IP Review

Unattributed Code Systems

Copyright Fragment

This fragment is available on downloads.html

This publication includes IP covered under the following statements.

ISO maintains the copyright on the country codes, and controls its use carefully. For further details see the ISO 3166 web page: https://www.iso.org/iso-3166-country-codes.html
Show Usage
- ISO 3166-1 Codes for the representation of names of countries and their subdivisions — Part 1: Country code : DigitalIdentity , FASTIDUDAPPerson ... Show 11 more
This material derives from the HL7 Terminology (THO). THO is copyright ©1989+ Health Level Seven International and is made available under the CC0 designation. For more licensing information see: https://terminology.hl7.org/license.html
Show Usage

Copyright and Registered Trademark Uses

IG © 2021+ HL7 International / Patient Administration. Package hl7.fhir.us.identity-matching#2.0.0-ballot based on FHIR 4.0.1. Generated 2025-09-15 Links: Table of Contents | QA Report | Version History | CC0 | Propose a change ( src )
hl7.fhir.us.hai: Healthcare Associated Infection Implementation Guide ®© HL7 | CC0 ( src )
Interoperable Digital Identity and Patient Matching, published by HL7 International / Patient Administration. This guide is not an authorized publication; it is the continuous build for version 2.0.0-ballot built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/HL7/fhir-identity-matching-ig/ and changes regularly. See the Directory of published versions ( src )
This material derives from the HL7 Terminology (THO). THO is copyright ©1989+ Health Level Seven International and is made available under the CC0 designation. For more licensing information see: https://terminology.hl7.org/license.html Show Usage * Organization type: Bundle/MATCHOperationResponse and Parameters/IDIMatchOutputParameters-Example * identifierType: Bundle/MATCHOperationResponse, Parameters/IDIMatchInputParameters-Example... Show 6 more , Parameters/IDIMatchOutputParameters-Example, Patient/ExamplePatient, Patient/ExamplePatientINCOMPLETE, Patient/ExamplePatientL0, Patient/ExamplePatientL1 and Patient/ExamplePatientL2 * NullFlavor: Parameters/IDIMatchInputParameters-Example, Patient/ExamplePatient... Show 4 more , Patient/ExamplePatientINCOMPLETE, Patient/ExamplePatientL0, Patient/ExamplePatientL1 and Patient/ExamplePatientL2 * ParticipationFunction: RelatedPerson/patient-authorized-representative ( src )

External References

Type	Reference	Content
web	tel:+15552343523	telecom : +1 555 234 3523 , gastro@acme.org
web	tel:+15552343523	telecom : +1 555 234 3523 , info@xyz-payer.org
web	github.com	Interoperable Digital Identity and Patient Matching, published by HL7 International / Patient Administration. This guide is not an authorized publication; it is the continuous build for version 2.0.0-ballot built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/HL7/fhir-identity-matching-ig/ and changes regularly. See the Directory of published versions
web	example.org	http://example.org/Bundle/MATCHOperationResponse
web	example.com	fullUrl : https://example.com/base/Organization/OrgExample
web	example.com	fullUrl : https://example.com/base/Patient/PatExample
web	en.wikipedia.org	Both Bundle.link and Bundle.entry.link are defined to support providing additional context when Bundles are used (e.g. HATEOAS ).
web	www.rfc-editor.org	Identifier SHALL be a version 4 (random) Globally Unique IDentifier (GUID or UUID as per RFC 4122 ) that remains unique to the person for all time within the assigner’s system: the UUID SHALL NOT be assigned to a different person later, and a different UUID SHALL NOT be assigned to that same person by the assigner.
web	www.iso.org	ISO maintains the copyright on the country codes, and controls its use carefully. For further details see the ISO 3166 web page: https://www.iso.org/iso-3166-country-codes.html Show Usage ISO 3166-1 Codes for the representation of names of countries and their subdivisions — Part 1: Country code : DigitalIdentity , FASTIDUDAPPerson ... Show 11 more
web	www.UDAP.org	Unified Data Access Profiles (UDAP) : Published by UDAP.org to increase confidence in open API transactions through the use of trusted identities and verified attributes. UDAP use cases support standards-based security, privacy, and scalable interoperability through reusable identities, leveraging Dynamic Client Registration, JWT-based client authentication and Tiered OAuth.
web	directtrust.app.box.com	Two of: 1) US state-issued driver's license or other Strong photo ID confirmed by comparison to individual and consistent with other demographics submitted by the individual; 2) medical record number (consistent with DirectTrust Guidance for Authentication of Individual Identity when using a medical record as evidence, plus the medical record number issuer can verify that the number is consistent with other demographics submitted by the individual); or 3) insurance card (and information on card is consistent with other demographics submitted by the individual) OR
web	www.udap.org	References: UDAP Levels of Assurance NIST 800-63A SMART candidate Code System for existing NIST levels plus IDIAL1.2 and IDIAL1.4
web	www.ama-assn.org	(1) This IG provides a number of alternatives to Home Address verification since it may be difficult to verify or to match on the home address of a youth or of a person who is experiencing housing insecurity. This can also be an issue for multi-family dwellings when a unit number is not specified or cannot be verified. (2) Patient Records Electronic Access Playbook , Patient IAL2 as in TEFCA and Kantara "IAL2 Light" proposal to NIST (1 STRONG or 3 FAIR) .
web	github.com	(1) This IG provides a number of alternatives to Home Address verification since it may be difficult to verify or to match on the home address of a youth or of a person who is experiencing housing insecurity. This can also be an issue for multi-family dwellings when a unit number is not specified or cannot be verified. (2) Patient Records Electronic Access Playbook , Patient IAL2 as in TEFCA and Kantara "IAL2 Light" proposal to NIST (1 STRONG or 3 FAIR) .
web	www.justassociates.com	(1) Patient Identity Integrity White Paper HIMSS, December 2009 (2) Approaches and Challenges to Electronically Matching Patients’ Records across Providers GAO, January 2019 (3) The Sequoia Project (4) Defining and Evaluating Patient-Empowered Approaches to Improving Record Matching RAND, 2018
web	sequoiaproject.org	(1) Patient Identity Integrity White Paper HIMSS, December 2009 (2) Approaches and Challenges to Electronically Matching Patients’ Records across Providers GAO, January 2019 (3) The Sequoia Project (4) Defining and Evaluating Patient-Empowered Approaches to Improving Record Matching RAND, 2018
web	www.rand.org	(1) Patient Identity Integrity White Paper HIMSS, December 2009 (2) Approaches and Challenges to Electronically Matching Patients’ Records across Providers GAO, January 2019 (3) The Sequoia Project (4) Defining and Evaluating Patient-Empowered Approaches to Improving Record Matching RAND, 2018
web	ahima.org	AHIMA Naming Policy Recommendations white paper
web	diacc.ca	Canadian Digital Identity Ecosystem 's Digital Trust And Identity and National Technical Specification for digital credentials and digital trust services
web	www.carinalliance.com	CARIN Digital Identity
web	directtrust.app.box.com	DirectTrust Guidance for Authentication of Individual Identity
web	www.ecri.org	ECRI Health IT Safe Practices: Toolkit for the Safe Use of Health IT for Patient Identification
web	oikeusministerio.fi	Finland and Germany Self-sovereign Identity-based Collaboration in the EU
web	gainforum.org	Global Assured Identity Network (GAIN)
web	openid.net	OpenID for Identity Assurance
web	patientidnow.org	Patient ID Now Coalition Framework for a National Strategy on Patient Identity (The Framework identified nine areas for definition of a national patient identity strategy)
web	wiki.directproject.org	Direct Standard - Implementation Guide for Expressing Context in Direct Messaging
web	profiles.ihe.net	Overview: IHE whitepaper on Document Sharing Health Information Exchanges
web	profiles.ihe.net	IHE - Patient Demographics Query for Mobile (PDQm)
web	profiles.ihe.net	IHE - Patient Identifier Cross-reference for Mobile (PIXm)
web	profiles.ihe.net	IHE - Patient Master Identity Registry (PMIR)
web	profiles.ihe.net	IHE - Cross-Community Patient Discovery (XCPD)
web	profiles.ihe.net	IHE - Patient Administration Management (PAM)
web	profiles.ihe.net	IHE - Patient Demographics Query (PDQ)
web	profiles.ihe.net	IHE - Patient Identifier Cross-Referencing (PIX)
web	openid.net	The quality of the match, along with the user's consent, the verified demographics stored by responder for the patient and any authorized representative(s) of the patient, and identity and authentication assurance levels of the user, inform the responder's decision about whether to allow access to data subsequent to a Consumer Match, and that decision is based on verified attributes and other information and assertions provided by the requester that, for example when part of an OpenID Connect transaction, SHALL also be evaluated by the responder to confirm that the requester is trusted to have authenticated the individual corresponding to those demographics as well as the other details within the transaction, if the user was not authenticated by the responder directly.
web	sequoiaproject.org	The table below which designates a grading of match quality SHOULD be used to inform responder's search quality scoring algorithm, so that the search score returned by a responder is meaningful to the requester (This grading score SHOULD be conveyed within the Bundle.entry.search.score element); feedback is requested on the ability of a responder to compute and return such a score, as well as the potential value of such a quality score to requesters. The Good level generally corresponds to traits the Sequoia Initiative estimates to be 95-98% unique, and Very Good corresponds to traits that are 98-99.7% unique. Superior matches include matching information that is even more likely to indicate a unique individual, while Best matches involve a match on a government- or industry-assigned identifier.

Type

Reference

Content

web

tel:+15552343523

telecom : +1 555 234 3523 , gastro@acme.org

web

tel:+15552343523

telecom : +1 555 234 3523 , info@xyz-payer.org

web

github.com

Interoperable Digital Identity and Patient Matching, published by HL7 International / Patient Administration. This guide is not an authorized publication; it is the continuous build for version 2.0.0-ballot built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/HL7/fhir-identity-matching-ig/ and changes regularly. See the Directory of published versions

web

example.org

http://example.org/Bundle/MATCHOperationResponse

web

example.com

fullUrl : https://example.com/base/Organization/OrgExample

web

example.com

fullUrl : https://example.com/base/Patient/PatExample

web

en.wikipedia.org

Both Bundle.link and Bundle.entry.link are defined to support providing additional context when Bundles are used (e.g. HATEOAS ).

web

www.rfc-editor.org

Identifier SHALL be a version 4 (random) Globally Unique IDentifier (GUID or UUID as per RFC 4122 ) that remains unique to the person for all time within the assigner’s system: the UUID SHALL NOT be assigned to a different person later, and a different UUID SHALL NOT be assigned to that same person by the assigner.

web

www.iso.org

ISO maintains the copyright on the country codes, and controls its use carefully. For further details see the ISO 3166 web page: https://www.iso.org/iso-3166-country-codes.html

Show Usage

web

www.UDAP.org

Unified Data Access Profiles (UDAP) : Published by UDAP.org to increase confidence in open API transactions through the use of trusted identities and verified attributes. UDAP use cases support standards-based security, privacy, and scalable interoperability through reusable identities, leveraging Dynamic Client Registration, JWT-based client authentication and Tiered OAuth.

web

directtrust.app.box.com

Two of: 1) US state-issued driver's license or other Strong photo ID confirmed by comparison to individual and consistent with other demographics submitted by the individual; 2) medical record number (consistent with DirectTrust Guidance for Authentication of Individual Identity when using a medical record as evidence, plus the medical record number issuer can verify that the number is consistent with other demographics submitted by the individual); or 3) insurance card (and information on card is consistent with other demographics submitted by the individual) OR

web

www.udap.org

References:
     UDAP Levels of Assurance
     NIST 800-63A
     SMART candidate Code System for existing NIST levels plus IDIAL1.2 and IDIAL1.4

web

www.ama-assn.org

(1) This IG provides a number of alternatives to Home Address verification since it may be difficult to verify or to match on the home address of a youth or of a person who is experiencing housing insecurity. This can also be an issue for multi-family dwellings when a unit number is not specified or cannot be verified. (2) Patient Records Electronic Access Playbook , Patient IAL2 as in TEFCA and Kantara "IAL2 Light" proposal to NIST (1 STRONG or 3 FAIR) .

web

github.com

web

www.justassociates.com

(1) Patient Identity Integrity White Paper HIMSS, December 2009
(2) Approaches and Challenges to Electronically Matching Patients’ Records across Providers GAO, January 2019
(3) The Sequoia Project
(4) Defining and Evaluating Patient-Empowered Approaches to Improving Record Matching RAND, 2018

web

sequoiaproject.org

web

www.rand.org

web

ahima.org

AHIMA Naming Policy Recommendations white paper

web

diacc.ca

Canadian Digital Identity Ecosystem 's Digital Trust And Identity and National Technical Specification for digital credentials and digital trust services

web

www.carinalliance.com

CARIN Digital Identity

web

directtrust.app.box.com

DirectTrust Guidance for Authentication of Individual Identity

web

www.ecri.org

ECRI Health IT Safe Practices: Toolkit for the Safe Use of Health IT for Patient Identification

web

oikeusministerio.fi

Finland and Germany Self-sovereign Identity-based Collaboration in the EU

web

gainforum.org

Global Assured Identity Network (GAIN)

web

openid.net

OpenID for Identity Assurance

web

patientidnow.org

Patient ID Now Coalition Framework for a National Strategy on Patient Identity (The Framework identified nine areas for definition of a national patient identity strategy)

web

wiki.directproject.org

Direct Standard - Implementation Guide for Expressing Context in Direct Messaging

web

profiles.ihe.net

Overview: IHE whitepaper on Document Sharing Health Information Exchanges

web

profiles.ihe.net

IHE - Patient Demographics Query for Mobile (PDQm)

web

profiles.ihe.net

IHE - Patient Identifier Cross-reference for Mobile (PIXm)

web

profiles.ihe.net

IHE - Patient Master Identity Registry (PMIR)

web

profiles.ihe.net

IHE - Cross-Community Patient Discovery (XCPD)

web

profiles.ihe.net

IHE - Patient Administration Management (PAM)

web

profiles.ihe.net

IHE - Patient Demographics Query (PDQ)

web

profiles.ihe.net

IHE - Patient Identifier Cross-Referencing (PIX)

web

openid.net

The quality of the match, along with the user's consent, the verified demographics stored by responder for the patient and any authorized representative(s) of the patient, and identity and authentication assurance levels of the user, inform the responder's decision about whether to allow access to data subsequent to a Consumer Match, and that decision is based on verified attributes and other information and assertions provided by the requester that, for example when part of an OpenID Connect transaction, SHALL also be evaluated by the responder to confirm that the requester is trusted to have authenticated the individual corresponding to those demographics as well as the other details within the transaction, if the user was not authenticated by the responder directly.

web

sequoiaproject.org

The table below which designates a grading of match quality SHOULD be used to inform responder's search quality scoring algorithm, so that the search score returned by a responder is meaningful to the requester (This grading score SHOULD be conveyed within the Bundle.entry.search.score element); feedback is requested on the ability of a responder to compute and return such a score, as well as the potential value of such a quality score to requesters. The Good level generally corresponds to traits the Sequoia Initiative estimates to be 95-98% unique, and Very Good corresponds to traits that are 98-99.7% unique. Superior matches include matching information that is even more likely to indicate a unique individual, while Best matches involve a match on a government- or industry-assigned identifier.

Internal Images

b2b-with-patient-user.png

b2b.png

idp.png

patient-directed-b2c-tiered-oauth.png

patient-directed-b2c.png

patient-mediated-b2c.png

tree-filter.png