ISO/TS 6226:2025

Technical
Specification
ISO/TS 6226
First edition
Health informatics — Reference
2025-06
architecture for syndromic
surveillance systems for infectious
diseases
Informatique de santé — Architecture de référence pour les
systèmes de surveillance syndromique des maladies infectieuses
Reference number
© ISO 2025
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 General . 3
4.1 Types of public health surveillance .3
4.1.1 Event-based surveillance (EBS) .3
4.1.2 Indicator-based surveillance .3
4.2 Syndromic surveillance process .3
4.2.1 General .3
4.2.2 Planning .4
4.2.3 Implementation .4
4.2.4 Monitoring .4
4.2.5 Evaluation . .4
5 Reference architecture of syndromic surveillance systems . 4
5.1 General .4
5.2 Syndromic surveillance system component .5
5.2.1 General .5
5.2.2 Data processing .5
5.2.3 Surveillance services .7
5.2.4 Infrastructures .8
5.3 Data sources . .8
5.4 Policy input .9
5.5 External services .10
Bibliography .11

iii
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out through
ISO technical committees. Each member body interested in a subject for which a technical committee
has been established has the right to be represented on that committee. International organizations,
governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely
with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are described
in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the different types
of ISO documents should be noted. This document was drafted in accordance with the editorial rules of the
ISO/IEC Directives, Part 2 (see www.iso.org/directives).
ISO draws attention to the possibility that the implementation of this document may involve the use of (a)
patent(s). ISO takes no position concerning the evidence, validity or applicability of any claimed patent
rights in respect thereof. As of the date of publication of this document, ISO had not received notice of (a)
patent(s) which may be required to implement this document. However, implementers are cautioned that
this may not represent the latest information, which may be obtained from the patent database available at
www.iso.org/patents. ISO shall not be held responsible for identifying any or all such patent rights.
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and expressions
related to conformity assessment, as well as information about ISO’s adherence to the World Trade
Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 215, Health informatics.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.html.

iv
Introduction
Novel infectious diseases have been continuously occurring since the 2000s, such as the Middle East
respiratory syndrome (MERS), severe acute respiratory syndrome (SARS), and coronavirus disease 2019
(COVID-19). COVID-19 pandemic has been the most significant public health crisis, and it has also brought
unprecedented social and economic disruptions globally. COVID-19 has claimed millions of lives and
overwhelmed public health systems in many countries. Early detection of outbreaks and prompt response
have become very important to prevent the widespread of infectious diseases.
Syndromic surveillance is the near real-time collection, analysis, interpretation, and dissemination of
health-related data to enable the early identification of the impact (or absence of impact) of potential health
[7]
threats that can require public health action. Syndromic surveillance is a method of surveillance that aims
to detect outbreaks earlier than traditional methods by focusing on the early symptom period before clinical
or laboratory confirmation of a particular disease and using both clinical and alternative data sources such
as care-seeking rates, insurance claims, laboratory ordering volume, school and work absenteeism, over-the-
[8] [7]
counter drug sales, and internet-based health searches. WHO presents the following four advantages of
syndromic surveillance:
— Early warning: Many syndromic surveillance systems operate in near real-time (daily, for example),
allowing the timely identification of, and response to, incidents.
— Situational awareness: During an incident, syndromic surveillance systems enable further description
of healthcare seeking behaviour in near real-time, for example providing key intelligence to incident
managers and response teams (such as identifying particularly affected age groups or geographical
clusters).
— Reassurance: During mass gatherings and other similar events, syndromic surveillance can often
provide reassurance that there have been no widespread acute public health problems, particularly
where surveillance is long term and a ‘normal’ or historical baseline level has been established prior to
the event.
— Flexibility: By using broad and adaptable syndromes, syndromic surveillance systems can be flexible
in responding to a variety of public health demands ranging from infectious disease outbreaks to
environmental incidents and mass gatherings, in addition to providing measures of impact of public
health interventions, for example the impact of vaccination. Syndromic surveillance also has the potential
to detect newly emerging threats not covered by existing surveillance systems.
The value of a reference architecture is that it helps to reduce a project complexity and risks, and to
increase effectiveness for accomplishing a goal through common languages, principles, and interoperable
[4][9]
requirements. The notable standard for the reference architecture, ISO 23903, notes that “a reference
architecture provides a formal and domain-independent representation of any ecosystems regarding its
components, their structure and functions, and their relationships, based on their underlying knowledge
spaces represented through related ontologies, through all viewpoints of the system evolution or
development process”. ISO 23903 which presents a considerably high-level concept, gives useful insight into
[9][10]
the reference architecture for syndromic surveillance system.
This document intends to define a reference architecture for establishing a syndromic surveillance system
for infectious diseases. The document defines the available data sources required for syndromic surveillance
and identifies architectural components of a syndromic surveillance system including data processing and
surveillance services.
v
Technical Specification ISO/TS 6226:2025(en)
Health informatics — Reference architecture for syndromic
surveillance systems for infectious diseases
1 Scope
This document specifies a reference architecture for event-based syndromic surveillance systems for
infectious diseases. The system reference architecture addresses architectural components including
concepts, data sources, and outputs of syndromic surveillance system.
[11]
From the perspective of the diagnostic process, this document covers the processes from the symptom-
onset stage to the health-behaviour stage, which is prior to the healthcare-encounter stage.
Non-infectious health hazards, such as natural disasters, human-induced emergencies and chronic diseases,
and their associated surveillance systems are beyond the scope of this document.
2 Normative references
There are no normative references in this document.
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminology databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
3.1
application programming interface
API
set of functions, procedures, methods or classes that an operating system, library or service provides to
support requests made by computer programs
[SOURCE: ISO/HL7 27951:2009, 3.1]
3.2
architecture
set of rules to define the structure of a system (3.12) and the interrelationships between its parts
[SOURCE: ISO 23903:2021, 3.1]
3.3
early warning and response
EWAR
organized mechanism to detect as early as possible any abnormal occurrence or any divergence from the
usual or normally observed frequency of phenomena
Note 1 to entry: Adapted from Reference [12].

3.4
effectiveness
degree to which the care is provided in the correct manner, given the current state of knowledge, to achieve
the desired or projected outcome for the subject of care
[SOURCE: ISO/TS 21089:2018, 3.60]
3.5
electronic health record
EHR
information relevant to the wellness, health and healthcare of an individual, in computer-processable form
and represented according to a standardized information model
[SOURCE: ISO 18308:2011, 3.20]
3.6
healthcare provider
care provider
health provider
health service provider
healthcare service provider
healthcare actor that is able to be assigned one or more care period mandates
Note 1 to entry: The personnel of a healthcare organization that is a healthcare provider may include both healthcare
professionals and others which participate in the provision of healthcare.
Note 2 to entry: This document includes only two specializations of healthcare provider. This is not meant to exclude
the possibility of other specializations. In jurisdictions where other kinds of healthcare actors are included in the
concept of healthcare provider, the necessary specializations may be added.
Note 3 to entry: According to this definition, organizations solely responsible for the funding, payment, or
reimbursement of healthcare provision are not healthcare providers; for the purpose of this document, they are
considered as healthcare third parties.
[SOURCE: ISO 13940:2015, 5.2.3]
3.7
interoperability
ability of a system (3.12) or a product to work with other systems or products without special effort on the
part of the customer
Note 1 to entry: Under traditional ICT focus, interoperability is the ability of two or more systems or components to
exchange information and to use the information that has been exchanged.
[SOURCE: ISO 23903:2021, 3.16]
3.8
infectious disease
diseases caused by pathogenic microorganisms, such as bacteria, viruses, parasites or fungi, and that can be
spread, directly or indirectly, from one person to another
Note 1 to entry: These diseases can be grouped in three categories: diseases which cause high levels of mortality;
diseases which place on populations heavy burdens of disability; and diseases which, owing to the rapid and
unexpected nature of their spread, can have serious global repercussions.
Note 2 to entry: Adapted from Reference [13].
3.9
public health surveillance
systematic collection, analysis and interpretation of health-related data needed for the planning,
implementation and evaluation of public health practice
Note 1 to entry: Adapted from Reference [14].

3.10
reference architecture
reference model for a class of architectures (3.2)
[SOURCE: ISO 23903:2021, 3.22]
3.11
syndromic surveillance
methods relying on detection of individual and population health indicators that are discernible before
confirmed diagnoses are made
Note 1 to entry: Adapted from Reference [11].
3.12
system
combination of interacting elements organized to achieve one or more stated purposes
Note 1 to entry: A system groups structurally and/or functionally interrelated components (elements). Systems can be
composed (aggregated/generalized) to super-systems or decomposed (specialized) to sub-systems.
[SOURCE: ISO 23903:2021, 3.25]
4 General
4.1 Types of public health surveillance
4.1.1 Event-based surveillance (EBS)
Event-based surveillance (EBS) is defined as the organized collection, monitoring, assessment, and
interpretation of mainly unstructured ad hoc information regarding health events or risks, which can
represent an acute risk to human health. The information collected for event-based surveillance is diverse in
nature and originates from multiple, often not-predetermined sources, both official and unofficial, including
rumours reported by the media or ad hoc reports from informal networks. The information collection
process is mainly active and carried out through a systematic framework specifically established for EBS
[12]
purposes.
4.1.2 Indicator-based surveillance
Indicator-based surveillance is defined as the systematic collection, monitoring, analysis, and interpretation
of structured data, i.e. indicators, produced by several well-identified, predominantly health-based formal
[12]
sources. The collection of indicator-based surveillance is a routine process that is primarily passive. Data
are collected according to established case definitions which are either disease-specific or syndromic. They
can be collected as individual or aggregated data, and they originate from either exhaustive or sentinel
systems. Data are analysed in comparison with baseline values and thresholds to determine unusual
disease patterns. The sources of information are mainly health-based (e.g. healthcare structures, health
professionals, laboratories).
4.2 Syndromic surveillance process
4.2.1 General
The objective of a syndromic surveillance system is to identify and detect potential threats which can develop
to acute public health threats and to provide early warnings for them timely. Given the broad range of data
sources, efficiencies and effectiveness are crucial factors for the quality of the system. Adopting a process-
based approach (see Figure 1) can enhance the efficiency and effectiveness of syndromic surveillance
through iterative improvements.

Figure 1 — Syndromic surveillance process
4.2.2 Planning
In the planning stage, situational analysis should be conducted to identify social, cultural, environmental,
and national profiles. The planning stage contributes to define objectives, strategy, scope, and prioritization
of health events to be covered by syndromic surveillance system based on
...