- IHE-PIX and IHE-XCPD are used for the purposes of patient matching and to support this interoperability need.
- While IHE-PIX and IHE-XCPD are best-available standards at this time, the current best-available standards may be insufficient to meet interoperability needs with sufficient accuracy.
- See IHE projects in the Interoperability Proving Ground.
- System Authentication - The information and process necessary to authenticate the systems involved
- User Authentication – The information and process necessary to authenticate the end user
- User Details - identifies the end user who is accessing the data
- User Role - identifies the roles and clearances asserted by the individual initiating the transaction for purposes of authorization. E.g., the system must verify the initiator’s claims and match them against the security labels for the functionalities that the user attempts to initiate and the objects the user attempts to access.
- Purpose of Use - Identifies the purpose for the transaction, and for the purposes for which the end user intends to use the accessed objects
- Patient Consent Information - Identifies the patient consent information that may be required before data can be accessed.
- May be required to authorize any exchange of patient information
- May be required to authorized access and use of patient information
- May be required to be sent along with disclosed patient information to advise the receiver about policies to which end users must comply
- Query Request ID - Query requesting application assigns a unique identifier for each query request in order to match the response to the original query.
- Security Labeling – the health information is labeled with security metadata necessary for access control by the end user.