HL7 FHIR Implementation Guide: Data Access Policies
1.0.0-current - ci-build International flag

HL7 FHIR Implementation Guide: Data Access Policies, published by HL7 International / Security. This guide is not an authorized publication; it is the continuous build for version 1.0.0-current built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/HL7/data-access-policies/ and changes regularly. See the Directory of published versions

: Permission expressing an overriding policy using ABAC - XML Representation

Page standards status: Informative

Raw xml | Download


<Permission xmlns="http://hl7.org/fhir">
  <id value="ex-overriding-abac-by-tag"/>
  <meta>
    <security>
      <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
      <code value="HTEST"/>
    </security>
  </meta>
  <text>
    <status value="generated"/>
    <div xmlns="http://www.w3.org/1999/xhtml"><p class="res-header-id"><b>Generated Narrative: Permission ex-overriding-abac-by-tag</b></p><a name="ex-overriding-abac-by-tag"> </a><a name="hcex-overriding-abac-by-tag"> </a><a name="ex-overriding-abac-by-tag-en-US"> </a><p><b>status</b>: Active</p><p><b>asserter</b>: <a href="Organization-ex-organization.html">Organization nowhere</a></p><p><b>date</b>: 2023-12-22</p><p><b>combining</b>: Permit-overrides</p><blockquote><p><b>rule</b></p><p><b>type</b>: Deny</p></blockquote><blockquote><p><b>rule</b></p><p><b>type</b>: Permit</p><h3>Data</h3><table class="grid"><tr><td style="display: none">-</td><td><b>Security</b></td></tr><tr><td style="display: none">*</td><td><a href="http://terminology.hl7.org/6.1.0/CodeSystem-v3-Confidentiality.html#v3-Confidentiality-N">Confidentiality N</a>: normal</td></tr></table><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href="PractitionerRole-DrRole.html">PractitionerRole Doctor</a></p><p><b>action</b>: <span title="Codes:{http://hl7.org/fhir/audit-event-action C}">Create</span>, <span title="Codes:{http://hl7.org/fhir/audit-event-action R}">Read</span>, <span title="Codes:{http://hl7.org/fhir/audit-event-action U}">Update</span></p><p><b>purpose</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason TREAT}">treatment</span></p></blockquote><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href="PractitionerRole-DieticianRole.html">PractitionerRole Dietician</a></p><p><b>action</b>: <span title="Codes:{http://hl7.org/fhir/audit-event-action R}">Read</span></p><p><b>purpose</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason TREAT}">treatment</span>, <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HOPERAT}">healthcare operations</span></p></blockquote><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href="PractitionerRole-AdminRole.html">PractitionerRole Administration</a></p><p><b>action</b>: <span title="Codes:{http://hl7.org/fhir/audit-event-action D}">Delete</span>, <span title="Codes:{http://hl7.org/fhir/audit-event-action U}">Update</span></p><p><b>purpose</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HOPERAT}">healthcare operations</span></p></blockquote><p><b>limit</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActCode AUDIT}">audit</span></p></blockquote><blockquote><p><b>rule</b></p><p><b>type</b>: Permit</p><h3>Data</h3><table class="grid"><tr><td style="display: none">-</td><td><b>Security</b></td></tr><tr><td style="display: none">*</td><td><a href="http://terminology.hl7.org/6.1.0/CodeSystem-v3-Confidentiality.html#v3-Confidentiality-R">Confidentiality R</a>: restricted</td></tr></table><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href="PractitionerRole-DrRole.html">PractitionerRole Doctor</a></p><p><b>action</b>: <span title="Codes:{http://hl7.org/fhir/audit-event-action C}">Create</span>, <span title="Codes:{http://hl7.org/fhir/audit-event-action R}">Read</span>, <span title="Codes:{http://hl7.org/fhir/audit-event-action U}">Update</span></p><p><b>purpose</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason ETREAT}">Emergency Treatment</span></p></blockquote><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href="PractitionerRole-AdminRole.html">PractitionerRole Administration</a></p><p><b>action</b>: <span title="Codes:{http://hl7.org/fhir/audit-event-action D}">Delete</span>, <span title="Codes:{http://hl7.org/fhir/audit-event-action U}">Update</span></p><p><b>purpose</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HOPERAT}">healthcare operations</span></p></blockquote><p><b>limit</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActCode AUDIT}">audit</span></p></blockquote><blockquote><p><b>rule</b></p><p><b>type</b>: Permit</p><h3>Data</h3><table class="grid"><tr><td style="display: none">-</td><td><b>Security</b></td></tr><tr><td style="display: none">*</td><td><a href="http://terminology.hl7.org/6.1.0/CodeSystem-v3-Confidentiality.html#v3-Confidentiality-L">Confidentiality L</a>: low</td></tr></table><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href="PractitionerRole-DrRole.html">PractitionerRole Doctor</a></p><p><b>action</b>: <span title="Codes:{http://hl7.org/fhir/audit-event-action R}">Read</span></p><p><b>purpose</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason TREAT}">treatment</span></p></blockquote><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href="PractitionerRole-DieticianRole.html">PractitionerRole Dietician</a></p><p><b>action</b>: <span title="Codes:{http://hl7.org/fhir/audit-event-action R}">Read</span></p><p><b>purpose</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason TREAT}">treatment</span>, <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HOPERAT}">healthcare operations</span></p></blockquote><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href="PractitionerRole-RegistrationRole.html">PractitionerRole Registration Clerk</a></p><p><b>action</b>: <span title="Codes:{http://hl7.org/fhir/audit-event-action R}">Read</span></p><p><b>purpose</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HOPERAT}">healthcare operations</span></p></blockquote><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href="PractitionerRole-AdminRole.html">PractitionerRole Administration</a></p><p><b>action</b>: <span title="Codes:{http://hl7.org/fhir/audit-event-action D}">Delete</span>, <span title="Codes:{http://hl7.org/fhir/audit-event-action U}">Update</span></p><p><b>purpose</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HOPERAT}">healthcare operations</span></p></blockquote><p><b>limit</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActCode AUDIT}">audit</span></p></blockquote><blockquote><p><b>rule</b></p><p><b>type</b>: Permit</p><h3>Data</h3><table class="grid"><tr><td style="display: none">-</td><td><b>Security</b></td></tr><tr><td style="display: none">*</td><td><a href="http://terminology.hl7.org/6.1.0/CodeSystem-v3-Confidentiality.html#v3-Confidentiality-M">Confidentiality M</a>: moderate</td></tr></table><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href="PractitionerRole-DrRole.html">PractitionerRole Doctor</a></p><p><b>action</b>: <span title="Codes:{http://hl7.org/fhir/audit-event-action R}">Read</span></p><p><b>purpose</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason TREAT}">treatment</span></p></blockquote><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href="PractitionerRole-DieticianRole.html">PractitionerRole Dietician</a></p><p><b>action</b>: <span title="Codes:{http://hl7.org/fhir/audit-event-action R}">Read</span></p><p><b>purpose</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason TREAT}">treatment</span>, <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HOPERAT}">healthcare operations</span></p></blockquote><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href="PractitionerRole-RegistrationRole.html">PractitionerRole Registration Clerk</a></p><p><b>action</b>: <span title="Codes:{http://hl7.org/fhir/audit-event-action C}">Create</span>, <span title="Codes:{http://hl7.org/fhir/audit-event-action R}">Read</span>, <span title="Codes:{http://hl7.org/fhir/audit-event-action U}">Update</span></p><p><b>purpose</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HOPERAT}">healthcare operations</span></p></blockquote><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href="PractitionerRole-AdminRole.html">PractitionerRole Administration</a></p><p><b>action</b>: <span title="Codes:{http://hl7.org/fhir/audit-event-action D}">Delete</span>, <span title="Codes:{http://hl7.org/fhir/audit-event-action U}">Update</span></p><p><b>purpose</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HOPERAT}">healthcare operations</span></p></blockquote><p><b>limit</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActCode AUDIT}">audit</span></p></blockquote></div>
  </text>
  <status value="active"/>
  <asserter>🔗 
    <reference value="Organization/ex-organization"/>
  </asserter>
  <date value="2023-12-22"/>
  <combining value="permit-overrides"/>
  <rule>
    <type value="deny"/>
  </rule>
  <rule>
    <type value="permit"/>
    <data>
      <security>
        <system
                value="http://terminology.hl7.org/CodeSystem/v3-Confidentiality"/>
        <code value="N"/>
      </security>
    </data>
    <activity>
      <actor>🔗 
        <reference value="PractitionerRole/DrRole"/>
      </actor>
      <action>
        <coding>
          <system value="http://hl7.org/fhir/audit-event-action"/>
          <code value="C"/>
        </coding>
      </action>
      <action>
        <coding>
          <system value="http://hl7.org/fhir/audit-event-action"/>
          <code value="R"/>
        </coding>
      </action>
      <action>
        <coding>
          <system value="http://hl7.org/fhir/audit-event-action"/>
          <code value="U"/>
        </coding>
      </action>
      <purpose>
        <coding>
          <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
          <code value="TREAT"/>
        </coding>
      </purpose>
    </activity>
    <activity>
      <actor>🔗 
        <reference value="PractitionerRole/DieticianRole"/>
      </actor>
      <action>
        <coding>
          <system value="http://hl7.org/fhir/audit-event-action"/>
          <code value="R"/>
        </coding>
      </action>
      <purpose>
        <coding>
          <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
          <code value="TREAT"/>
        </coding>
      </purpose>
      <purpose>
        <coding>
          <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
          <code value="HOPERAT"/>
        </coding>
      </purpose>
    </activity>
    <activity>
      <actor>🔗 
        <reference value="PractitionerRole/AdminRole"/>
      </actor>
      <action>
        <coding>
          <system value="http://hl7.org/fhir/audit-event-action"/>
          <code value="D"/>
        </coding>
      </action>
      <action>
        <coding>
          <system value="http://hl7.org/fhir/audit-event-action"/>
          <code value="U"/>
        </coding>
      </action>
      <purpose>
        <coding>
          <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
          <code value="HOPERAT"/>
        </coding>
      </purpose>
    </activity>
    <limit>
      <coding>
        <system value="http://terminology.hl7.org/CodeSystem/v3-ActCode"/>
        <code value="AUDIT"/>
      </coding>
    </limit>
  </rule>
  <rule>
    <type value="permit"/>
    <data>
      <security>
        <system
                value="http://terminology.hl7.org/CodeSystem/v3-Confidentiality"/>
        <code value="R"/>
      </security>
    </data>
    <activity>
      <actor>🔗 
        <reference value="PractitionerRole/DrRole"/>
      </actor>
      <action>
        <coding>
          <system value="http://hl7.org/fhir/audit-event-action"/>
          <code value="C"/>
        </coding>
      </action>
      <action>
        <coding>
          <system value="http://hl7.org/fhir/audit-event-action"/>
          <code value="R"/>
        </coding>
      </action>
      <action>
        <coding>
          <system value="http://hl7.org/fhir/audit-event-action"/>
          <code value="U"/>
        </coding>
      </action>
      <purpose>
        <coding>
          <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
          <code value="ETREAT"/>
        </coding>
      </purpose>
    </activity>
    <activity>
      <actor>🔗 
        <reference value="PractitionerRole/AdminRole"/>
      </actor>
      <action>
        <coding>
          <system value="http://hl7.org/fhir/audit-event-action"/>
          <code value="D"/>
        </coding>
      </action>
      <action>
        <coding>
          <system value="http://hl7.org/fhir/audit-event-action"/>
          <code value="U"/>
        </coding>
      </action>
      <purpose>
        <coding>
          <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
          <code value="HOPERAT"/>
        </coding>
      </purpose>
    </activity>
    <limit>
      <coding>
        <system value="http://terminology.hl7.org/CodeSystem/v3-ActCode"/>
        <code value="AUDIT"/>
      </coding>
    </limit>
  </rule>
  <rule>
    <type value="permit"/>
    <data>
      <security>
        <system
                value="http://terminology.hl7.org/CodeSystem/v3-Confidentiality"/>
        <code value="L"/>
      </security>
    </data>
    <activity>
      <actor>🔗 
        <reference value="PractitionerRole/DrRole"/>
      </actor>
      <action>
        <coding>
          <system value="http://hl7.org/fhir/audit-event-action"/>
          <code value="R"/>
        </coding>
      </action>
      <purpose>
        <coding>
          <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
          <code value="TREAT"/>
        </coding>
      </purpose>
    </activity>
    <activity>
      <actor>🔗 
        <reference value="PractitionerRole/DieticianRole"/>
      </actor>
      <action>
        <coding>
          <system value="http://hl7.org/fhir/audit-event-action"/>
          <code value="R"/>
        </coding>
      </action>
      <purpose>
        <coding>
          <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
          <code value="TREAT"/>
        </coding>
      </purpose>
      <purpose>
        <coding>
          <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
          <code value="HOPERAT"/>
        </coding>
      </purpose>
    </activity>
    <activity>
      <actor>🔗 
        <reference value="PractitionerRole/RegistrationRole"/>
      </actor>
      <action>
        <coding>
          <system value="http://hl7.org/fhir/audit-event-action"/>
          <code value="R"/>
        </coding>
      </action>
      <purpose>
        <coding>
          <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
          <code value="HOPERAT"/>
        </coding>
      </purpose>
    </activity>
    <activity>
      <actor>🔗 
        <reference value="PractitionerRole/AdminRole"/>
      </actor>
      <action>
        <coding>
          <system value="http://hl7.org/fhir/audit-event-action"/>
          <code value="D"/>
        </coding>
      </action>
      <action>
        <coding>
          <system value="http://hl7.org/fhir/audit-event-action"/>
          <code value="U"/>
        </coding>
      </action>
      <purpose>
        <coding>
          <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
          <code value="HOPERAT"/>
        </coding>
      </purpose>
    </activity>
    <limit>
      <coding>
        <system value="http://terminology.hl7.org/CodeSystem/v3-ActCode"/>
        <code value="AUDIT"/>
      </coding>
    </limit>
  </rule>
  <rule>
    <type value="permit"/>
    <data>
      <security>
        <system
                value="http://terminology.hl7.org/CodeSystem/v3-Confidentiality"/>
        <code value="M"/>
      </security>
    </data>
    <activity>
      <actor>🔗 
        <reference value="PractitionerRole/DrRole"/>
      </actor>
      <action>
        <coding>
          <system value="http://hl7.org/fhir/audit-event-action"/>
          <code value="R"/>
        </coding>
      </action>
      <purpose>
        <coding>
          <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
          <code value="TREAT"/>
        </coding>
      </purpose>
    </activity>
    <activity>
      <actor>🔗 
        <reference value="PractitionerRole/DieticianRole"/>
      </actor>
      <action>
        <coding>
          <system value="http://hl7.org/fhir/audit-event-action"/>
          <code value="R"/>
        </coding>
      </action>
      <purpose>
        <coding>
          <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
          <code value="TREAT"/>
        </coding>
      </purpose>
      <purpose>
        <coding>
          <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
          <code value="HOPERAT"/>
        </coding>
      </purpose>
    </activity>
    <activity>
      <actor>🔗 
        <reference value="PractitionerRole/RegistrationRole"/>
      </actor>
      <action>
        <coding>
          <system value="http://hl7.org/fhir/audit-event-action"/>
          <code value="C"/>
        </coding>
      </action>
      <action>
        <coding>
          <system value="http://hl7.org/fhir/audit-event-action"/>
          <code value="R"/>
        </coding>
      </action>
      <action>
        <coding>
          <system value="http://hl7.org/fhir/audit-event-action"/>
          <code value="U"/>
        </coding>
      </action>
      <purpose>
        <coding>
          <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
          <code value="HOPERAT"/>
        </coding>
      </purpose>
    </activity>
    <activity>
      <actor>🔗 
        <reference value="PractitionerRole/AdminRole"/>
      </actor>
      <action>
        <coding>
          <system value="http://hl7.org/fhir/audit-event-action"/>
          <code value="D"/>
        </coding>
      </action>
      <action>
        <coding>
          <system value="http://hl7.org/fhir/audit-event-action"/>
          <code value="U"/>
        </coding>
      </action>
      <purpose>
        <coding>
          <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
          <code value="HOPERAT"/>
        </coding>
      </purpose>
    </activity>
    <limit>
      <coding>
        <system value="http://terminology.hl7.org/CodeSystem/v3-ActCode"/>
        <code value="AUDIT"/>
      </coding>
    </limit>
  </rule>
</Permission>