HL7 FHIR Implementation Guide: Data Access Policies
1.0.0-current - ci-build
HL7 FHIR Implementation Guide: Data Access Policies
1.0.0-current - ci-build
HL7 FHIR Implementation Guide: Data Access Policies, published by HL7 International / Security. This guide is not an authorized publication; it is the continuous build for version 1.0.0-current built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/HL7/data-access-policies/ and changes regularly. See the Directory of published versions
| Page standards status: Informative |
{
"resourceType" : "Permission",
"id" : "ex-overriding-abac-by-tag",
"meta" : {
"security" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
"code" : "HTEST"
}
]
},
"text" : {
"status" : "generated",
"div" : "<div xmlns=\"http://www.w3.org/1999/xhtml\"><p class=\"res-header-id\"><b>Generated Narrative: Permission ex-overriding-abac-by-tag</b></p><a name=\"ex-overriding-abac-by-tag\"> </a><a name=\"hcex-overriding-abac-by-tag\"> </a><a name=\"ex-overriding-abac-by-tag-en-US\"> </a><p><b>status</b>: Active</p><p><b>asserter</b>: <a href=\"Organization-ex-organization.html\">Organization nowhere</a></p><p><b>date</b>: 2023-12-22</p><p><b>combining</b>: Permit-overrides</p><blockquote><p><b>rule</b></p><p><b>type</b>: Deny</p></blockquote><blockquote><p><b>rule</b></p><p><b>type</b>: Permit</p><h3>Data</h3><table class=\"grid\"><tr><td style=\"display: none\">-</td><td><b>Security</b></td></tr><tr><td style=\"display: none\">*</td><td><a href=\"http://terminology.hl7.org/6.0.2/CodeSystem-v3-Confidentiality.html#v3-Confidentiality-N\">Confidentiality</a> N: normal</td></tr></table><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href=\"PractitionerRole-DrRole.html\">PractitionerRole Doctor</a></p><p><b>action</b>: <span title=\"Codes:{http://hl7.org/fhir/audit-event-action C}\">Create</span>, <span title=\"Codes:{http://hl7.org/fhir/audit-event-action R}\">Read</span>, <span title=\"Codes:{http://hl7.org/fhir/audit-event-action U}\">Update</span></p><p><b>purpose</b>: <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason TREAT}\">treatment</span></p></blockquote><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href=\"PractitionerRole-DieticianRole.html\">PractitionerRole Dietician</a></p><p><b>action</b>: <span title=\"Codes:{http://hl7.org/fhir/audit-event-action R}\">Read</span></p><p><b>purpose</b>: <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason TREAT}\">treatment</span>, <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HOPERAT}\">healthcare operations</span></p></blockquote><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href=\"PractitionerRole-AdminRole.html\">PractitionerRole Administration</a></p><p><b>action</b>: <span title=\"Codes:{http://hl7.org/fhir/audit-event-action D}\">Delete</span>, <span title=\"Codes:{http://hl7.org/fhir/audit-event-action U}\">Update</span></p><p><b>purpose</b>: <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HOPERAT}\">healthcare operations</span></p></blockquote><p><b>limit</b>: <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActCode AUDIT}\">audit</span></p></blockquote><blockquote><p><b>rule</b></p><p><b>type</b>: Permit</p><h3>Data</h3><table class=\"grid\"><tr><td style=\"display: none\">-</td><td><b>Security</b></td></tr><tr><td style=\"display: none\">*</td><td><a href=\"http://terminology.hl7.org/6.0.2/CodeSystem-v3-Confidentiality.html#v3-Confidentiality-R\">Confidentiality</a> R: restricted</td></tr></table><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href=\"PractitionerRole-DrRole.html\">PractitionerRole Doctor</a></p><p><b>action</b>: <span title=\"Codes:{http://hl7.org/fhir/audit-event-action C}\">Create</span>, <span title=\"Codes:{http://hl7.org/fhir/audit-event-action R}\">Read</span>, <span title=\"Codes:{http://hl7.org/fhir/audit-event-action U}\">Update</span></p><p><b>purpose</b>: <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason ETREAT}\">Emergency Treatment</span></p></blockquote><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href=\"PractitionerRole-AdminRole.html\">PractitionerRole Administration</a></p><p><b>action</b>: <span title=\"Codes:{http://hl7.org/fhir/audit-event-action D}\">Delete</span>, <span title=\"Codes:{http://hl7.org/fhir/audit-event-action U}\">Update</span></p><p><b>purpose</b>: <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HOPERAT}\">healthcare operations</span></p></blockquote><p><b>limit</b>: <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActCode AUDIT}\">audit</span></p></blockquote><blockquote><p><b>rule</b></p><p><b>type</b>: Permit</p><h3>Data</h3><table class=\"grid\"><tr><td style=\"display: none\">-</td><td><b>Security</b></td></tr><tr><td style=\"display: none\">*</td><td><a href=\"http://terminology.hl7.org/6.0.2/CodeSystem-v3-Confidentiality.html#v3-Confidentiality-L\">Confidentiality</a> L: low</td></tr></table><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href=\"PractitionerRole-DrRole.html\">PractitionerRole Doctor</a></p><p><b>action</b>: <span title=\"Codes:{http://hl7.org/fhir/audit-event-action R}\">Read</span></p><p><b>purpose</b>: <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason TREAT}\">treatment</span></p></blockquote><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href=\"PractitionerRole-DieticianRole.html\">PractitionerRole Dietician</a></p><p><b>action</b>: <span title=\"Codes:{http://hl7.org/fhir/audit-event-action R}\">Read</span></p><p><b>purpose</b>: <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason TREAT}\">treatment</span>, <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HOPERAT}\">healthcare operations</span></p></blockquote><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href=\"PractitionerRole-RegistrationRole.html\">PractitionerRole Registration Clerk</a></p><p><b>action</b>: <span title=\"Codes:{http://hl7.org/fhir/audit-event-action R}\">Read</span></p><p><b>purpose</b>: <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HOPERAT}\">healthcare operations</span></p></blockquote><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href=\"PractitionerRole-AdminRole.html\">PractitionerRole Administration</a></p><p><b>action</b>: <span title=\"Codes:{http://hl7.org/fhir/audit-event-action D}\">Delete</span>, <span title=\"Codes:{http://hl7.org/fhir/audit-event-action U}\">Update</span></p><p><b>purpose</b>: <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HOPERAT}\">healthcare operations</span></p></blockquote><p><b>limit</b>: <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActCode AUDIT}\">audit</span></p></blockquote><blockquote><p><b>rule</b></p><p><b>type</b>: Permit</p><h3>Data</h3><table class=\"grid\"><tr><td style=\"display: none\">-</td><td><b>Security</b></td></tr><tr><td style=\"display: none\">*</td><td><a href=\"http://terminology.hl7.org/6.0.2/CodeSystem-v3-Confidentiality.html#v3-Confidentiality-M\">Confidentiality</a> M: moderate</td></tr></table><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href=\"PractitionerRole-DrRole.html\">PractitionerRole Doctor</a></p><p><b>action</b>: <span title=\"Codes:{http://hl7.org/fhir/audit-event-action R}\">Read</span></p><p><b>purpose</b>: <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason TREAT}\">treatment</span></p></blockquote><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href=\"PractitionerRole-DieticianRole.html\">PractitionerRole Dietician</a></p><p><b>action</b>: <span title=\"Codes:{http://hl7.org/fhir/audit-event-action R}\">Read</span></p><p><b>purpose</b>: <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason TREAT}\">treatment</span>, <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HOPERAT}\">healthcare operations</span></p></blockquote><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href=\"PractitionerRole-RegistrationRole.html\">PractitionerRole Registration Clerk</a></p><p><b>action</b>: <span title=\"Codes:{http://hl7.org/fhir/audit-event-action C}\">Create</span>, <span title=\"Codes:{http://hl7.org/fhir/audit-event-action R}\">Read</span>, <span title=\"Codes:{http://hl7.org/fhir/audit-event-action U}\">Update</span></p><p><b>purpose</b>: <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HOPERAT}\">healthcare operations</span></p></blockquote><blockquote><p><b>activity</b></p><p><b>actor</b>: <a href=\"PractitionerRole-AdminRole.html\">PractitionerRole Administration</a></p><p><b>action</b>: <span title=\"Codes:{http://hl7.org/fhir/audit-event-action D}\">Delete</span>, <span title=\"Codes:{http://hl7.org/fhir/audit-event-action U}\">Update</span></p><p><b>purpose</b>: <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HOPERAT}\">healthcare operations</span></p></blockquote><p><b>limit</b>: <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActCode AUDIT}\">audit</span></p></blockquote></div>"
},
"status" : "active",
"asserter" : {
🔗 "reference" : "Organization/ex-organization"
},
"date" : [
"2023-12-22"
],
"combining" : "permit-overrides",
"rule" : [
{
"type" : "deny"
},
{
"type" : "permit",
"data" : [
{
"security" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-Confidentiality",
"code" : "N"
}
]
}
],
"activity" : [
{
"actor" : [
{
🔗 "reference" : "PractitionerRole/DrRole"
}
],
"action" : [
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "C"
}
]
},
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "R"
}
]
},
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "U"
}
]
}
],
"purpose" : [
{
"coding" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
"code" : "TREAT"
}
]
}
]
},
{
"actor" : [
{
🔗 "reference" : "PractitionerRole/DieticianRole"
}
],
"action" : [
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "R"
}
]
}
],
"purpose" : [
{
"coding" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
"code" : "TREAT"
}
]
},
{
"coding" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
"code" : "HOPERAT"
}
]
}
]
},
{
"actor" : [
{
🔗 "reference" : "PractitionerRole/AdminRole"
}
],
"action" : [
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "D"
}
]
},
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "U"
}
]
}
],
"purpose" : [
{
"coding" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
"code" : "HOPERAT"
}
]
}
]
}
],
"limit" : [
{
"coding" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActCode",
"code" : "AUDIT"
}
]
}
]
},
{
"type" : "permit",
"data" : [
{
"security" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-Confidentiality",
"code" : "R"
}
]
}
],
"activity" : [
{
"actor" : [
{
🔗 "reference" : "PractitionerRole/DrRole"
}
],
"action" : [
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "C"
}
]
},
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "R"
}
]
},
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "U"
}
]
}
],
"purpose" : [
{
"coding" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
"code" : "ETREAT"
}
]
}
]
},
{
"actor" : [
{
🔗 "reference" : "PractitionerRole/AdminRole"
}
],
"action" : [
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "D"
}
]
},
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "U"
}
]
}
],
"purpose" : [
{
"coding" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
"code" : "HOPERAT"
}
]
}
]
}
],
"limit" : [
{
"coding" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActCode",
"code" : "AUDIT"
}
]
}
]
},
{
"type" : "permit",
"data" : [
{
"security" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-Confidentiality",
"code" : "L"
}
]
}
],
"activity" : [
{
"actor" : [
{
🔗 "reference" : "PractitionerRole/DrRole"
}
],
"action" : [
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "R"
}
]
}
],
"purpose" : [
{
"coding" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
"code" : "TREAT"
}
]
}
]
},
{
"actor" : [
{
🔗 "reference" : "PractitionerRole/DieticianRole"
}
],
"action" : [
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "R"
}
]
}
],
"purpose" : [
{
"coding" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
"code" : "TREAT"
}
]
},
{
"coding" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
"code" : "HOPERAT"
}
]
}
]
},
{
"actor" : [
{
🔗 "reference" : "PractitionerRole/RegistrationRole"
}
],
"action" : [
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "R"
}
]
}
],
"purpose" : [
{
"coding" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
"code" : "HOPERAT"
}
]
}
]
},
{
"actor" : [
{
🔗 "reference" : "PractitionerRole/AdminRole"
}
],
"action" : [
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "D"
}
]
},
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "U"
}
]
}
],
"purpose" : [
{
"coding" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
"code" : "HOPERAT"
}
]
}
]
}
],
"limit" : [
{
"coding" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActCode",
"code" : "AUDIT"
}
]
}
]
},
{
"type" : "permit",
"data" : [
{
"security" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-Confidentiality",
"code" : "M"
}
]
}
],
"activity" : [
{
"actor" : [
{
🔗 "reference" : "PractitionerRole/DrRole"
}
],
"action" : [
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "R"
}
]
}
],
"purpose" : [
{
"coding" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
"code" : "TREAT"
}
]
}
]
},
{
"actor" : [
{
🔗 "reference" : "PractitionerRole/DieticianRole"
}
],
"action" : [
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "R"
}
]
}
],
"purpose" : [
{
"coding" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
"code" : "TREAT"
}
]
},
{
"coding" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
"code" : "HOPERAT"
}
]
}
]
},
{
"actor" : [
{
🔗 "reference" : "PractitionerRole/RegistrationRole"
}
],
"action" : [
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "C"
}
]
},
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "R"
}
]
},
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "U"
}
]
}
],
"purpose" : [
{
"coding" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
"code" : "HOPERAT"
}
]
}
]
},
{
"actor" : [
{
🔗 "reference" : "PractitionerRole/AdminRole"
}
],
"action" : [
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "D"
}
]
},
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "U"
}
]
}
],
"purpose" : [
{
"coding" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
"code" : "HOPERAT"
}
]
}
]
}
],
"limit" : [
{
"coding" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActCode",
"code" : "AUDIT"
}
]
}
]
}
]
}
IG © 2023+ HL7 International / Security. Package hl7.fhir.uv.dap#1.0.0-current based on FHIR 5.0.0. Generated 2024-08-21
Links: Table of Contents |
QA Report
| Version History |
|
Propose a change