UNIT II

MEDICAL STANDARDS
Evolution of Medical Standards – IEEE 11073 - HL7 – DICOM – IRMA - LOINC – HIPPA –
Electronics Patient Records–Healthcare Standard Organizations – JCAHO (Join Commission
on Accreditation of Healthcare Organization) - JCIA (Joint Commission International
Accreditation) - Evidence Based Medicine – Bioethics
1. EVOLUTION OF MEDICAL STANDARDS
The evolution of medical standards refers to the historical and ongoing development
of standardized practices, protocols, regulations, and technologies in healthcare. These
standards are crucial to ensure patient safety, interoperability, quality care, data accuracy,
and global collaboration.
Early Medical Practices (Before 19th Century)
• Lack of formal standards: Medicine was based on local traditions and beliefs.
• Practices varied widely between regions and practitioners.
• Documentation was minimal or inconsistent.
Foundations of Modern Medical Standards (19th–Early 20th Century)
• Establishment of medical licensing: Countries began regulating who could practice
medicine.
• Standardization of education: Medical schools started using formal curricula.
• Rise of evidence-based medicine: Clinical decisions began shifting from anecdotal to
scientific basis.
• Medical coding origins: Early efforts to classify diseases (e.g., Bertillon Classification
→ ICD).
Mid-20th Century – Institutional and Global Standardization
• World Health Organization (WHO) (1948): Helped create global health standards,
including the International Classification of Diseases (ICD).
• Formation of regulatory bodies: E.g., FDA (USA), MHRA (UK), and CDSCO (India)
for drug/device safety.
• Ethical guidelines: Nuremberg Code (1947), Declaration of Helsinki (1964) – for
research ethics.
Late 20th Century – Technological Integration and Digital Health
• Health informatics emerged: Leading to data standardization (e.g., HL7, DICOM).
• Electronic Health Records (EHRs): Standards like HL7, SNOMED CT, and LOINC
were developed for data interoperability.

1
 • Clinical practice guidelines (CPGs): Issued by medical associations for evidence-
based care.
21st Century – Interoperability, Patient-Centricity, and Global Health Initiatives
• Widespread adoption of EHRs and digital health tools.
• FHIR (Fast Healthcare Interoperability Resources): A modern standard for
exchanging healthcare data digitally.
• Medical device standards: ISO 13485 for quality management, IEC 60601 for
electrical safety.
• AI and telemedicine standards: Ongoing efforts to regulate AI diagnostics, remote
care (e.g., WHO Digital Health Guidelines).
• GDPR & HIPAA: Data privacy standards in healthcare (EU & US).
2. IEEE 11073
IEEE 11073 is a family of standards developed by the Institute of Electrical and Electronics
Engineers (IEEE) to ensure interoperability and seamless communication between personal
health devices, clinical equipment, and healthcare information systems. These standards are
essential for mobile health (mHealth), remote patient monitoring, and personal health
informatics. It defines standardized data formats, communication protocols, and device
specializations to support plug-and-play integration, enabling real-time data exchange across
diverse healthcare environments. It applies to devices such as blood pressure monitors, pulse
oximeters, thermometers, infusion pumps, and ventilators, and ensures smooth connectivity
with healthcare IT infrastructures like gateways and Electronic Health Record (EHR) or
Electronic Medical Record (EMR) systems, thereby improving data accuracy and management
efficiency.
Architecture of IEEE 11073
The architecture of IEEE 11073 is structured to facilitate interoperable communication
between medical devices and healthcare systems through a layered, object-oriented approach.
It consists of three key components:

1. Domain Information Model (DIM)

• Represents the logical structure of the data within a medical device.
• Organizes data into objects, such as vital signs, measurements, and device attributes.
• Uses a hierarchical model with classes like Medical Device System, Metric, and
Numeric.
• Enables standardized representation of physiological parameters (e.g., heart rate,
temperature).

2. Service Model
• Defines the communication services used to interact with and control devices.

2
 • Includes:
o GET/SET operations for reading or modifying data.
o Event reporting for notifying changes (e.g., alarm triggered).
o Action services for executing specific device commands.
• Supports both real-time data transmission and asynchronous communication.

3. Communication Model
• Specifies how messages are exchanged between devices and managers (e.g., PCs,
smartphones, gateways).
• Utilizes the Agent-Manager paradigm:
o Agent: The medical device that collects and sends data.
o Manager: The system (like a gateway or EHR) that receives, displays, or
stores the data.
• Common transport protocols:
o USB
o Bluetooth Health Device Profile (HDP)
o Zigbee
o TCP/IP (for clinical settings)

IEEE 11073 Protocol Stack

3
 The IEEE 11073 protocol stack defines how health data is structured, exchanged, and
transported between personal health devices (agents) and managing systems (managers). It
provides a layered architecture that ensures interoperability, modularity, and scalability across
different health monitoring applications.
1. Application Layer
• IEEE 11073-10201 (DIM): Defines the object-oriented data model for representing
device data (e.g., blood pressure, heart rate).
• IEEE 11073-10101 (Nomenclature): Standard terms and codes for observations, units,
and device types.
• Service Model: Defines communication services (e.g., event reporting, data access).

2. Optimized Exchange Protocol Layer

• IEEE 11073-20601:
o Core protocol managing association, configuration, data exchange, and
disassociation.
o Uses ASN.1 encoded messages and Application Protocol Data Units (APDUs).
o Ensures device capabilities are communicated and data flows reliably.
3. Transport Profile Layer
• Specifies how data is transmitted between agent and manager over a given medium.
• Common protocols include:
o Bluetooth Health Device Profile (HDP) – used with IEEE 11073 over
Bluetooth.
o USB Personal Healthcare Device Class (PHDC).

4
 o Zigbee Health Care Profile – for low-power mesh networking.
o NFC – for short-range data exchange.
4. Physical Layer
• The actual hardware connection or wireless interface (e.g., Bluetooth radio, USB port,
Zigbee antenna).

Categories of IEEE 11073 Standards

Category Description

11073-10101 Nomenclature for consistent naming of observations, units, metrics

11073-10201 Domain Information Model (DIM) for device data structuring

Personal Health Device Specializations (e.g., for thermometer,

11073-104xx
glucose meter)

11073-20601 Optimized Exchange Protocol for personal health devices

11073-20702 Application profile for Bluetooth HDP

Examples of IEEE 11073-104xx Standards

Standard Device

11073-10406 Pulse oximeter

11073-10407 Blood pressure monitor

11073-10408 Thermometer

11073-10417 Glucose meter

11073-10441 Weighing scale

11073-10442 Medication monitor

3. HL7 (Health Level Seven)

HL7, stands for Health Level Seven International, is a set of international standards for the
exchange, integration, sharing, and retrieval of electronic health information. It enables
communication between different healthcare systems, such as hospitals, clinics, laboratories,
pharmacies, and insurance providers, ensuring interoperability and consistency in clinical and
administrative data.

5
 The term "Level Seven" refers to the 7th layer (Application Layer) of the OSI (Open
Systems Interconnection) model. This layer supports application-level functions like data
exchange and user interface operations—exactly where HL7 operates
Goals of HL7
• To facilitate the standardized exchange of health information.
• To ensure interoperability between disparate healthcare IT systems (EHRs, LIS, RIS,
HIS).
• To support clinical workflows, billing, reporting, and patient care coordination.
Main HL7 Standards

Standard Description

Widely used messaging standard in hospitals (lab results,

HL7 v2.x
ADT, billing). Flexible and text-based (pipe `

XML-based, more structured and consistent, but less

HL7 v3
adopted due to complexity.

CDA (Clinical Document Standard for encoding clinical documents (e.g., discharge
Architecture) summaries, imaging reports).

CCD (Continuity of Care A CDA-based document for summarizing patient care (used
Document) in the U.S.).

Modern standard using RESTful APIs and JSON/XML.

FHIR (Fast Healthcare
Lightweight and web-friendly—rapidly growing in
Interoperability Resources)
adoption.

Working of HL7
The working of HL7 revolves around enabling structured, standardized communication
between different healthcare systems (like EHRs, labs, radiology, billing systems, etc.) so they
can exchange patient-related data efficiently and accurately.

6
 HL7 Message Structure
HL7 operates primarily through messages — each one representing a healthcare event (e.g.,
patient admission, lab result, discharge).
Each message:
• Has a message type (e.g., ADT for Admission/Discharge/Transfer, ORU for
Observation Result).
• Is composed of segments, which are lines of information.
• Each segment is made up of fields, separated by pipes |.
• Fields may contain components and subcomponents separated by ^ and &.

Example: HL7 v2.x Message for Lab Result (ORU^R01)

MSH|^~\&|LAB|XYZ_HOSPITAL|EHR|XYZ_EHR|20250630||ORU^R01|123456|P|2.3|
PID|1||789456^^^XYZ_HOSPITAL^MR||Doe^John||19800101|M|
OBR|1||1234|TEST^Blood Test^L||
OBX|1|NM|GLU^Glucose Level^L||105|mg/dL|70-110|N|||F

Segment Meaning

MSH Message Header

7
Segment Meaning

PID Patient Identification

OBR Observation Request

OBX Observation Result

Roles Involved

Role Description

Sending System The system that creates and sends the HL7 message (e.g., a lab system
(Source) sending test results).

Receiving System The system that receives and interprets the message (e.g., EHR system
(Target) updating patient record).

A middleware that transforms, routes, and validates HL7 messages

Interface Engine
between systems. Examples: Mirth Connect, Rhapsody.

Workflow Example: Patient Admission (ADT Message)

1. Registration Clerk enters new patient data in the hospital information system (HIS).
2. HIS generates an HL7 ADT^A01 (Admit) message.
3. The message is sent via an interface engine to the EHR and other systems like billing
and pharmacy.
4. All connected systems update their records with the same patient info.

Types of HL7 Messages

Message Type Purpose

Patient movements (admit, discharge, transfer,

ADT (Admit Discharge Transfer)
update).

ORM (Order Message) Orders for tests, medications, procedures.

ORU (Observation Result) Lab results, vital signs, diagnostic findings.

DFT (Detailed Financial Transaction) Billing and financial records.

SIU (Scheduling Information

Appointments and scheduling.
Unsolicited)

Communication Protocols Used

HL7 messages are exchanged over:
• MLLP (Minimal Lower Layer Protocol) – for TCP/IP transmission.

8
 • Web services (SOAP/REST) – used more in HL7 FHIR.
• File drop, shared DB, or APIs – in older or custom implementations.

HL7 Versions and Working Differences

Version How it Works

HL7 v2.x Text-based, delimited, real-time messaging for clinical events. Widely adopted.

HL7 v3 XML-based messages with strict modeling (less practical due to complexity).

Web-based using RESTful APIs and JSON/XML for modern, app-friendly data
HL7 FHIR
exchange (e.g., mobile apps, cloud EHRs).

4. DICOM
DICOM stands for Digital Imaging and Communications in Medicine. It is an international
standard (ISO 12052) used in medical imaging to store, transmit, and manage medical imaging
information and related data.
Standard Format
DICOM defines a unified file format for medical images and associated data:
• Image data: The actual scan images (e.g., slices from a CT or MRI).
• Metadata: Important non-image information, such as patient details, scan settings, and
timestamps.
• Files are stored with a .dcm extension.
• DICOM supports 2D, 3D, and even 4D data (e.g., dynamic MRI or cardiac CT).
Interoperability
DICOM was developed to ensure compatibility across various manufacturers and systems:
• A CT scanner from GE can send data to a PACS server from Siemens.
• A hospital's radiology department can retrieve or view images from multiple systems
in a uniform manner.
• Enables multi-vendor integration without needing custom converters or interfaces.
Data + Metadata
Each DICOM file includes not only image pixels but detailed contextual information:
• Patient Info: Name, ID, gender, birth date, etc.
• Study & Series Info:
o Study: Entire diagnostic test (e.g., "Brain MRI").

9
 o Series: A sequence of images from a specific protocol (e.g., axial T1-weighted
images).
• Image acquisition: Parameters like slice thickness, resolution, scanner model, exposure
time.
Network Communication
DICOM supports communication over a hospital network using its own protocol:
• Based on TCP/IP, but with specific commands and operations defined by DICOM.
• Communication is done through Service-Object Pair (SOP) Classes, where:
o Service = action (e.g., store, retrieve)
o Object = the data (e.g., CT image)
Common services include:
• C-STORE: Send/store an image to PACS.
• C-FIND: Search for patients/studies.
• C-MOVE / C-GET: Retrieve images from PACS.
• Modality Worklist (MWL): Schedule & manage imaging jobs.
• Print: Send images to DICOM-compatible printers.

Anonymization
To protect patient privacy (especially in research or public datasets), DICOM files must
often be de-identified:
• Removes or obfuscates personal identifiers:
o Name, date of birth, ID number
o Scan location, institution name
o Sometimes even facial structures (from 3D MRI)
Regulatory compliance:
• HIPAA (USA)
• GDPR (Europe)
Applications of DICOM
• Clinical diagnostics
• Teleradiology
• Machine learning and AI-based medical image analysis

10
 • Image-guided surgery and radiation therapy

5. IRMA
The IRMA Standards (Image Retrieval in Medical Applications) are not formalized
standards like DICOM or HL7 but refer to a structured coding system and evaluation protocol
for medical image classification and retrieval.
IRMA Code Structure
The IRMA (Image Retrieval in Medical Applications) code structure is a hierarchical,
multi-axial coding system used to classify medical images. It uses a combination of four axes
(Technical, Directional, Anatomical, and Biological) to create a unique, unambiguous
identifier for each image. The code is designed to be flexible and expandable, allowing for
the addition of new modalities or refinements within existing categories.
Here's a breakdown of the IRMA code structure:
1. Technical (T): This axis describes the imaging modality (e.g., X-ray, MRI, CT).
2. Directional (D): This axis represents the body orientation or direction of the image (e.g.,
anterior-posterior, lateral).
3. Anatomical (A): This axis specifies the body region being examined (e.g., head, chest,
abdomen).
4. Biological (B): This axis indicates the biological system being imaged (e.g., respiratory
system, skeletal system).
Each medical image in the IRMA dataset is labeled using a unique 13-character IRMA code.
Structure of the IRMA Code: TTTT-DDD-AAA-BBB

11
 Segment Meaning Example Description

TTTT Technical Code 1121 Imaging modality (e.g., X-ray, CT)

DDD Directional Code 110 Orientation or view of the image

AAA Anatomical Code 410 Body region imaged

BBB Biological Code 000 Biological system or pathology

• Each segment uses a tree-structured hierarchical classification, allowing different

levels of detail.

Evaluation Metric Standard

IRMA defines a standardized error measurement system to evaluate image classification
and retrieval performance.
IRMA Error Score:
The IRMA error score penalizes:
• More important sections (leftmost codes) more heavily.
• Incorrect or missing digits based on their position and hierarchy level.
Formula:
The total error is a normalized sum of the incorrect digits in the IRMA code:

Where:

Perfect classification = 0.0

Worst case = 1.0 (or 100%)
Use of IRMA Standards in Research
These standards are widely used in:
• CBIR (Content-Based Image Retrieval) benchmarking.
• Image classification tasks in biomedical image analysis.
• Evaluation in machine learning and deep learning studies using X-ray datasets.

6. LOINC
LOINC stands for Logical Observation Identifiers Names and Codes. It is a globally
recognized standard for identifying health measurements, observations, and documents,
primarily used in laboratory and clinical data exchange.

12
Overview of LOINC
• Developed and maintained by Regenstrief Institute (Indiana, USA).
• Free and open standard.
• Enables interoperability in health information systems like EHRs, LIS, HIS, and PACS.
Purpose of LOINC
LOINC provides universal codes for:
• Laboratory tests (e.g., blood glucose, CBC)
• Clinical observations (e.g., blood pressure, ECG findings)
• Radiology reports, pathology, and even some clinical documents (via LOINC
Document Ontology)
It ensures that data from different systems and labs can be interpreted and shared
consistently.
LOINC Code Format
A typical LOINC code has two parts:
• Code: A unique numeric identifier (e.g., 718-7)
• Fully Specified Name (FSN): Built from six attributes
Six Parts of a Fully Specified LOINC Name

Attribute Description Example

1. Component What is being measured or observed Glucose

The characteristic or property being

2. Property Mass concentration (MCnc)
measured

3. Timing When the observation is made Point in time (Pt) or 24-hour (24H)

The sample type or system being

4. System Serum/Plasma (Ser/Plas)
observed

Quantitative (Qn), Ordinal (Ord),

5. Scale The type of value reported
Nominal (Nom), Narrative (Nar)

The technique used to make the Enzymatic method, Radiographic

6. Method
measurement (optional) method, etc.

Example: LOINC Code 718-7

Attribute Value

Component Glucose

Property Mass concentration (MCnc)

13
Attribute Value

Timing Point in time (Pt)

System Serum or Plasma (Ser/Plas)

Scale Quantitative (Qn)

Method none specified

This LOINC code represents a test for Glucose concentration in serum or plasma at a single
point in time, reported as a quantitative value, with no specific method declared.
Types of LOINC Codes
1. Laboratory LOINC: Blood tests, urinalysis, microbiology, etc.
2. Clinical LOINC: Vitals, ECG, pain scores, imaging procedures.
3. Document Ontology: Structured clinical documents (e.g., discharge summary, operative
note).
Integration with Other Standards
LOINC is commonly used with:
• HL7 (especially HL7 v2 and FHIR) for data messaging.
• SNOMED CT (often used together for richer semantics).
• UCUM (Unified Code for Units of Measure) for standardizing units.

Benefits of Using LOINC

• Interoperability across hospitals, labs, and national health systems.
• Facilitates clinical decision support and public health reporting.
• Enables data analytics, research, and AI applications on standardized datasets.

7. HIPAA
HIPAA stands for the Health Insurance Portability and Accountability Act of 1996, a U.S.
federal law designed to:
• Protect individuals’ medical records and other personal health information (PHI),
• Ensure data privacy and security in the healthcare system,
• Enable the secure electronic transmission of healthcare data.
HIPAA is administered by the U.S. Department of Health and Human Services (HHS), and
enforced by the Office for Civil Rights (OCR).
Purpose of HIPAA
1. Confidentiality: Prevent unauthorized access, use, or disclosure of patient data.
2. Integrity: Ensure data is accurate and unaltered during storage or transmission.
3. Availability: Ensure authorized users can access health data when needed.
4. Standardization: Create national standards for healthcare transactions and code sets.

14
5. Empowerment: Give patients, rights over their health information (access, amendment,
restrictions).
HIPAA Compliance for a New Hospital: Key Considerations
If you're building a new hospital, HIPAA compliance must be integrated from the
beginning — in infrastructure, IT systems, staff protocols, and partnerships.
1. Administrative Safeguards
• Appoint a HIPAA Compliance Officer.
• Develop privacy and security policies.
• Conduct risk assessments and staff training.
• Ensure Business Associate Agreements (BAAs) with vendors (cloud providers, billing
companies, etc.).
2. Technical Safeguards
• Use encryption for data at rest and in transit.
• Implement access controls: unique user IDs, automatic log-off, password security.
• Maintain audit controls to track access to PHI.
• Deploy firewalls, intrusion detection, and secure EHR systems.
3. Physical Safeguards
• Secure physical access to servers and medical devices.
• Implement video surveillance, ID badge access, and workstation controls.
• Ensure secure disposal of paper records and hardware (e.g., shredders, degaussers).
4. Documentation and Policy
• Document all procedures and protocols related to PHI.
• Develop a breach response plan (required under the HITECH Act).
• Maintain records of risk assessments and compliance activities.
Functioning of HIPAA in Protecting Patient Data Confidentiality
HIPAA ensures data protection and patient confidentiality through the following core rules:
1. Privacy Rule
• Applies to all forms of PHI (electronic, paper, oral).
• Limits access to PHI to only those who need it to perform their duties.
• Gives patients the right to:
o View and get copies of their records,

15
 o Request corrections,
o Obtain a list of disclosures,
o Request restrictions on use or sharing.
2. Security Rule
• Focuses on electronic PHI (ePHI).
• Requires hospitals to implement:
o Access controls
o Audit logs
o Data encryption
o Emergency access procedures
3. Breach Notification Rule
• Requires notification to:
o Affected individuals,
o HHS,
o (In some cases) the media,
• Must occur within 60 days of discovery of a breach.
8. Electronic Patient Records (EPRs)
Electronic Patient Records (EPRs) are digital versions of patients' medical histories maintained
over time by healthcare providers. They include a range of data such as demographics, medical
history, diagnoses, medications, immunization dates, allergies, lab results, radiology images,
and treatment plans.
Components of an EPR
A comprehensive EPR system typically contains the following elements:
• Patient Identification Information: Name, age, gender, contact details, ID numbers.
• Medical History: Past illnesses, surgeries, hospitalizations, family medical history.
• Clinical Notes: Notes written by healthcare providers during consultations.
• Medications: Current and past prescriptions, dosage, and duration.
• Allergies: Drug, food, and environmental allergy information.
• Lab Test Results: Blood tests, urine tests, pathology reports.
• Radiology and Imaging: X-rays, MRIs, CT scans, and ultrasound reports.
• Treatment Plans: Ongoing treatments and scheduled interventions.

16
 • Billing and Insurance Information: Charges, insurance claims, and payment details.
Advantages of EPRs
a. Improved Patient Care
• Real-time access to patient data enhances diagnosis and treatment accuracy.
• Avoids duplication of tests.
• Alerts for drug interactions or allergies.
b. Efficiency and Productivity
• Reduces paperwork and administrative burden.
• Facilitates quicker documentation, billing, and patient management.
• Enables telemedicine and remote consultations.
c. Data Analytics and Research
• Aggregated data supports epidemiological studies, clinical trials, and public health
initiatives.
• Enables predictive modeling and AI-driven decision support.
d. Interoperability
• EPRs can be shared across healthcare institutions and specialists, ensuring continuity
of care.
Challenges and Limitations
a. Privacy and Security Concerns
• Risk of unauthorized access, data breaches, and identity theft.
• Needs compliance with regulations like HIPAA (USA), GDPR (Europe), or DISHA
(India).
b. High Implementation Costs
• Infrastructure, software, training, and maintenance require significant investment.
c. Resistance to Change
• Some healthcare professionals prefer traditional paper records.
• Learning curve for older staff.
d. Data Entry Errors
• Inaccurate or inconsistent data entry can lead to incorrect diagnoses or treatments.
Standards and Protocols
To ensure consistency and interoperability, EPR systems often adhere to standards such as:

17
 • HL7 (Health Level Seven): For data exchange between medical systems.
• DICOM (Digital Imaging and Communications in Medicine): For imaging data.
• SNOMED CT: Standardized medical terminology.
• ICD (International Classification of Diseases): Used for coding diseases.
Applications in Modern Healthcare
• Clinical Decision Support Systems (CDSS): Use EPR data to suggest diagnoses and
treatments.
• AI and Machine Learning: Predictive analytics for disease outbreaks or treatment
outcomes.
• Mobile Health (mHealth): Patients can access records via smartphones or patient
portals.
• Chronic Disease Management: Track long-term conditions like diabetes, hypertension.
EPR vs. EMR vs. EHR

Feature EMR EHR EPR

Internal to one Across multiple Often used synonymously with

Scope
healthcare provider providers EMR/EHR in UK

Data
Limited Comprehensive Varies by region
Sharing

Focus Clinical data Broader health data Patient-centered record

Future of EPRs
• Blockchain Integration: For immutable, secure health records.
• Cloud-Based EPRs: Scalable and accessible from anywhere.
• Personal Health Records (PHRs): Controlled and maintained by patients themselves.
• Voice Recognition & NLP: For faster, hands-free documentation.
9. HEALTHCARE STANDARD ORGANIZATIONS – OVERVIEW

Healthcare standard organizations are national and international bodies that develop and
maintain guidelines, standards, and accreditation systems to ensure:

Quality and safety in patient care

Interoperability of healthcare information systems
Compliance with regulatory frameworks
Global best practices in healthcare delivery and management

18
Key International Healthcare Standard Organizations

Organization Full Form Main Role / Focus

World Health Publishes global health guidelines, disease

WHO
Organization classifications (ICD), safety protocols.

Develops international standards (ISO 9001 for

International Organization
ISO quality, ISO 13485 for medical devices, ISO/TC
for Standardization
215 for health informatics).

Health Level Seven Provides standards for electronic health

HL7
International information exchange (HL7 V2/V3, FHIR).

Integrating the Healthcare Promotes interoperability through profiles and

IHE
Enterprise frameworks for medical IT systems.

International
Global standard for coding diseases and health
ICD Classification of Diseases
conditions.
(by WHO)

International Council of Sets global standards for nursing practice,

ICN
Nurses education, and ethics.

Accreditation-Focused Organizations
Organization Full Form Main Role / Focus

Joint Commission on Former name of The Joint Commission (USA);

JCAHO Accreditation of accredits hospitals and healthcare entities,
Healthcare Organizations develops patient safety and quality standards.

The Joint U.S.-based, sets and enforces healthcare quality

(current name, formerly
Commission and safety standards, provides accreditation
JCAHO)
(TJC) widely recognized globally.

International arm of The Joint Commission,

Joint Commission provides global hospital accreditation,
JCIA
International Accreditation consulting, and international healthcare quality
standards.

Often used interchangeably with JCIA, focuses

Joint Commission
JCI on accreditation and improving healthcare
International
quality worldwide.

Joint Commission on Accreditation of Healthcare Organizations (JCAHO)

JCAHO was a U.S.-based, independent, non-profit organization that developed and maintained
standards for healthcare quality and patient safety and provided accreditation to healthcare

19
organizations that met those standards. It is one of the most widely recognized accreditation
bodies in the world.
Brief History
• 1951: Established as the Joint Commission on Accreditation of Hospitals (JCAH).
• 1987: Renamed as Joint Commission on Accreditation of Healthcare Organizations
(JCAHO) to reflect expansion beyond hospitals into other healthcare facilities such as
long-term care, home care, and ambulatory services.
• 2007: Rebranded simply as The Joint Commission (TJC) to modernize the image and
simplify communication.

Mission and Purpose

Improve healthcare quality and safety

Develop evidence-based standards
Assess healthcare organizations against these standards
Provide accreditation that signifies compliance with high standards
Duties of JCAHO
❖ Develop Standards
• Clinical performance
• Patient safety initiatives
• Infection prevention and control
• Leadership and management
• Environment of care
• Medication management
❖ Survey and Accreditation
• Conduct on-site surveys of healthcare organizations.
• Evaluate compliance with standards.
• Provide accreditation status (typically valid for 3 years, with ongoing monitoring).
❖ Performance Measurement
• Encourages data collection and outcome measurement.
• Promotes continuous quality improvement programs.
❖ Education and Guidance
• Publishes guidelines, manuals, and training materials.
• Offers consultation services.

20
Scope of Accreditation
JCAHO accredits:
• Hospitals
• Ambulatory care centers
• Behavioral health organizations
• Home healthcare organizations
• Laboratories
• Long-term care facilities
Accreditation by JCAHO is often required for:
✔ Reimbursement from Medicare/Medicaid in the U.S.
✔ International recognition in medical tourism and global healthcare services.
Key Features of JCAHO Accreditation

Feature Details

Voluntary but Highly Organizations voluntarily seek JCAHO accreditation, but it is often a
Valued prerequisite for insurance and government funding.

Standards-Based Uses evidence-based, updated standards to evaluate care.

Patient-Centered Focus on patient safety, quality of care, and satisfaction.

Its frameworks inspired the creation of JCI (Joint Commission

International Impact
International) for non-U.S. organizations.

Benefits of JCAHO Accreditation

Improves patient safety and quality of care

Boosts reputation and trust with patients and stakeholders
Ensures compliance with regulatory requirements
Encourages continuous improvement in healthcare services
Facilitates eligibility for funding and insurance reimbursement

JOINT COMMISSION INTERNATIONAL ACCREDITATION (JCIA)

It is the international accreditation program offered by Joint Commission International

(JCI), which is the global arm of The Joint Commission (formerly JCAHO). JCIA is a globally
recognized hospital and healthcare organization accreditation system that sets international
standards for quality and patient safety. It evaluates healthcare organizations outside the United
States to ensure they meet high-performance benchmarks similar to those of The Joint
Commission in the U.S., but adapted for international healthcare systems.

21
Background
• Parent Organization: Joint Commission International (JCI) – established in 1994 as the
international division of The Joint Commission.
• Purpose: Bring Joint Commission’s expertise in quality improvement and patient safety to
hospitals and healthcare organizations worldwide.
• Accreditation Offered: JCIA – the official accreditation status awarded after successful
evaluation.
Mission of JCIA
JCIA’s mission is to improve the safety and quality of care in the international community
through education, consultation, and rigorous evaluation.
Focus Areas:
Patient safety
Quality improvement in care delivery
Leadership and governance
Medical staff and nursing standards
Facility management and infection control
Rights of patients and families
Duties of JCIA
❖ Develops International Standards
• Based on evidence and global best practices.
• Organized into chapters (e.g., Access to Care, Patient Assessment, Infection Control,
Quality Improvement).
❖ Conducts On-Site Surveys
• Teams of international healthcare experts visit the organization.
• Assess compliance with JCIA standards through document reviews, interviews, and
observation.
❖ Awards Accreditation
• Hospitals that meet standards receive JCIA accreditation for a specified period (usually
3 years).
❖ Provides Education and Consultation
• Offers workshops, webinars, and advisory services to help organizations prepare and
maintain high standards.

22
Key Features of JCIA Accreditation

Feature Details

Global Applicability Designed for healthcare organizations outside the U.S.

Covers clinical care, safety, governance, leadership, and patient

Comprehensive Standards
rights.

Focuses on patient experience, informed consent, and family

Patient-Centered
engagement.

Encourages data-driven improvement initiatives and regular

Continuous Improvement
audits.

Organizations Eligible for JCIA

• General hospitals
• Specialty hospitals
• Ambulatory care centers
• Academic medical centers
• Primary care organizations
• Government and private healthcare facilities
Importance of JCIA

International Recognition: A JCIA-accredited hospital is recognized as providing care that

meets or exceeds international benchmarks.
Quality Assurance: Signals a commitment to continuous quality improvement.
Patient Safety: Strengthens policies and processes to minimize errors and adverse events.
Medical Tourism: JCIA accreditation attracts international patients who seek high-quality
healthcare abroad.

JCIA vs. JCAHO (The Joint Commission)

Aspect JCAHO (now TJC) JCIA

Scope U.S.-based accreditation International accreditation

Parent Body The Joint Commission Joint Commission International

U.S. healthcare regulations and Adapted global standards for

Standards
standards international settings

Raise global healthcare quality and

Purpose Ensure U.S. healthcare quality
patient safety

23
10. EVIDENCE-BASED MEDICINE (EBM)
Evidence based medicine is defined as the conscientious, explicit, and judicious use of
current best evidence in making decisions about the care of individual patients. Evidence-based
medicine involves the integration of the best available research evidence with clinical expertise and
the values and preferences of patients in order to make optimal healthcare decisions.

Key Components of EBM

❖ Best Research Evidence: Up-to-date clinical research (systematic reviews, randomized
controlled trials, meta-analyses).
❖ Clinical Expertise: The physician’s accumulated skills, education, and past experiences.
❖ Patient Values & Preferences: Individual expectations, cultural beliefs, and unique clinical
circumstances.

Process of Practicing EBM

EBM is a structured process often described in 5 steps:

Step What it involves

Formulate a clear, answerable clinical question (using PICO:

Ask
Patient/Problem, Intervention, Comparison, Outcome).

Search for the best available evidence (journals, guidelines, databases like
Acquire
PubMed, Cochrane Library).

Appraise Critically evaluate the evidence for validity, impact, and applicability.

Integrate the evidence with clinical expertise and patient preferences to make
Apply
a decision.

Assess Evaluate the outcome and seek ways to improve in future decisions.

24
Sources of Evidence
In EBM, evidence comes from different types of research and expert opinions.
Some sources provide stronger, more reliable evidence than others because of the way studies
are designed.
Common sources:
• Systematic reviews and meta-analyses
• Randomized controlled trials (RCTs)
• Cohort studies
• Case–control studies
• Cross-sectional studies
• Case series and case reports
• Expert opinions, clinical guidelines
Hierarchy of Evidence

25
Level Source of Evidence Notes

Systematic Reviews & Highest quality; combines data from multiple RCTs to
Level 1
Meta-analyses of RCTs give a comprehensive conclusion.

Randomized Controlled Gold standard for testing interventions; minimizes bias

Level 2
Trials (RCTs) through randomization and control groups.

Cohort Studies
Follows groups over time; good for studying risk
Level 3 (Prospective or
factors but less control over variables.
Retrospective)

Compares patients with a condition (cases) to those

Level 4 Case–Control Studies
without (controls) to find associations.

Looks at data at a single point in time; useful for

Level 5 Cross-sectional Studies
prevalence but not cause–effect.

Detailed observations of one or a few patients; useful

Case Series and Case
Level 6 for rare conditions but weak evidence for
Reports
generalization.

Expert Opinion / Lowest level; based on experience or committee

Level 7
Consensus Statements consensus without strong research data.

Tools and Sources for EBM

• Databases: PubMed, Cochrane Library, Embase, CINAHL
• Guidelines: NICE (UK), WHO guidelines, national clinical practice guidelines
• Critical Appraisal Tools: CASP checklists, GRADE approach (for strength of evidence)
Advantages of EBM

✔ Improves quality of patient care

✔ Promotes up-to-date, research-driven practice
✔ Helps avoid outdated or ineffective treatments
✔ Involves patients in shared decision-making
✔ Supports cost-effective healthcare
Limitations/Challenges
❖ Time constraints for busy clinicians
❖ Limited access to high-quality evidence in some areas
❖ Requires skill in literature searching and appraisal
❖ Must balance population-level evidence with individual patient uniqueness

26
11. BIOETHICS
Bioethics is the study of ethical, social, and legal issues that arise in medicine, healthcare,
biology, and the life sciences. It involves evaluating moral questions related to human life,
health, and well-being, especially when new technologies and medical interventions challenge
traditional norms. It bridges biology, medicine, philosophy, law, and social sciences to guide
responsible decision-making in healthcare and research.
Importance of Bioethics
• Ensures respect for human dignity.
• Protects rights and welfare of patients and research subjects.
• Provides guidance for healthcare professionals in complex situations.
• Helps balance technological advancement with moral responsibility.
• Promotes fairness, justice, and equity in healthcare access.
Core Components of Bioethics
Bioethics is traditionally built upon four major principles, often called the Four
Principles of Biomedical Ethics, introduced by Tom Beauchamp and James Childress. In
addition, other components and concepts are also integral.

1. Autonomy
• Definition: Respect for the individual's right to make their own decisions.
• Explanation: Patients have the right to informed consent, privacy, and freedom to
choose or refuse treatment.
• Example: A patient deciding whether to undergo a risky surgery after understanding
all risks and benefits.

27
2. Beneficence
• Definition: The duty to do good and promote the well-being of others.
• Explanation: Healthcare professionals must act in the best interest of patients,
maximizing benefits while minimizing harm.
• Example: Administering medication to relieve pain or improve health.
3. Non-maleficence
• Definition: The duty to do no harm.
• Explanation: Avoid causing unnecessary harm or suffering.
• Example: Avoiding treatments that have more risks than benefits or discontinuing
harmful interventions.
4. Justice
• Definition: Fairness in distribution of healthcare resources and treatments.
• Explanation: Treat patients equally and fairly, ensuring equity in access to care.
• Example: Allocating limited ICU beds fairly during a pandemic.
Additional Important Concepts in Bioethics
Informed Consent
• Patients must be given adequate information to make voluntary decisions about their
care.
• Includes disclosure of risks, benefits, alternatives, and the right to refuse.
Confidentiality and Privacy
• Protecting patient information from unauthorized access.
• Essential to maintain trust in the patient-provider relationship.
Capacity and Competence
• Assessing whether an individual can understand, appreciate, and make informed
decisions.
• Important in cases involving minors, mentally ill, or incapacitated patients.
End-of-Life Issues
• Ethical decisions around life support, palliative care, euthanasia, and withdrawal of
treatment.
Research Ethics
• Protecting human subjects in biomedical research.

28
 • Requires Institutional Review Boards (IRBs), informed consent, and minimizing
risks.
Genetic Ethics
• Ethical concerns around genetic testing, gene editing, privacy, and discrimination.

12. MOBILE HEALTH (mHEALTH) STANDARDS (Content Beyond Syllabus)

mHealth (mobile health) refers to the use of mobile devices (smartphones, tablets,
wearables, portable sensors) and wireless technologies to support medical and public health
practices.
Examples:
Mobile apps for diabetes monitoring
SMS reminders for immunization
Wearable devices measuring heart rate, BP, or oxygen
Telemedicine consultations through mobile networks
Because health data is sensitive, mHealth solutions must follow strict standards for safety,
interoperability, security, and quality.
Why do we need standards in mHealth?
Without standards, different mobile devices and apps cannot reliably share data with
electronic health records (EHRs) or other health systems. Standards ensure:

Interoperability – devices, apps, and systems work together seamlessly.

Data security & privacy – patient data is protected.
Clinical quality – information is accurate and trustworthy.
Regulatory compliance – aligns with laws like HIPAA, GDPR, CDSCO norms, etc.
User safety – devices perform as intended, reducing risk of harm.
Core Areas of mHealth Standards
a. Interoperability Standards
These define how systems exchange and understand health data.
o HL7 (Health Level Seven): A widely used standard for exchanging clinical data.
o HL7 FHIR (Fast Healthcare Interoperability Resources): Modern standard for mobile-
friendly data exchange (e.g., JSON, REST APIs).
o CDA (Clinical Document Architecture): Standardized way to share clinical
documents.
o DICOM (Digital Imaging and Communications in Medicine): Standard for medical
images (e.g., X-rays, MRIs).
b. Data Security & Privacy Standards
mHealth apps must safeguard sensitive health information:

29
 HIPAA (Health Insurance Portability and Accountability Act – USA): Protects privacy
and security of patient data.
GDPR (General Data Protection Regulation – EU): Regulates data protection and privacy.
ISO/IEC 27001: International standard for information security management systems.
ISO/TS 17975: Health informatics – principles and data protection for PHRs (personal
health records).
c. Mobile Device and App Quality Standards
ISO/IEC 82304-1: Health software products — quality and safety of health apps.
IEC 62304: Medical device software — life cycle processes.
FDA (USA) and CDSCO (India) Guidelines: Regulatory frameworks for mobile medical
apps and devices.
• Communication and Networking Standards
For wearable devices and IoT-based mobile health:
IEEE 11073: Standards for personal health device communication (BP monitors,
glucometers, etc.).
Bluetooth Low Energy (BLE) Health Profiles: For transmitting data from wearables.
Continua Design Guidelines: Interoperability guidelines for personal connected health
devices.

d. Clinical Data Standards

SNOMED CT (Systematized Nomenclature of Medicine – Clinical Terms): Standardized
medical terms.
LOINC (Logical Observation Identifiers Names and Codes): Standard for lab tests and
measurements.
ICD-10/ICD-11 (International Classification of Diseases): Standard diagnostic codes.
Examples of How mHealth Standards Work in Practice

Use Case Relevant Standards Why Important

A mobile app shares blood sugar HL7 FHIR, IEEE Interoperable and structured data
readings with a hospital EHR 11073 transfer

A telemedicine platform stores HIPAA, ISO/IEC Ensures data security and

patient notes 27001 privacy

A wearable ECG monitor Bluetooth LE Health Reliable, low-energy data

communicates with a smartphone Profile, IEEE 11073 communication

30
Use Case Relevant Standards Why Important

An mHealth app sold ISO/IEC 82304-1, IEC Meets global app quality and
internationally 62304 device software requirements

Regulatory & Standardization Bodies in mHealth

• WHO mHealth Technical Evidence Review Group – guidance on global mHealth.
• HL7 International – sets data exchange standards.
• ISO (International Organization for Standardization) – develops many health IT
standards.
• IEEE (Institute of Electrical and Electronics Engineers) – standards for medical
device communication.
• National regulators:
o FDA (USA),
o CDSCO (India),
o EMA (Europe).

31