HL7 FHIR Implementation Guide: Data Access Policies
1.0.0-current - ci-build International flag

HL7 FHIR Implementation Guide: Data Access Policies, published by HL7 International / Security. This guide is not an authorized publication; it is the continuous build for version 1.0.0-current built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/HL7/data-access-policies/ and changes regularly. See the Directory of published versions

: A Permission with all the Directory rules - JSON Representation

Page standards status: Informative

Raw json | Download


{
  "resourceType" : "Permission",
  "id" : "ex-permission-directory-all",
  "meta" : {
    "security" : [
      {
        "system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
        "code" : "HTEST"
      }
    ]
  },
  "text" : {
    "status" : "generated",
    "div" : "<div xmlns=\"http://www.w3.org/1999/xhtml\"><p class=\"res-header-id\"><b>Generated Narrative: Permission ex-permission-directory-all</b></p><a name=\"ex-permission-directory-all\"> </a><a name=\"hcex-permission-directory-all\"> </a><a name=\"ex-permission-directory-all-en-US\"> </a><p><b>status</b>: Active</p><p><b>asserter</b>: <a href=\"Organization-ex-organization.html\">Organization nowhere</a></p><p><b>date</b>: 2023-11-22</p><p><b>combining</b>: Deny-unless-permit</p><blockquote><p><b>rule</b></p><p><b>type</b>: Permit</p><blockquote><p><b>activity</b></p><p><b>action</b>: <span title=\"Codes:{http://hl7.org/fhir/audit-event-action C}\">Create</span>, <span title=\"Codes:{http://hl7.org/fhir/audit-event-action R}\">Read</span>, <span title=\"Codes:{http://hl7.org/fhir/audit-event-action U}\">Update</span>, <span title=\"Codes:{http://hl7.org/fhir/audit-event-action D}\">Delete</span>, <span title=\"Codes:{http://hl7.org/fhir/audit-event-action E}\">Execute</span></p><p><b>purpose</b>: <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HDIRECT}\">directory</span>, <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HSYSADMIN}\">health system administration</span></p></blockquote></blockquote><blockquote><p><b>rule</b></p><p><b>type</b>: Permit</p><blockquote><p><b>activity</b></p><p><b>action</b>: <span title=\"Codes:{http://hl7.org/fhir/audit-event-action R}\">Read</span>, <span title=\"Codes:{http://hl7.org/fhir/audit-event-action E}\">Execute</span></p><p><b>purpose</b>: <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason TREAT}\">treatment</span>, <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HPAYMT}\">healthcare payment</span>, <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason HOPERAT}\">healthcare operations</span></p></blockquote></blockquote><blockquote><p><b>rule</b></p><p><b>type</b>: Permit</p><blockquote><p><b>data</b></p><h3>Expressions</h3><table class=\"grid\"><tr><td style=\"display: none\">-</td><td><b>Description</b></td><td><b>Language</b></td><td><b>Expression</b></td></tr><tr><td style=\"display: none\">*</td><td>select all Practitioner resources where the Practitioner has a PractitionerRole with code of doctor</td><td>application/x-fhir-query</td><td>Practitioner?_has:PractitionerRole:practitioner:role=http://terminology.hl7.org/CodeSystem/practitioner-role|doctor</td></tr></table></blockquote><blockquote><p><b>activity</b></p><p><b>action</b>: <span title=\"Codes:{http://hl7.org/fhir/audit-event-action R}\">Read</span>, <span title=\"Codes:{http://hl7.org/fhir/audit-event-action E}\">Execute</span></p><p><b>purpose</b>: <span title=\"Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason PATRQT}\">patient requested</span></p></blockquote></blockquote></div>"
  },
  "status" : "active",
  "asserter" : {
    🔗 "reference" : "Organization/ex-organization"
  },
  "date" : [
    "2023-11-22"
  ],
  "combining" : "deny-unless-permit",
  "rule" : [
    {
      "type" : "permit",
      "activity" : [
        {
          "action" : [
            {
              "coding" : [
                {
                  "system" : "http://hl7.org/fhir/audit-event-action",
                  "code" : "C"
                }
              ]
            },
            {
              "coding" : [
                {
                  "system" : "http://hl7.org/fhir/audit-event-action",
                  "code" : "R"
                }
              ]
            },
            {
              "coding" : [
                {
                  "system" : "http://hl7.org/fhir/audit-event-action",
                  "code" : "U"
                }
              ]
            },
            {
              "coding" : [
                {
                  "system" : "http://hl7.org/fhir/audit-event-action",
                  "code" : "D"
                }
              ]
            },
            {
              "coding" : [
                {
                  "system" : "http://hl7.org/fhir/audit-event-action",
                  "code" : "E"
                }
              ]
            }
          ],
          "purpose" : [
            {
              "coding" : [
                {
                  "system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
                  "code" : "HDIRECT"
                }
              ]
            },
            {
              "coding" : [
                {
                  "system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
                  "code" : "HSYSADMIN"
                }
              ]
            }
          ]
        }
      ]
    },
    {
      "modifierExtension" : [
        {
          "url" : "http://hl7.org/fhir/uv/dap/StructureDefinition/dap.excludeTagged",
          "valueCoding" : {
            "system" : "http://terminology.hl7.org/CodeSystem/v3-ActCode",
            "code" : "LOCIS"
          }
        }
      ],
      "type" : "permit",
      "activity" : [
        {
          "action" : [
            {
              "coding" : [
                {
                  "system" : "http://hl7.org/fhir/audit-event-action",
                  "code" : "R"
                }
              ]
            },
            {
              "coding" : [
                {
                  "system" : "http://hl7.org/fhir/audit-event-action",
                  "code" : "E"
                }
              ]
            }
          ],
          "purpose" : [
            {
              "coding" : [
                {
                  "system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
                  "code" : "TREAT"
                }
              ]
            },
            {
              "coding" : [
                {
                  "system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
                  "code" : "HPAYMT"
                }
              ]
            },
            {
              "coding" : [
                {
                  "system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
                  "code" : "HOPERAT"
                }
              ]
            }
          ]
        }
      ]
    },
    {
      "modifierExtension" : [
        {
          "url" : "http://hl7.org/fhir/uv/dap/StructureDefinition/dap.excludeTagged",
          "valueCoding" : {
            "system" : "http://terminology.hl7.org/CodeSystem/v3-ActCode",
            "code" : "LOCIS"
          }
        }
      ],
      "type" : "permit",
      "data" : [
        {
          "expression" : {
            "description" : "select all Practitioner resources where the Practitioner has a PractitionerRole with code of doctor",
            "language" : "application/x-fhir-query",
            "expression" : "Practitioner?_has:PractitionerRole:practitioner:role=http://terminology.hl7.org/CodeSystem/practitioner-role|doctor"
          }
        }
      ],
      "activity" : [
        {
          "action" : [
            {
              "coding" : [
                {
                  "system" : "http://hl7.org/fhir/audit-event-action",
                  "code" : "R"
                }
              ]
            },
            {
              "coding" : [
                {
                  "system" : "http://hl7.org/fhir/audit-event-action",
                  "code" : "E"
                }
              ]
            }
          ],
          "purpose" : [
            {
              "coding" : [
                {
                  "system" : "http://terminology.hl7.org/CodeSystem/v3-ActReason",
                  "code" : "PATRQT"
                }
              ]
            }
          ]
        }
      ]
    }
  ]
}