Scalable Consent Management, published by HL7 International / Community Based Collaborative Care. This guide is not an authorized publication; it is the continuous build for version 0.1.0 built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/HL7/fhir-consent-management/ and changes regularly. See the Directory of published versions
Official URL: http://hl7.org/fhir/us/consent-management/StructureDefinition/FASTConsent | Version: 0.1.0 | |||
Standards status: Trial-use | Maturity Level: 1 | Computable Name: FASTConsent |
This profile captures the details of a Patient's Consent.
Usage:
Description of Profiles, Differentials, Snapshots and how the different presentations work.
This structure is derived from Consent
Name | Flags | Card. | Type | Description & Constraints |
---|---|---|---|---|
Consent | 0..* | Consent | A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time | |
patient | S | 1..1 | Reference(Patient) | Who the consent applies to |
dateTime | S | 1..1 | dateTime | When this Consent was created or indexed |
Documentation for this format |
Name | Flags | Card. | Type | Description & Constraints |
---|---|---|---|---|
Consent | C | 0..* | Consent | A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time ppc-1: Either a Policy or PolicyRule ppc-2: IF Scope=privacy, there must be a patient ppc-3: IF Scope=research, there must be a patient ppc-4: IF Scope=adr, there must be a patient ppc-5: IF Scope=treatment, there must be a patient |
implicitRules | ?!Σ | 0..1 | uri | A set of rules under which this content was created |
modifierExtension | ?! | 0..* | Extension | Extensions that cannot be ignored |
status | ?!Σ | 1..1 | code | draft | proposed | active | rejected | inactive | entered-in-error Binding: ConsentState (required): Indicates the state of the consent. |
scope | ?!Σ | 1..1 | CodeableConcept | Which of the four areas this resource covers (extensible) Binding: ConsentScopeCodes (extensible): The four anticipated uses for the Consent Resource. |
category | Σ | 1..* | CodeableConcept | Classification of the consent statement - for indexing/retrieval Binding: ConsentCategoryCodes (extensible): A classification of the type of consents found in a consent statement. |
patient | SΣ | 1..1 | Reference(Patient) | Who the consent applies to |
dateTime | SΣ | 1..1 | dateTime | When this Consent was created or indexed |
Documentation for this format |
Path | Conformance | ValueSet | URI |
Consent.status | required | ConsentStatehttp://hl7.org/fhir/ValueSet/consent-state-codes|4.0.1 from the FHIR Standard | |
Consent.scope | extensible | ConsentScopeCodeshttp://hl7.org/fhir/ValueSet/consent-scope from the FHIR Standard | |
Consent.category | extensible | ConsentCategoryCodeshttp://hl7.org/fhir/ValueSet/consent-category from the FHIR Standard |
Id | Grade | Path(s) | Details | Requirements |
dom-2 | error | Consent | If the resource is contained in another resource, it SHALL NOT contain nested Resources : contained.contained.empty() | |
dom-3 | error | Consent | If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource : contained.where((('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(canonical) = '#').exists()).not()).trace('unmatched', id).empty() | |
dom-4 | error | Consent | If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated : contained.meta.versionId.empty() and contained.meta.lastUpdated.empty() | |
dom-5 | error | Consent | If a resource is contained in another resource, it SHALL NOT have a security label : contained.meta.security.empty() | |
dom-6 | best practice | Consent | A resource should have narrative for robust management : text.`div`.exists() | |
ele-1 | error | **ALL** elements | All FHIR elements must have a @value or children : hasValue() or (children().count() > id.count()) | |
ext-1 | error | **ALL** extensions | Must have either extensions or value[x], not both : extension.exists() != value.exists() | |
ppc-1 | error | Consent | Either a Policy or PolicyRule : policy.exists() or policyRule.exists() | |
ppc-2 | error | Consent | IF Scope=privacy, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='patient-privacy').exists().not() | |
ppc-3 | error | Consent | IF Scope=research, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='research').exists().not() | |
ppc-4 | error | Consent | IF Scope=adr, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='adr').exists().not() | |
ppc-5 | error | Consent | IF Scope=treatment, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='treatment').exists().not() |
Name | Flags | Card. | Type | Description & Constraints | ||||
---|---|---|---|---|---|---|---|---|
Consent | C | 0..* | Consent | A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time ppc-1: Either a Policy or PolicyRule ppc-2: IF Scope=privacy, there must be a patient ppc-3: IF Scope=research, there must be a patient ppc-4: IF Scope=adr, there must be a patient ppc-5: IF Scope=treatment, there must be a patient | ||||
id | Σ | 0..1 | id | Logical id of this artifact | ||||
meta | Σ | 0..1 | Meta | Metadata about the resource | ||||
implicitRules | ?!Σ | 0..1 | uri | A set of rules under which this content was created | ||||
language | 0..1 | code | Language of the resource content Binding: CommonLanguages (preferred): A human language.
| |||||
text | 0..1 | Narrative | Text summary of the resource, for human interpretation | |||||
contained | 0..* | Resource | Contained, inline Resources | |||||
extension | 0..* | Extension | Additional content defined by implementations | |||||
modifierExtension | ?! | 0..* | Extension | Extensions that cannot be ignored | ||||
identifier | Σ | 0..* | Identifier | Identifier for this record (external references) Example General: {"system":"http://acme.org/identifier/local/eCMS","value":"Local eCMS identifier"} | ||||
status | ?!Σ | 1..1 | code | draft | proposed | active | rejected | inactive | entered-in-error Binding: ConsentState (required): Indicates the state of the consent. | ||||
scope | ?!Σ | 1..1 | CodeableConcept | Which of the four areas this resource covers (extensible) Binding: ConsentScopeCodes (extensible): The four anticipated uses for the Consent Resource. | ||||
category | Σ | 1..* | CodeableConcept | Classification of the consent statement - for indexing/retrieval Binding: ConsentCategoryCodes (extensible): A classification of the type of consents found in a consent statement. | ||||
patient | SΣ | 1..1 | Reference(Patient) | Who the consent applies to | ||||
dateTime | SΣ | 1..1 | dateTime | When this Consent was created or indexed | ||||
performer | Σ | 0..* | Reference(Organization | Patient | Practitioner | RelatedPerson | PractitionerRole) | Who is agreeing to the policy and rules | ||||
organization | Σ | 0..* | Reference(Organization) | Custodian of the consent | ||||
source[x] | Σ | 0..1 | Source from which this consent is taken | |||||
sourceAttachment | Attachment | |||||||
sourceReference | Reference(Consent | DocumentReference | Contract | QuestionnaireResponse) | |||||||
policy | 0..* | BackboneElement | Policies covered by this consent | |||||
id | 0..1 | string | Unique id for inter-element referencing | |||||
extension | 0..* | Extension | Additional content defined by implementations | |||||
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
authority | C | 0..1 | uri | Enforcement source for policy | ||||
uri | C | 0..1 | uri | Specific policy covered by this consent | ||||
policyRule | ΣC | 0..1 | CodeableConcept | Regulation that this consents to Binding: ConsentPolicyRuleCodes (extensible): Regulatory policy examples. | ||||
verification | Σ | 0..* | BackboneElement | Consent Verified by patient or family | ||||
id | 0..1 | string | Unique id for inter-element referencing | |||||
extension | 0..* | Extension | Additional content defined by implementations | |||||
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
verified | Σ | 1..1 | boolean | Has been verified | ||||
verifiedWith | 0..1 | Reference(Patient | RelatedPerson) | Person who verified | |||||
verificationDate | 0..1 | dateTime | When consent verified | |||||
provision | Σ | 0..1 | BackboneElement | Constraints to the base Consent.policyRule | ||||
id | 0..1 | string | Unique id for inter-element referencing | |||||
extension | 0..* | Extension | Additional content defined by implementations | |||||
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
type | Σ | 0..1 | code | deny | permit Binding: ConsentProvisionType (required): How a rule statement is applied, such as adding additional consent or removing consent. | ||||
period | Σ | 0..1 | Period | Timeframe for this rule | ||||
actor | 0..* | BackboneElement | Who|what controlled by this rule (or group, by role) | |||||
id | 0..1 | string | Unique id for inter-element referencing | |||||
extension | 0..* | Extension | Additional content defined by implementations | |||||
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
role | 1..1 | CodeableConcept | How the actor is involved Binding: SecurityRoleType (extensible): How an actor is involved in the consent considerations. | |||||
reference | 1..1 | Reference(Device | Group | CareTeam | Organization | Patient | Practitioner | RelatedPerson | PractitionerRole) | Resource for the actor (or group, by role) | |||||
action | Σ | 0..* | CodeableConcept | Actions controlled by this rule Binding: ConsentActionCodes (example): Detailed codes for the consent action. | ||||
securityLabel | Σ | 0..* | Coding | Security Labels that define affected resources Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System. | ||||
purpose | Σ | 0..* | Coding | Context of activities covered by this rule Binding: PurposeOfUse (extensible): What purposes of use are controlled by this exception. If more than one label is specified, operations must have all the specified labels. | ||||
class | Σ | 0..* | Coding | e.g. Resource Type, Profile, CDA, etc. Binding: ConsentContentClass (extensible): The class (type) of information a consent rule covers. | ||||
code | Σ | 0..* | CodeableConcept | e.g. LOINC or SNOMED CT code, etc. in the content Binding: ConsentContentCodes (example): If this code is found in an instance, then the exception applies. | ||||
dataPeriod | Σ | 0..1 | Period | Timeframe for data controlled by this rule | ||||
data | Σ | 0..* | BackboneElement | Data controlled by this rule | ||||
id | 0..1 | string | Unique id for inter-element referencing | |||||
extension | 0..* | Extension | Additional content defined by implementations | |||||
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
meaning | Σ | 1..1 | code | instance | related | dependents | authoredby Binding: ConsentDataMeaning (required): How a resource reference is interpreted when testing consent restrictions. | ||||
reference | Σ | 1..1 | Reference(Resource) | The actual data reference | ||||
provision | 0..* | See provision (Consent) | Nested Exception Rules | |||||
Documentation for this format |
Path | Conformance | ValueSet | URI | |||
Consent.language | preferred | CommonLanguages
http://hl7.org/fhir/ValueSet/languages from the FHIR Standard | ||||
Consent.status | required | ConsentStatehttp://hl7.org/fhir/ValueSet/consent-state-codes|4.0.1 from the FHIR Standard | ||||
Consent.scope | extensible | ConsentScopeCodeshttp://hl7.org/fhir/ValueSet/consent-scope from the FHIR Standard | ||||
Consent.category | extensible | ConsentCategoryCodeshttp://hl7.org/fhir/ValueSet/consent-category from the FHIR Standard | ||||
Consent.policyRule | extensible | ConsentPolicyRuleCodeshttp://hl7.org/fhir/ValueSet/consent-policy from the FHIR Standard | ||||
Consent.provision.type | required | ConsentProvisionTypehttp://hl7.org/fhir/ValueSet/consent-provision-type|4.0.1 from the FHIR Standard | ||||
Consent.provision.actor.role | extensible | SecurityRoleTypehttp://hl7.org/fhir/ValueSet/security-role-type from the FHIR Standard | ||||
Consent.provision.action | example | ConsentActionCodeshttp://hl7.org/fhir/ValueSet/consent-action from the FHIR Standard | ||||
Consent.provision.securityLabel | extensible | All Security Labelshttp://hl7.org/fhir/ValueSet/security-labels from the FHIR Standard | ||||
Consent.provision.purpose | extensible | PurposeOfUsehttp://terminology.hl7.org/ValueSet/v3-PurposeOfUse | ||||
Consent.provision.class | extensible | ConsentContentClasshttp://hl7.org/fhir/ValueSet/consent-content-class from the FHIR Standard | ||||
Consent.provision.code | example | ConsentContentCodes (a valid code from LOINC)http://hl7.org/fhir/ValueSet/consent-content-code from the FHIR Standard | ||||
Consent.provision.data.meaning | required | ConsentDataMeaninghttp://hl7.org/fhir/ValueSet/consent-data-meaning|4.0.1 from the FHIR Standard |
Id | Grade | Path(s) | Details | Requirements |
dom-2 | error | Consent | If the resource is contained in another resource, it SHALL NOT contain nested Resources : contained.contained.empty() | |
dom-3 | error | Consent | If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource : contained.where((('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(canonical) = '#').exists()).not()).trace('unmatched', id).empty() | |
dom-4 | error | Consent | If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated : contained.meta.versionId.empty() and contained.meta.lastUpdated.empty() | |
dom-5 | error | Consent | If a resource is contained in another resource, it SHALL NOT have a security label : contained.meta.security.empty() | |
dom-6 | best practice | Consent | A resource should have narrative for robust management : text.`div`.exists() | |
ele-1 | error | **ALL** elements | All FHIR elements must have a @value or children : hasValue() or (children().count() > id.count()) | |
ext-1 | error | **ALL** extensions | Must have either extensions or value[x], not both : extension.exists() != value.exists() | |
ppc-1 | error | Consent | Either a Policy or PolicyRule : policy.exists() or policyRule.exists() | |
ppc-2 | error | Consent | IF Scope=privacy, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='patient-privacy').exists().not() | |
ppc-3 | error | Consent | IF Scope=research, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='research').exists().not() | |
ppc-4 | error | Consent | IF Scope=adr, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='adr').exists().not() | |
ppc-5 | error | Consent | IF Scope=treatment, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='treatment').exists().not() |
Differential View
This structure is derived from Consent
Name | Flags | Card. | Type | Description & Constraints |
---|---|---|---|---|
Consent | 0..* | Consent | A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time | |
patient | S | 1..1 | Reference(Patient) | Who the consent applies to |
dateTime | S | 1..1 | dateTime | When this Consent was created or indexed |
Documentation for this format |
Key Elements View
Name | Flags | Card. | Type | Description & Constraints |
---|---|---|---|---|
Consent | C | 0..* | Consent | A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time ppc-1: Either a Policy or PolicyRule ppc-2: IF Scope=privacy, there must be a patient ppc-3: IF Scope=research, there must be a patient ppc-4: IF Scope=adr, there must be a patient ppc-5: IF Scope=treatment, there must be a patient |
implicitRules | ?!Σ | 0..1 | uri | A set of rules under which this content was created |
modifierExtension | ?! | 0..* | Extension | Extensions that cannot be ignored |
status | ?!Σ | 1..1 | code | draft | proposed | active | rejected | inactive | entered-in-error Binding: ConsentState (required): Indicates the state of the consent. |
scope | ?!Σ | 1..1 | CodeableConcept | Which of the four areas this resource covers (extensible) Binding: ConsentScopeCodes (extensible): The four anticipated uses for the Consent Resource. |
category | Σ | 1..* | CodeableConcept | Classification of the consent statement - for indexing/retrieval Binding: ConsentCategoryCodes (extensible): A classification of the type of consents found in a consent statement. |
patient | SΣ | 1..1 | Reference(Patient) | Who the consent applies to |
dateTime | SΣ | 1..1 | dateTime | When this Consent was created or indexed |
Documentation for this format |
Path | Conformance | ValueSet | URI |
Consent.status | required | ConsentStatehttp://hl7.org/fhir/ValueSet/consent-state-codes|4.0.1 from the FHIR Standard | |
Consent.scope | extensible | ConsentScopeCodeshttp://hl7.org/fhir/ValueSet/consent-scope from the FHIR Standard | |
Consent.category | extensible | ConsentCategoryCodeshttp://hl7.org/fhir/ValueSet/consent-category from the FHIR Standard |
Id | Grade | Path(s) | Details | Requirements |
dom-2 | error | Consent | If the resource is contained in another resource, it SHALL NOT contain nested Resources : contained.contained.empty() | |
dom-3 | error | Consent | If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource : contained.where((('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(canonical) = '#').exists()).not()).trace('unmatched', id).empty() | |
dom-4 | error | Consent | If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated : contained.meta.versionId.empty() and contained.meta.lastUpdated.empty() | |
dom-5 | error | Consent | If a resource is contained in another resource, it SHALL NOT have a security label : contained.meta.security.empty() | |
dom-6 | best practice | Consent | A resource should have narrative for robust management : text.`div`.exists() | |
ele-1 | error | **ALL** elements | All FHIR elements must have a @value or children : hasValue() or (children().count() > id.count()) | |
ext-1 | error | **ALL** extensions | Must have either extensions or value[x], not both : extension.exists() != value.exists() | |
ppc-1 | error | Consent | Either a Policy or PolicyRule : policy.exists() or policyRule.exists() | |
ppc-2 | error | Consent | IF Scope=privacy, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='patient-privacy').exists().not() | |
ppc-3 | error | Consent | IF Scope=research, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='research').exists().not() | |
ppc-4 | error | Consent | IF Scope=adr, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='adr').exists().not() | |
ppc-5 | error | Consent | IF Scope=treatment, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='treatment').exists().not() |
Snapshot View
Name | Flags | Card. | Type | Description & Constraints | ||||
---|---|---|---|---|---|---|---|---|
Consent | C | 0..* | Consent | A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time ppc-1: Either a Policy or PolicyRule ppc-2: IF Scope=privacy, there must be a patient ppc-3: IF Scope=research, there must be a patient ppc-4: IF Scope=adr, there must be a patient ppc-5: IF Scope=treatment, there must be a patient | ||||
id | Σ | 0..1 | id | Logical id of this artifact | ||||
meta | Σ | 0..1 | Meta | Metadata about the resource | ||||
implicitRules | ?!Σ | 0..1 | uri | A set of rules under which this content was created | ||||
language | 0..1 | code | Language of the resource content Binding: CommonLanguages (preferred): A human language.
| |||||
text | 0..1 | Narrative | Text summary of the resource, for human interpretation | |||||
contained | 0..* | Resource | Contained, inline Resources | |||||
extension | 0..* | Extension | Additional content defined by implementations | |||||
modifierExtension | ?! | 0..* | Extension | Extensions that cannot be ignored | ||||
identifier | Σ | 0..* | Identifier | Identifier for this record (external references) Example General: {"system":"http://acme.org/identifier/local/eCMS","value":"Local eCMS identifier"} | ||||
status | ?!Σ | 1..1 | code | draft | proposed | active | rejected | inactive | entered-in-error Binding: ConsentState (required): Indicates the state of the consent. | ||||
scope | ?!Σ | 1..1 | CodeableConcept | Which of the four areas this resource covers (extensible) Binding: ConsentScopeCodes (extensible): The four anticipated uses for the Consent Resource. | ||||
category | Σ | 1..* | CodeableConcept | Classification of the consent statement - for indexing/retrieval Binding: ConsentCategoryCodes (extensible): A classification of the type of consents found in a consent statement. | ||||
patient | SΣ | 1..1 | Reference(Patient) | Who the consent applies to | ||||
dateTime | SΣ | 1..1 | dateTime | When this Consent was created or indexed | ||||
performer | Σ | 0..* | Reference(Organization | Patient | Practitioner | RelatedPerson | PractitionerRole) | Who is agreeing to the policy and rules | ||||
organization | Σ | 0..* | Reference(Organization) | Custodian of the consent | ||||
source[x] | Σ | 0..1 | Source from which this consent is taken | |||||
sourceAttachment | Attachment | |||||||
sourceReference | Reference(Consent | DocumentReference | Contract | QuestionnaireResponse) | |||||||
policy | 0..* | BackboneElement | Policies covered by this consent | |||||
id | 0..1 | string | Unique id for inter-element referencing | |||||
extension | 0..* | Extension | Additional content defined by implementations | |||||
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
authority | C | 0..1 | uri | Enforcement source for policy | ||||
uri | C | 0..1 | uri | Specific policy covered by this consent | ||||
policyRule | ΣC | 0..1 | CodeableConcept | Regulation that this consents to Binding: ConsentPolicyRuleCodes (extensible): Regulatory policy examples. | ||||
verification | Σ | 0..* | BackboneElement | Consent Verified by patient or family | ||||
id | 0..1 | string | Unique id for inter-element referencing | |||||
extension | 0..* | Extension | Additional content defined by implementations | |||||
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
verified | Σ | 1..1 | boolean | Has been verified | ||||
verifiedWith | 0..1 | Reference(Patient | RelatedPerson) | Person who verified | |||||
verificationDate | 0..1 | dateTime | When consent verified | |||||
provision | Σ | 0..1 | BackboneElement | Constraints to the base Consent.policyRule | ||||
id | 0..1 | string | Unique id for inter-element referencing | |||||
extension | 0..* | Extension | Additional content defined by implementations | |||||
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
type | Σ | 0..1 | code | deny | permit Binding: ConsentProvisionType (required): How a rule statement is applied, such as adding additional consent or removing consent. | ||||
period | Σ | 0..1 | Period | Timeframe for this rule | ||||
actor | 0..* | BackboneElement | Who|what controlled by this rule (or group, by role) | |||||
id | 0..1 | string | Unique id for inter-element referencing | |||||
extension | 0..* | Extension | Additional content defined by implementations | |||||
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
role | 1..1 | CodeableConcept | How the actor is involved Binding: SecurityRoleType (extensible): How an actor is involved in the consent considerations. | |||||
reference | 1..1 | Reference(Device | Group | CareTeam | Organization | Patient | Practitioner | RelatedPerson | PractitionerRole) | Resource for the actor (or group, by role) | |||||
action | Σ | 0..* | CodeableConcept | Actions controlled by this rule Binding: ConsentActionCodes (example): Detailed codes for the consent action. | ||||
securityLabel | Σ | 0..* | Coding | Security Labels that define affected resources Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System. | ||||
purpose | Σ | 0..* | Coding | Context of activities covered by this rule Binding: PurposeOfUse (extensible): What purposes of use are controlled by this exception. If more than one label is specified, operations must have all the specified labels. | ||||
class | Σ | 0..* | Coding | e.g. Resource Type, Profile, CDA, etc. Binding: ConsentContentClass (extensible): The class (type) of information a consent rule covers. | ||||
code | Σ | 0..* | CodeableConcept | e.g. LOINC or SNOMED CT code, etc. in the content Binding: ConsentContentCodes (example): If this code is found in an instance, then the exception applies. | ||||
dataPeriod | Σ | 0..1 | Period | Timeframe for data controlled by this rule | ||||
data | Σ | 0..* | BackboneElement | Data controlled by this rule | ||||
id | 0..1 | string | Unique id for inter-element referencing | |||||
extension | 0..* | Extension | Additional content defined by implementations | |||||
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
meaning | Σ | 1..1 | code | instance | related | dependents | authoredby Binding: ConsentDataMeaning (required): How a resource reference is interpreted when testing consent restrictions. | ||||
reference | Σ | 1..1 | Reference(Resource) | The actual data reference | ||||
provision | 0..* | See provision (Consent) | Nested Exception Rules | |||||
Documentation for this format |
Path | Conformance | ValueSet | URI | |||
Consent.language | preferred | CommonLanguages
http://hl7.org/fhir/ValueSet/languages from the FHIR Standard | ||||
Consent.status | required | ConsentStatehttp://hl7.org/fhir/ValueSet/consent-state-codes|4.0.1 from the FHIR Standard | ||||
Consent.scope | extensible | ConsentScopeCodeshttp://hl7.org/fhir/ValueSet/consent-scope from the FHIR Standard | ||||
Consent.category | extensible | ConsentCategoryCodeshttp://hl7.org/fhir/ValueSet/consent-category from the FHIR Standard | ||||
Consent.policyRule | extensible | ConsentPolicyRuleCodeshttp://hl7.org/fhir/ValueSet/consent-policy from the FHIR Standard | ||||
Consent.provision.type | required | ConsentProvisionTypehttp://hl7.org/fhir/ValueSet/consent-provision-type|4.0.1 from the FHIR Standard | ||||
Consent.provision.actor.role | extensible | SecurityRoleTypehttp://hl7.org/fhir/ValueSet/security-role-type from the FHIR Standard | ||||
Consent.provision.action | example | ConsentActionCodeshttp://hl7.org/fhir/ValueSet/consent-action from the FHIR Standard | ||||
Consent.provision.securityLabel | extensible | All Security Labelshttp://hl7.org/fhir/ValueSet/security-labels from the FHIR Standard | ||||
Consent.provision.purpose | extensible | PurposeOfUsehttp://terminology.hl7.org/ValueSet/v3-PurposeOfUse | ||||
Consent.provision.class | extensible | ConsentContentClasshttp://hl7.org/fhir/ValueSet/consent-content-class from the FHIR Standard | ||||
Consent.provision.code | example | ConsentContentCodes (a valid code from LOINC)http://hl7.org/fhir/ValueSet/consent-content-code from the FHIR Standard | ||||
Consent.provision.data.meaning | required | ConsentDataMeaninghttp://hl7.org/fhir/ValueSet/consent-data-meaning|4.0.1 from the FHIR Standard |
Id | Grade | Path(s) | Details | Requirements |
dom-2 | error | Consent | If the resource is contained in another resource, it SHALL NOT contain nested Resources : contained.contained.empty() | |
dom-3 | error | Consent | If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource : contained.where((('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(canonical) = '#').exists()).not()).trace('unmatched', id).empty() | |
dom-4 | error | Consent | If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated : contained.meta.versionId.empty() and contained.meta.lastUpdated.empty() | |
dom-5 | error | Consent | If a resource is contained in another resource, it SHALL NOT have a security label : contained.meta.security.empty() | |
dom-6 | best practice | Consent | A resource should have narrative for robust management : text.`div`.exists() | |
ele-1 | error | **ALL** elements | All FHIR elements must have a @value or children : hasValue() or (children().count() > id.count()) | |
ext-1 | error | **ALL** extensions | Must have either extensions or value[x], not both : extension.exists() != value.exists() | |
ppc-1 | error | Consent | Either a Policy or PolicyRule : policy.exists() or policyRule.exists() | |
ppc-2 | error | Consent | IF Scope=privacy, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='patient-privacy').exists().not() | |
ppc-3 | error | Consent | IF Scope=research, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='research').exists().not() | |
ppc-4 | error | Consent | IF Scope=adr, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='adr').exists().not() | |
ppc-5 | error | Consent | IF Scope=treatment, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='treatment').exists().not() |
Other representations of profile: CSV, Excel, Schematron