Health IT Standards

Like other industries, health care organizations exchange information according to a set of standards. Standards are agreed-upon methods for connecting systems together. Standards may pertain to security, data transport, data format or structure, or the meanings of codes or terms.

Standards are defined, updated, and maintained by standards development organizations (SDOs) through a collaborative process involving the audience that will be using the standards.

Health care organizations can reduce implementation costs, accelerate integration projects, and take advantage of common tooling by making an effort to use standards whenever possible.

ONC is working to enable the health IT community to convene and rapidly prioritize health IT challenges and subsequently develop and harmonize standards, specifications and implementation guidance to solve those challenges. ONC is also responsible for curating the set of standards and specifications that support interoperability and ensuring that they can be assembled into solutions for a variety of health information exchange scenarios.

ONC publishes the Interoperability Standards Advisory (ISA) as a way of recognizing interoperability standards and implementation specifications for industry use to fulfill specific clinical health IT interoperability needs.

Health IT Standards to Watch

  • Consolidated-Clinical Document Architecture (C-CDA) — C-CDA is a framework for creating clinical documents that contain both human-readable text and machine-readable XML
  • Direct — is a standard for sending health information securely over the internet.
  • Fast Healthcare Interoperability Resource (FHIR) — FHIR is a specification for exchanging clinical and administrative health care data. The standard is based on REST and OAuth.
  • Validated Healthcare Directory Implementation Guide – an HL7 FHIR based implementation guide and architectural considerations for attesting to, validating, and exchanging validated data as well as a RESTful FHIR API for accessing data from that directory.
  • Integrating the Healthcare Enterprise (IHE) — IHE’s work is organized into profiles that define how systems should cooperate. Commonly-implemented profiles include:
    • ATNA — audit trail and node authentication: basic security and audit logging
    • XCA — cross-community access: query and retrieve patient records held by other communities
    • XCPD — cross-community patient discovery: locates patient records in other communities and resolves different patient identifiers
    • XDR — cross-community interchange: point-to-point sharing of electronic documents
    • XDS — cross community document sharing: discovery and sharing of electronic documents
    • PDQ — patient demographics query: consult a central patient information server to look up patient identity based on demographics
    • PIX — queries for patient identity cross references among different sites
  • Health Level 7 (HL7) v2 messaging — a commonly used data interchange standard. This standard includes messaging specifications for patient administration, orders, results, scheduling, claims management, document management, and many others.
  • Quality Reporting Document Architecture (QRDA) — a standard for communicating health care quality measures
  • Health Quality Measure Format (HQMF) — a standards-based representation of quality measures as electronic documents
  • OAuth 2.0 — a simple authorization framework that enables a third-party application to obtain access to an HTTP service.
  • HEART (Health Relationship Trust) — a set of profiles that enables patients to control how, when, and with whom their clinical data is shared. 
  • OpenID Connect — a simple identity layer designed to work with Oauth 2.0.
  • Prescription Drug Monitoring Program (PDMP)