Scalable Consent Management
1.0.0-preview - STU 1 PReview
US
Scalable Consent Management
1.0.0-preview - STU 1 PReview
US
Scalable Consent Management, published by HL7 International / Community Based Collaborative Care. This guide is not an authorized publication; it is the continuous build for version 1.0.0-preview built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/HL7/fhir-consent-management/ and changes regularly. See the Directory of published versions
| Page standards status: Trial-use | Maturity Level: 1 |
<Requirements xmlns="http://hl7.org/fhir">
<id value="fromNarrative"/>
<text>
<status value="generated"/>
<div xmlns="http://www.w3.org/1999/xhtml"><p class="res-header-id"><b>Generated Narrative: Requirements fromNarrative</b></p><a name="fromNarrative"> </a><a name="hcfromNarrative"> </a><p>These requirements apply to the following actors: </p><ul><li><a href="ActorDefinition-consent-server.html">Consent Server System</a></li><li><a href="ActorDefinition-client.html">Consent Client System</a></li></ul><table class="grid"><tr><td><b><a name="1"> </a></b>1</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHALL">SHALL</a></td><td><div><p>SC-8?^client:this guide requires that an external identifier for those participants SHALL be populated.</p>
</div></td></tr><tr><td><b><a name="2"> </a></b>2</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHALL">SHALL</a></td><td><div><p>SC-8?^client:this guide requires that an external identifier for those participants SHALL be populated.</p>
</div></td></tr><tr><td><b><a name="AE1"> </a></b>AE1</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHALL">SHALL</a></td><td><div><p>A FAST Consent Audit Event <strong>SHALL</strong> be created by the system that evaluates a Consent resource to determine whether a request to access patient information should be permitted or denied.</p>
</div></td></tr><tr><td><b><a name="AE2"> </a></b>AE2</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHALL">SHALL</a></td><td><div><p>The event <strong>SHALL</strong> be created regardless of whether the authorization decision was a permit or a deny.</p>
</div></td></tr><tr><td><b><a name="AE3"> </a></b>AE3</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHALL">SHALL</a></td><td><div><p>an external identifier for those participants <strong>SHALL</strong> be populated.</p>
</div></td></tr><tr><td><b><a name="ID1"> </a></b>ID1</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHALL">SHALL</a></td><td><div><p>For that reason, this guide mandates that Consent Client systems <strong>SHALL</strong> query the consent administration service for the identifiers of the involved patients, practitioners, organizations, and related persons</p>
</div></td></tr><tr><td><b><a name="IN1"> </a></b>IN1</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHOULD">SHOULD</a></td><td><div><p>A consent administration service receiving a <code>POST Subscription</code> request <strong>SHOULD</strong> verify that the subscribing system is authorized to access the consents it is requesting to be notified about.</p>
</div></td></tr><tr><td><b><a name="IN2"> </a></b>IN2</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHOULD">SHOULD</a></td><td><div><p>a system that cannot maintain a subscription to the consent management source <strong>SHOULD</strong> fetch a fresh copy of the consent at the time of each authorization decision rather than rely on a cached copy.</p>
</div></td></tr><tr><td><b><a name="MS-1"> </a></b>MS-1</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHALL">SHALL</a></td><td><div><p>Consent Client systems <strong>SHALL</strong> be capable of populating a mustSupport element when sharing resources compliant with the profile. I.e., the system must be able to demonstrate the population and sharing of the element, but it is acceptable to omit the element if the system doesn’t have values in a particular instance. A system that is incapable of ever sharing the element would be non-conformant.</p>
</div></td></tr><tr><td><b><a name="MS-2"> </a></b>MS-2</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHALL">SHALL</a></td><td><div><p>Consent Server systems <strong>SHALL</strong> be capable of processing resource instances containing data elements without generating an error or causing the application to fail.</p>
</div></td></tr><tr><td><b><a name="MS-3"> </a></b>MS-3</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHALL">SHALL</a></td><td><div><p>If the minimum cardinality of an element is greater than 0 — i.e., the element is required — then the element <strong>SHALL</strong> be present in the instance and <strong>SHALL</strong> have a value.</p>
</div></td></tr><tr><td><b><a name="MS-4"> </a></b>MS-4</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHALL">SHALL</a></td><td><div><p>Consent Server systems <strong>SHALL</strong> interpret missing data elements within resource instances as data not being present in the sending system or not being shareable for privacy or other business reasons.</p>
</div></td></tr><tr><td><b><a name="MS-5"> </a></b>MS-5</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHALL">SHALL</a></td><td><div><p>Consent Server systems <strong>SHALL</strong> be able to process resource instances containing data elements that have extensions in place of a value where such extensions are declared as part of the profile.</p>
</div></td></tr><tr><td><b><a name="NR1"> </a></b>NR1</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHALL">SHALL</a></td><td><div><p>When the Consent record is created on System A, System A's system identifier <strong>SHALL</strong> be recorded in the <code>manager</code> extension of the Consent instance.</p>
</div></td></tr><tr><td><b><a name="NR2"> </a></b>NR2</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHALL">SHALL</a></td><td><div><p>Systems that ingest a Consent from another system <strong>SHALL</strong> preserve the <code>manager</code> extension value unchanged.</p>
</div></td></tr><tr><td><b><a name="NR3"> </a></b>NR3</td><td>SHALL NOT</td><td><div><p>When sharing a Consent resource with another system, the originating or forwarding system <strong>SHALL NOT</strong> modify the <code>manager</code> extension value.</p>
</div></td></tr><tr><td><b><a name="NR4"> </a></b>NR4</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHOULD">SHOULD</a></td><td><div><p>A system that receives a shared Consent resource <strong>SHOULD</strong> establish a FHIR Subscription with the system identified in the <code>manager</code> extension to receive updates to that Consent (e.g., revocations).</p>
</div></td></tr><tr><td><b><a name="OP1"> </a></b>OP1</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHALL">SHALL</a></td><td><div><p>To satisfy the business use cases for consent management, two operations are defined that a consent administration service <strong>SHALL</strong> support: File Consent and Revoke Consent.</p>
</div></td></tr><tr><td><b><a name="OP2"> </a></b>OP2</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHALL">SHALL</a></td><td><div><p>Along with these operations, Consent administration service systems <strong>SHALL</strong> support searching for consents</p>
</div></td></tr><tr><td><b><a name="OP3"> </a></b>OP3</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHALL">SHALL</a></td><td><div><p>Finally, a consent administration service <strong>SHALL</strong> support subscriptions to allow other systems to be informed when consents for a patient have changed.</p>
</div></td></tr><tr><td><b><a name="OP4"> </a></b>OP4</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHALL">SHALL</a></td><td><div><p>When filing a consent, the Consent status element <strong>SHALL</strong> be set to 'active'.</p>
</div></td></tr><tr><td><b><a name="OP5"> </a></b>OP5</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHALL">SHALL</a></td><td><div><p>After a consent has been revoked, the Consent status element for the revoked consent <strong>SHALL</strong> be set to 'inactive'.</p>
</div></td></tr><tr><td><b><a name="OP6"> </a></b>OP6</td><td>SHALL NOT</td><td><div><p>A revoked consent <strong>SHALL NOT</strong> be deleted from the consent management system.</p>
</div></td></tr><tr><td><b><a name="OP7"> </a></b>OP7</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHALL">SHALL</a></td><td><div><p>To support searching for consents, the following search parameters <strong>SHALL</strong> be supported - patient, controller, manager, date, status, and scope.</p>
</div></td></tr><tr><td><b><a name="OP8"> </a></b>OP8</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHALL">SHALL</a></td><td><div><p>Along with the business use cases of consent management, consent administration services <strong>SHALL</strong> be able to record and retrieve disclosures of when a consent was accessed to determine whether patient information could be accessed.</p>
</div></td></tr><tr><td><b><a name="OP9"> </a></b>OP9</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHALL">SHALL</a></td><td><div><p>To allow systems to document and retrieve consent authorization decision events — including for disclosure to patients and requesting authorities — systems <strong>SHALL</strong> support searching for FAST Consent Audit Events</p>
</div></td></tr><tr><td><b><a name="OP10"> </a></b>OP10</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-MAY">MAY</a></td><td><div><p>Consent Server systems <strong>MAY</strong> return an OperationOutcome with a success when they wish to provide additional structured information alongside a successful operation response.</p>
</div></td></tr><tr><td><b><a name="OP11"> </a></b>OP11</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHOULD">SHOULD</a></td><td><div><p>Consent Server systems <strong>SHOULD</strong> return an OperationOutcome with the details if an HTTP status code of 4xx or 5xx is returned.</p>
</div></td></tr><tr><td><b><a name="OP12"> </a></b>OP12</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHALL">SHALL</a></td><td><div><p>Systems <strong>SHALL</strong> create a FAST Consent Audit Event via a RESTful FHIR <code>POST AuditEvent</code> whenever a Consent instance is accessed to determine whether patient information can be accessed.</p>
</div></td></tr><tr><td><b><a name="OP13"> </a></b>OP13</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHOULD">SHOULD</a></td><td><div><p>To search for consents by organization identifier, implementers <strong>SHOULD</strong> use the <code>controller:identifier</code> chained search parameter (e.g., <code>GET [base]/Consent?controller:identifier=|1234567890</code>) rather than a custom organization ID search parameter.</p>
</div></td></tr><tr><td><b><a name="OP14"> </a></b>OP14</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHOULD">SHOULD</a></td><td><div><p>To search for consents by patient identifier, implementers <strong>SHOULD</strong> use the <code>patient:identifier</code> chained search parameter (e.g., <code>GET [base]/Consent?patient:identifier=http://example.org/mrn|M1230041</code>).</p>
</div></td></tr><tr><td><b><a name="OP15"> </a></b>OP15</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHOULD-NOT">SHOULD-NOT</a></td><td><div><p>This guide does not define an Update Consent operation, and systems conforming to this guide <strong>SHOULD NOT</strong> update an existing Consent resource in place using RESTful <code>PUT</code> or <code>PATCH</code>.</p>
</div></td></tr><tr><td><b><a name="OP16"> </a></b>OP16</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHOULD">SHOULD</a></td><td><div><p>For disclosure events, implementers <strong>SHOULD</strong> follow the <a href="https://profiles.ihe.net/ITI/BALP/">IHE Basic Audit Log Patterns (BALP)</a> guide, specifically the patterns for data disclosure audit events.</p>
</div></td></tr><tr><td><b><a name="OP17"> </a></b>OP17</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHOULD">SHOULD</a></td><td><div><p>For disclosure events (cases where health information was actually shared following a permit decision), implementers <strong>SHOULD</strong> follow IHE-BALP patterns and the <a href="https://profiles.ihe.net/ITI/TF/Volume2/ITI-81.html">ITI-81 Retrieve ATNA Audit Event</a> transaction for querying those events.</p>
</div></td></tr><tr><td><b><a name="SC-1"> </a></b>SC-1</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHALL">SHALL</a></td><td><div><p>The following search parameters and search parameter combinations <strong>SHALL</strong> be supported:</p>
</div></td></tr><tr><td><b><a name="SC-2"> </a></b>SC-2</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHALL">SHALL</a></td><td><div><p><strong>SHALL</strong> support both read Consent by <code>id</code> <strong>AND</strong> Consent search using the <strong><a href="http://hl7.org/fhir/R4/search.html#id"><code>_id</code></a></strong> search parameter:</p>
</div></td></tr><tr><td><b><a name="SC-3"> </a></b>SC-3</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHALL">SHALL</a></td><td><div><p><strong>SHALL</strong> support searching a consent by an identifier such as a CDA consent document using the <strong><a href="http://hl7.org/fhir/R4/search.html#token"><code>identifier</code></a></strong> search parameter:</p>
</div></td></tr><tr><td><b><a name="SC-4"> </a></b>SC-4</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHALL">SHALL</a></td><td><div><p><strong>SHALL</strong> support searching a consent by a patient using the <strong><a href="http://hl7.org/fhir/R4/search.html#reference"><code>patient</code></a></strong> search parameter:</p>
</div></td></tr><tr><td><b><a name="SC-5"> </a></b>SC-5</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHALL">SHALL</a></td><td><div><p><strong>SHALL</strong> support searching using the combination of the <strong><a href="http://hl7.org/fhir/R4/search.html#reference"><code>patient</code></a></strong> and <strong><a href="http://hl7.org/fhir/R4/search.html#token"><code>status</code></a></strong> search parameters:</p>
</div></td></tr><tr><td><b><a name="SC-6"> </a></b>SC-6</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHOULD">SHOULD</a></td><td><div><p>The following search parameter combinations <strong>SHOULD</strong> be supported:</p>
</div></td></tr><tr><td><b><a name="SC-7"> </a></b>SC-7</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHOULD">SHOULD</a></td><td><div><p><strong>SHOULD</strong> support searching using the combination of the <strong><a href="http://hl7.org/fhir/R4/search.html#reference"><code>patient</code></a></strong> and <strong><a href="http://hl7.org/fhir/R4/search.html#date"><code>date</code></a></strong> search parameters:</p>
</div></td></tr><tr><td><b><a name="SH1"> </a></b>SH1</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHOULD">SHOULD</a></td><td><div><p>Systems that return a Consent resource in a search result or read interaction <strong>SHOULD</strong> record a standard FHIR AuditEvent following the <a href="https://profiles.ihe.net/ITI/BALP/">IHE Basic Audit Log Patterns (BALP)</a> patterns for FHIR Search and Read events.</p>
</div></td></tr><tr><td><b><a name="SH2"> </a></b>SH2</td><td><a href="http://hl7.org/fhir/uv/xver-r5.r4/0.1.0/CodeSystem-conformance-expectation.html#conformance-expectation-SHALL">SHALL</a></td><td><div><p>systems <strong>SHALL</strong> record a <a href="StructureDefinition-FASTConsentAuditEvent.html">FAST Consent Audit Event</a> via a RESTful FHIR <code>POST</code> to the <code>AuditEvent</code> endpoint whenever a Consent record was consulted, no matter whether that led to health information sharing or not.</p>
</div></td></tr></table></div>
</text>
<extension
url="http://hl7.org/fhir/StructureDefinition/structuredefinition-wg">
<valueCode value="cbcc"/>
</extension>
<extension
url="http://hl7.org/fhir/StructureDefinition/structuredefinition-fmm">
<valueInteger value="1">
<extension
url="http://hl7.org/fhir/StructureDefinition/structuredefinition-conformance-derivedFrom">
<valueCanonical
value="http://hl7.org/fhir/us/consent-management/ImplementationGuide/hl7.fhir.us.consent-management"/>
</extension>
<extension
url="http://hl7.org/fhir/StructureDefinition/structuredefinition-conformance-derivedFrom">
<valueCanonical
value="http://hl7.org/fhir/us/consent-management/ImplementationGuide/hl7.fhir.us.consent-management"/>
</extension>
</valueInteger>
</extension>
<extension
url="http://hl7.org/fhir/StructureDefinition/structuredefinition-standards-status">
<valueCode value="trial-use">
<extension
url="http://hl7.org/fhir/StructureDefinition/structuredefinition-conformance-derivedFrom">
<valueCanonical
value="http://hl7.org/fhir/us/consent-management/ImplementationGuide/hl7.fhir.us.consent-management"/>
</extension>
</valueCode>
</extension>
<url
value="http://hl7.org/fhir/us/consent-management/Requirements/fromNarrative"/>
<version value="1.0.0-preview"/>
<name value="FromNarrative"/>
<title value="Narrative Conformance Statements"/>
<status value="active"/>
<experimental value="false"/>
<date value="2026-05-20T16:41:22+02:00"/>
<publisher value="HL7 International / Community Based Collaborative Care"/>
<contact>
<name value="HL7 International / Community Based Collaborative Care"/>
<telecom>
<system value="url"/>
<value value="http://www.hl7.org/Special/committees/homehealth"/>
</telecom>
</contact>
<description
value="Conformance statements found throughout the narrative of the IG consolidated into this computable resource for traceability purposes"/>
<jurisdiction>
<coding>
<system value="urn:iso:std:iso:3166"/>
<code value="US"/>
<display value="United States of America"/>
</coding>
</jurisdiction>
<actor
value="http://hl7.org/fhir/us/consent-management/ActorDefinition/consent-server">🔗
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-actorkey">
<valueId value="consent-server"/>
</extension>
</actor>
<actor
value="http://hl7.org/fhir/us/consent-management/ActorDefinition/client">🔗
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-actorkey">
<valueId value="client"/>
</extension>
</actor>
<statement>
<key value="1"/>
<conformance value="SHALL"/>
<requirement
value="SC-8?^client:this guide requires that an external identifier for those participants SHALL be populated."/>
</statement>
<statement>
<key value="2"/>
<conformance value="SHALL"/>
<requirement
value="SC-8?^client:this guide requires that an external identifier for those participants SHALL be populated."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="AE1"/>
<conformance value="SHALL"/>
<conditionality value="true"/>
<requirement
value="A FAST Consent Audit Event **SHALL** be created by the system that evaluates a Consent resource to determine whether a request to access patient information should be permitted or denied."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="AE2"/>
<conformance value="SHALL"/>
<conditionality value="true"/>
<requirement
value="The event **SHALL** be created regardless of whether the authorization decision was a permit or a deny."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="AE3"/>
<conformance value="SHALL"/>
<conditionality value="true"/>
<requirement
value="an external identifier for those participants **SHALL** be populated."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="client"/>
</extension>
<key value="ID1"/>
<conformance value="SHALL"/>
<conditionality value="true"/>
<requirement
value="For that reason, this guide mandates that Consent Client systems **SHALL** query the consent administration service for the identifiers of the involved patients, practitioners, organizations, and related persons"/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="IN1"/>
<conformance value="SHOULD"/>
<conditionality value="true"/>
<requirement
value="A consent administration service receiving a `POST Subscription` request **SHOULD** verify that the subscribing system is authorized to access the consents it is requesting to be notified about."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="client"/>
</extension>
<key value="IN2"/>
<conformance value="SHOULD"/>
<conditionality value="true"/>
<requirement
value="a system that cannot maintain a subscription to the consent management source **SHOULD** fetch a fresh copy of the consent at the time of each authorization decision rather than rely on a cached copy."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="client"/>
</extension>
<key value="MS-1"/>
<conformance value="SHALL"/>
<conditionality value="true"/>
<requirement
value="Consent Client systems **SHALL** be capable of populating a mustSupport element when sharing resources compliant with the profile. I.e., the system must be able to demonstrate the population and sharing of the element, but it is acceptable to omit the element if the system doesn’t have values in a particular instance. A system that is incapable of ever sharing the element would be non-conformant."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="MS-2"/>
<conformance value="SHALL"/>
<conditionality value="true"/>
<requirement
value="Consent Server systems **SHALL** be capable of processing resource instances containing data elements without generating an error or causing the application to fail."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="client"/>
</extension>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="MS-3"/>
<conformance value="SHALL"/>
<conditionality value="true"/>
<requirement
value="If the minimum cardinality of an element is greater than 0 — i.e., the element is required — then the element **SHALL** be present in the instance and **SHALL** have a value."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="MS-4"/>
<conformance value="SHALL"/>
<conditionality value="true"/>
<requirement
value="Consent Server systems **SHALL** interpret missing data elements within resource instances as data not being present in the sending system or not being shareable for privacy or other business reasons."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="MS-5"/>
<conformance value="SHALL"/>
<conditionality value="true"/>
<requirement
value="Consent Server systems **SHALL** be able to process resource instances containing data elements that have extensions in place of a value where such extensions are declared as part of the profile."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="NR1"/>
<conformance value="SHALL"/>
<conditionality value="true"/>
<requirement
value="When the Consent record is created on System A, System A's system identifier **SHALL** be recorded in the `manager` extension of the Consent instance."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="client"/>
</extension>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="NR2"/>
<conformance value="SHALL"/>
<conditionality value="true"/>
<requirement
value="Systems that ingest a Consent from another system **SHALL** preserve the `manager` extension value unchanged."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementshallnot">
<valueBoolean value="true"/>
</extension>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="client"/>
</extension>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="NR3"/>
<conditionality value="true"/>
<requirement
value="When sharing a Consent resource with another system, the originating or forwarding system **SHALL NOT** modify the `manager` extension value."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="client"/>
</extension>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="NR4"/>
<conformance value="SHOULD"/>
<conditionality value="true"/>
<requirement
value="A system that receives a shared Consent resource **SHOULD** establish a FHIR Subscription with the system identified in the `manager` extension to receive updates to that Consent (e.g., revocations)."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="OP1"/>
<conformance value="SHALL"/>
<conditionality value="true"/>
<requirement
value="To satisfy the business use cases for consent management, two operations are defined that a consent administration service **SHALL** support: File Consent and Revoke Consent."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="OP2"/>
<conformance value="SHALL"/>
<conditionality value="true"/>
<requirement
value="Along with these operations, Consent administration service systems **SHALL** support searching for consents"/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="OP3"/>
<conformance value="SHALL"/>
<conditionality value="true"/>
<requirement
value="Finally, a consent administration service **SHALL** support subscriptions to allow other systems to be informed when consents for a patient have changed."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="client"/>
</extension>
<key value="OP4"/>
<conformance value="SHALL"/>
<conditionality value="true"/>
<requirement
value="When filing a consent, the Consent status element **SHALL** be set to 'active'."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="OP5"/>
<conformance value="SHALL"/>
<conditionality value="true"/>
<requirement
value="After a consent has been revoked, the Consent status element for the revoked consent **SHALL** be set to 'inactive'."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementshallnot">
<valueBoolean value="true"/>
</extension>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="OP6"/>
<conditionality value="true"/>
<requirement
value="A revoked consent **SHALL NOT** be deleted from the consent management system."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="OP7"/>
<conformance value="SHALL"/>
<conditionality value="true"/>
<requirement
value="To support searching for consents, the following search parameters **SHALL** be supported - patient, controller, manager, date, status, and scope."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="OP8"/>
<conformance value="SHALL"/>
<conditionality value="true"/>
<requirement
value="Along with the business use cases of consent management, consent administration services **SHALL** be able to record and retrieve disclosures of when a consent was accessed to determine whether patient information could be accessed."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="OP9"/>
<conformance value="SHALL"/>
<conditionality value="true"/>
<requirement
value="To allow systems to document and retrieve consent authorization decision events — including for disclosure to patients and requesting authorities — systems **SHALL** support searching for FAST Consent Audit Events"/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="OP10"/>
<conformance value="MAY"/>
<conditionality value="true"/>
<requirement
value="Consent Server systems **MAY** return an OperationOutcome with a success when they wish to provide additional structured information alongside a successful operation response."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="OP11"/>
<conformance value="SHOULD"/>
<conditionality value="true"/>
<requirement
value="Consent Server systems **SHOULD** return an OperationOutcome with the details if an HTTP status code of 4xx or 5xx is returned."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="OP12"/>
<conformance value="SHALL"/>
<conditionality value="true"/>
<requirement
value="Systems **SHALL** create a FAST Consent Audit Event via a RESTful FHIR `POST AuditEvent` whenever a Consent instance is accessed to determine whether patient information can be accessed."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="client"/>
</extension>
<key value="OP13"/>
<conformance value="SHOULD"/>
<conditionality value="true"/>
<requirement
value="To search for consents by organization identifier, implementers **SHOULD** use the `controller:identifier` chained search parameter (e.g., `GET [base]/Consent?controller:identifier=|1234567890`) rather than a custom organization ID search parameter."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="client"/>
</extension>
<key value="OP14"/>
<conformance value="SHOULD"/>
<conditionality value="true"/>
<requirement
value="To search for consents by patient identifier, implementers **SHOULD** use the `patient:identifier` chained search parameter (e.g., `GET [base]/Consent?patient:identifier=http://example.org/mrn|M1230041`)."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="client"/>
</extension>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="OP15"/>
<conformance value="SHOULD-NOT"/>
<conditionality value="true"/>
<requirement
value="This guide does not define an Update Consent operation, and systems conforming to this guide **SHOULD NOT** update an existing Consent resource in place using RESTful `PUT` or `PATCH`."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="OP16"/>
<conformance value="SHOULD"/>
<conditionality value="true"/>
<requirement
value="For disclosure events, implementers **SHOULD** follow the [IHE Basic Audit Log Patterns (BALP)](https://profiles.ihe.net/ITI/BALP/) guide, specifically the patterns for data disclosure audit events."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="client"/>
</extension>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="OP17"/>
<conformance value="SHOULD"/>
<conditionality value="true"/>
<requirement
value="For disclosure events (cases where health information was actually shared following a permit decision), implementers **SHOULD** follow IHE-BALP patterns and the [ITI-81 Retrieve ATNA Audit Event](https://profiles.ihe.net/ITI/TF/Volume2/ITI-81.html) transaction for querying those events."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="SC-1"/>
<conformance value="SHALL"/>
<conditionality value="true"/>
<requirement
value="The following search parameters and search parameter combinations **SHALL** be supported:"/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="SC-2"/>
<conformance value="SHALL"/>
<conditionality value="true"/>
<requirement
value="**SHALL** support both read Consent by `id` **AND** Consent search using the **[`_id`](http://hl7.org/fhir/R4/search.html#id)** search parameter:"/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="SC-3"/>
<conformance value="SHALL"/>
<conditionality value="true"/>
<requirement
value="**SHALL** support searching a consent by an identifier such as a CDA consent document using the **[`identifier`](http://hl7.org/fhir/R4/search.html#token)** search parameter:"/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="SC-4"/>
<conformance value="SHALL"/>
<conditionality value="true"/>
<requirement
value="**SHALL** support searching a consent by a patient using the **[`patient`](http://hl7.org/fhir/R4/search.html#reference)** search parameter:"/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="SC-5"/>
<conformance value="SHALL"/>
<conditionality value="true"/>
<requirement
value="**SHALL** support searching using the combination of the **[`patient`](http://hl7.org/fhir/R4/search.html#reference)** and **[`status`](http://hl7.org/fhir/R4/search.html#token)** search parameters:"/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="SC-6"/>
<conformance value="SHOULD"/>
<conditionality value="true"/>
<requirement
value="The following search parameter combinations **SHOULD** be supported:"/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="SC-7"/>
<conformance value="SHOULD"/>
<conditionality value="true"/>
<requirement
value="**SHOULD** support searching using the combination of the **[`patient`](http://hl7.org/fhir/R4/search.html#reference)** and **[`date`](http://hl7.org/fhir/R4/search.html#date)** search parameters:"/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="SH1"/>
<conformance value="SHOULD"/>
<conditionality value="true"/>
<requirement
value="Systems that return a Consent resource in a search result or read interaction **SHOULD** record a standard FHIR AuditEvent following the [IHE Basic Audit Log Patterns (BALP)](https://profiles.ihe.net/ITI/BALP/) patterns for FHIR Search and Read events."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/tools/StructureDefinition/requirements-statementactor">
<valueId value="consent-server"/>
</extension>
<key value="SH2"/>
<conformance value="SHALL"/>
<conditionality value="true"/>
<requirement
value="systems **SHALL** record a [FAST Consent Audit Event](StructureDefinition-FASTConsentAuditEvent.html) via a RESTful FHIR `POST` to the `AuditEvent` endpoint whenever a Consent record was consulted, no matter whether that led to health information sharing or not."/>
</statement>
</Requirements>
IG © 2024+ HL7 International / Community Based Collaborative Care.
Package hl7.fhir.us.consent-management#1.0.0-preview based on FHIR 4.0.1.
Generated
2026-05-21
Links: Table of Contents |
QA Report
| Version History |
|
Propose a change