is the carrier that maintains the UPIN. A total of 704,926 UPINs have been assigned to 2,088,309 physicians.
UPIN addresses only a small segment of the provider community i.e. physicians with dedicare practice. HCFA's current proposal of National Provider File/NPI replaces UPIN with NPI.
Robert Moore
HCFA
7500, Security Blvd.
Baltimore, MD 21244
N/A
None
4.2.3. National Association of Boards of Pharmacy Number
(NABP Number)
I. Description of Standard
Each licensed pharmacy in the United States is assigned a unique seven-digit number by the National Council for Prescription Drug Programs (NCPDP), in cooperation with the National Association of Boards of Pharmacy. The purpose of this system is to enable a pharmacy to identify itself to all third-party processors by one standard number. The first two digits of the NABP Number denotes state designation. The second group four digits identify the pharmacy and assigned sequentially from 0001 up. The last digit is a check-digit.
II. Readiness of Standard
NABP Number is currently in use by pharmacies in United
States.
III. Contact for more information
Noe Gomez
NCPDP/NABP
4201 North 24th Street, Suite 365
Phoenix, AZ 85016
IV. Indicators of Market Acceptance
NABP Number is currently in use by pharmacies in United
States.
V. Identifiable Costs
None
4.2.4. Health Industry Number (HIN)
I. Description of Standard
HIN is used as an identifier for contract administration in the health industry supply chain, as a prescriber identifier for claims processing and for market analysis applications. It enumerates prescriber by location, provider establishments and other entities in the health industry supply chain. The Identifier includes a "base HIN" consisting of seven (7) character identifier and a two (2) character suffix to identify the location of the prescriber.
II. Readiness of Standard
HIN has been in use since 1987 in the health industry
supply chain and in state-administered claims processing.
III. Contact for more information
Robert A. Hankin, Phd, President,
HIBCC
5110 North 40th Street, Suite 250
Phoenix, AZ 85018
IV. Indicators of Market Acceptance
According to HIBCC, HIN is endorsed or being implemented by the following:
American Hospital Association (AHA)
American Medical Association (AMA)
American Nurses Association (ANA
American Society for Automation in Pharmacy (ASAP)
American Veterinary Distributors Association (AVDA)
Animal Health Institute (AHI)
Centers for Disease Control & Prevention (CDC)
Health Industry Distributors Association (HIDA)
Health Industry Group Purchasing Association (HIGPA)
Health Industry Manufacturers Association (HIMA)
Healthcare Information and Management Systems Society (HIMSS)
National Wholesale Druggists' Association (NWDA)
Pharmaceutical Research and Manufacturers Association (PhRMA)
State of Tennessee, TennCare Program
US Department of Defense (DoD), Defense Personnel Support Center (DPSC)
V. Identifiable Costs
There is no cost to entities enumerated on the database.
Overview of Health Care Security and Confidentiality Standards Development Efforts and Status - January 1997
Standards Development Organizations (SDOs) and governmental entities in the United States, Europe, Japan, Singapore, Australia, and New Zealand are currently developing standards to insure the security, confidentiality, and privacy of health care data as it resides in systems or as it is being passed in message transactions between systems. The focus of these groups is to develop security policies and procedures related to threats to system security and also to define security services. Threats to system security include disclosure, deception, disruption, and usurpation. Security services include authentication, confidentiality, integrity, availability, authenticity, authorization, non-repudiation, security administration, audit and digital signatures.
Health care specific security efforts have primarily focused on the utilization of security technologies from the general computer industry, adopting existing technologies, and providing further definition and clarification only in regard to specific domains and attributes that are unique to health care. In analyzing threat, security services, and confidentiality in the health care environment, there are only five key areas where health care security differs somewhat in analysis, definition, or requirements outside of existing non-health care specific security technologies:
In addressing these health care specific "exceptions" the following steps are underway, or require action:
a) In setting standards for digital signatures in the health care domain additional signature attributes to support multiple signatures and signature rules are being defined;
b)Comprehensive adoption of security standards in health care, not piecemeal implementation, is advocated to provide security to data that is excahnged between health care entities;
c)Audit and audit trail data (so called, "derivative data" from direct data access, and system use) needs to be considered in the legal establishment of privacy and access rights under privacy legislation;
d)Again, in addressing threat, as under (b) above, a comprehensive implementation of security standards across a domain or system is important, as a piecemeal approach, such as the implementation of point-to-point security alone (message-based security), will not provide privacy and confidentiality protection from insider threat within a domain;
e)Confidentiality policy, as well as access control and authorization policies are an essential part of secure systems. Their establishment is being addressed within the framework of security standards efforts through the direct participation of health care specialty representatives composed of clinical health care professional organizations and societies, medical records professionals, health care transcription professionals, regulatory organizations, government agencies, the JCAHO and NCQA, insurance providers and health plans, and health care information system vendors and consultants.
Even taking into account the above issues, health care security standards efforts are perhaps best analyzed and reviewed in relation to a general system security framework, not essentially oriented to health care, as follows:
a) Identification and Authentication
b)Authorization and Access Control (Confidentiality)
c)Accountability (Non-Repudiation and Auditing)
d)Integrity and Availability
e)Security of Communication
f)Security Administration
By definition, if a system, or communications between two systems (such as health care transactions), where implemented with technology(s) meeting standards in each of the categories of this framework, that system would be essentially secure. This is an important distinction in that no single SDO is addressing all aspects of health care information security and confidentiality, and specifically, no single SDO is developing standards that cover every category of this framework. Cooperation between SDOs developing health care security standards, coordinated in the US through ANSI HISB, and between ANSI HISB and CEN TC251 regarding European standards efforts, is very active at this time, in an attempt to end up with a comprehensive standards framework to match the security framework outlined above. Please note that there is security standards work underway in each category of the framework above that should be completed by the middle to end of 1997, providing, when taken together, a complete set of standards for security in the health care domain.
The most comprehensive health care security standards development is currently being carried out by CEN TC251 in Europe and by the ASTM E31 in the United States. The American Standards Committee (ASC X12), Health Level 7 (HL7), and ACR NEMA / DICOM are currently involved in the development of standards for secure transmission of data and transactions. Health care organizations that are not accredited SDOs, such as the Computer-based Patient Record Institute (CPRI) and CORBAmed are active in assisting and promoting the standards development process through their participation in ANSI HISB and through the development of policy within documents (CPRI) and standards certification by (CORBAmed).
What follows is an overview of work being done by SDOs and other entities in the United States and Europe (in alphabetic order, by organization):
The DICOM Committee (formerly known as the ACR/NEMA committee) has created a Working Group on Security that is considering additions to the DICOM standard to support the secure exchange of medical images and related information between two entities communicating over a public network (e.g. the Internet). The Working Group was asked to provide short term solutions using existing technology while developing long term strategies for utilizing DICOM within a secure environment based on anticipated clinical and regulatory needs. The Working Group has been coordinating its work with work being done by a similar Ad Hoc committee set up by CEN TC 251 WG 4 in Europe, as well as with work being done by groups affiliated with JIRA and MEDIS-DC in Japan who are developing demonstrations of secure image data transmissions to meet the needs of the Japanese health care institutions. The DICOM, European, and Japanese groups held a series of meetings and teleconferences in the later half of 1996 where a joint work plan was formulated and common goals set.
The CEN TC 251 WG 4 Ad Hoc on Security, in cooperation with the DICOM Working Group on Security and the Japanese groups, is developing usage scenarios which will direct long term planning towards comprehensive security within the health care field, and in particular within medical imaging. Realizing that a comprehensive secure environment may be many years away, the DICOM Working Group decided to pursue a short term goal of providing limited security using existing technology. It is hoped to incorporate such solutions in technology demonstrations being planned by the Japanese through MEDIS-DC and JIRA. The short term goal of the DICOM Working Group on Security is to draft extensions to DICOM which embed digital signatures in DICOM data objects for data source authentication and as data integrity checks. In addition, the extensions would provide an option to layer DICOM message exchange services on top of a secure transport protocol such as SSL 3.0 in order to provide confidentiality during data transfers, to authenticate the parties involved in the information exchange, and to further insure integrity during transmission. When practical, these extensions to DICOM would use existing technology in order to expedite implementation. The Ad Hoc Committee hopes to finalize a draft of these extensions in 1997.
ACR NEMA / DICOM contact:
Lawrence Tarbox, Ph.D.
Imaging Department
Siemens Corporate Research
755 College Rd. East
Princeton, NJ 08540
ltarbox@scr.siemens.com
(609) 734-3396 [voice]
(609) 734-6565 [fax]
The American Standards Committee X12, Electronic Data Interchange (EDI)/EDIFACT, has a number of security standards under development that are primarily targeted at messaging. X12's work in message security takes a non-health care-specific approach and is managed by X12 Subcommittee C (X12C) the data security task group of X12 that is co-chaired by Don Petry, and which coordinates efforts with the UN/EDIFACT Security Joint Working Group, chaired by Terry Dosdale of the United Kingdom.
Current X12C efforts include:
X12.42, Cryptographic Service Message (815) (usually referred to as the 815). The 815, which has been published and has a Reference Model in development, is used to provide the data format required for cryptographic key management in support of authentication and encryption. 815 includes the automated distribution and exchange of keys.
X12.376 Secure Authentication & Acknowledgment (993) (usually referred to as the 993). Currently in development, 993 is used by the recipient of a transaction set to authenticate and acknowledge the origin, content, or sequence of data received with the originator of the transactions.
X12.58 Security Structures, which has been published and has a Reference Model in development, is used to define the data formats required for authentication and encryption to provide integrity, confidentiality and verification of the originator at the functional group and transaction set levels.
ISO/IEC 9735, under the general title Electronic data interchange for administration, commerce and transport (EDIFACT) - Application level syntax rules, which is currently in draft form, to be reviewed at the X12 meetings in San Francisco in early February of this year, has five parts specifically targeting message security. These parts are: Part 5 - Security rules for batch EDI (authenticity, integrity and non-repudiation of origin); Part 6 - Secure authentication and acknowledgment message; Part 7 - Security rules for batch EDI (confidentiality); Part 9 - Security key and certificate management message; and Par 10 - Security rules for interactive EDI. The security aspects of ISO 9735 are targeted for finalization by march of 1997, and will be forwarded to ISO for final approval through the ISO Fast Track process.
American Standards Committee (ASC) contact:
Regina Girouard
Manager, Secretariat Services
Data Interchange Standards Association, Inc. (DISA)
1800 Diagonal Road, Suite 200
Alexandria, VA 22314
rgirouard@disa.org
703-548-7005 (x165) [voice]
703-548-5738 [fax]
The American Society for Testing and Materials (ASTM) Committee E31 on Computerized Systems established a Division on Security and Confidentiality in early 1996 to facilitate the acceleration of health care security and confidentiality standards development within the ASTM and to coordinate security standards development efforts with other SDOs. The Division on Security and Confidentiality primarily coordinates the efforts of three sub-committees:
E31:17 - Privacy, Confidentiality, and Access
E31:20 - Data and System Security for Health Information
E31.22 - Medical Transcription and Documentation.
These three sub-committees within ASTM currently have seventeen (17) standards either under ballot or in draft or outline form that are targeted for completion by spring and summer 1997.
The objective of ASTM sub-committee E31.17 - Privacy, Confidentiality, and Access, is to establish a set of guidelines and standards for the procedural, technical, and administrative management of health information. In addition, the sub-committee is charged with identifying the rights and privileges of individual users, and the subjects of, health information. This latter focus is oriented towards taking a comprehensive view of "confidentiality" as incorporating the protection, not only of the "subject" of patient-specific health information (the patient), but also of health care providers and health care organizations. It is important to note that E31.17 is not concentrating on a definition of the rights of "privacy". Privacy is the domain of legislation, and ethical and moral professional practice of health care providers. Confidentiality, involves the framework in which to protect data privacy to meet legislative and professional practice guidelines.
One of the critical issues that has come up in the work of E31.17 over the last few years is a recognition of a lack of uniform standards, not only for the management of computer based health records (electronic, automated, et. al.), but explicitly for the management of paper-based, and derivative paper-based (photocopy, FAX, computer printed) health records. E31.17 efforts, therefore, are targeted at defining uniform standards for the management of health information, regardless of the "media" used for access, display, exchange, or administration of health records. In addition, the E31.17 sub-committee is treating all health information, including financial and administrative health information, under the same standards and guidelines, so that all health information is covered by a comprehensive set of confidentiality, security, disclosure, and access guidelines, appropriate to the type of data (clinical, administrative, financial).
E31.17 security standards completed or under development are as follows:
Balloted
· Standard Guide for Confidentiality, Privacy, Access and Data Security Principles for Health Information Including Computer Based Patient Records
Draft
· Documentation of Access for Individually-Identifiable Health Information
· Standard Guide for Confidentiality and Security Training of Persons Who Have Access to Health Information
· Standard Guide for Amendments/Additions to Health Information by Health Care Providers, Administrative Personnel, and by the Subjects of Health Information
· Standard Guide to the Transfer/Disclosure of Health Information in an Emergency Treatment Event
· Standard Guide for the Use and Disclosure of Health Information
· Policy Guide for the Transfer/Re-disclosure of Health Information Between Health Plans
· Standard Guide to the Use of Audit Trails, and for Access and Disclosure Logging/Tracking in the Management of Health Information
The objective of ASTM sub-committee E31.20 - Data and System Security for Health Information, is to establish a technical framework and infrastructure, outlined in a set of guidelines and standards, to specify security and confidentiality implementations that will protect the privacy of health care information. The sub-committee, through its strong representation of industry experts, is focused on using existing techniques and technologies, such as digital signatures, to build a health care security infrastructure. In addition, the sub-committees efforts are directed at providing standards for health care security and confidentiality that are based upon existing and emerging standards in other industries.
E31.20 security standards completed or under development are as follows:
Published (ANSI Approved)
· E 1762 - Standard Guide for Authentication of Healthcare Information
Ballot Pending
· Standard Specification for Authentication of Healthcare Information Using Digital Signatures
Draft
· Authentication and Authorization to Access Healthcare Information
· Data Security, Reliability, Integrity, and Availability for Healthcare Information
· Distributed Authentication and Authorization to Access Healthcare Information
The objective of ASTM sub-committee E31.22 - Medical Transcription and Documentation, is to establish a set of guidelines and standards for the procedural, technical, and administrative management of dictated and transcribed health information. In addition, the sub-committee is charged with identifying the rights and privileges of individual users (transcriptionists, health records personnel, and health care providers), and the subjects of, health information. This latter focus is oriented towards taking a comprehensive view of "confidentiality" as incorporating the protection, not only of the "subject" of patient-specific health information (the patient), but also of health care providers, transcriptionists, health records personnel, and health care organizations.
E31.22 security standards completed or under development are as follows:
Draft
· Security and Confidentiality of Dictated and Transcribed Health Information
American Society for Testing and Materials (ASTM) contact:
Teresa Cendrowska
ASTM
100 Bar Harbor Drive
West Conshohocken, PA 19428-2959
tcendrow@astm.org
610-832-9500 [main office number]
610-832-9718 [voice - direct]
610-832-9666 [fax]
The Computer-based patient Record Institute (CPRI) through its Work Group on Confidentiality, Privacy and Security, under co-chairs Kathleen Frawley, JD and Dale Miller, has, under ongoing development, a set of security-related efforts oriented towards the establishment of guidelines, confidentiality agreements, security requirements, and frameworks. The CPRI, while not currently an ANSI accredited SDO, works very closely with accredited SDOs in the establishment of security and medical record standards, and enjoys significant cross-representation on SDO security committees.
CPRI security and framework development is completed, or underway, in the following areas:
Published
· Guidelines for Establishing Information Security Policies at Organizations Using Computer-based Patient Record Systems
· Guidelines for Information Security Education Programs at Organizations Using Computer-based Patient Record Systems
· Guidelines for Managing Information Security Programs at Organizations Using Computer-based Patient Record Systems
· Glossary of Terms Related to Information Security for Computer-based Patient Record Systems
· Security Features for Computer-based Patient Record Systems
· Sample Confidentiality Statements and Agreements for Organizations Using Computer-based Patient Record Systems
· Computer-based Patient Record System Description of Functionality
Under Development
· Guidelines for Access Control in Computer-based Patient Record Systems
· Guidelines for Implementation of Electronic Authentication in Computer-based Patient Record Systems
Under Consideration (tentatively targeted for development in the second half of 1997)
· Guidelines for the use of the Internet for Computer-based Patient Record Systems
· Ethics Related to Health Information Security and Confidentiality in Computer-based Patient Record Systems
· Guidelines for Conducting Audit Control in Computer-based Patient Record System Security
· Guidelines for Business Resumption Planning in Computer-based Patient Record Systems
Computer-based Patient Record Institute (CPRI) contact:
Margret Amatayakul
Executive Director
Computer-based Patient Record Institute
1000 E. Woodfield Rd., Suite 102
Schaumburg, IL 60173
cprinet@aol.com
847-706-6746 [voice]
847-706-6747 [fax]
CEN TC251 Working Group 6 on Security, Privacy, Quality and Safety
CEN TC251 Working Group 6 (WG6), under the Chairmanship of Dr. Gunnar Klein
of Sweden (recently appointed to chairman for CEN TC251) is charged with managing the development of security and confidentiality standards for the European Commission. CEN TC 251 WG6 represents a consolidated effort to develop comprehensive standards in security and confidentiality for health information. CEN TC251 WG6 has completed a pre-standard Security Categorization and Protection of Healthcare Information Systems (COMPUSEC) and a digital signature standard. The digital signature standard mandates the use of RSA's digital signature and authentication algorithm. Additional standards work is currently underway in CEN TC251 WG6 in trusted systems in conjunction with TRUSTHEALTH a project within the Telematics Applications Programme, supported by the European Commission. TRUSTHEALTH is a project to build and test technical security services to support data confidentiality, document origin authentication, time stamps, access authentication, and professional authorization access controls.
Additional CEN TC 251, and/or European Commission health care security-related projects include: ISHTAR (Implementation of Secure Healthcare Telematics Applications in Europe); HAWSA; DAICARD3; MEDSEC; EUROMED-ETS (distributed trusted third party services); and, SEMRIC (Secure Medical Record Information Communication).
European Committee for Standardization Technical Committee CEN TC251 contact:
Gunnar Klein
Chairman CEN TC251
GKAB
Renstiernas Gata 14
S-116 28 Stockholm
Sweden
gunnar@klein.se or 73754.2411@compuserve.com
46-8-702 93 60 [voice]
46-8-702 93 61 [fax]
Health Level Seven (HL-7) formed the Secure Transactions Special Interest Group (SIGSecure) to address the development of secure HL7 transactions at its August 1996 meeting. This SIG will focus on the use of HL7 in communications environments where there is a need for authentication, encryption, non-repudiation, and digital signature. This group will direct its efforts on insuring the mechanisms are available for implementing a secure HL7 transactions and not on standardizing security policies. The HL7 organization is also interested in participating with the efforts of the Internet Engineering Task Force. A CommerceNet trial using email protocols (MIME) to encapsulate HL7 messages is being explored for feasibility.
SIGSecure will identify user requirements and a threat model, the services needed to meet those requirements, the mechanisms for providing those services, and the specific implementations for those mechanisms. The scope will be limited to providing network and Internet security mechanisms for HL7 transactions at the application level, independent of underlying transport. SIGSecure has a stated goal of leveraging existing standards to the maximum extent possible with a priority given to International, National (ANSI), and Publicly Available Specifications. It addition it will coordinate with other SDOs to avoid duplication and to promote harmonization.
Health Level Seven HL7 SIGsecure contacts (Co-Chairs):
Jack Harrington
Hewlett Packard Company
3000 Minuteman Road
Andover, MA 01910-1085
jackh@an.hp.com
508-687-1501 [main office]
508-659-3517 [voice - direct]
508-686-1319 [fax]
Mary E. Kratz
University of Michigan Medical Center
B1240 Taubman Center
1500 E. Medical Center Drive
Ann Arbor, MI 48109-0308
mkratz@umich.edu
313-763-6871 [voice]
313-763-0629 [fax]
The Institute of Electrical and Electronic Engineers (IEEE) Medical Data Interchange (MEDIX) does not currently have an active group addressing security and confidentiality issues. This, according to Bob Kennelly of MEDIX, is due to the focused domain of IEEE/MEDIX that is essentially the sub-nets between bedside monitoring devices and monitors in intensive care, operating room, and inpatient settings. IEEE/MEDIX is interested in participating in cooperative efforts in the development of secure messaging standards.
National Council for Prescription Drug Programs (NCPDP)
The National Council for Prescription Drug Programs (NCPDP), as with IEEE/MEDIX, does not currently have an active group addressing security and confidentiality. This is also due to the focused domain under which they are currently working. The NCPDP is also interested in participating in cooperative efforts in the development of secure messaging standards.
No input was received for this section.