[Federal Register Volume 74, Number 12 (Wednesday, January 21, 2009)]
[Notices]
[Pages 3599-3608]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: E9-1068]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF HEALTH AND HUMAN SERVICES


Office of the National Coordinator for Health Information 
Technology (ONC), HHS; Notice of Availability: Secretarial Recognition 
of Certain Healthcare Information Technology Standards Panel (HITSP) 
Interoperability Specifications and the Standards They Contain as 
Interoperability Standards for Health Information Technology

AGENCY: Office of the National Coordinator for Health Information 
Technology (ONC), HHS.

    Authority: Executive Order 13335 (``Incentives for the Use of 
Health Information Technology and Establishing the Position of the 
National Health Information Technology Coordinator''), Executive 
Order 13410 (``Promoting Quality and Efficient Health Care in 
Federal Government Administered or Sponsored Health Care 
Programs''), Public Law 110-161 (``Consolidated Appropriations Act, 
2008''), continued by Public Law 110-329 (``Consolidated Security, 
Disaster Assistance, and Continuing Appropriations Act, 2009''), 42 
U.S.C. 1395nn(b)(4), 42 U.S.C. 1302(a), and 42 CFR 411.357(w).

SUMMARY: By publication of this document, we are informing the public 
of the Secretary's recognition of certain Healthcare Information 
Technology Standards Panel (HITSP) ``HITSP Interoperability 
Specifications'' and the standards they contain as ``Interoperability 
Standards'' for health information technology. The Secretary accepted 
these Interoperability Standards in January of 2008, and hereby 
recognizes them in updated versions one year later, effective January 
16, 2009. The lists of recognized Interoperability Standards are 
provided below and are available at http://www.hitsp.org; click on the 
``View by Status'' tab.

SUPPLEMENTARY INFORMATION: The American Health Information

[[Page 3600]]

Community (the ``Community'') was a Federal advisory committee that was 
formed in 2005 to advise the Secretary concerning efforts to develop 
information technology standards and achieve interoperability of health 
IT, and to serve as a forum for a broad range of stakeholders to 
provide input on achieving widespread adoption of interoperable health 
IT. The final meeting of the Community was held on November 12, 2008. A 
successor to the Community has been established in the private sector, 
and it held its first Board meeting on November 13, 2008.
    The Healthcare Information Technology Standards Panel (HITSP) was 
created in 2005 to serve as a cooperative partnership between the 
public and private sectors for the purpose of harmonizing and 
integrating standards that will meet clinical and business needs for 
sharing information among organizations and systems. Under a contract 
with the Department of Health and Human Services, the American National 
Standards Institute (ANSI) established HITSP following a neutral and 
inclusive governance model. The HITSP standards harmonization process 
was built by vendors, standards development organizations (SDOs), 
consumers, payers, providers, and other sectors of the industry. HITSP 
is a multi-stakeholder organization involving more than 600 different 
healthcare industry organizations and technical experts whose 
activities to date on these HITSP Interoperability Specifications 
represent more than 23,000 volunteer hours of effort.
    The HITSP Interoperability Specifications are developed through a 
voluntary consensus-based process as a means to advance the national 
agenda for secure interoperable health information systems. The HITSP 
Interoperability Specifications are based on priorities previously 
recommended by the Community to the Secretary, who in turn considered 
the Community's advice and directed the advancement of Use Cases to 
further the priorities he adopted. A Use Case provides a description of 
the activity of persons or things (actors), a sequence of their 
actions, and technical specifications for systems and technologies 
involved when the actors engage in responding or participating in a 
priority area or scenario.
    The HITSP Harmonization Framework defines a set of artifacts, known 
as ``Constructs,'' which specify how to integrate and constrain 
designated standards to meet the business needs of a Use Case; and 
determines how best to adopt and use emerging standards and to 
harmonize overlapping standards. A brief description of the Construct 
types and the relationships among them follows. Additional information 
on the HITSP Harmonization Framework may be found at http://www.hitsp.org.
    HITSP Construct types, in decreasing breadth of scope, include 
``Interoperability Specifications,'' ``Transaction Packages,'' 
``Transactions,'' and ``Components.'' Interoperability Specifications 
describe the integration of all other Constructs used to meet the 
business needs of a Use Case. Transaction Packages contain a logical 
grouping of Transactions. Transactions provide a logical grouping of 
actions that use Components and/or composite standards to realize the 
actions. Components are logical groupings of base standards that work 
together, such as message and terminology standards. Specific rules 
exist for each type of Construct, defining what the Construct type can 
be used for and how the Construct types can be nested. A Construct may 
contain other Constructs or Construct types that are less inclusive in 
scope. A Construct may constrain another Construct or standard that it 
contains; conversely, a Construct may be constrained by a Construct 
that contains it. Each Construct is a candidate for reuse and 
repurposing, if a new set of requirements and context can be fulfilled 
by the Construct without impacting existing uses of the Construct. Each 
Construct is uniquely identified and version controlled.
    Named Standards are major terminologies, technologies, and 
messaging formats referenced and/or incorporated in the HITSP 
Interoperability Specifications, and fall into three categories: 
Selected Standards, Informative Reference Standards, and Federally 
Adopted Standards. Selected Standards are those Named Standards that 
HITSP has determined to be necessary for interoperability and to be 
used to meet information exchange requirements of associated 
Constructs. They are ``selected'' for use in a Construct within the 
context of the specific Use Case requirements, and their selection for 
one particular Construct does not necessarily reflect selection in 
other contexts. Informative Reference Standards are Named Standards 
that provide additional background information or guidance, and are not 
required for interoperability or to implement the referencing 
Construct. Frequently, Informative Reference Standards simply provide 
illustrative examples that are intended to assist entities in 
implementing relevant HITSP Interoperability Specifications. The last 
category of Named Standards, Federally Adopted Standards, are those 
standards that HITSP has identified in Constructs, which have been 
adopted by federal regulation or are otherwise required by federal law. 
All ``HITSP Interoperability Specifications'' and their components 
include language that defers to Federally Adopted Standards, wherever 
they apply.
    The term ``HITSP Interoperability Specifications'' is used here 
both broadly and inclusively to refer to the specific Use-Case-derived 
Interoperability Specifications, the Constructs, implementation 
guidance, and the Selected Standards. Informative Reference Standards 
are intended solely to provide greater clarity and guidance for 
implementing the HITSP Interoperability Specifications. Similarly, 
HITSP Technical Notes, which are used to give additional guidance and 
direction to the HITSP analysis process as well as background 
information for implementers, are intended solely for guidance.
    The HITSP presented to the Community the following: Three updated 
sets of HITSP Interoperability Specifications and three sets of new 
HITSP Interoperability Specifications, along with all of the Selected 
Standards and Constructs associated with each, as approved by the HITSP 
and described in the following paragraphs. The Community subsequently 
recommended that the updated and new HITSP Interoperability 
Specifications, which include Constructs, and Named Standards, 
initially be accepted by the Secretary as ``Interoperability 
Standards'' as of January 2008 and then be recognized by the Secretary 
one year later in January 2009. HITSP indicated that it would, in 
conjunction with the public and private sectors that will be 
implementing these standards, be refining the components over the 
course of this year, and that any refinements would consist solely of 
changes that are minor and of a technical nature. The Secretary has 
since considered and adopted the Community's recommendations, and in 
turn, accepted the HITSP Interoperability Specifications in January 
2008 while indicating his intention to recognize them one year later, 
in January 2009, presuming that any changes would be minimal, 
reflecting public comment and/or of a minor and technical nature.
    The updated HITSP Interoperability Specification recommended for 
acceptance in January 2008 and recognition in January 2009 is IS03 
Consumer Empowerment and Access to Clinical Information via Networks 
(v3).

[[Page 3601]]

The new HITSP Interoperability Specifications recommended for 
acceptance and recognition include IS04 Emergency Responder Electronic 
Health Record (v1), IS05 Consumer Empowerment and Access to Clinical 
Information via Portable Media (v1), and IS06 Quality (v1).
    The IS04 Emergency Responder Electronic Health Record (v1) and 
related standards address the deployment of standardized, widely 
available and secure solutions for accessing and exchanging current and 
historical patient-specific health information in both small- and 
large-scale emergency care incidents. Both of the Consumer Empowerment 
Interoperability Specifications and related standards address the 
support of consumer interactions to reconcile identifiers and access, 
view, and share registration summaries and clinical information with 
personal health records; they are distinguished by the modes of 
exchange, via networks (IS03 v3) or portable media (IS05 v1). The IS06 
Quality (v1) and related standards enable interoperable, electronic 
quality monitoring and improvement.
    A series of Constructs referenced in the HITSP Security and Privacy 
Technical Note (TN900) supports existing and developing polices for the 
security of electronic health information by providing an initial 
infrastructure of standards and implementation guidance that can be 
used with a variety of different methodologies and approaches that are 
currently employed. These data and technical standards do not define 
policies, but provide an infrastructure that can support policy 
implementation. The Constructs referenced in TN900 have been integrated 
into all of the accepted HITSP Interoperability Specifications, as well 
as into all existing Interoperability Standards, and will continue to 
be reused for future use cases. The updated Interoperability Standards 
previously recognized in January 2008 now incorporate the security and 
privacy constructs from TN900. These include IS01 Electronic Health 
Records Laboratory Results Reporting (v3) and IS02 Biosurveillance 
(v3), as well as the previously mentioned IS03 Consumer Empowerment and 
Access to Clinical Information via Networks (v3).
    The Interoperability Standards associated with the HITSP 
Biosurveillance Interoperability Specification (HITSP v2 2007 IS02), or 
``BIO,'' were recognized by the Secretary in December 2007. The 
Hospital Availability Exchange Standard (HAVE), which was referenced in 
the HITSP Interoperability Specification, was not ready for secretarial 
recognition in June 2008 as anticipated, but since its content has been 
previously included in the accepted HITSP Interoperability 
Specifications and it has achieved final ballot by the Standards 
Development Organization, it is being recognized.
    Over the course of the year between ``acceptance'' and 
``recognition,'' all refinements to the HITSP Interoperability 
Specifications have been solely of a minor and technical nature. In 
addition, further mappings of existing policies were conducted to 
ensure that there were no issues or conflicts.
    Inserted below are lists of the HITSP Interoperability 
Specifications, including the Constructs and Selected Standards 
referenced by each Construct, which the Secretary is recognizing, 
effective January 16, 2009. For the newly recognized Interoperability 
Standards (i.e., IS04, IS05, and IS06), all Constructs and Selected 
Standards are listed. For the previously recognized Interoperability 
Standards that have been updated, only the minor, technical changes are 
listed for clarity and convenience. The full text of the HITSP 
Interoperability Specifications, Constructs, and references to the 
Selected Standards, along with the related Use Cases can be found at 
http://www.hitsp.org.

IS01--Electronic Health Records Laboratory Results Reporting V3

    Below is a list of the HITSP constructs that have been added as 
referenced by this HITSP Interoperability Specification since 
previously recognized.
     HITSP/C19 Entity Identity Assertion Component (V1)
     HITSP/T14 Send Laboratory Result Message Transaction (V2)
     HITSP/T15 Collect and Communicate Security Audit Trail 
Transaction (V1)
     HITSP/T16 Consistent Time Transaction (V1)
     HITSP/T17 Secured Communication Channel Transaction (V1)
     HITSP/TP20 Access Control Transaction Package (V1)
     HITSP/TP30 Manage Consent Directives Transaction Package 
(V1)

    Below is a list of Selected Standards that have been added for this 
HITSP Interoperability Specification since previously recognized.
     Health Level Seven (HL7) U.S. Realm--Interoperability 
Specification: Lab Result Message to EHR (ORU-R01) (HL7 Version 2.5.1) 
September, 2007
     Health Level Seven (HL7) V3 RBAC, R1-2008, HL7 Version 3 
Standard: Role Based Access Control (RBAC) Healthcare Permissions 
Catalog, Release 1, February 2008
     Health Level Seven (HL7) Version 2.3.1
     Health Level Seven (HL7) Version 2.5.1
     Health Level Seven (HL7) Version 3.0 Privacy Consent 
related specifications RCMR--RM010001--Data Consent
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Volume 2 Supplement 2007-
2008 Cross-Enterprise User Assertion (XUA)
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0, Audit Trail 
and Node Authentication (ATNA) Integration Profile
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0, Consistent 
Time (CT) Integration Profile
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0, Patient 
Demographics Query (PDQ) Integration Profile
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (TF) Supplement--ITI-25 Notification 
of Document Availability (NAV) Jun 28, 2005
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0, Section 10 
Cross-Enterprise Document Sharing (XDS.a)
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Volume 2 Supplement 2007-
2008 Cross-Enterprise Document Sharing-B (XDS.b)
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Supplement 2007-2008 Basic 
Patient Privacy Consents (BPPC)--Trial Implementation
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework Supplement 2008-2009, Pediatric 
Demographics, Draft for Trial Implementation (August 22, 2008)
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0, Patient 
Identifier Cross-Referencing Integration Profile (PIX)
     Integrating the Healthcare Enterprise (IHE) Laboratory 
Technical Framework Volume 3 (LAB TF-3) Document-based Transactions, 
Revision

[[Page 3602]]

2.0--For Trial Implementation, August 16, 2007
     Internet Engineering Task Force (IETF) Hypertext Transfer 
Protocol (HTTP) over Transport Layer Security (TLS) (RFC)  
2818, May 2000
     Internet Engineering Task Force (IETF) Network Time 
Protocol (Version 3) Specification, Implementation and Analysis, 
``Request for Comment'' (RFC)  1305, March, 1992
     Internet Engineering Task Force (IETF) Simple Network Time 
Protocol (SNTP) Version 4, ``Request for Comment'' (RFC)  
2030, October, 1996
     Organization for the Advancement of Structured Information 
Standards (OASIS) Security Assertion Markup Language (SAML) v2.0 OASIS 
Standard; ITU-T X.1141
     Organization for the Advancement of Structured Information 
Standards (OASIS) WS-Federation Web Services Federation Language (WS-
Federation), Version 1.1, December 2006
     Organization for the Advancement of Structured Information 
Standards (OASIS) WS-Trust Version 1.3, March 2007
     Organization for the Advancement of Structured Information 
Standards (OASIS) eXtensible Access Control Markup Language (XACML), 
ITU-T Recommendation X.1142, February 2005
    Below is a list of standards that have been removed, re-
categorized, or expanded on for this HITSP Interoperability 
Specification since previously recognized.
     Clinical Laboratory Improvement Amendments (CLIA) of 1988
     [cir] Designated as Federally Adopted Standards
     Health Insurance Portability and Accountability Act 
(HIPAA)--Administrative Simplification
     [cir] Designated as Federally Adopted Standards
     Hypertext Transfer Protocol Secure (HTTPS) 443/tcp
     [cir] Removed from Interoperability Specification
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 3.0
     [cir] Has been expanded upon to add more detail/clarity
     Health Level Seven (HL7) Version 2.5/2.5.1
     [cir] Has been expanded upon to add more detail/clarity
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0
     [cir] Has been expanded upon to add more detail/clarity
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (TF) Supplement
     [cir] Has been expanded upon to add more detail/clarity
     Integrating the Healthcare Enterprise (IHE) Laboratory 
Technical Framework Supplement 2006-2007 Revision 1.0
     [cir] Removed from Interoperability Specification
     International Organization for Standardization (ISO) 
Electronic business eXtensible Markup Language (ebXML), Technical 
Specification 15000--Part 4: Registry services specification 
(ebRS), May, 2004
     [cir] Removed from Interoperability Specification

IS02--Biosurveillance V3

    Below is a list of the HITSP constructs that have been added as 
referenced by this HITSP Interoperability Specification since 
previously recognized.
     HITSP/C19 Entity Identity Assertion Component (V1)
     HITSP/C26 Nonrepudiation of Origin Component (V1)
     HITSP/T15 Collect and Communicate Security Audit Trail 
Transaction (V1)
     HITSP/T16 Consistent Time Transaction (V1)
     HITSP/T17 Secured Communication Channel Transaction (V1)
     HITSP/TP20 Access Control Transaction Package (V1)
     HITSP/TP30 Manage Consent Directives Transaction Package 
(V1)
    Below is a list of Selected Standards that have been added for this 
HITSP Interoperability Specification since previously recognized.
     American Society for Testing and Materials (ASTM) Standard 
Guide for Electronic Authentication of Health Care Information: 
 E1762-95(2003)
     European Telecommunications Standards Institute (ETSI) 
Technical Specification TS 101 903: XML Advanced Electronic Signatures 
(XadES)
     Health Level Seven (HL7) U.S. Realm--Interoperability 
Specification: Lab Result Message to EHR (ORU[caret]R01) (HL7 Version 
2.5.1) September, 2007
     Health Level Seven (HL7) V3 RBAC, R1-2008, HL7 Version 3 
Standard: Role Based Access Control (RBAC) Healthcare Permissions 
Catalog, Release 1, February 2008
     Health Level Seven (HL7) Version 2.3.1
     Health Level Seven (HL7) Version 2.5.1
     Health Level Seven (HL7) Version 3.0 Privacy Consent 
related specifications RCMR--RM010001--Data Consent
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0, Audit Trail 
and Node Authentication (ATNA) Integration Profile
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0, Consistent 
Time (CT) Integration Profile
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0, Section 10 
Cross-Enterprise Document Sharing (XDS.a)
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (TF) Supplement--ITI-25 Notification 
of Document Availability (NAV) Jun 28, 2005
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Volume 2 Supplement 2007-
2008 Cross-Enterprise User Assertion (XUA)
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Volume 2 Supplement 2007-
2008 Cross-Enterprise Document Sharing-B (XDS.b)
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Supplement 2007-2008 Basic 
Patient Privacy Consents (BPPC)--Trial Implementation
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (TF) Supplement Volume 3--Document 
Digital Signature (DSG) Content Profile
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (TF) 2007-2008 Supplement, Retrieve 
Form for Data Capture (RFD)
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework Supplement 2008-2009, Pediatric 
Demographics, Draft for Trial Implementation (August 22, 2008)
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0, Patient 
Identifier Cross-Referencing Integration Profile (PIX)
     Integrating the Healthcare Enterprise (IHE) Laboratory 
Technical Framework Volume 3 (LAB TF-3) Document-based Transactions, 
Revision 2.0--For Trial Implementation, August 16, 2007
     Integrating the Healthcare Enterprise (IHE) Patient Care

[[Page 3603]]

Coordination (PCC), Revision 3.0, 2007-2008, Cross-Enterprise Sharing 
of Medical Summaries (XDS-MS) Integration Profile
     Integrating the Healthcare Enterprise (IHE) Radiology 
Technical Framework Revision 8.0
     Internet Engineering Task Force (IETF) Network Time 
Protocol (Version 3) Specification, Implementation and Analysis, 
``Request for Comment'' (RFC) 1305, March, 1992
     Internet Engineering Task Force (IETF) Simple Network Time 
Protocol (SNTP) Version 4, ``Request for Comment'' (RFC) 2030, 
October, 1996
     Organization for the Advancement of Structured Information 
Standards (OASIS) Security Assertion Markup Language (SAML) v2.0 OASIS 
Standard; ITU-T X.1141
     Organization for the Advancement of Structured Information 
Standards (OASIS) WS-Federation Web Services Federation Language (WS-
Federation), Version 1.1, December 2006
     Organization for the Advancement of Structured Information 
Standards (OASIS) WS-Trust Version 1.3, March 2007
     Organization for the Advancement of Structured Information 
Standards (OASIS) eXtensible Access Control Markup Language (XACML), 
ITU-T Recommendation X.1142, February 2005

    Below is a list of standards that have been removed, re-
categorized, or expanded on for this HITSP Interoperability 
Specification since previously recognized.
     Clinical Care Classification (CCC) Version 2.0 [formerly 
known as the Home Healthcare Classification (HHCC) System]
     [cir] Removed from Interoperability Specification
     Clinical Laboratory Improvement Amendments (CLIA) of 1988
     [cir] Designated as Federally Adopted Standards
     Digital Imaging and Communications in Medicine (DICOM) 
Attribute Level Confidentiality Supplement:  55
     [cir] Removed from Interoperability Specification
     Health Insurance Portability and Accountability Act 
(HIPAA)--Administrative Simplification
     [cir] Designated as Federally Adopted Standards
     Health Level Seven (HL7) Version 2.5/2.5.1
     [cir] Has been expanded upon to add more detail/clarity
     Health Level Seven (HL7) Version 3.0
     [cir] Has been expanded upon to add more detail/clarity
     Healthcare Common Procedure Coding System (HCPCS) Level II 
Code Set
     [cir] Removed from Interoperability Specification
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (TF) Supplement
     [cir] Has been expanded upon to add more detail/clarity
     Integrating the Healthcare Enterprise (IHE) Laboratory 
Technical Framework Supplement 2006-2007 Revision 1.0
     [cir] Removed from Interoperability Specification
     Integrating the Healthcare Enterprise (IHE) Patient Care 
Coordination (PCC) Technical Framework Revision 3.0
     [cir] Has been expanded upon to add more detail/clarity
     Integrating the Healthcare Enterprise (IHE) Radiology 
Technical Framework Revision 7.0
     [cir] Has been expanded upon to add more detail/clarity
     International Organization for Standardization (ISO) 
Electronic business eXtensible Markup Language (ebXML), Technical 
Specification  15000--Part 4: Registry services specification 
(ebRS), May 2004
     [cir] Removed from Interoperability Specification
     National Library of Medicine (NLM) Unified Medical 
Language System (UMLS) RxNorm
     [cir] Removed from Interoperability Specification
     Organization for the Advancement of Structured Information 
Standards (OASIS) Emergency Data Exchange Language (EDXL) Distribution 
Element (DE)
     [cir] Removed from Interoperability Specification

IS03--Consumer Empowerment and Access to Clinical Information via 
Networks V3

    Below is a list of the HITSP constructs that have been added as 
referenced by this HITSP Interoperability Specification since 
previously recognized.
     HITSP/C19 Entity Identity Assertion Component (V1)
     HITSP/C26 Nonrepudiation of Origin Component (V1)
     HITSP/C35 Lab Result Terminology Component (V2)
     HITSP/C37 Lab Report Document Component (V2)
     HITSP/T15 Collect and Communicate Security Audit Trail 
Transaction (V1)
     HITSP/T16 Consistent Time Transaction (V1)
     HITSP/T17 Secured Communication Channel Transaction (V1)
     HITSP/TP20 Access Control Transaction Package (V1)
     HITSP/TP30 Manage Consent Directives Transaction Package 
(V1)

    Below is a list of Selected Standards that have been added for this 
HITSP Interoperability Specification since previously recognized.
     American Society for Testing and Materials (ASTM) Standard 
Guide for Electronic Authentication of Health Care Information: 
 E1762-95 (2003)
     European Telecommunications Standards Institute (ETSI) 
Technical Specification TS 101 903: XML Advanced Electronic Signatures 
(XadES)
     Health Level Seven (HL7) V3 RBAC, R1-2008, HL7 Version 3 
Standard: Role Based Access Control (RBAC) Healthcare Permissions 
Catalog, Release 1, February 2008
     Health Level Seven (HL7) Version 2.3.1
     Health Level Seven (HL7) Version 2.5.1
     Health Level Seven (HL7) Version 3.0 Privacy Consent 
related specifications RCMR--RM010001--Data Consent
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0, Section 10 
Cross-Enterprise Document Sharing (XDS.a)
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Volume 2 Supplement 2007-
2008 Cross-Enterprise Document Sharing-B (XDS.b)
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0, Patient 
Identifier Cross-Referencing Integration Profile (PIX)
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0, Audit Trail 
and Node Authentication (ATNA) Integration Profile
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0, Consistent 
Time (CT) Integration Profile
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Supplement 2007-2008 Basic 
Patient Privacy Consents (BPPC)--Trial Implementation
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure

[[Page 3604]]

Technical Framework (ITI-TF) Volume 2 Supplement 2007-2008 Cross-
Enterprise User Assertion (XUA)
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (TF) Supplement Volume 3--Document 
Digital Signature (DSG) Content Profile
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework Supplement 2008-2009, Pediatric 
Demographics, Draft for Trial Implementation (August 22, 2008)
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0, Patient 
Demographics Query (PDQ) Integration Profile
     Integrating the Healthcare Enterprise (IHE) Laboratory 
Technical Framework Volume 3 (LAB TF-3) Document-based Transactions, 
Revision 2.0--For Trial Implementation, August 16, 2007
     International Health Terminology Standards Development 
Organisation (IHTSDO) Systematized Nomenclature of Medicine Clinical 
Terms (SNOMED CT[supreg])
     Internet Engineering Task Force (IETF) Network Time 
Protocol (Version 3) Specification, Implementation and Analysis, 
``Request for Comment'' (RFC)  1305, March, 1992
     Internet Engineering Task Force (IETF) Simple Network Time 
Protocol (SNTP) Version 4, ``Request for Comment'' (RFC)  
2030, October, 1996
     Organization for the Advancement of Structured Information 
Standards (OASIS) Security Assertion Markup Language (SAML) v2.0 OASIS 
Standard; ITU-T X.1141
     Organization for the Advancement of Structured Information 
Standards (OASIS) WS-Federation Web Services Federation Language (WS-
Federation), Version 1.1, December 2006
     Organization for the Advancement of Structured Information 
Standards (OASIS) WS-Trust Version 1.3, March 2007
     Organization for the Advancement of Structured Information 
Standards (OASIS) eXtensible Access Control Markup Language (XACML), 
ITU-T Recommendation X.1142, February 2005
     Unified Code for Units of Measure (UCUM)

    Below is a list of standards that have been removed, re-
categorized, or expanded on for this HITSP Interoperability 
Specification since previously recognized.
     Accredited Standards Committee (ASC) X12 Insurance 
Subcommittee (X12N) Implementation Guides Version 004010 plus Addenda 
004010A1
     [cir] Removed from Interoperability Specification
     Accredited Standards Committee (ASC) X12 Standards Release 
004010
     [cir] Removed from Interoperability Specification
     American Society for Testing and Materials (ASTM) Standard 
Specification for Coded Values Used in the Electronic Health Record: 
 E1633-02
     [cir] Removed from Interoperability Specification
     American Society for Testing and Materials (ASTM) Standard 
Specification for Continuity of Care Record (CCR):  E2369-05
     [cir] Removed from Interoperability Specification
     CDC Race and Ethnicity Code Sets
     [cir] Removed from Interoperability Specification
     Council for Affordable Quality Healthcare (CAQH) Committee 
on Operating Rules for Information Exchange (CORE) Phase I Operating 
Rules
     [cir] Designated as Informative Reference
     Federal Medication Terminologies
     [cir] Removed from Interoperability Specification and replaced by 
specific named terminologies
     Health Level Seven (HL7) HER System Functional Model Draft 
Standard for Trial use (DSTU)
     [cir] Removed from Interoperability Specification
     Health Level Seven (HL7) Version 2.5/2.5.1
     [cir] Has been expanded upon to add more detail/clarity
     Health Level Seven (HL7) Version 3.0
     [cir] Has been expanded upon to add more detail/clarity and listed 
as Informative Reference
     U.S. National Uniform Claims Committee Health Care 
Provider Taxonomy Code Set
     [cir] Removed from Interoperability Specification
     International Organization for Standardization (ISO) 
Electronic business eXtensible Markup Language (ebXML), Technical 
Specification  15000--Part 4: Registry services specification 
(ebRS), May, 2004
     [cir] Removed from Interoperability Specification
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 3.0
     [cir] Removed from Interoperability Specification
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0
     [cir] Has been expanded upon to add more detail/clarity and listed 
as Informative Reference
     Integrating the Healthcare Enterprise (IHE) Patient Care 
Coordination (PCC) Technical Framework Revision 3.0
     [cir] Removed from Interoperability Specification
     National Council for Prescription Drug Programs (NCPDP) 
SCRIPT Standard Version 8.1
     [cir] Removed from Interoperability Specification
     Revisions to the Standards for the Classification of 
Federal Data on Race and Ethnicity
     [cir] Designated as Informative Reference

IS04--Emergency Responder Electronic Health Record V1

    Below is a list of the HITSP constructs used by this HITSP 
Interoperability Specification.
     HITSP/C19 Entity Identity Assertion Component (V1)
     HITSP/C28 Emergency Care Summary Document Using IHE 
Emergency Department Encounter Summary (EDES) Component (V1)
     HITSP/C32 Summary Documents Using HL7 Continuity of Care 
Document (CCD) Component (V2)
     HITSP/C39 Encounter Message Component (V2)
     HITSP/C48 Encounter Document Using IHE Medical Summary 
(XDS-MS) Component (V2)
     HITSP/T15 Collect and Communicate Security Audit Trail 
Transaction (V1)
     HITSP/T16 Consistent Time Transaction (V1)
     HITSP/T17 Secured Communication Channel Transaction (V1)
     HITSP/T23 Patient Demographics Query Transaction (V2)
     HITSP/TP13 Manage Sharing of Documents Transaction Package 
(V2)
     HITSP/TP20 Access Control Transaction Package (V1)
     HITSP/TP22 Patient ID Cross-Referencing Transaction 
Package (V2)
     HITSP/TP30 Manage Consent Directives Transaction Package 
(V1)

    Below is a list of Selected Standards for this HITSP 
Interoperability Specification.
     Federal Information Processing Standards (FIPS) Codes for 
the Identification of the States, the District of Columbia and the 
Outlying Areas of the United States, and Associated Areas Publication 
 5-2, May 1987
     Health Level Seven (HL7) Implementation Guide: CDA Release 
2--

[[Page 3605]]

Continuity of Care Document (CCD), April 01, 2007
     Health Level Seven (HL7) V3 RBAC, R1-2008, HL7 Version 3 
Standard: Role Based Access Control (RBAC) Healthcare Permissions 
Catalog, Release 1, February 2008
     Health Level Seven (HL7) Version 2.3.1
     Health Level Seven (HL7) Version 2.5
     Health Level Seven (HL7) Version 3.0 Clinical Document 
Architecture (CDA/CDA R2)
     Health Level Seven (HL7) Version 3.0 Privacy Consent 
related specifications RCMR--RM010001--Data Consent
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0, Audit Trail 
and Node Authentication (ATNA) Integration Profile
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0, Consistent 
Time (CT) Integration Profile
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Volume 2 Supplement 2007-
2008 Cross-Enterprise User Assertion (XUA)
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0, Patient 
Demographics Query (PDQ) Integration Profile
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0, Section 10 
Cross-Enterprise Document Sharing (XDS.a)
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Volume 2 Supplement 2007-
2008 Cross-Enterprise Document Sharing-B (XDS.b)
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0--Registry 
Stored Query Transaction for XDS Profile Supplement [ITI-18]
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0 XCA Supplement
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Supplement 2007-2008 Basic 
Patient Privacy Consents (BPPC)--Trial Implementation
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework Supplement 2008-2009, Pediatric 
Demographics, Draft for Trial Implementation (August 22, 2008)
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0, Patient 
Identifier Cross-Referencing Integration Profile (PIX)
     Integrating the Healthcare Enterprise (IHE) Patient Care 
Coordination (PCC)--Emergency Department Encounter Summary (EDES), 
Technical Framework Supplement, Volume I, Revision 3.0, 2007-2008.
     Integrating the Healthcare Enterprise (IHE) Patient Care 
Coordination (PCC), Revision 3.0, 2007-2008, Cross-Enterprise Sharing 
of Medical Summaries (XDS-MS) Integration Profile
     International Classification of Diseases, 10th Revision, 
Procedure Coding System (ICD-10-PCS)
     International Classification of Diseases, 10th Revision, 
Related Health Problems (ICD-10-CM)
     International Classification of Diseases, 9th Revision, 
Clinical Modifications (ICD-9-CM)
     International Health Terminology Standards Development 
Organisation (IHTSDO) Systematized Nomenclature of Medicine Clinical 
Terms (SNOMED CT[supreg])
     Internet Engineering Task Force (IETF) Network Time 
Protocol (Version 3) Specification, Implementation and Analysis, 
``Request for Comment'' (RFC)  1305, March, 1992
     Internet Engineering Task Force (IETF) Simple Network Time 
Protocol (SNTP) Version 4, ``Request for Comment'' (RFC)  
2030, October, 1996
     Logical Observation Identifiers Names and Codes 
(LOINC[supreg])
     National Uniform Billing Committee (NUBC) Uniform Bill 
Version 1992 (UB-92) Current UB Data Specification Manual Field 22, 
Patient Discharge Status, Codes
     Organization for the Advancement of Structured Information 
Standards (OASIS) Security Assertion Markup Language (SAML) v2.0 OASIS 
Standard; ITU-T X.1141
     Organization for the Advancement of Structured Information 
Standards (OASIS) WS-Federation Web Services Federation Language (WS-
Federation), Version 1.1, December 2006
     Organization for the Advancement of Structured Information 
Standards (OASIS) WS-Trust Version 1.3, March 2007
     Organization for the Advancement of Structured Information 
Standards (OASIS) eXtensible Access Control Markup Language (XACML), 
ITU-T Recommendation X.1142, February 2005
     Unified Code for Units of Measure (UCUM)

IS05--Consumer Empowerment and Access to Clinical Information via Media 
V1

    Below is a list of the HITSP constructs used by this HITSP 
Interoperability Specification.
     HITSP/C19 Entity Identity Assertion Component (V1)
     HITSP/C32 Summary Documents Using HL7 Continuity of Care 
Document (CCD) Component (V2)
     HITSP/C35 Lab Result Terminology Component (V2)
     HITSP/C37 Lab Report Document Component (V2)
     HITSP/T15 Collect and Communicate Security Audit Trail 
Transaction (V1)
     HITSP/T16 Consistent Time Transaction (V1)
     HITSP/T23 Patient Demographics Query Transaction (V2)
     HITSP/T33 Transfer of Documents on Media Transaction (V1)
     HITSP/TP20 Access Control Transaction Package (V1)
     HITSP/TP22 Patient ID Cross-Referencing Transaction 
Package (V2)
     HITSP/TP30 Manage Consent Directives Transaction Package 
(V1)

    Below is a list of Selected Standards for this HITSP 
Interoperability Specification.
     Digital Imaging and Communications in Medicine (DICOM) 
Part 3.12: Media Formats and Physical Media for Media Interchange
     Health Level Seven (HL7) Clinical Document Architecture 
Release 2 (CDA R2)
     Health Level Seven (HL7) Implementation Guide: CDA Release 
2--Continuity of Care Document (CCD), April 01, 2007
     Health Level Seven (HL7) Implementation Guide: CDA Release 
2--Continuity of Care Document (CCD), April 01, 2007
     Health Level Seven (HL7) Implementation Guide: CDA Release 
2--Continuity of Care Document (CCD), April 01, 2007
     Health Level Seven (HL7) V3 RBAC, R1-2008, HL7 Version 3 
Standard: Role Based Access Control (RBAC) Healthcare Permissions 
Catalog, Release 1, February 2008
     Health Level Seven (HL7) V3 RBAC, R1-2008, HL7 Version 3 
Standard: Role Based Access Control (RBAC) Healthcare Permissions 
Catalog, Release 1, February 2008
     Health Level Seven (HL7) Version 2.3.1

[[Page 3606]]

     Health Level Seven (HL7) Version 2.5
     Health Level Seven (HL7) Version 2.5.1
     Health Level Seven (HL7) Version 3.0 Privacy Consent 
related specifications RCMR--RM010001--Data Consent
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Volume 2 Supplement 2007-
2008 Cross-Enterprise User Assertion (XUA)
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Volume 2 Supplement 2007-
2008 Cross-Enterprise User Assertion (XUA)
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0, Audit Trail 
and Node Authentication (ATNA) Integration Profile
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0, Consistent 
Time (CT) Integration Profile
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0, Patient 
Demographics Query (PDQ) Integration Profile
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0, Patient 
Identifier Cross-Referencing Integration Profile (PIX)
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0, Section 10 
Cross-Enterprise Document Sharing (XDS.a)
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Volume 2 Supplement 2007-
2008 Cross-Enterprise Document Sharing-B (XDS.b)
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0--Registry 
Stored Query Transaction for XDS Profile Supplement [ITI-18]
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0 XCA Supplement
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Supplement 2007-2008 Basic 
Patient Privacy Consents (BPPC)--Trial Implementation
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework Supplement 2008-2009, Pediatric 
Demographics, Draft for Trial Implementation (August 22, 2008)
     Integrating the Healthcare Enterprise (IHE) Laboratory 
Technical Framework Volume 3 (LAB TF-3) Document-based Transactions, 
Revision 2.0--For Trial Implementation, August 16, 2007
     International Health Terminology Standards Development 
Organisation (IHTSDO) Systematized Nomenclature of Medicine Clinical 
Terms (SNOMED CT [supreg])
     International Organization for Standardization (ISO) 
Health informatics--9660 Level 1
     Internet Engineering Task Force (IETF) Network Time 
Protocol (Version 3) Specification, Implementation and Analysis, 
``Request for Comment'' (RFC)  1305, March, 1992
     Internet Engineering Task Force (IETF) Simple Network Time 
Protocol (SNTP) Version 4, ``Request for Comment'' (RFC)  
2030, October, 1996
     Logical Observation Identifiers Names and Codes (LOINC 
[supreg])
     Organization for the Advancement of Structured Information 
Standards (OASIS) Security Assertion Markup Language (SAML) v2.0 OASIS 
Standard; ITU-T X.1141
     Organization for the Advancement of Structured Information 
Standards (OASIS) WS-Trust Version 1.3, March 2007
     Organization for the Advancement of Structured Information 
Standards (OASIS) WS-Federation Web Services Federation Language (WS-
Federation), Version 1.1, December 2006
     Organization for the Advancement of Structured Information 
Standards (OASIS) eXtensible Access Control Markup Language (XACML), 
ITU-T Recommendation X.1142, February 2005
     Unified Code for Units of Measure (UCUM)
     USB Removable Device Type 2.0 (USB Implementers Forum)
     XDM Supplement to the Integrating the Healthcare 
Enterprise (IHE) IT Infrastructure Technical Framework (ITI-TF)

IS06--Quality V1

    Below is a list of the HITSP constructs used by this HITSP 
Interoperability Specification.
     HITSP/C19 Entity Identity Assertion Component (V1)
     HITSP/C25 Anonymize Component (V2)
     HITSP/C26 Nonrepudiation of Origin Component (V1)
     HITSP/C34 Patient Level Quality Data Message Component 
(V1)
     HITSP/C38 Patient Level Quality Data Document Using IHE 
Medical Summary (XDS-MS) Component (V1)
     HITSP/T15 Collect and Communicate Security Audit Trail 
Transaction (V1)
     HITSP/T16 Consistent Time Transaction (V1)
     HITSP/T17 Secured Communication Channel Transaction (V1)
     HITSP/T23 Patient Demographics Query Transaction (V2)
     HITSP/T24 Pseudonymize Transaction (V2)
     HITSP/T29 Notification of Document Availability 
Transaction (V2)
     HITSP/T31 Document Reliable Interchange Transaction (V1)
     HITSP/TP13 Manage Sharing of Documents Transaction Package 
(V2)
     HITSP/TP20 Access Control Transaction Package (V1)
     HITSP/TP21 Query for Existing Data Transaction Package 
(V1)
     HITSP/TP22 Patient ID Cross-Referencing Transaction 
Package (V2)
     HITSP/TP30 Manage Consent Directives Transaction Package 
(V1)
     HITSP/TP50 Retrieve Form for Data Capture Transaction 
Package (V2)

    Below is a list of Selected Standards for this HITSP 
Interoperability Specification.
     American Medical Association (AMA) Current Procedural 
Terminology (CPT [supreg]) Fourth Edition (CPT-4); CPT Evaluation and 
Management Codes
     American Society for Testing and Materials (ASTM) Standard 
Guide for Electronic Authentication of Health Care Information: 
E1762-95(2003)
     Centers for Medicare and Medicaid Services (CMS) National 
Provider Identifier (NPI)
     Digital Imaging and Communications in Medicine (DICOM)--
Part 16: Content Mapping Resource
     European Telecommunications Standards Institute (ETSI) 
Technical Specification TS 101 903: XML Advanced Electronic Signatures 
(XadES)
     Federal Information Processing Standards (FIPS) Codes for 
the Identification of the States, the District of Columbia and the 
Outlying Areas of the United States, and Associated Areas Publication 
5-2, May, 1987
     Health Level Seven (HL7) Version 2.3.1
     Health Level Seven (HL7) Version 2.5
     Health Level Seven (HL7) Version 3.0
     Health Level Seven (HL7) Version 3.0 Privacy Consent 
related

[[Page 3607]]

specifications RCMR--RM010001--Data Consent
     Health Level Seven (HL7) V3 RBAC, R1-2008, HL7 Version 3 
Standard: Role Based Access Control (RBAC) Healthcare Permissions 
Catalog, Release 1, February 2008
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0, Section 10 
Cross-Enterprise Document Sharing (XDS.a)
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Volume 2 Supplement 2007-
2008 Cross-Enterprise Document Sharing-B (XDS.b)
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0--Registry 
Stored Query Transaction for XDS Profile Supplement [ITI-18]
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0 XCA Supplement
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0, Patient 
Demographics Query (PDQ) Integration Profile
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (TF) Supplement--ITI-25 Notification 
of Document Availability (NAV) Jun 28, 2005
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework Supplement 2008-2009, Pediatric 
Demographics, Draft for Trial Implementation (August 22, 2008)
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) 2006-2007 Trial 
Implementation Supplement Cross-Enterprise Document Reliable 
Interchange (XDR)
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0, Patient 
Identifier Cross-Referencing Integration Profile (PIX)
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0, Audit Trail 
and Node Authentication (ATNA) Integration Profile
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Revision 4.0, Consistent 
Time (CT) Integration Profile
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (ITI-TF) Volume 2 Supplement 2007-
2008 Cross-Enterprise User Assertion (XUA)
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (TF) Supplement Volume 3--Document 
Digital Signature (DSG) Content Profile
     Integrating the Healthcare Enterprise (IHE) IT 
Infrastructure Technical Framework (TF) 2007-2008 Supplement, Retrieve 
Form for Data Capture (RFD)
     Integrating the Healthcare Enterprise (IHE) Patient Care 
Coordination (PCC) Technical Framework Volume 1, Revision 3.0 2007-2008
     Integrating the Healthcare Enterprise (IHE) Patient Care 
Coordination (PCC), Revision 3.0, 2007-2008, Cross-Enterprise Sharing 
of Medical Summaries (XDS-MS) Integration Profile
     International Classification of Diseases, 10th Revision, 
Procedure Coding System (ICD-10-PCS)
     International Classification of Diseases, 9th Revision, 
Clinical Modifications (ICD-9-CM)
     International Health Terminology Standards Development 
Organisation (IHTSDO) Systematized Nomenclature of Medicine Clinical 
Terms (SNOMED CT [supreg])
     International Organization for Standardization (ISO) 
Health Informatics--Pseudonymisation, Unpublished Technical 
Specification 25237
     International Organization for Standardization (ISO) 
Health Informatics--Pseudonymization, Unpublished Technical 
Specification 25237
     Internet Engineering Task Force (IETF) Network Time 
Protocol (Version 3) Specification, Implementation and Analysis, 
``Request for Comment'' (RFC) 1305, March 1992
     Internet Engineering Task Force (IETF) Simple Network Time 
Protocol (SNTP) Version 4, ``Request for Comment'' (RFC) 2030, 
October 1996
     Logical Observation Identifiers Names and Codes (LOINC 
[supreg])
     National Library of Medicine (NLM) Unified Medical 
Language System (UMLS) RxNorm
     National Uniform Billing Committee (NUBC) Uniform Bill 
Version 2007 (UB-04) Current UB Data Specification Manual Field 22, 
Patient Discharge Status, Codes
     Organization for the Advancement of Structured Information 
Standards (OASIS) Simple Object Access Protocol (SOAP) Version 1.1, 1.2
     Organization for the Advancement of Structured Information 
Standards (OASIS) Security Assertion Markup Language (SAML) v2.0 OASIS 
Standard; ITU-T X.1141
     Organization for the Advancement of Structured Information 
Standards (OASIS) WS-Federation Web Services Federation Language (WS-
Federation), Version 1.1, December 2006
     Organization for the Advancement of Structured Information 
Standards (OASIS) WS-Trust Version 1.3, March 2007
     Organization for the Advancement of Structured Information 
Standards (OASIS) eXtensible Access Control Markup Language (XACML), 
ITU-T Recommendation X.1142, February 2005
     Unified Code for Units of Measure (UCUM)
    Certain legal obligations may flow from the recognition of these 
Interoperability Standards. First, pursuant to Executive Order 13410 
(EO 13410) dated August 22, 2006, recognition of Interoperability 
Standards would require each Federal agency that administers or 
sponsors a Federal health care program (as defined in that Executive 
Order), as it implements, acquires, or upgrades health information 
technology systems used for the direct exchange of health information 
between agencies and with non-Federal entities, to utilize, where 
available and as permitted by applicable law, health information 
technology systems and products that meet interoperability standards 
recognized by the Secretary. Therefore, those Federal agencies would be 
required to appropriately consider health information technology 
systems and products that comply with these Interoperability Standards, 
once recognized, when implementing, acquiring, or upgrading such items 
or systems.
    Similarly, the EO 13410 also directs those Federal agencies to 
contractually require, to the extent permitted by law, certain entities 
with whom they do business, to use, where available, health information 
technology systems and products that meet Interoperability Standards 
recognized by the Secretary.
    In addition, the regulations promulgated on August 8, 2006 (see 71 
FR 45140 and 71 FR 45110) established exceptions and safe harbors to 
the physician self-referral law and the anti-kickback statute, 
respectively, for certain arrangements involving the donation of 
electronic prescribing and electronic health records (EHR)

[[Page 3608]]

technology and services. The EHR exception and safe harbor require that 
the software be ``interoperable'' as defined in the regulations. The 
rules also provide that certain software will be deemed to be 
``interoperable'' if that software has been certified by a certifying 
body recognized by the Secretary within 12 months prior to the 
donation. Under the interim guidance for the recognition of certifying 
bodies published by the ONC (``Office of the National Coordinator for 
Health Information Technology (ONC) Interim Guidance Regarding the 
Recognition of Certification Bodies''), for an organization to be 
recognized as a recognized certifying body (RCB), the organization 
must, among other characteristics:
     Have in place a demonstrated process for and experience in 
certifying products to be in compliance with criteria recognized by the 
Secretary;
     Have a method by which it can incorporate all applicable 
standards and certification criteria recognized by the Secretary into 
its certification processes; and
     Have the ability to adapt its processes to emerging 
certification criteria recognized by the Secretary.
    The RCBs would therefore have to certify such products in 
conformity with, among other provisions, these Interoperability 
Standards, once recognized, for the certified products to be deemed 
interoperable under the physician self-referral exception and anti-
kickback safe harbor, respectively, and, thus, eligible for donation to 
certain health care providers under the physician self-referral law and 
the anti-kick back statute.
    The Department is mindful that the ability of software to be 
interoperable evolves as technology develops. Consequently, if an 
enforcement action is initiated for an allegedly improper donation of 
EHR non-certified software, the Department would review whether the 
software was interoperable at the time of donation, as defined in the 
regulations. The Department would consider the prevailing state of 
technology at the time the items or services were provided to the 
recipient. As explained in the regulations, the Department understands 
that parties should have a reasonable basis for determining whether the 
EHR software is interoperable. We therefore indicated that ``it would 
be appropriate--and, indeed, advisable--for parties to consult any 
standards and criteria related to interoperability recognized by the 
Department.'' Compliance with these standards and criteria, as we 
explained in the regulations, ``will provide greater certainty to 
donors and recipients that products meet the interoperability 
requirement, and may be relevant in an enforcement action.'' (See 71 FR 
45156 and 71 FR 45127.)
    The Department believes that the one-year period between acceptance 
in January 2008 and recognition in January 2009 provided both the 
public and private sectors with adequate time to review, test, and 
provide input on the identified HITSP Interoperability Specifications 
prior to their recognition. Based on the above, the Secretary has now 
recognized these HITSP Interoperability Specifications.

FOR FURTHER INFORMATION CONTACT: Judith Sparrow at (202) 690-7151.

    Dated: January 14, 2009.
Marc R. Weisman,
Executive Director, Office of the National Coordinator for Health 
Information Technology.
 [FR Doc. E9-1068 Filed 1-16-09; 8:45 am]
BILLING CODE 4150-45-P