HL7 Personal Health Record System Functional Model, Release 2
2.0.1 - Normative

HL7 Personal Health Record System Functional Model, Release 2, published by EHR WG. This guide is not an authorized publication; it is the continuous build for version 2.0.1 built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/HL7/phrsfm-ig/ and changes regularly. See the Directory of published versions

Requirements: PH.1.5 Manage Consents and Authorizations (Function)

Official URL: http://hl7.org/ehrs/uv/phrsfmr2/Requirements/PHRSFMR2-PH.1.5 Version: 2.0.1
Standards status: Normative Computable Name: PH_1_5_Manage_Consents_and_Authorizations

Enable the PHR Account Holder to manage consent directives and authorizations.

Description I: A variety of consent directives and authorizations are needed to provide healthcare services. Each institution such as an emergency room, each provider, or each health care service such as an operative procedure may require its own informed consent be captured, displayed, and verified before care can be provided. The consent directives may be externally sourced with copies made available for the PHR Account Holder to capture and store. Some consent directives or authorizations may be authored by the PHR Account Holder granting authorizations such as a parent granting ad hoc authorization for emergency care for a child. Note: The system FM is agnostic to any specific consent/authorization approach. For example, consent/authorization directives may apply to the data in the PHR itself or could integrate with an external access control service. Note: A consent and privacy framework is best described in a functional profile (i.e., a subset) of the PHR-S FM and ought to be specified in accordance to organizational policy and/or jurisdictional law. Therefore, it is assumed that a consent and privacy model will be specified by the functional profile. Example(s): Maintain current authorizations in relation to specific health record functions. The PHR Account Holder may desire to see the authorizations associated with a specific clinical activity, such as treatment or surgery, along with that event in the PHR Account Holder's PHR-S.
Criteria N:
PH.1.5#01 SHALL The system SHALL provide the ability for the PHR Account Holder to capture an indication that a PHR Account Holder has completed applicable consent directives and authorizations according to organizational policy and/or jurisdictional law. Satisfied by:
  1. https://www.hl7.org/fhir/consent.html
PH.1.5#02 SHOULD The system SHOULD provide the ability to capture information regarding the external location of the PHR Account Holder's applicable consent directives and authorizations according to user preference, organizational policy, and/or jurisdictional law.
PH.1.5#03 SHOULD The system SHOULD provide the ability to manage consent directives and authorizations according to user preference, organizational policy, and/or jurisdictional law (e.g., capturing the PHR Account Holder's personal representative’s authority (such as a note from the PHR Account Holder or a pointer to a legal document) to enable decisions to be made on behalf of the PHR Account Holder).
PH.1.5#04 SHALL The system SHALL provide the ability to manage an indication that a PHR Account Holder has granted access, withheld access, or revoked access to applicable consent directives and authorizations according to user preference, organizational policy, and/or jurisdictional law.
PH.1.5#05 MAY The system MAY provide the ability to manage consent and authorization forms on-line according to user preference, organizational policy, and/or jurisdictional law.
PH.1.5#06 SHOULD The system SHOULD provide the ability to render consent and authorization forms (including, for example, in print-format) according to user preference, organizational policy, and/or jurisdictional law.
PH.1.5#07 MAY The system MAY render electronic copies of authorization and/or consent directives associated with a specific clinical activity, such as a treatment or surgery according to user preference, organizational policy, and/or jurisdictional law.
PH.1.5#08 SHOULD The system SHOULD provide the ability to render electronic copies of authorization and/or consent directives chronologically according to user preference, organizational policy, and/or jurisdictional law.
PH.1.5#09 SHOULD The system SHOULD provide the ability to manage documentation related to a PHR Account Holder Proxy's consent or authorization according to user preference, organizational policy, and/or jurisdictional law.
PH.1.5#10 SHOULD The system SHOULD provide the ability to capture information that identifies the signer (and co-signer, if any) of a consent and/or authorization document according to user preference, organizational policy, and/or jurisdictional law.