ISO/TS 6201:2025

Technical
Specification
ISO/TS 6201
First edition
Health informatics — Personalized
2025-02
digital health framework
Informatique de santé — Cadre de santé numérique personnalisé
Reference number
© ISO 2025
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Person-led health and personalized digital health record . 2
4.1 General .2
4.2 Personalized digital health record (PDHR) .2
4.3 Interoperability issues .3
5 Personalized digital health framework . 4
5.1 General .4
5.2 Personalized digital health framework (PDHF) description .5
6 Dynamic consent . 6
7 Personalized digital health patient journey . 8
Annex A (informative) Implementation use cases of personalized digital health framework .10
Annex B (informative) Implementing dynamic consent .13
Bibliography .15

iii
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out through
ISO technical committees. Each member body interested in a subject for which a technical committee
has been established has the right to be represented on that committee. International organizations,
governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely
with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are described
in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the different types
of ISO documents should be noted. This document was drafted in accordance with the editorial rules of the
ISO/IEC Directives, Part 2 (see www.iso.org/directives).
ISO draws attention to the possibility that the implementation of this document may involve the use of (a)
patent(s). ISO takes no position concerning the evidence, validity or applicability of any claimed patent
rights in respect thereof. As of the date of publication of this document, ISO had not received notice of
patent(s) which may be required to implement this document. However, implementers are cautioned that
this may not represent the latest information, which may be obtained from the patent database available at
www.iso.org/patents. ISO shall not be held responsible for identifying any or all such patent rights.
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and expressions
related to conformity assessment, as well as information about ISO's adherence to the World Trade
Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 215, Health informatics.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.html.

iv
Introduction
Developments in information and communication technology (ICT) have enabled data to be collected from
individuals in a variety of ways. Various health-related data not only facilitate finding effective treatment
strategies but also establishing personalized healthcare services, as Figure 1 depicts. Therefore, the concept
of digital healthcare has emerged. Digital healthcare can be defined as comprehensive medical services that
utilize an individual’s health-related data, including personal health data that may be collected from devices,
platforms and applications.
Figure 1 — Evolution in personalized digital health
Tremendous amounts of information can be produced by individuals, such as eating habits, exercise, hours
of sleep, and also health records. This information is considered along with physical, social, and mental
characteristics of individuals and can result in different treatment options and prescriptions. Accordingly,
personalized digital health (PDH) refers to electronic services that support the health of individuals when
they can add to and handle their own health information.
Existing medical care procedures focus on suggesting medical solutions when a disease occurs. Digital
health goes beyond that scope and supports an individual’s decision-making process by providing the most
appropriate advice based on their continuously generated health-related data. Personalized digital health
aims to go one step further, enabling an individual to identify and eliminate the potential causes of disease
before they occur.
Another goal of digital healthcare is to effectively monitor and manage personal health by using platforms
and applications that can provide personalized healthcare services. The personalized services are based on
an individual’s health information, including biometric information and family medical history, which are
stored in large databases.
Personalized digital services based on a combination of medical knowledge and IT solutions can improve
healthcare. If personalized digital health becomes the norm, a PDH service could utilize a patient’s genomic
information to help find the most appropriate drugs and treatment methods. This can be significantly enabled
by collecting, categorizing or “tagging”, and storing patients’ biometric information, medical documentation,
genetic analysis, smart or wearable device information, family history, and clinical examination information.
Medical data, previously managed by hospitals and institutions, are now being transformed and integrated
into PDH platforms, a concept that empowers individuals to be the decision-makers of their own health
information and data use. Therefore, PDH data comprises both health records from hospitals and health
professionals, and personal health data generated by smart devices.
When individuals are given the right to decide how their health data is handled or managed, a consent system
for their personal information is necessary. A consent system is a system in which individuals can actively
manage their consent at any time. Many people have given permission to use their personal information to
medical care institutions and other organizations. Traditionally, a paper-based agreement was widely used.
Nowadays, the number of medical institutions using digital contracts is rising because of the wide usage
of smartphones and PCs. However, since these methods are conducted on a one-off basis, it is difficult to
modify or withdraw the consent once it is given.

v
Dynamic consent is a form of consent that allows people to decide whether to provide specific information
via interactive digital interfaces. This agreement method was first implemented in biomedical and genomic
studies that required continuous contact with participants. Dynamic consent gives individuals more
autonomy by giving them the power to control their own data. A customized interface that enables two-
way communication between healthcare providers and users is important for dynamic consent to work
effectively.
Various stakeholders, such as researchers, healthcare providers, institutions and governments, can access
individuals’ health data through an efficient and dynamic consent system. To reach the full potential of
PDH services, quickly establishing standards for systems, infrastructure, platforms and frameworks
is imperative. Supporting personalized knowledge representation and related ontologies is mandatory
when seeking to transform how individuals manage their healthcare, and it can only be realized with PDH
technology. Otherwise, data integration is almost impossible, and failure of data management can hold back
the development of a successful digital health system.

vi
Technical Specification ISO/TS 6201:2025(en)
Health informatics — Personalized digital health framework
1 Scope
This document specifies a framework for the interoperability of services and information tailored towards
personalized digital health informatics. It establishes a common set of requirements and data specifications
necessary for multi-level interoperability, as well as for dynamic consent and knowledge sharing.
2 Normative references
There are no normative references in this document.
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminology databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
3.1
consent
freely given agreements based on adequate information obtained prior to the collection/use of participant data
[SOURCE: ISO 20252:2019, 3.20]
3.2
dynamic consent
consent (3.1) that enables communication between owners of the data and their consumers via digital
interfaces during the process of utilizing health data
3.3
interoperability
ability of two or more systems or components to exchange information and to use the information that has
been exchanged
[10]
[SOURCE: IEEE ]
3.4
personalized digital health
PDH
electronic services that support health of individuals when they can add and handle their health information
3.5
personalized digital health framework
PDHF
framework for the interoperability of services and information, tailored towards personalized digital health
(3.4) informatics, that establishes a common set of requirements and data specifications necessary for multi-
level interoperability, as well as for dynamic consent and knowledge sharing

4 Person-led health and personalized digital health record
4.1 General
Because of the increasing need for person centred care, there are several possible approaches to provide
the required healthcare, facilitating patient independence and self-care. Person-led health supports self-
care using data such as health records, lab results, medication, care plan, and person generated health
data (PGHD). On the other hand, several interoperability levels can be identified, such as business process,
syntactic and semantic ones, which apply to the person-led health data, as depicted in Figure 2.
Figure 2 — Interoperability levels and person-led health data
The personalized digital health framework (PDHF) specified in this document provides a solution to person
centred care. This PDHF achieves several objectives:
— facilitating interoperability between different healthcare institutions’ information systems;
— integrating PGHD, coming from personal devices like smart watches, into existing healthcare institutions
information systems;
— facilitating the creation of personalized digital health records (PDHR) managed by individuals, where
medical information coming from different sources can be combined, including both PGHD and health
data coming from medical institutions;
— facilitating patients’ consent management through the PDHR, by allowing them to easily decide who can
access their medical information and to keep track of their data.
4.2 Personalized digital health record (PDHR)
A personalized digital health record (PDHR) combines medical data, such as health records, lab results,
medication and treatments received by an individual from medical institutions, with person generated
health data (PGHD), acquired using wearables, smartphones or IoT devices, during daily life.
On the one hand, such heterogeneous data should be modelled to facilitate interoperability and secured to
protect patient’s privacy. On the other hand, there is a need for services and applications that provide the
required interoperability and security.

PDHR supports PDHF to:
— define interoperable data models, for both medical institutions’ data and PGHD;
— provide protection and access control to medical data;
— provide search capabilities.
4.3 Interoperability issues
Digital transformation within the health domain has made it possible, for different stakeholders in the
healthcare domain, to collect and store health-related data by using a variety of health information
technologies. Guaranteeing interoperability is very important as the demand for reusing and reanalysing
personal health data increases. Stakeholders involved in the use of personal health data vary, and include
data owners, hospitals, pharmacies, medical service providers, researchers and manufacturers. To meet the
needs of different stakeholders, the exchange of health data should be seamless across different institutions
as well as different regions and even different countries, and the exchanged health data should be interpreted
in the same way anytime, anywhere.
The key point of the personalized digital health framework (PDHF) lies in the combination of personal health
data that are physically distributed. As more data get connected, more information is available for analysis
and prediction. Information related to individual health is stored in different formats, both in medical
institutions, such as hospitals and pharmacies, and in wearable devices and mobile application servers.
Smooth exchange of personal health data between different countries requires access to interoperability in
a multifaceted view, including technical aspects such as system interfaces and communication protocols, to
ensure consistent interpretation of exchanged data.
Interoperability issues exist at different levels, as shown in Figure 3.
There are different health data sources that inject healthcare data into a health data repository. To harmonize
the information contained inside this repository, two types of interoperability are considered: one concerns
terminology and the other concerns information structure.
Terminology interoperability ensures identical data interpretation in different institutions, regions
and countries, mainly dealing with terminology and ontology within the health domain. Identification of
1) 2)
medicinal products (IDMP), SNOMED-CT , and Logical Observation Identifiers Names and Codes (LOINC)
are notable examples that focus on semantic interoperability.
Information structure interoperability refers to the format of health data exchanged between different
institutions or the interoperability between structures. International standards development organizations,
3) 4)
such as Health Level Seven (HL7) and Integrating the Healthcare Enterprise (IHE) , have been developing
5)
various standards to support technical interoperability. Fast Healthcare Interoperability Resource (FHIR) ,
led by HL7, is a representative case of the next-generation health information framework, commonly used in the
health domain, and defines the model as a resource unit to improve reusability and flexibility of the data model.
The business process level includes several services, such as access control, registration, consent or patient
identity. These services use the health data repository to provide information to the users accessing
through different applications. The objective of this level is to provide organizational interoperability, such
as policies, regulations and laws between institutions that exchange health information. This level should
be able to continuously reflect changing environments and policies. A typical example of organizational
interoperability is defining overall business processes and workflows that are related to the registration
of patients and health information, access control to health data or obtaining consent from individuals for
accessing their health-related data.
1) https:// www .snomed .org/
2) https:// loinc .org/
3) https:// www .hl7 .org/
4) https:// www .ihe .net/
5) https:// hl7 .org/ fhir/
Figure 3 — Interoperability at different levels
Implementations of the personalized digital health framework should follow the structure of Figure 3 and
implement some of the boxes included in that figure. One of the possible implementation approaches is
described in 5.2.
5 Personalized digital health framework
5.1 General
The framework for personalized digital health (PDH) has several purposes:
— to provide a common structure and model for the development of the PDH standards;
— to allow organizing the functionality of PDH systems in an independent an interoperable way;
— to describe components and interactions between digital health systems;
— to facilitate alignment with other initiatives at different levels (countries, standardization bodies, public
institutions worldwide, etc.).
There are different possible approaches for implementing a PDHF. The next subclause describes one of them.
This approach provides interoperability, security, access control and support for different medical content
types with the use of a modular architecture consisting of several services to guarantee that the access to
medical information is only given to authorized parties.

5.2 Personalized digital health framework (PDHF) description
The modules forming part of the generic architecture, depicted in Figure 4, are based on the use of an
application programmi
...