This profile sets minimum expectations for searching for and fetching information associated with a restriction. It identifies which core elements, extensions, vocabularies and value sets SHALL be present in the Consent resource when using this profile.

Background and Context

The FHIR specification contains a security meta tag which can be used to inform systems of the sensitivity of resources. The tag can be used by access control mechanisms to ensure content isn’t exposed inappropriately. However, the security meta tag can only indicate sensitivity at the resource level, and provides relatively little context about the restriction.

This implementation guide profiles the Consent resource to provide additional details about the nature of restrictions on content passed from the validated healthcare directory to downstream workflow environments.

The restriction profile consists of the following elements:

• consent.status indicates whether the restriction is active
• consent.category describes the type of restriction (e.g. the data may be further disclosed by the downstream workflow environment per the terms of a Data Use Agreement)
• consent.dateTime indicates when the restriction was last updated
• consent.policy references a policy or policies defining the restriction
• consent.provision defines access rights for restricted content

Examples:

The following are example uses for the vhdir-restriction profile:

• Restricted address for a women’s shelter
• Restricted contact details for services provided by a women’s shelter

Mandatory Data Elements

The following data-elements are mandatory (i.e data MUST be present). These are presented below in a simple human-readable explanation. The Formal Profile Definition below provides the formal summary, definitions, and terminology requirements.

Each Consent resource must have:

1. A coded value representing the status of the restriction in consent.status
2. At least one coded and/or text value describing the type of restriction in consent.category
3. At least one actor when describing access rights via consent.provision. Each actor must include a reference to a practitioner, organization, care team, or group. The role of each actor is fixed to code “IRCP” (information recipient) from the code system defined at http://hl7.org/fhir/v3/ParticipationType

Profile specific implementation guidance:

This resource is expected to be a contained resource in the resources whose content is restricted by it. Therefore, there are no restful interactions defined for this resource type.

Terminology

TBD

• Differential Table
• Key Elements Table
• Snapshot Table
• Statistics/References
• All

This structure is derived from Consent

Name	Flags	Card.	Type	Description & Constraints
Consent		0..*	Consent	A policy may permit or deny recipients or roles to perform actions for specific purposes and periods of time
identifier	S	0..0
status	S	1..1	code	Indicates the current state of this restriction
scope	S	1..1	CodeableConcept	Which of the four areas this resource covers (extensible) Binding: VhDir Consent Value Set (extensible)
category	S	1..*	CodeableConcept	Type of restriction
patient	S	0..0
dateTime	S	0..1	dateTime	date/time of last update for this restriction
performer	S	0..0
organization	S	0..0
source[x]	S	0..0
policy	S	0..*	BackboneElement	Policies covered by this consent
authority	S	0..0
uri	S	0..1	uri	Specific policy covered by this restriction
policyRule	S	0..0
verification	S	0..0
provision	S	0..1	BackboneElement	Access rights
type	S	0..1	code	deny | permit Fixed Value: permit
period	S	0..0
actor	S	1..*	BackboneElement	Who|what controlled by this rule (or group, by role)
role	S	1..1	CodeableConcept	How the actor is involved
reference	S	1..1	Reference(VhDir Organization | VhDir Care Team | VhDir Practitioner)	definedUserOrGroup
action	S	0..1	CodeableConcept	reasonType
securityLabel	S	0..*	Coding	userType
purpose	S	0..*	Coding	reasonName
class	S	0..0
code	S	0..0
dataPeriod	S	0..0
data	S	0..0
provision	S	0..0
Documentation for this format

Terminology Bindings (Differential)

Path	Conformance	ValueSet
Consent.scope	extensible	VhDirConsent

Name	Flags	Card.	Type	Description & Constraints
Consent	C	0..*	Consent	A policy may permit or deny recipients or roles to perform actions for specific purposes and periods of time
implicitRules	?!Σ	0..1	uri	A set of rules under which this content was created
modifierExtension	?!	0..*	Extension	Extensions that cannot be ignored
status	?!SΣ	1..1	code	Indicates the current state of this restriction Binding: ConsentState (required): Indicates the state of the consent.
scope	?!SΣ	1..1	CodeableConcept	Which of the four areas this resource covers (extensible) Binding: VhDir Consent Value Set (extensible)
category	SΣ	1..*	CodeableConcept	Type of restriction Binding: ConsentCategoryCodes (extensible): A classification of the type of consents found in a consent statement.
dateTime	SΣ	0..1	dateTime	date/time of last update for this restriction
policy	S	0..*	BackboneElement	Policies covered by this consent
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
uri	SC	0..1	uri	Specific policy covered by this restriction
provision	SΣ	0..1	BackboneElement	Access rights
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type	SΣ	0..1	code	deny | permit Binding: ConsentProvisionType (required): How a rule statement is applied, such as adding additional consent or removing consent. Fixed Value: permit
actor	S	1..*	BackboneElement	Who|what controlled by this rule (or group, by role)
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
role	S	1..1	CodeableConcept	How the actor is involved Binding: SecurityRoleType (extensible): How an actor is involved in the consent considerations.
reference	S	1..1	Reference(VhDir Organization | VhDir Care Team | VhDir Practitioner)	definedUserOrGroup
action	SΣ	0..1	CodeableConcept	reasonType Binding: ConsentActionCodes (example): Detailed codes for the consent action.
securityLabel	SΣ	0..*	Coding	userType Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System.
purpose	SΣ	0..*	Coding	reasonName Binding: PurposeOfUse (extensible): What purposes of use are controlled by this exception. If more than one label is specified, operations must have all the specified labels.
Documentation for this format

Terminology Bindings

Path	Conformance	ValueSet / Code
Consent.status	required	ConsentState
Consent.scope	extensible	VhDirConsent
Consent.category	extensible	ConsentCategoryCodes
Consent.provision.type	required	Fixed Value: permit
Consent.provision.actor.role	extensible	SecurityRoleType
Consent.provision.action	example	ConsentActionCodes
Consent.provision.securityLabel	extensible	All Security Labels
Consent.provision.purpose	extensible	PurposeOfUse
Consent.provision.data.meaning	required	ConsentDataMeaning

Name	Flags	Card.	Type	Description & Constraints
Consent	C	0..*	Consent	A policy may permit or deny recipients or roles to perform actions for specific purposes and periods of time
id	Σ	0..1	id	Logical id of this artifact
meta	Σ	0..1	Meta	Metadata about the resource
implicitRules	?!Σ	0..1	uri	A set of rules under which this content was created
language		0..1	code	Language of the resource content Binding: CommonLanguages (preferred): A human language. Additional Bindings Purpose AllLanguages Max Binding
text		0..1	Narrative	Text summary of the resource, for human interpretation
contained		0..*	Resource	Contained, inline Resources
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!	0..*	Extension	Extensions that cannot be ignored
status	?!SΣ	1..1	code	Indicates the current state of this restriction Binding: ConsentState (required): Indicates the state of the consent.
scope	?!SΣ	1..1	CodeableConcept	Which of the four areas this resource covers (extensible) Binding: VhDir Consent Value Set (extensible)
category	SΣ	1..*	CodeableConcept	Type of restriction Binding: ConsentCategoryCodes (extensible): A classification of the type of consents found in a consent statement.
dateTime	SΣ	0..1	dateTime	date/time of last update for this restriction
policy	S	0..*	BackboneElement	Policies covered by this consent
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
uri	SC	0..1	uri	Specific policy covered by this restriction
provision	SΣ	0..1	BackboneElement	Access rights
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type	SΣ	0..1	code	deny | permit Binding: ConsentProvisionType (required): How a rule statement is applied, such as adding additional consent or removing consent. Fixed Value: permit
actor	S	1..*	BackboneElement	Who|what controlled by this rule (or group, by role)
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
role	S	1..1	CodeableConcept	How the actor is involved Binding: SecurityRoleType (extensible): How an actor is involved in the consent considerations.
reference	S	1..1	Reference(VhDir Organization | VhDir Care Team | VhDir Practitioner)	definedUserOrGroup
action	SΣ	0..1	CodeableConcept	reasonType Binding: ConsentActionCodes (example): Detailed codes for the consent action.
securityLabel	SΣ	0..*	Coding	userType Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System.
purpose	SΣ	0..*	Coding	reasonName Binding: PurposeOfUse (extensible): What purposes of use are controlled by this exception. If more than one label is specified, operations must have all the specified labels.
Documentation for this format

Terminology Bindings

Path	Conformance	ValueSet / Code
Consent.language	preferred	CommonLanguages Additional Bindings Purpose AllLanguages Max Binding
Consent.status	required	ConsentState
Consent.scope	extensible	VhDirConsent
Consent.category	extensible	ConsentCategoryCodes
Consent.provision.type	required	Fixed Value: permit
Consent.provision.actor.role	extensible	SecurityRoleType
Consent.provision.action	example	ConsentActionCodes
Consent.provision.securityLabel	extensible	All Security Labels
Consent.provision.purpose	extensible	PurposeOfUse
Consent.provision.data.meaning	required	ConsentDataMeaning

Differential View

This structure is derived from Consent

Name	Flags	Card.	Type	Description & Constraints
Consent		0..*	Consent	A policy may permit or deny recipients or roles to perform actions for specific purposes and periods of time
identifier	S	0..0
status	S	1..1	code	Indicates the current state of this restriction
scope	S	1..1	CodeableConcept	Which of the four areas this resource covers (extensible) Binding: VhDir Consent Value Set (extensible)
category	S	1..*	CodeableConcept	Type of restriction
patient	S	0..0
dateTime	S	0..1	dateTime	date/time of last update for this restriction
performer	S	0..0
organization	S	0..0
source[x]	S	0..0
policy	S	0..*	BackboneElement	Policies covered by this consent
authority	S	0..0
uri	S	0..1	uri	Specific policy covered by this restriction
policyRule	S	0..0
verification	S	0..0
provision	S	0..1	BackboneElement	Access rights
type	S	0..1	code	deny | permit Fixed Value: permit
period	S	0..0
actor	S	1..*	BackboneElement	Who|what controlled by this rule (or group, by role)
role	S	1..1	CodeableConcept	How the actor is involved
reference	S	1..1	Reference(VhDir Organization | VhDir Care Team | VhDir Practitioner)	definedUserOrGroup
action	S	0..1	CodeableConcept	reasonType
securityLabel	S	0..*	Coding	userType
purpose	S	0..*	Coding	reasonName
class	S	0..0
code	S	0..0
dataPeriod	S	0..0
data	S	0..0
provision	S	0..0
Documentation for this format

Terminology Bindings (Differential)

Path	Conformance	ValueSet
Consent.scope	extensible	VhDirConsent

Key Elements View

Name	Flags	Card.	Type	Description & Constraints
Consent	C	0..*	Consent	A policy may permit or deny recipients or roles to perform actions for specific purposes and periods of time
implicitRules	?!Σ	0..1	uri	A set of rules under which this content was created
modifierExtension	?!	0..*	Extension	Extensions that cannot be ignored
status	?!SΣ	1..1	code	Indicates the current state of this restriction Binding: ConsentState (required): Indicates the state of the consent.
scope	?!SΣ	1..1	CodeableConcept	Which of the four areas this resource covers (extensible) Binding: VhDir Consent Value Set (extensible)
category	SΣ	1..*	CodeableConcept	Type of restriction Binding: ConsentCategoryCodes (extensible): A classification of the type of consents found in a consent statement.
dateTime	SΣ	0..1	dateTime	date/time of last update for this restriction
policy	S	0..*	BackboneElement	Policies covered by this consent
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
uri	SC	0..1	uri	Specific policy covered by this restriction
provision	SΣ	0..1	BackboneElement	Access rights
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type	SΣ	0..1	code	deny | permit Binding: ConsentProvisionType (required): How a rule statement is applied, such as adding additional consent or removing consent. Fixed Value: permit
actor	S	1..*	BackboneElement	Who|what controlled by this rule (or group, by role)
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
role	S	1..1	CodeableConcept	How the actor is involved Binding: SecurityRoleType (extensible): How an actor is involved in the consent considerations.
reference	S	1..1	Reference(VhDir Organization | VhDir Care Team | VhDir Practitioner)	definedUserOrGroup
action	SΣ	0..1	CodeableConcept	reasonType Binding: ConsentActionCodes (example): Detailed codes for the consent action.
securityLabel	SΣ	0..*	Coding	userType Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System.
purpose	SΣ	0..*	Coding	reasonName Binding: PurposeOfUse (extensible): What purposes of use are controlled by this exception. If more than one label is specified, operations must have all the specified labels.
Documentation for this format

Terminology Bindings

Path	Conformance	ValueSet / Code
Consent.status	required	ConsentState
Consent.scope	extensible	VhDirConsent
Consent.category	extensible	ConsentCategoryCodes
Consent.provision.type	required	Fixed Value: permit
Consent.provision.actor.role	extensible	SecurityRoleType
Consent.provision.action	example	ConsentActionCodes
Consent.provision.securityLabel	extensible	All Security Labels
Consent.provision.purpose	extensible	PurposeOfUse
Consent.provision.data.meaning	required	ConsentDataMeaning

Snapshot View

Name	Flags	Card.	Type	Description & Constraints
Consent	C	0..*	Consent	A policy may permit or deny recipients or roles to perform actions for specific purposes and periods of time
id	Σ	0..1	id	Logical id of this artifact
meta	Σ	0..1	Meta	Metadata about the resource
implicitRules	?!Σ	0..1	uri	A set of rules under which this content was created
language		0..1	code	Language of the resource content Binding: CommonLanguages (preferred): A human language. Additional Bindings Purpose AllLanguages Max Binding
text		0..1	Narrative	Text summary of the resource, for human interpretation
contained		0..*	Resource	Contained, inline Resources
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!	0..*	Extension	Extensions that cannot be ignored
status	?!SΣ	1..1	code	Indicates the current state of this restriction Binding: ConsentState (required): Indicates the state of the consent.
scope	?!SΣ	1..1	CodeableConcept	Which of the four areas this resource covers (extensible) Binding: VhDir Consent Value Set (extensible)
category	SΣ	1..*	CodeableConcept	Type of restriction Binding: ConsentCategoryCodes (extensible): A classification of the type of consents found in a consent statement.
dateTime	SΣ	0..1	dateTime	date/time of last update for this restriction
policy	S	0..*	BackboneElement	Policies covered by this consent
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
uri	SC	0..1	uri	Specific policy covered by this restriction
provision	SΣ	0..1	BackboneElement	Access rights
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type	SΣ	0..1	code	deny | permit Binding: ConsentProvisionType (required): How a rule statement is applied, such as adding additional consent or removing consent. Fixed Value: permit
actor	S	1..*	BackboneElement	Who|what controlled by this rule (or group, by role)
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
role	S	1..1	CodeableConcept	How the actor is involved Binding: SecurityRoleType (extensible): How an actor is involved in the consent considerations.
reference	S	1..1	Reference(VhDir Organization | VhDir Care Team | VhDir Practitioner)	definedUserOrGroup
action	SΣ	0..1	CodeableConcept	reasonType Binding: ConsentActionCodes (example): Detailed codes for the consent action.
securityLabel	SΣ	0..*	Coding	userType Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System.
purpose	SΣ	0..*	Coding	reasonName Binding: PurposeOfUse (extensible): What purposes of use are controlled by this exception. If more than one label is specified, operations must have all the specified labels.
Documentation for this format

Terminology Bindings

Path	Conformance	ValueSet / Code
Consent.language	preferred	CommonLanguages Additional Bindings Purpose AllLanguages Max Binding
Consent.status	required	ConsentState
Consent.scope	extensible	VhDirConsent
Consent.category	extensible	ConsentCategoryCodes
Consent.provision.type	required	Fixed Value: permit
Consent.provision.actor.role	extensible	SecurityRoleType
Consent.provision.action	example	ConsentActionCodes
Consent.provision.securityLabel	extensible	All Security Labels
Consent.provision.purpose	extensible	PurposeOfUse
Consent.provision.data.meaning	required	ConsentDataMeaning

This structure is derived from Consent

Summary

Mandatory: 0 element (1 nested mandatory element)
Must-Support: 33 elements
Fixed Value: 1 element
Prohibited: 14 elements

Structures

This structure refers to these other structures:

• VhDir Organization (http://hl7.org/fhir/uv/vhdir/StructureDefinition/vhdir-organization)
• VhDir Care Team (http://hl7.org/fhir/uv/vhdir/StructureDefinition/vhdir-careteam)
• VhDir Practitioner (http://hl7.org/fhir/uv/vhdir/StructureDefinition/vhdir-practitioner)

Because this resource is expected to be a contained resource in the resources whose content is restricted, there are no RESTful interactions defined for this profile.