Introduction

An "Access Consent" resource is a record of a Practitioners choice to allow Patients without MitID to login to the FUT platform.

Scope and Usage

In the eHealth infrastructure an Access Consent resource is used

1. as a record of the fact that a Practitioner has given consent for a Patient without MitID to access his/her data in the FUT platform, and
2. to enforce data policies that require Consent to be given and recorded for a Patient.

Registration of Consent

When a Practitioner gives a Patient access consent, this consent must be recorded as an Access Consent resource. This resource can be created by the Practitioner as a result of conversations or correspondence with the Patient.

eHealth operates with one specific category of access consent:

1. Category INFA: Consent given by a Practitioner to a Patient without MitID to access his/her data in the FUT platform.

Consents of category INFA are expressed by creating a Consent resource with:

• Consent.category.coding.system = "http://terminology.hl7.org/CodeSystem/v3-ActCode"
• Consent.category.coding.code = "INFA".

Enforcement of Consent

Business rules are built into eHealth infrastructure to ensure that patients without Access Consent cannot use assisted login to log into the FUT platform.

In addition to the Consent.category element, the following elements must be set on a Consent resource for the policy enforcing business logic to take effect:

• Consent.patient - the patient who is the subject of this consent
• Consent.performer - the practitioner providing the access consent
• Consent.scope - "patient-privacy" (system http://terminology.hl7.org/CodeSystem/consentscope)
• Consent.provision.type - "permit"
• Consent.status - the status of this consent (only active consents are considered to be in force)

For more information see the element descriptions in the snapshot table on this page and also see the example Consent resources on the Examples tab.

Read/Search

• Role AccessConsent.read/write is required to read/write Access Consent resources.

• Key Elements Table
• Differential Table
• Snapshot Table
• Statistics/References
• All

Name	Flags	Card.	Type	Description & Constraints    Filter: Bindings Constraints Obligations
Consent	C	0..*	Consent	A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time Constraints: ppc-1, ppc-2, ppc-3, ppc-4, ppc-5
implicitRules	?!Σ	0..1	uri	A set of rules under which this content was created
modifierExtension	?!	0..*	Extension	Extensions that cannot be ignored
status	?!Σ	1..1	code	draft | proposed | active | rejected | inactive | entered-in-error Binding: ConsentState (required): Indicates the state of the consent.
scope	?!Σ	1..1	CodeableConcept	Which of the four areas this resource covers (extensible) Binding: ConsentScopeCodes (extensible): The four anticipated uses for the Consent Resource.
category	Σ	1..*	CodeableConcept	Classification of the consent statement - for indexing/retrieval Binding: ConsentCategoryCodes (extensible): A classification of the type of consents found in a consent statement.
patient	Σ	1..1	Reference(ehealth-patient)	Who the consent applies to
performer	Σ	0..*	Reference(ehealth-practitioner) {r}	Who is agreeing to the policy and rules
provision	Σ	1..1	BackboneElement	Constraints to the base Consent.policyRule
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
Documentation for this format

Terminology Bindings

Path	Status	Usage	ValueSet	Version	Source
Consent.status	Base	required	ConsentState	📍4.0.1	FHIR Std.
Consent.scope	Base	extensible	Consent Scope Codes	📍4.0.1	FHIR Std.
Consent.category	Base	extensible	Consent Category Codes	📍4.0.1	FHIR Std.

Constraints

Id	Grade	Path(s)	Description	Expression
dom-2	error	Consent	If the resource is contained in another resource, it SHALL NOT contain nested Resources	contained.contained.empty()
dom-3	error	Consent	If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource	contained.where((('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(canonical) = '#').exists()).not()).trace('unmatched', id).empty()
dom-4	error	Consent	If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated	contained.meta.versionId.empty() and contained.meta.lastUpdated.empty()
dom-5	error	Consent	If a resource is contained in another resource, it SHALL NOT have a security label	contained.meta.security.empty()
dom-6	best practice	Consent	A resource should have narrative for robust management	text.`div`.exists()
ele-1	error	**ALL** elements	All FHIR elements must have a @value or children	hasValue() or (children().count() > id.count())
ext-1	error	**ALL** extensions	Must have either extensions or value[x], not both	extension.exists() != value.exists()
ppc-1	error	Consent	Either a Policy or PolicyRule	policy.exists() or policyRule.exists()
ppc-2	error	Consent	IF Scope=privacy, there must be a patient	patient.exists() or scope.coding.where(system='something' and code='patient-privacy').exists().not()
ppc-3	error	Consent	IF Scope=research, there must be a patient	patient.exists() or scope.coding.where(system='something' and code='research').exists().not()
ppc-4	error	Consent	IF Scope=adr, there must be a patient	patient.exists() or scope.coding.where(system='something' and code='adr').exists().not()
ppc-5	error	Consent	IF Scope=treatment, there must be a patient	patient.exists() or scope.coding.where(system='something' and code='treatment').exists().not()

This structure is derived from Consent

Name	Flags	Card.	Type	Description & Constraints    Filter: Bindings Constraints Obligations
Consent		0..*	Consent	A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time
patient		1..1	Reference(ehealth-patient)	Who the consent applies to
performer		0..*	Reference(ehealth-practitioner) {r}	Who is agreeing to the policy and rules
provision		1..1	BackboneElement	Constraints to the base Consent.policyRule
Documentation for this format

Name	Flags	Card.	Type	Description & Constraints    Filter: Bindings Constraints Obligations
Consent	C	0..*	Consent	A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time Constraints: ppc-1, ppc-2, ppc-3, ppc-4, ppc-5
id	Σ	0..1	id	Logical id of this artifact
meta	Σ	0..1	Meta	Metadata about the resource
implicitRules	?!Σ	0..1	uri	A set of rules under which this content was created
language		0..1	code	Language of the resource content Binding: CommonLanguages (preferred): A human language. Additional Bindings Purpose AllLanguages Max Binding
text		0..1	Narrative	Text summary of the resource, for human interpretation This profile does not constrain the narrative in regard to content, language, or traceability to data elements
contained		0..*	Resource	Contained, inline Resources
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!	0..*	Extension	Extensions that cannot be ignored
identifier	Σ	0..*	Identifier	Identifier for this record (external references) Example General: {"system":"http://acme.org/identifier/local/eCMS","value":"Local eCMS identifier"}
status	?!Σ	1..1	code	draft | proposed | active | rejected | inactive | entered-in-error Binding: ConsentState (required): Indicates the state of the consent.
scope	?!Σ	1..1	CodeableConcept	Which of the four areas this resource covers (extensible) Binding: ConsentScopeCodes (extensible): The four anticipated uses for the Consent Resource.
category	Σ	1..*	CodeableConcept	Classification of the consent statement - for indexing/retrieval Binding: ConsentCategoryCodes (extensible): A classification of the type of consents found in a consent statement.
patient	Σ	1..1	Reference(ehealth-patient)	Who the consent applies to
dateTime	Σ	0..1	dateTime	When this Consent was created or indexed
performer	Σ	0..*	Reference(ehealth-practitioner) {r}	Who is agreeing to the policy and rules
organization	Σ	0..*	Reference(Organization)	Custodian of the consent
source[x]	Σ	0..1		Source from which this consent is taken
sourceAttachment			Attachment
sourceReference			Reference(Consent | DocumentReference | Contract | QuestionnaireResponse)
policy		0..*	BackboneElement	Policies covered by this consent
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
authority	C	0..1	uri	Enforcement source for policy
uri	C	0..1	uri	Specific policy covered by this consent
policyRule	ΣC	0..1	CodeableConcept	Regulation that this consents to Binding: ConsentPolicyRuleCodes (extensible): Regulatory policy examples.
verification	Σ	0..*	BackboneElement	Consent Verified by patient or family
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
verified	Σ	1..1	boolean	Has been verified
verifiedWith		0..1	Reference(Patient | RelatedPerson)	Person who verified
verificationDate		0..1	dateTime	When consent verified
provision	Σ	1..1	BackboneElement	Constraints to the base Consent.policyRule
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type	Σ	0..1	code	deny | permit Binding: ConsentProvisionType (required): How a rule statement is applied, such as adding additional consent or removing consent.
period	Σ	0..1	Period	Timeframe for this rule
actor		0..*	BackboneElement	Who|what controlled by this rule (or group, by role)
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
role		1..1	CodeableConcept	How the actor is involved Binding: SecurityRoleType (extensible): How an actor is involved in the consent considerations.
reference		1..1	Reference(Device | Group | CareTeam | Organization | Patient | Practitioner | RelatedPerson | PractitionerRole)	Resource for the actor (or group, by role)
action	Σ	0..*	CodeableConcept	Actions controlled by this rule Binding: ConsentActionCodes (example): Detailed codes for the consent action.
securityLabel	Σ	0..*	Coding	Security Labels that define affected resources Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System.
purpose	Σ	0..*	Coding	Context of activities covered by this rule Binding: PurposeOfUse (extensible): What purposes of use are controlled by this exception. If more than one label is specified, operations must have all the specified labels.
class	Σ	0..*	Coding	e.g. Resource Type, Profile, CDA, etc. Binding: ConsentContentClass (extensible): The class (type) of information a consent rule covers.
code	Σ	0..*	CodeableConcept	e.g. LOINC or SNOMED CT code, etc. in the content Binding: ConsentContentCodes (example): If this code is found in an instance, then the exception applies.
dataPeriod	Σ	0..1	Period	Timeframe for data controlled by this rule
data	Σ	0..*	BackboneElement	Data controlled by this rule
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
meaning	Σ	1..1	code	instance | related | dependents | authoredby Binding: ConsentDataMeaning (required): How a resource reference is interpreted when testing consent restrictions.
reference	Σ	1..1	Reference(Resource)	The actual data reference
provision		0..*	See provision (Consent)	Nested Exception Rules
Documentation for this format

Terminology Bindings

Path	Status	Usage	ValueSet	Version	Source
Consent.language	Base	preferred	Common Languages	📍4.0.1	FHIR Std.
Consent.status	Base	required	ConsentState	📍4.0.1	FHIR Std.
Consent.scope	Base	extensible	Consent Scope Codes	📍4.0.1	FHIR Std.
Consent.category	Base	extensible	Consent Category Codes	📍4.0.1	FHIR Std.
Consent.policyRule	Base	extensible	Consent PolicyRule Codes	📍4.0.1	FHIR Std.
Consent.provision.type	Base	required	ConsentProvisionType	📍4.0.1	FHIR Std.
Consent.provision.actor.​role	Base	extensible	SecurityRoleType	📍4.0.1	FHIR Std.
Consent.provision.action	Base	example	Consent Action Codes	📍4.0.1	FHIR Std.
Consent.provision.securityLabel	Base	extensible	SecurityLabels	📍4.0.1	FHIR Std.
Consent.provision.purpose	Base	extensible	PurposeOfUse	📦3.1.0	THO v7.0
Consent.provision.class	Base	extensible	Consent Content Class	📍4.0.1	FHIR Std.
Consent.provision.code	Base	example	Consent Content Codes	📍4.0.1	FHIR Std.
Consent.provision.data.​meaning	Base	required	ConsentDataMeaning	📍4.0.1	FHIR Std.

Constraints

Id	Grade	Path(s)	Description	Expression
dom-2	error	Consent	If the resource is contained in another resource, it SHALL NOT contain nested Resources	contained.contained.empty()
dom-3	error	Consent	If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource	contained.where((('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(canonical) = '#').exists()).not()).trace('unmatched', id).empty()
dom-4	error	Consent	If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated	contained.meta.versionId.empty() and contained.meta.lastUpdated.empty()
dom-5	error	Consent	If a resource is contained in another resource, it SHALL NOT have a security label	contained.meta.security.empty()
dom-6	best practice	Consent	A resource should have narrative for robust management	text.`div`.exists()
ele-1	error	**ALL** elements	All FHIR elements must have a @value or children	hasValue() or (children().count() > id.count())
ext-1	error	**ALL** extensions	Must have either extensions or value[x], not both	extension.exists() != value.exists()
ppc-1	error	Consent	Either a Policy or PolicyRule	policy.exists() or policyRule.exists()
ppc-2	error	Consent	IF Scope=privacy, there must be a patient	patient.exists() or scope.coding.where(system='something' and code='patient-privacy').exists().not()
ppc-3	error	Consent	IF Scope=research, there must be a patient	patient.exists() or scope.coding.where(system='something' and code='research').exists().not()
ppc-4	error	Consent	IF Scope=adr, there must be a patient	patient.exists() or scope.coding.where(system='something' and code='adr').exists().not()
ppc-5	error	Consent	IF Scope=treatment, there must be a patient	patient.exists() or scope.coding.where(system='something' and code='treatment').exists().not()

Key Elements View

Name	Flags	Card.	Type	Description & Constraints    Filter: Bindings Constraints Obligations
Consent	C	0..*	Consent	A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time Constraints: ppc-1, ppc-2, ppc-3, ppc-4, ppc-5
implicitRules	?!Σ	0..1	uri	A set of rules under which this content was created
modifierExtension	?!	0..*	Extension	Extensions that cannot be ignored
status	?!Σ	1..1	code	draft | proposed | active | rejected | inactive | entered-in-error Binding: ConsentState (required): Indicates the state of the consent.
scope	?!Σ	1..1	CodeableConcept	Which of the four areas this resource covers (extensible) Binding: ConsentScopeCodes (extensible): The four anticipated uses for the Consent Resource.
category	Σ	1..*	CodeableConcept	Classification of the consent statement - for indexing/retrieval Binding: ConsentCategoryCodes (extensible): A classification of the type of consents found in a consent statement.
patient	Σ	1..1	Reference(ehealth-patient)	Who the consent applies to
performer	Σ	0..*	Reference(ehealth-practitioner) {r}	Who is agreeing to the policy and rules
provision	Σ	1..1	BackboneElement	Constraints to the base Consent.policyRule
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
Documentation for this format

Terminology Bindings

Path	Status	Usage	ValueSet	Version	Source
Consent.status	Base	required	ConsentState	📍4.0.1	FHIR Std.
Consent.scope	Base	extensible	Consent Scope Codes	📍4.0.1	FHIR Std.
Consent.category	Base	extensible	Consent Category Codes	📍4.0.1	FHIR Std.

Constraints

Id	Grade	Path(s)	Description	Expression
dom-2	error	Consent	If the resource is contained in another resource, it SHALL NOT contain nested Resources	contained.contained.empty()
dom-3	error	Consent	If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource	contained.where((('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(canonical) = '#').exists()).not()).trace('unmatched', id).empty()
dom-4	error	Consent	If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated	contained.meta.versionId.empty() and contained.meta.lastUpdated.empty()
dom-5	error	Consent	If a resource is contained in another resource, it SHALL NOT have a security label	contained.meta.security.empty()
dom-6	best practice	Consent	A resource should have narrative for robust management	text.`div`.exists()
ele-1	error	**ALL** elements	All FHIR elements must have a @value or children	hasValue() or (children().count() > id.count())
ext-1	error	**ALL** extensions	Must have either extensions or value[x], not both	extension.exists() != value.exists()
ppc-1	error	Consent	Either a Policy or PolicyRule	policy.exists() or policyRule.exists()
ppc-2	error	Consent	IF Scope=privacy, there must be a patient	patient.exists() or scope.coding.where(system='something' and code='patient-privacy').exists().not()
ppc-3	error	Consent	IF Scope=research, there must be a patient	patient.exists() or scope.coding.where(system='something' and code='research').exists().not()
ppc-4	error	Consent	IF Scope=adr, there must be a patient	patient.exists() or scope.coding.where(system='something' and code='adr').exists().not()
ppc-5	error	Consent	IF Scope=treatment, there must be a patient	patient.exists() or scope.coding.where(system='something' and code='treatment').exists().not()

Differential View

This structure is derived from Consent

Name	Flags	Card.	Type	Description & Constraints    Filter: Bindings Constraints Obligations
Consent		0..*	Consent	A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time
patient		1..1	Reference(ehealth-patient)	Who the consent applies to
performer		0..*	Reference(ehealth-practitioner) {r}	Who is agreeing to the policy and rules
provision		1..1	BackboneElement	Constraints to the base Consent.policyRule
Documentation for this format

Snapshot View

Name	Flags	Card.	Type	Description & Constraints    Filter: Bindings Constraints Obligations
Consent	C	0..*	Consent	A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time Constraints: ppc-1, ppc-2, ppc-3, ppc-4, ppc-5
id	Σ	0..1	id	Logical id of this artifact
meta	Σ	0..1	Meta	Metadata about the resource
implicitRules	?!Σ	0..1	uri	A set of rules under which this content was created
language		0..1	code	Language of the resource content Binding: CommonLanguages (preferred): A human language. Additional Bindings Purpose AllLanguages Max Binding
text		0..1	Narrative	Text summary of the resource, for human interpretation This profile does not constrain the narrative in regard to content, language, or traceability to data elements
contained		0..*	Resource	Contained, inline Resources
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!	0..*	Extension	Extensions that cannot be ignored
identifier	Σ	0..*	Identifier	Identifier for this record (external references) Example General: {"system":"http://acme.org/identifier/local/eCMS","value":"Local eCMS identifier"}
status	?!Σ	1..1	code	draft | proposed | active | rejected | inactive | entered-in-error Binding: ConsentState (required): Indicates the state of the consent.
scope	?!Σ	1..1	CodeableConcept	Which of the four areas this resource covers (extensible) Binding: ConsentScopeCodes (extensible): The four anticipated uses for the Consent Resource.
category	Σ	1..*	CodeableConcept	Classification of the consent statement - for indexing/retrieval Binding: ConsentCategoryCodes (extensible): A classification of the type of consents found in a consent statement.
patient	Σ	1..1	Reference(ehealth-patient)	Who the consent applies to
dateTime	Σ	0..1	dateTime	When this Consent was created or indexed
performer	Σ	0..*	Reference(ehealth-practitioner) {r}	Who is agreeing to the policy and rules
organization	Σ	0..*	Reference(Organization)	Custodian of the consent
source[x]	Σ	0..1		Source from which this consent is taken
sourceAttachment			Attachment
sourceReference			Reference(Consent | DocumentReference | Contract | QuestionnaireResponse)
policy		0..*	BackboneElement	Policies covered by this consent
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
authority	C	0..1	uri	Enforcement source for policy
uri	C	0..1	uri	Specific policy covered by this consent
policyRule	ΣC	0..1	CodeableConcept	Regulation that this consents to Binding: ConsentPolicyRuleCodes (extensible): Regulatory policy examples.
verification	Σ	0..*	BackboneElement	Consent Verified by patient or family
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
verified	Σ	1..1	boolean	Has been verified
verifiedWith		0..1	Reference(Patient | RelatedPerson)	Person who verified
verificationDate		0..1	dateTime	When consent verified
provision	Σ	1..1	BackboneElement	Constraints to the base Consent.policyRule
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type	Σ	0..1	code	deny | permit Binding: ConsentProvisionType (required): How a rule statement is applied, such as adding additional consent or removing consent.
period	Σ	0..1	Period	Timeframe for this rule
actor		0..*	BackboneElement	Who|what controlled by this rule (or group, by role)
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
role		1..1	CodeableConcept	How the actor is involved Binding: SecurityRoleType (extensible): How an actor is involved in the consent considerations.
reference		1..1	Reference(Device | Group | CareTeam | Organization | Patient | Practitioner | RelatedPerson | PractitionerRole)	Resource for the actor (or group, by role)
action	Σ	0..*	CodeableConcept	Actions controlled by this rule Binding: ConsentActionCodes (example): Detailed codes for the consent action.
securityLabel	Σ	0..*	Coding	Security Labels that define affected resources Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System.
purpose	Σ	0..*	Coding	Context of activities covered by this rule Binding: PurposeOfUse (extensible): What purposes of use are controlled by this exception. If more than one label is specified, operations must have all the specified labels.
class	Σ	0..*	Coding	e.g. Resource Type, Profile, CDA, etc. Binding: ConsentContentClass (extensible): The class (type) of information a consent rule covers.
code	Σ	0..*	CodeableConcept	e.g. LOINC or SNOMED CT code, etc. in the content Binding: ConsentContentCodes (example): If this code is found in an instance, then the exception applies.
dataPeriod	Σ	0..1	Period	Timeframe for data controlled by this rule
data	Σ	0..*	BackboneElement	Data controlled by this rule
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
meaning	Σ	1..1	code	instance | related | dependents | authoredby Binding: ConsentDataMeaning (required): How a resource reference is interpreted when testing consent restrictions.
reference	Σ	1..1	Reference(Resource)	The actual data reference
provision		0..*	See provision (Consent)	Nested Exception Rules
Documentation for this format

Terminology Bindings

Path	Status	Usage	ValueSet	Version	Source
Consent.language	Base	preferred	Common Languages	📍4.0.1	FHIR Std.
Consent.status	Base	required	ConsentState	📍4.0.1	FHIR Std.
Consent.scope	Base	extensible	Consent Scope Codes	📍4.0.1	FHIR Std.
Consent.category	Base	extensible	Consent Category Codes	📍4.0.1	FHIR Std.
Consent.policyRule	Base	extensible	Consent PolicyRule Codes	📍4.0.1	FHIR Std.
Consent.provision.type	Base	required	ConsentProvisionType	📍4.0.1	FHIR Std.
Consent.provision.actor.​role	Base	extensible	SecurityRoleType	📍4.0.1	FHIR Std.
Consent.provision.action	Base	example	Consent Action Codes	📍4.0.1	FHIR Std.
Consent.provision.securityLabel	Base	extensible	SecurityLabels	📍4.0.1	FHIR Std.
Consent.provision.purpose	Base	extensible	PurposeOfUse	📦3.1.0	THO v7.0
Consent.provision.class	Base	extensible	Consent Content Class	📍4.0.1	FHIR Std.
Consent.provision.code	Base	example	Consent Content Codes	📍4.0.1	FHIR Std.
Consent.provision.data.​meaning	Base	required	ConsentDataMeaning	📍4.0.1	FHIR Std.

Constraints

Id	Grade	Path(s)	Description	Expression
dom-2	error	Consent	If the resource is contained in another resource, it SHALL NOT contain nested Resources	contained.contained.empty()
dom-3	error	Consent	If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource	contained.where((('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(canonical) = '#').exists()).not()).trace('unmatched', id).empty()
dom-4	error	Consent	If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated	contained.meta.versionId.empty() and contained.meta.lastUpdated.empty()
dom-5	error	Consent	If a resource is contained in another resource, it SHALL NOT have a security label	contained.meta.security.empty()
dom-6	best practice	Consent	A resource should have narrative for robust management	text.`div`.exists()
ele-1	error	**ALL** elements	All FHIR elements must have a @value or children	hasValue() or (children().count() > id.count())
ext-1	error	**ALL** extensions	Must have either extensions or value[x], not both	extension.exists() != value.exists()
ppc-1	error	Consent	Either a Policy or PolicyRule	policy.exists() or policyRule.exists()
ppc-2	error	Consent	IF Scope=privacy, there must be a patient	patient.exists() or scope.coding.where(system='something' and code='patient-privacy').exists().not()
ppc-3	error	Consent	IF Scope=research, there must be a patient	patient.exists() or scope.coding.where(system='something' and code='research').exists().not()
ppc-4	error	Consent	IF Scope=adr, there must be a patient	patient.exists() or scope.coding.where(system='something' and code='adr').exists().not()
ppc-5	error	Consent	IF Scope=treatment, there must be a patient	patient.exists() or scope.coding.where(system='something' and code='treatment').exists().not()

This structure is derived from Consent

Summary

Mandatory: 2 elements

Structures

This structure refers to these other structures:

• ehealth-patient (http://ehealth.sundhed.dk/fhir/StructureDefinition/ehealth-patient)
• ehealth-practitioner (http://ehealth.sundhed.dk/fhir/StructureDefinition/ehealth-practitioner)