VhDir Implementation Guide CI Build

This is the Continuous Integration Build of the VhDir Implementation Guide, based on FHIR Version 4.0.0. See the Directory of published versions

StructureDefinition-vhdir-restriction

This profile sets minimum expectations for searching for and fetching information associated with a restriction. It identifies which core elements, extensions, vocabularies and value sets SHALL be present in the Consent resource when using this profile.

Background and Context

The FHIR specification contains a security meta tag which can be used to inform systems of the sensitivity of resources. The tag can be used by access control mechanisms to ensure content isn’t exposed inappropriately. However, the security meta tag can only indicate sensitivity at the resource level, and provides relatively little context about the restriction.

This implementation guide profiles the Consent resource to provide additional details about the nature of restrictions on content passed from the validated healthcare directory to downstream workflow environments.

The restriction profile consists of the following elements:

  • consent.status indicates whether the restriction is active
  • consent.category describes the type of restriction (e.g. the data may be further disclosed by the downstream workflow environment per the terms of a Data Use Agreement)
  • consent.dateTime indicates when the restriction was last updated
  • consent.policy references a policy or policies defining the restriction
  • consent.provision defines access rights for restricted content

Examples:

The following are example uses for the vhdir-restriction profile:

Mandatory Data Elements

The following data-elements are mandatory (i.e data MUST be present). These are presented below in a simple human-readable explanation. The Formal Profile Definition below provides the formal summary, definitions, and terminology requirements.

Each Consent resource must have:

  1. A coded value representing the status of the restriction in consent.status
  2. At least one coded and/or text value describing the type of restriction in consent.category
  3. At least one actor when describing access rights via consent.provision. Each actor must include a reference to a practitioner, organization, care team, or group. The role of each actor is fixed to code “IRCP” (information recipient) from the code system defined at http://hl7.org/fhir/v3/ParticipationType

Profile specific implementation guidance:

This resource is expected to be a contained resource in the resources whose content is restricted by it. Therefore, there are no restful interactions defined for this resource type.

Terminology

TBD

Formal Views of Profile Content

Description of Profiles, Differentials, and Snapshots.

The official URL for this profile is: http://hl7.org/fhir/uv/vhdir/StructureDefinition/vhdir-restriction

Published on Thu Dec 14 14:01:31 UTC 2017 as a active by .

This profile builds on Consent


Summary

Mandatory: 0 element (1 nested mandatory element)
Must-Support: 33 elements
Fixed Value: 3 elements
Prohibited: 14 elements

Structures

This structure refers to these other structures:

NameFlagsCard.TypeDescription & Constraintsdoco
.. Consent 0..*A policy may permit or deny recipients or roles to perform actions for specific purposes and periods of time
... identifier S0..0
... status S1..1codeIndicates the current state of this restriction
... scope S1..1CodeableConceptFixed Value: privacy
... category S1..*CodeableConceptType of restriction
... patient S0..0
... dateTime S0..1dateTimedate/time of last update for this restriction
... performer S0..0
... organization S0..0
... source[x] S0..0
... policy S0..*BackboneElement
.... authority S0..0
.... uri S0..1uriSpecific policy covered by this restriction
... policyRule S0..0
... verification S0..0
... provision S0..1BackboneElementAccess rights
.... type S0..1codeFixed Value: permit
.... period S0..0
.... actor S1..*BackboneElement
..... role S1..1CodeableConceptFixed Value: {"system":"http://terminology.hl7.org/CodeSystem/v3-ParticipationType","code":"IRCP"} (information recipient)
..... reference S1..1Reference(VhDir Organization | VhDir Care Team | VhDir Practitioner)definedUserOrGroup
.... action S0..1CodeableConceptreasonType
.... securityLabel S0..*CodinguserType
.... purpose S0..*CodingreasonName
.... class S0..0
.... code S0..0
.... dataPeriod S0..0
.... data S0..0
.... provision S0..0

doco Documentation for this format
NameFlagsCard.TypeDescription & Constraintsdoco
.. Consent I0..*A policy may permit or deny recipients or roles to perform actions for specific purposes and periods of time
... id Σ0..1idLogical id of this artifact
... meta Σ0..1MetaMetadata about the resource
... implicitRules ?!Σ0..1uriA set of rules under which this content was created
... language 0..1codeLanguage of the resource content
Binding: CommonLanguages (preferred)
Max Binding: AllLanguages
... text 0..1NarrativeText summary of the resource, for human interpretation
... contained 0..*ResourceContained, inline Resources
... extension 0..*ExtensionAdditional content defined by implementations
... modifierExtension ?!0..*ExtensionExtensions that cannot be ignored
... status ?!SΣ1..1codeIndicates the current state of this restriction
Binding: ConsentState (required)
... scope ?!SΣ1..1CodeableConceptWhich of the four areas this resource covers (extensible)
Binding: ConsentScopeCodes (extensible)
Fixed Value: privacy
... category SΣ1..*CodeableConceptType of restriction
Binding: ConsentCategoryCodes (extensible)
... dateTime SΣ0..1dateTimedate/time of last update for this restriction
... policy SI0..*BackboneElementPolicies covered by this consent
.... id 0..1stringUnique id for inter-element referencing
.... extension 0..*ExtensionAdditional content defined by implementations
.... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored even if unrecognized
.... uri SI0..1uriSpecific policy covered by this restriction
... provision SΣI0..1BackboneElementAccess rights
.... id 0..1stringUnique id for inter-element referencing
.... extension 0..*ExtensionAdditional content defined by implementations
.... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored even if unrecognized
.... type SΣ0..1codedeny | permit
Binding: ConsentProvisionType (required)
Fixed Value: permit
.... actor SI1..*BackboneElementWho|what controlled by this rule (or group, by role)
..... id 0..1stringUnique id for inter-element referencing
..... extension 0..*ExtensionAdditional content defined by implementations
..... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored even if unrecognized
..... role S1..1CodeableConceptHow the actor is involved
Binding: SecurityRoleType (extensible)
Fixed Value: {"system":"http://terminology.hl7.org/CodeSystem/v3-ParticipationType","code":"IRCP"} (information recipient)
..... reference S1..1Reference(VhDir Organization | VhDir Care Team | VhDir Practitioner)definedUserOrGroup
.... action SΣ0..1CodeableConceptreasonType
Binding: ConsentActionCodes (example)
.... securityLabel SΣ0..*CodinguserType
Binding: All Security Labels (extensible)
.... purpose SΣ0..*CodingreasonName
Binding: V3 Value SetPurposeOfUse (extensible)

doco Documentation for this format

Summary

Mandatory: 0 element (1 nested mandatory element)
Must-Support: 33 elements
Fixed Value: 3 elements
Prohibited: 14 elements

Structures

This structure refers to these other structures:

Differential View

NameFlagsCard.TypeDescription & Constraintsdoco
.. Consent 0..*A policy may permit or deny recipients or roles to perform actions for specific purposes and periods of time
... identifier S0..0
... status S1..1codeIndicates the current state of this restriction
... scope S1..1CodeableConceptFixed Value: privacy
... category S1..*CodeableConceptType of restriction
... patient S0..0
... dateTime S0..1dateTimedate/time of last update for this restriction
... performer S0..0
... organization S0..0
... source[x] S0..0
... policy S0..*BackboneElement
.... authority S0..0
.... uri S0..1uriSpecific policy covered by this restriction
... policyRule S0..0
... verification S0..0
... provision S0..1BackboneElementAccess rights
.... type S0..1codeFixed Value: permit
.... period S0..0
.... actor S1..*BackboneElement
..... role S1..1CodeableConceptFixed Value: {"system":"http://terminology.hl7.org/CodeSystem/v3-ParticipationType","code":"IRCP"} (information recipient)
..... reference S1..1Reference(VhDir Organization | VhDir Care Team | VhDir Practitioner)definedUserOrGroup
.... action S0..1CodeableConceptreasonType
.... securityLabel S0..*CodinguserType
.... purpose S0..*CodingreasonName
.... class S0..0
.... code S0..0
.... dataPeriod S0..0
.... data S0..0
.... provision S0..0

doco Documentation for this format

Snapshot View

NameFlagsCard.TypeDescription & Constraintsdoco
.. Consent I0..*A policy may permit or deny recipients or roles to perform actions for specific purposes and periods of time
... id Σ0..1idLogical id of this artifact
... meta Σ0..1MetaMetadata about the resource
... implicitRules ?!Σ0..1uriA set of rules under which this content was created
... language 0..1codeLanguage of the resource content
Binding: CommonLanguages (preferred)
Max Binding: AllLanguages
... text 0..1NarrativeText summary of the resource, for human interpretation
... contained 0..*ResourceContained, inline Resources
... extension 0..*ExtensionAdditional content defined by implementations
... modifierExtension ?!0..*ExtensionExtensions that cannot be ignored
... status ?!SΣ1..1codeIndicates the current state of this restriction
Binding: ConsentState (required)
... scope ?!SΣ1..1CodeableConceptWhich of the four areas this resource covers (extensible)
Binding: ConsentScopeCodes (extensible)
Fixed Value: privacy
... category SΣ1..*CodeableConceptType of restriction
Binding: ConsentCategoryCodes (extensible)
... dateTime SΣ0..1dateTimedate/time of last update for this restriction
... policy SI0..*BackboneElementPolicies covered by this consent
.... id 0..1stringUnique id for inter-element referencing
.... extension 0..*ExtensionAdditional content defined by implementations
.... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored even if unrecognized
.... uri SI0..1uriSpecific policy covered by this restriction
... provision SΣI0..1BackboneElementAccess rights
.... id 0..1stringUnique id for inter-element referencing
.... extension 0..*ExtensionAdditional content defined by implementations
.... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored even if unrecognized
.... type SΣ0..1codedeny | permit
Binding: ConsentProvisionType (required)
Fixed Value: permit
.... actor SI1..*BackboneElementWho|what controlled by this rule (or group, by role)
..... id 0..1stringUnique id for inter-element referencing
..... extension 0..*ExtensionAdditional content defined by implementations
..... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored even if unrecognized
..... role S1..1CodeableConceptHow the actor is involved
Binding: SecurityRoleType (extensible)
Fixed Value: {"system":"http://terminology.hl7.org/CodeSystem/v3-ParticipationType","code":"IRCP"} (information recipient)
..... reference S1..1Reference(VhDir Organization | VhDir Care Team | VhDir Practitioner)definedUserOrGroup
.... action SΣ0..1CodeableConceptreasonType
Binding: ConsentActionCodes (example)
.... securityLabel SΣ0..*CodinguserType
Binding: All Security Labels (extensible)
.... purpose SΣ0..*CodingreasonName
Binding: V3 Value SetPurposeOfUse (extensible)

doco Documentation for this format

Downloads: StructureDefinition: (XML, JSON), Schema: XML Schematron


Quick Start

Below is an overview of the required set of RESTful FHIR interactions - for example, search and read operations - for this profile. See the Conformance requirements for a complete list of supported RESTful interactions for this IG.

Because this resource is expected to be a contained resource in the resources whose content is restricted, there are no RESTful interactions defined for this profile.