HL7 FHIR Implementation Guide: Data Access Policies, published by HL7 International / Security. This guide is not an authorized publication; it is the continuous build for version 1.0.0-current built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/HL7/data-access-policies/ and changes regularly. See the Directory of published versions
Page standards status: Informative |
{
"resourceType" : "Permission",
"id" : "ex-permission-directory-all",
"meta" : {
"security" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
"code" : "HTEST"
}
]
},
"text" : {
"status" : "generated",
"div" : "<div xmlns=\"http://www.w3.org/1999/xhtml\"><p class=\"res-header-id\"><b>Generated Narrative: Permission ex-permission-directory-all</b></p><a name=\"ex-permission-directory-all\"> </a><a name=\"hcex-permission-directory-all\"> </a><a name=\"ex-permission-directory-all-en-US\"> </a><p><b>status</b>: Active</p><p><b>asserter</b>: <a href=\"Organization-ex-organization.html\">Organization nowhere</a></p><p><b>date</b>: 2023-11-22</p><p><b>combining</b>: Deny-unless-permit</p><blockquote><p><b>rule</b></p><p><b>type</b>: Permit</p><blockquote><p><b>activity</b></p><p><b>action</b>: <span title=\"Codes:{http://hl7.org/fhir/audit-event-action C}\">Create</span>, <span title=\"Codes:{http://hl7.org/fhir/audit-event-action R}\">Read</span>, <span title=\"Codes:{http://hl7.org/fhir/audit-event-action U}\">Update</span>, <span title=\"Codes:{http://hl7.org/fhir/audit-event-action D}\">Delete</span>, <span title=\"Codes:{http://hl7.org/fhir/audit-event-action E}\">Execute</span></p><p><b>purpose</b>: <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HDIRECT}\">directory</span>, <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HSYSADMIN}\">health system administration</span></p></blockquote></blockquote><blockquote><p><b>rule</b></p><p><b>type</b>: Permit</p><blockquote><p><b>activity</b></p><p><b>action</b>: <span title=\"Codes:{http://hl7.org/fhir/audit-event-action R}\">Read</span>, <span title=\"Codes:{http://hl7.org/fhir/audit-event-action E}\">Execute</span></p><p><b>purpose</b>: <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason TREAT}\">treatment</span>, <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HPAYMT}\">healthcare payment</span>, <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HOPERAT}\">healthcare operations</span></p></blockquote></blockquote><blockquote><p><b>rule</b></p><p><b>type</b>: Permit</p><blockquote><p><b>data</b></p><h3>Expressions</h3><table class=\"grid\"><tr><td style=\"display: none\">-</td><td><b>Description</b></td><td><b>Language</b></td><td><b>Expression</b></td></tr><tr><td style=\"display: none\">*</td><td>select all Practitioner resources where the Practitioner has a PractitionerRole with code of doctor</td><td>application/x-fhir-query</td><td>Practitioner?_has:PractitionerRole:practitioner:role=http://terminology.hl7.org/CodeSystem/practitioner-role|doctor</td></tr></table></blockquote><blockquote><p><b>activity</b></p><p><b>action</b>: <span title=\"Codes:{http://hl7.org/fhir/audit-event-action R}\">Read</span>, <span title=\"Codes:{http://hl7.org/fhir/audit-event-action E}\">Execute</span></p><p><b>purpose</b>: <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason PATRQT}\">patient requested</span></p></blockquote></blockquote></div>"
},
"status" : "active",
"asserter" : {
🔗 "reference" : "Organization/ex-organization"
},
"date" : [
"2023-11-22"
],
"combining" : "deny-unless-permit",
"rule" : [
{
"type" : "permit",
"activity" : [
{
"action" : [
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "C"
}
]
},
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "R"
}
]
},
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "U"
}
]
},
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "D"
}
]
},
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "E"
}
]
}
],
"purpose" : [
{
"coding" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
"code" : "HDIRECT"
}
]
},
{
"coding" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
"code" : "HSYSADMIN"
}
]
}
]
}
]
},
{
"modifierExtension" : [
{
"url" : "http://hl7.org/fhir/uv/dap/StructureDefinition/dap.excludeTagged",
"valueCoding" : {
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActCode",
"code" : "LOCIS"
}
}
],
"type" : "permit",
"activity" : [
{
"action" : [
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "R"
}
]
},
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "E"
}
]
}
],
"purpose" : [
{
"coding" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
"code" : "TREAT"
}
]
},
{
"coding" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
"code" : "HPAYMT"
}
]
},
{
"coding" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
"code" : "HOPERAT"
}
]
}
]
}
]
},
{
"modifierExtension" : [
{
"url" : "http://hl7.org/fhir/uv/dap/StructureDefinition/dap.excludeTagged",
"valueCoding" : {
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActCode",
"code" : "LOCIS"
}
}
],
"type" : "permit",
"data" : [
{
"expression" : {
"description" : "select all Practitioner resources where the Practitioner has a PractitionerRole with code of doctor",
"language" : "application/x-fhir-query",
"expression" : "Practitioner?_has:PractitionerRole:practitioner:role=http://terminology.hl7.org/CodeSystem/practitioner-role|doctor"
}
}
],
"activity" : [
{
"action" : [
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "R"
}
]
},
{
"coding" : [
{
"system" : "http://hl7.org/fhir/audit-event-action",
"code" : "E"
}
]
}
],
"purpose" : [
{
"coding" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
"code" : "PATRQT"
}
]
}
]
}
]
}
]
}