HL7 FHIR Implementation Guide: Data Access Policies, published by HL7 International / Security. This guide is not an authorized publication; it is the continuous build for version 1.0.0-current built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/HL7/data-access-policies/ and changes regularly. See the Directory of published versions
Contents:
This page provides a list of the FHIR artifacts defined as part of this implementation guide.
These define constraints on FHIR resources for systems conforming to this implementation guide.
Bundle with an imposed Permission |
Bundle includes an imposed Permission |
Permission with K-Anonymity |
Permission with the extension for K-Anonymity |
These define constraints on FHIR data types for systems conforming to this implementation guide.
Permission imposed K-Anonymity value |
When a limit needs to impose a specific K-Anonymity value. |
Permission imposed on a Bundle |
When a Bundle carries a Permissiont that must be enforced |
These are example instances that show what data produced and consumed by systems conforming with this implementation guide might look like.
Dummy MeasureReport example |
Dummy MeasureReport example for completeness sake. No actual use of this resource other than an example target that is NOT patient specific. |
Dummy Organization example |
Dummy Organization example for completeness sake. No actual use of this resource other than an example target |
Dummy Patient example |
Dummy patient example for completeness sake. No actual use of this resource other than an example target |
Dummy Practitioner example |
Dummy Practitioner example for completeness sake. No actual use of this resource other than an example target |
Example of a SearchSet Bundle with Permission |
Permission in a SearchSet Bundle |
Permission allowing data authored by a practitioner |
Permission allowing data authored by There is a Consent that captures the consent ceremony and setting
This Permission encodes
|
Permission allowing data to be used, but with redisclosure condition |
Permission allowing requested use, but restricting redisclosure This Permission encodes
|
Permission allowing most sharing but NOT data authored by a practitioner |
Permission allowing most sharing of data but NOT data authored by a practitioner The Consent that captures the consent ceremony and setting:
This Permission encodes
|
Permission allowing most use but NOT a given practitioner |
Permission allowing most use of data but NOT a given practitioner This Permission encodes
|
Permission allowing most use but expires in a year |
Permission allowing most use of data but expires in a year. Note that this ‘year’ indication is based on absolute dates of issuing of the Permission, and use of Permission.validity. This Permission encodes
|
Permission require exposure to meet a given k-anonymity value |
Permission allowing use of data but requires exposure meet a given k-anonymity value. This Permission encodes
|
Simple Permission of non-patient data |
Read-Only access to SANER report is authorized for PurposeOfUse of Public-Health compliance, from the Organizations. Access requests authorized shall be recorded. |