HL7 Personal Health Record System Functional Model, Release 2
2.0.1 - Normative

HL7 Personal Health Record System Functional Model, Release 2, published by EHR WG. This guide is not an authorized publication; it is the continuous build for version 2.0.1 built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/HL7/phrsfm-ig/ and changes regularly. See the Directory of published versions

Requirements: S.3.3.1 Manage Consents and Authorizations (Function)

Official URL: http://hl7.org/ehrs/uv/phrsfmr2/Requirements/PHRSFMR2-S.3.3.1 Version: 2.0.1
Standards status: Normative Computable Name: S_3_3_1_Manage_Consents_and_Authorizations

Maintain Consents and Authorization directives/statements for any entity that may or may not have access to the PHR Account Holder’s PHR-S.

Description I: The PHR Account Holder may have Consents and/or Authorization directives that allow or prohibit certain entities from access to part or all of the PHR. Directives may take different forms including documents or system flags on Consent Authorization. The Consent or Authorization requirements would be maintained in accordance with user role, organizational policy and/or jurisdictional law. Based on that, the Consent or Authorization might contain the details of the entity that may be authorized to use, or may be prohibited from using the PHR-S. The Consent or Authorization may detail to the record, field or class, the data available to be used or disclosed. The entities that the Consent or Authorization applies to may or may not be current PHR Account Holders of the PHR-S.
Criteria N:
S.3.3.1#01 SHALL The system SHALL provide the ability to capture Consents and Authorizations according to organizational policy and/or jurisdictional law. Satisfied by:
  1. https://build.fhir.org/ig/HL7/fhir-pacio-adi/
S.3.3.1#02 SHALL The system SHALL provide the ability to determine the entity to which the Consent or Authorization applies.
S.3.3.1#03 SHALL The system SHALL provide the ability to determine a section or sections of the PHR Account Holder's information to which the Consent or Authorizations applies (e.g., the demographic data section, the medication list, or history of illness section).
S.3.3.1#04 SHOULD The system SHOULD provide the ability to determine individual elements of records to which the Consent or Authorization applies.
S.3.3.1#05 SHOULD The system SHOULD provide the ability to determine the time period within which the Consent or Authorization is enforced.
S.3.3.1#06 SHOULD The system SHOULD provide the ability to render Consents and Authorizations to another PHR-S, an EHR-S, or elsewhere (e.g., to a printer).
S.3.3.1#07 SHOULD The system SHOULD provide the ability to import Consents and Authorizations through electronic interfaces (e.g., scanning or faxing).
S.3.3.1#08 MAY The system MAY provide the ability to link to external Consents and Authorizations (e.g., in an external EHR-S).