HL7 FHIR Implementation Guide: Data Access Policies, published by HL7 International / Security. This guide is not an authorized publication; it is the continuous build for version 1.0.0-current built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/HL7/data-access-policies/ and changes regularly. See the Directory of published versions
Page standards status: Informative |
<Permission xmlns="http://hl7.org/fhir">
<id value="ex-overriding-abac-by-tag"/>
<meta>
<security>
<system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
<code value="HTEST"/>
</security>
</meta>
<text>
<status value="generated"/>
<div xmlns="http://www.w3.org/1999/xhtml"><p class="res-header-id"><b>Generated Narrative: Permission ex-overriding-abac-by-tag</b></p><a name="ex-overriding-abac-by-tag"> </a><a name="hcex-overriding-abac-by-tag"> </a><a name="ex-overriding-abac-by-tag-en-US"> </a><p><b>status</b>: Active</p><p><b>asserter</b>: <a href="Organization-ex-organization.html">Organization nowhere</a></p><p><b>date</b>: 2023-12-22</p><p><b>combining</b>: Permit-overrides</p><blockquote><p><b>rule</b></p><p><b>type</b>: Deny</p></blockquote><blockquote><p><b>rule</b></p><p><b>type</b>: Permit</p><h3>Data</h3><table class="grid"><tr><td style="display: none">-</td><td><b>Security</b></td></tr><tr><td style="display: none">*</td><td><a href="http://terminology.hl7.org/6.1.0/CodeSystem-v3-Confidentiality.html#v3-Confidentiality-N">Confidentiality N</a>: normal</td></tr></table><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href="PractitionerRole-DrRole.html">PractitionerRole Doctor</a></p><p><b>action</b>: <span title="Codes:{http://hl7.org/fhir/audit-event-action C}">Create</span>, <span title="Codes:{http://hl7.org/fhir/audit-event-action R}">Read</span>, <span title="Codes:{http://hl7.org/fhir/audit-event-action U}">Update</span></p><p><b>purpose</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason TREAT}">treatment</span></p></blockquote><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href="PractitionerRole-DieticianRole.html">PractitionerRole Dietician</a></p><p><b>action</b>: <span title="Codes:{http://hl7.org/fhir/audit-event-action R}">Read</span></p><p><b>purpose</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason TREAT}">treatment</span>, <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HOPERAT}">healthcare operations</span></p></blockquote><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href="PractitionerRole-AdminRole.html">PractitionerRole Administration</a></p><p><b>action</b>: <span title="Codes:{http://hl7.org/fhir/audit-event-action D}">Delete</span>, <span title="Codes:{http://hl7.org/fhir/audit-event-action U}">Update</span></p><p><b>purpose</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HOPERAT}">healthcare operations</span></p></blockquote><p><b>limit</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActCode AUDIT}">audit</span></p></blockquote><blockquote><p><b>rule</b></p><p><b>type</b>: Permit</p><h3>Data</h3><table class="grid"><tr><td style="display: none">-</td><td><b>Security</b></td></tr><tr><td style="display: none">*</td><td><a href="http://terminology.hl7.org/6.1.0/CodeSystem-v3-Confidentiality.html#v3-Confidentiality-R">Confidentiality R</a>: restricted</td></tr></table><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href="PractitionerRole-DrRole.html">PractitionerRole Doctor</a></p><p><b>action</b>: <span title="Codes:{http://hl7.org/fhir/audit-event-action C}">Create</span>, <span title="Codes:{http://hl7.org/fhir/audit-event-action R}">Read</span>, <span title="Codes:{http://hl7.org/fhir/audit-event-action U}">Update</span></p><p><b>purpose</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason ETREAT}">Emergency Treatment</span></p></blockquote><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href="PractitionerRole-AdminRole.html">PractitionerRole Administration</a></p><p><b>action</b>: <span title="Codes:{http://hl7.org/fhir/audit-event-action D}">Delete</span>, <span title="Codes:{http://hl7.org/fhir/audit-event-action U}">Update</span></p><p><b>purpose</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HOPERAT}">healthcare operations</span></p></blockquote><p><b>limit</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActCode AUDIT}">audit</span></p></blockquote><blockquote><p><b>rule</b></p><p><b>type</b>: Permit</p><h3>Data</h3><table class="grid"><tr><td style="display: none">-</td><td><b>Security</b></td></tr><tr><td style="display: none">*</td><td><a href="http://terminology.hl7.org/6.1.0/CodeSystem-v3-Confidentiality.html#v3-Confidentiality-L">Confidentiality L</a>: low</td></tr></table><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href="PractitionerRole-DrRole.html">PractitionerRole Doctor</a></p><p><b>action</b>: <span title="Codes:{http://hl7.org/fhir/audit-event-action R}">Read</span></p><p><b>purpose</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason TREAT}">treatment</span></p></blockquote><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href="PractitionerRole-DieticianRole.html">PractitionerRole Dietician</a></p><p><b>action</b>: <span title="Codes:{http://hl7.org/fhir/audit-event-action R}">Read</span></p><p><b>purpose</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason TREAT}">treatment</span>, <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HOPERAT}">healthcare operations</span></p></blockquote><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href="PractitionerRole-RegistrationRole.html">PractitionerRole Registration Clerk</a></p><p><b>action</b>: <span title="Codes:{http://hl7.org/fhir/audit-event-action R}">Read</span></p><p><b>purpose</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HOPERAT}">healthcare operations</span></p></blockquote><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href="PractitionerRole-AdminRole.html">PractitionerRole Administration</a></p><p><b>action</b>: <span title="Codes:{http://hl7.org/fhir/audit-event-action D}">Delete</span>, <span title="Codes:{http://hl7.org/fhir/audit-event-action U}">Update</span></p><p><b>purpose</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HOPERAT}">healthcare operations</span></p></blockquote><p><b>limit</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActCode AUDIT}">audit</span></p></blockquote><blockquote><p><b>rule</b></p><p><b>type</b>: Permit</p><h3>Data</h3><table class="grid"><tr><td style="display: none">-</td><td><b>Security</b></td></tr><tr><td style="display: none">*</td><td><a href="http://terminology.hl7.org/6.1.0/CodeSystem-v3-Confidentiality.html#v3-Confidentiality-M">Confidentiality M</a>: moderate</td></tr></table><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href="PractitionerRole-DrRole.html">PractitionerRole Doctor</a></p><p><b>action</b>: <span title="Codes:{http://hl7.org/fhir/audit-event-action R}">Read</span></p><p><b>purpose</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason TREAT}">treatment</span></p></blockquote><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href="PractitionerRole-DieticianRole.html">PractitionerRole Dietician</a></p><p><b>action</b>: <span title="Codes:{http://hl7.org/fhir/audit-event-action R}">Read</span></p><p><b>purpose</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason TREAT}">treatment</span>, <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HOPERAT}">healthcare operations</span></p></blockquote><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href="PractitionerRole-RegistrationRole.html">PractitionerRole Registration Clerk</a></p><p><b>action</b>: <span title="Codes:{http://hl7.org/fhir/audit-event-action C}">Create</span>, <span title="Codes:{http://hl7.org/fhir/audit-event-action R}">Read</span>, <span title="Codes:{http://hl7.org/fhir/audit-event-action U}">Update</span></p><p><b>purpose</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HOPERAT}">healthcare operations</span></p></blockquote><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href="PractitionerRole-AdminRole.html">PractitionerRole Administration</a></p><p><b>action</b>: <span title="Codes:{http://hl7.org/fhir/audit-event-action D}">Delete</span>, <span title="Codes:{http://hl7.org/fhir/audit-event-action U}">Update</span></p><p><b>purpose</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HOPERAT}">healthcare operations</span></p></blockquote><p><b>limit</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActCode AUDIT}">audit</span></p></blockquote></div>
</text>
<status value="active"/>
<asserter>🔗
<reference value="Organization/ex-organization"/>
</asserter>
<date value="2023-12-22"/>
<combining value="permit-overrides"/>
<rule>
<type value="deny"/>
</rule>
<rule>
<type value="permit"/>
<data>
<security>
<system
value="http://terminology.hl7.org/CodeSystem/v3-Confidentiality"/>
<code value="N"/>
</security>
</data>
<activity>
<actor>🔗
<reference value="PractitionerRole/DrRole"/>
</actor>
<action>
<coding>
<system value="http://hl7.org/fhir/audit-event-action"/>
<code value="C"/>
</coding>
</action>
<action>
<coding>
<system value="http://hl7.org/fhir/audit-event-action"/>
<code value="R"/>
</coding>
</action>
<action>
<coding>
<system value="http://hl7.org/fhir/audit-event-action"/>
<code value="U"/>
</coding>
</action>
<purpose>
<coding>
<system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
<code value="TREAT"/>
</coding>
</purpose>
</activity>
<activity>
<actor>🔗
<reference value="PractitionerRole/DieticianRole"/>
</actor>
<action>
<coding>
<system value="http://hl7.org/fhir/audit-event-action"/>
<code value="R"/>
</coding>
</action>
<purpose>
<coding>
<system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
<code value="TREAT"/>
</coding>
</purpose>
<purpose>
<coding>
<system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
<code value="HOPERAT"/>
</coding>
</purpose>
</activity>
<activity>
<actor>🔗
<reference value="PractitionerRole/AdminRole"/>
</actor>
<action>
<coding>
<system value="http://hl7.org/fhir/audit-event-action"/>
<code value="D"/>
</coding>
</action>
<action>
<coding>
<system value="http://hl7.org/fhir/audit-event-action"/>
<code value="U"/>
</coding>
</action>
<purpose>
<coding>
<system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
<code value="HOPERAT"/>
</coding>
</purpose>
</activity>
<limit>
<coding>
<system value="http://terminology.hl7.org/CodeSystem/v3-ActCode"/>
<code value="AUDIT"/>
</coding>
</limit>
</rule>
<rule>
<type value="permit"/>
<data>
<security>
<system
value="http://terminology.hl7.org/CodeSystem/v3-Confidentiality"/>
<code value="R"/>
</security>
</data>
<activity>
<actor>🔗
<reference value="PractitionerRole/DrRole"/>
</actor>
<action>
<coding>
<system value="http://hl7.org/fhir/audit-event-action"/>
<code value="C"/>
</coding>
</action>
<action>
<coding>
<system value="http://hl7.org/fhir/audit-event-action"/>
<code value="R"/>
</coding>
</action>
<action>
<coding>
<system value="http://hl7.org/fhir/audit-event-action"/>
<code value="U"/>
</coding>
</action>
<purpose>
<coding>
<system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
<code value="ETREAT"/>
</coding>
</purpose>
</activity>
<activity>
<actor>🔗
<reference value="PractitionerRole/AdminRole"/>
</actor>
<action>
<coding>
<system value="http://hl7.org/fhir/audit-event-action"/>
<code value="D"/>
</coding>
</action>
<action>
<coding>
<system value="http://hl7.org/fhir/audit-event-action"/>
<code value="U"/>
</coding>
</action>
<purpose>
<coding>
<system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
<code value="HOPERAT"/>
</coding>
</purpose>
</activity>
<limit>
<coding>
<system value="http://terminology.hl7.org/CodeSystem/v3-ActCode"/>
<code value="AUDIT"/>
</coding>
</limit>
</rule>
<rule>
<type value="permit"/>
<data>
<security>
<system
value="http://terminology.hl7.org/CodeSystem/v3-Confidentiality"/>
<code value="L"/>
</security>
</data>
<activity>
<actor>🔗
<reference value="PractitionerRole/DrRole"/>
</actor>
<action>
<coding>
<system value="http://hl7.org/fhir/audit-event-action"/>
<code value="R"/>
</coding>
</action>
<purpose>
<coding>
<system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
<code value="TREAT"/>
</coding>
</purpose>
</activity>
<activity>
<actor>🔗
<reference value="PractitionerRole/DieticianRole"/>
</actor>
<action>
<coding>
<system value="http://hl7.org/fhir/audit-event-action"/>
<code value="R"/>
</coding>
</action>
<purpose>
<coding>
<system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
<code value="TREAT"/>
</coding>
</purpose>
<purpose>
<coding>
<system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
<code value="HOPERAT"/>
</coding>
</purpose>
</activity>
<activity>
<actor>🔗
<reference value="PractitionerRole/RegistrationRole"/>
</actor>
<action>
<coding>
<system value="http://hl7.org/fhir/audit-event-action"/>
<code value="R"/>
</coding>
</action>
<purpose>
<coding>
<system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
<code value="HOPERAT"/>
</coding>
</purpose>
</activity>
<activity>
<actor>🔗
<reference value="PractitionerRole/AdminRole"/>
</actor>
<action>
<coding>
<system value="http://hl7.org/fhir/audit-event-action"/>
<code value="D"/>
</coding>
</action>
<action>
<coding>
<system value="http://hl7.org/fhir/audit-event-action"/>
<code value="U"/>
</coding>
</action>
<purpose>
<coding>
<system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
<code value="HOPERAT"/>
</coding>
</purpose>
</activity>
<limit>
<coding>
<system value="http://terminology.hl7.org/CodeSystem/v3-ActCode"/>
<code value="AUDIT"/>
</coding>
</limit>
</rule>
<rule>
<type value="permit"/>
<data>
<security>
<system
value="http://terminology.hl7.org/CodeSystem/v3-Confidentiality"/>
<code value="M"/>
</security>
</data>
<activity>
<actor>🔗
<reference value="PractitionerRole/DrRole"/>
</actor>
<action>
<coding>
<system value="http://hl7.org/fhir/audit-event-action"/>
<code value="R"/>
</coding>
</action>
<purpose>
<coding>
<system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
<code value="TREAT"/>
</coding>
</purpose>
</activity>
<activity>
<actor>🔗
<reference value="PractitionerRole/DieticianRole"/>
</actor>
<action>
<coding>
<system value="http://hl7.org/fhir/audit-event-action"/>
<code value="R"/>
</coding>
</action>
<purpose>
<coding>
<system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
<code value="TREAT"/>
</coding>
</purpose>
<purpose>
<coding>
<system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
<code value="HOPERAT"/>
</coding>
</purpose>
</activity>
<activity>
<actor>🔗
<reference value="PractitionerRole/RegistrationRole"/>
</actor>
<action>
<coding>
<system value="http://hl7.org/fhir/audit-event-action"/>
<code value="C"/>
</coding>
</action>
<action>
<coding>
<system value="http://hl7.org/fhir/audit-event-action"/>
<code value="R"/>
</coding>
</action>
<action>
<coding>
<system value="http://hl7.org/fhir/audit-event-action"/>
<code value="U"/>
</coding>
</action>
<purpose>
<coding>
<system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
<code value="HOPERAT"/>
</coding>
</purpose>
</activity>
<activity>
<actor>🔗
<reference value="PractitionerRole/AdminRole"/>
</actor>
<action>
<coding>
<system value="http://hl7.org/fhir/audit-event-action"/>
<code value="D"/>
</coding>
</action>
<action>
<coding>
<system value="http://hl7.org/fhir/audit-event-action"/>
<code value="U"/>
</coding>
</action>
<purpose>
<coding>
<system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
<code value="HOPERAT"/>
</coding>
</purpose>
</activity>
<limit>
<coding>
<system value="http://terminology.hl7.org/CodeSystem/v3-ActCode"/>
<code value="AUDIT"/>
</coding>
</limit>
</rule>
</Permission>