HL7 FHIR Implementation Guide: Data Access Policies
1.0.0-current - International flag

HL7 FHIR Implementation Guide: Data Access Policies, published by HL7 International / Security. This guide is not an authorized publication; it is the continuous build for version 1.0.0-current built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/HL7/data-access-policies/ and changes regularly. See the Directory of published versions

:

Raw xml | Download


  <!-- 
        <p>
      Given the importance of current public health information, only the latest version of the report is
  authorized for access.
      </p>

  <rule>
    <type value="deny" />
    <data>
      <expression>
        <language value="text/fhirpath" />
        <expression value="meta.versionId.exists() and meta.versionId != 'latest'" />
      </expression>
    </data>
  </rule>
   -->
<Permission xmlns="http://hl7.org/fhir">
  <id value="example-saner"/>
  <language value="en"/>
  <text>
    <status value="generated"/>
    <div xmlns="http://www.w3.org/1999/xhtml">
      <p>
        Read-Only access to a given SANER report is authorized for PurposeOfUse of Public-Health
        compliance, from the given Organization.
        Access requests authorized shall be recorded.
      </p>
      <p>
        Read-Only access to a given SANER report is authorized for PurposeOfUse of Public-Health
        compliance, from the given Group.
        Access requests authorized shall be recorded.
      </p>
    </div>
  </text>
  <identifier>
    <system value="http://example.org/identifiers"/>
    <value value="saner-report"/>
  </identifier>
  <status value="active"/>
  <asserter>🔗 
    <reference value="Organization/ex-organization"/>
  </asserter>
  <date value="2018-12-24"/>
  <combining value="deny-overrides"/>
  <rule>
    <type value="permit"/>
    <data>
      <resource>
        <meaning value="instance"/>
        <reference>
          <reference
                     value="http://hl7.org/fhir/uv/saner/Measure/CDCHealthcareSupplyPathway"/>
        </reference>
      </resource>
    </data>
    <activity>
      <actor>
        <reference>🔗 
          <reference value="Organization/ex-organization"/>
        </reference>
      </actor>
      <action>
        <coding>
          <system
                  value="http://terminology.hl7.org/CodeSystem/consentaction"/>
          <code value="access"/>
        </coding>
      </action>
      <purpose>
        <coding>
          <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
          <code value="HCOMPL"/>
        </coding>
      </purpose>
    </activity>
    <limit>
      <control>
        <coding>
          <system value="http://terminology.hl7.org/CodeSystem/v3-ActCode"/>
          <code value="AUDIT"/>
        </coding>
      </control>
    </limit>
  </rule>
  <rule>
    <type value="permit"/>
    <data>
      <resource>
        <meaning value="instance"/>
        <reference>
          <reference
                     value="http://hl7.org/fhir/uv/saner/Measure/CDCHealthcareSupplyPathway"/>
        </reference>
      </resource>
    </data>
    <activity>
      <actor>
        <reference>
          <reference value="http://example.com/R4/fhir/Group/102"/>
        </reference>
      </actor>
      <action>
        <coding>
          <system
                  value="http://terminology.hl7.org/CodeSystem/consentaction"/>
          <code value="access"/>
        </coding>
      </action>
      <purpose>
        <coding>
          <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
          <code value="HCOMPL"/>
        </coding>
      </purpose>
    </activity>
    <limit>
      <control>
        <coding>
          <system value="http://terminology.hl7.org/CodeSystem/v3-ActCode"/>
          <code value="AUDIT"/>
        </coding>
      </control>
    </limit>
  </rule>
</Permission>