FHIR Data Segmentation for Privacy, published by HL7 Security Working Group. This is not an authorized publication; it is the continuous build for version 1.0.0). This version is based on the current content of https://github.com/HL7/fhir-security-label-ds4p/ and changes regularly. See the Directory of published versions
This page provides a list of the FHIR artifacts defined as part of this implementation guide.
These define constraints on FHIR data types for systems conforming to this implementation guide.
Display |
Specifies that a marking should be displayed when the resource is rendered in print or in electronic form. |
Inline Security Label |
An element-specific security label appearing inline within the element. |
The Basis for Security Label |
Specifies the basis (e.g., policy, regulation, etc.) for assigning the security label. |
Classifier of Security Label |
The entity responsible for assigning the security label. |
Related Artifacts to the Security Label |
Related artifacts to the security label (e.g., consent or provenance). |
These define sets of codes used by systems conforming to this implementation guide.
Security Authorization Policy ValueSet |
Security label metadata that may be used to ‘segment’ an IT resource by conveying a displayed mark, required to be rendered to indicate that the electronic or hardcopy information is protected at the level of the subset of CUI for which the authorizing law, regulation, or Government-wide policy does not set out specific handling or dissemination controls. |
Security Label Mark ValueSet |
Security label metadata that may be used to ‘segment’ an IT resource by conveying a displayed mark, required to be rendered to indicate that the electronic or hardcopy information is protected at the level of the subset of CUI for which the authorizing law, regulation, or Government-wide policy does not set out specific handling or dissemination controls. |
These are example instances that show what data produced and consumed by systems conforming with this implementation guide might look like.
Simple use of the display extension |
A simple example showing how to use the display extension to require the consumer to display a US-realm Controlled Unclassified Information (CUI) mark. |
Simple use of the display extension on a patient |
A simple example showing how to use the display extension to require the consumer to display a US-realm Controlled Unclassified Information (CUI) mark. |
Simple use of inline security labels on a reference |
A simple example showing how to use the has-inline-sec-label code and inline-sec-label extensions to 1) indicate that the resource contains inline security labels and 2) mark the link between the immunization resource and the patient resource (the reference to the patient) with integrity and provenance labels indicating the confidence in the link and its origin. |
Simple use of inline security labels on a patient resource |
A simple example showing how to use the has-inline-sec-label code and inline-sec-label extensions to 1) indicate that the resource contains inline security labels and 2) mark the patient’s SSN as restricted. |
Simple use of the sec-label-basis extension on an observation |
A simple example showing how to use the sec-label-basis extension to specify the basis for assigning the security label. |
Simple use of the sec-label-related-artifact extension with a consent |
A simple example showing how to use the sec-label-related-artifact extension to specify related artifacts to a security label, in this case, a patient consent resource. |
Simple use of the sec-label-related-artifact extension with a provenance |
A simple example showing how to use the sec-label-related-artifact extension to specify related artifacts to a security label, in this case, a provenance resource. |
Simple use of the sec-label-classifier extension |
A simple example showing how to use the sec-label-classifier extension to specify the entity that assigned the security label. |