HL7 Personal Health Record System Functional Model, Release 2
2.0.1 - Normative
HL7 Personal Health Record System Functional Model, Release 2
2.0.1 - Normative
HL7 Personal Health Record System Functional Model, Release 2, published by EHR WG. This guide is not an authorized publication; it is the continuous build for version 2.0.1 built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/HL7/phrsfm-ig/ and changes regularly. See the Directory of published versions
| Page standards status: Normative |
<Requirements xmlns="http://hl7.org/fhir">
<id value="PHRSFMR2-TI.1.3"/>
<meta>
<profile
value="http://hl7.org/ehrs/uv/phrsfmr2/StructureDefinition/FMFunction"/>
</meta>
<language value="en"/>
<text>
<status value="extensions"/>
<div xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" lang="en">
<div id="description"><b>Description <a href="https://hl7.org/fhir/versions.html#std-process" title="Informative Content" class="informative-flag">I</a>:</b> <div><p>To ensure access is controlled, a PHR-S must authenticate and check authorization of entities for appropriate operations.</p>
</div></div>
<div id="requirements"><b>Criteria <a href="https://hl7.org/fhir/versions.html#std-process" title="Normative Content" class="normative-flag">N</a>:</b></div>
<table id="statements" class="grid dict">
<tr>
<td style="padding-left: 4px;">
TI.1.3#01
</td>
<td style="padding-left: 4px;">
SHALL
</td>
<td style="padding-left: 4px;" class="requirement">
<div><p>The system SHALL conform to function <a href="Requirements-PHRSFMR2-TI.1.1.html">TI.1.1</a> (Entity Authentication).</p>
</div>
</td>
</tr>
<tr>
<td style="padding-left: 4px;">
TI.1.3#02
</td>
<td style="padding-left: 4px;">
SHALL
</td>
<td style="padding-left: 4px;" class="requirement">
<div><p>The system SHALL conform to function <a href="Requirements-PHRSFMR2-TI.1.2.html">TI.1.2</a> (Entity Authorization).</p>
</div>
</td>
</tr>
<tr>
<td style="padding-left: 4px;">
TI.1.3#03
</td>
<td style="padding-left: 4px;">
SHALL
</td>
<td style="padding-left: 4px;" class="requirement">
<div><p>The system SHALL provide the ability to manage system and data access rules for all PHR-S resources according to scope of practice, organizational policy, and/or jurisdictional law.</p>
</div>
</td>
</tr>
<tr>
<td style="padding-left: 4px;">
TI.1.3#04
</td>
<td style="padding-left: 4px;">
SHALL
</td>
<td style="padding-left: 4px;" class="requirement">
<div><p>The system SHALL manage the enforcement of authorizations to access PHR-S resources.</p>
</div>
</td>
</tr>
<tr>
<td style="padding-left: 4px;">
TI.1.3#05
</td>
<td style="padding-left: 4px;">
SHALL
</td>
<td style="padding-left: 4px;" class="requirement">
<div><p>The system SHALL control access to PHR-S resources after a configurable period of inactivity by terminating the session, or by initiating a session lock that remains in effect until the entity re-establishes access using appropriate identification and authentication procedures, according to organizational policy, and/or jurisdictional law.</p>
</div>
</td>
</tr>
<tr>
<td style="padding-left: 4px;">
TI.1.3#08
</td>
<td style="padding-left: 4px;">
SHOULD
</td>
<td style="padding-left: 4px;" class="requirement">
<div><p>The system SHOULD provide the ability to control-access to data, and/or functionality according to scope of practice, organizational policy, and/or jurisdictional law.</p>
</div>
</td>
</tr>
<tr>
<td style="padding-left: 4px;">
TI.1.3#09
</td>
<td style="padding-left: 4px;">
SHALL
</td>
<td style="padding-left: 4px;" class="requirement">
<div><p>The system SHALL control-access to data, and/or functionality by using authentication mechanisms that comply with regulatory and policy guidelines (e.g.,by using a combination of Username and Password, Digital Certificates, Secure Tokens, and/or Biometrics).</p>
</div>
</td>
</tr>
<tr>
<td style="padding-left: 4px;">
TI.1.3#10
</td>
<td style="padding-left: 4px;">
MAY
</td>
<td style="padding-left: 4px;" class="requirement">
<div><p>The system MAY provide the ability to determine the identity of public health agencies for healthcare purposes through the use of internal, and/or external registry services or directories.</p>
</div>
</td>
</tr>
<tr>
<td style="padding-left: 4px;">
TI.1.3#11
</td>
<td style="padding-left: 4px;">
MAY
</td>
<td style="padding-left: 4px;" class="requirement">
<div><p>The system MAY provide the ability to determine the identity of healthcare resources (e.g., Meal Delivery services for home-based patients) and devices (e.g., wheelchairs) for resource management purposes through the use of internal, and/or external registry services or directories.</p>
</div>
</td>
</tr>
</table>
</div>
</text>
<extension
url="http://hl7.org/fhir/StructureDefinition/structuredefinition-standards-status">
<valueCode value="normative"/>
</extension>
<extension
url="http://hl7.org/fhir/StructureDefinition/structuredefinition-wg">
<valueCode value="ehr"/>
</extension>
<url value="http://hl7.org/ehrs/uv/phrsfmr2/Requirements/PHRSFMR2-TI.1.3"/>
<version value="2.0.1"/>
<name value="TI_1_3_Entity_Access_Control"/>
<title value="TI.1.3 Entity Access Control (Function)"/>
<status value="active"/>
<date value="2025-12-07T09:26:53+00:00"/>
<publisher value="EHR WG"/>
<contact>
<telecom>
<system value="url"/>
<value value="http://www.hl7.org/Special/committees/ehr"/>
</telecom>
</contact>
<description value="Manage access to PHR-S resources."/>
<purpose
value="To ensure access is controlled, a PHR-S must authenticate and check authorization of entities for appropriate operations."/>
<statement>
<extension
url="http://hl7.org/ehrs/uv/phrsfmr2/StructureDefinition/requirements-dependent">
<valueBoolean value="false"/>
</extension>
<key value="PHRSFMR2-TI.1.3-01"/>
<label value="TI.1.3#01"/>
<conformance value="SHALL"/>
<conditionality value="false"/>
<requirement
value="The system SHALL conform to function [TI.1.1](Requirements-PHRSFMR2-TI.1.1.html) (Entity Authentication)."/>
</statement>
<statement>
<extension
url="http://hl7.org/ehrs/uv/phrsfmr2/StructureDefinition/requirements-dependent">
<valueBoolean value="false"/>
</extension>
<key value="PHRSFMR2-TI.1.3-02"/>
<label value="TI.1.3#02"/>
<conformance value="SHALL"/>
<conditionality value="false"/>
<requirement
value="The system SHALL conform to function [TI.1.2](Requirements-PHRSFMR2-TI.1.2.html) (Entity Authorization)."/>
</statement>
<statement>
<extension
url="http://hl7.org/ehrs/uv/phrsfmr2/StructureDefinition/requirements-dependent">
<valueBoolean value="true"/>
</extension>
<key value="PHRSFMR2-TI.1.3-03"/>
<label value="TI.1.3#03"/>
<conformance value="SHALL"/>
<conditionality value="false"/>
<requirement
value="The system SHALL provide the ability to manage system and data access rules for all PHR-S resources according to scope of practice, organizational policy, and/or jurisdictional law."/>
</statement>
<statement>
<extension
url="http://hl7.org/ehrs/uv/phrsfmr2/StructureDefinition/requirements-dependent">
<valueBoolean value="false"/>
</extension>
<key value="PHRSFMR2-TI.1.3-04"/>
<label value="TI.1.3#04"/>
<conformance value="SHALL"/>
<conditionality value="false"/>
<requirement
value="The system SHALL manage the enforcement of authorizations to access PHR-S resources."/>
</statement>
<statement>
<extension
url="http://hl7.org/ehrs/uv/phrsfmr2/StructureDefinition/requirements-dependent">
<valueBoolean value="true"/>
</extension>
<key value="PHRSFMR2-TI.1.3-05"/>
<label value="TI.1.3#05"/>
<conformance value="SHALL"/>
<conditionality value="false"/>
<requirement
value="The system SHALL control access to PHR-S resources after a configurable period of inactivity by terminating the session, or by initiating a session lock that remains in effect until the entity re-establishes access using appropriate identification and authentication procedures, according to organizational policy, and/or jurisdictional law."/>
</statement>
<statement>
<extension
url="http://hl7.org/ehrs/uv/phrsfmr2/StructureDefinition/requirements-dependent">
<valueBoolean value="true"/>
</extension>
<key value="PHRSFMR2-TI.1.3-08"/>
<label value="TI.1.3#08"/>
<conformance value="SHOULD"/>
<conditionality value="false"/>
<requirement
value="The system SHOULD provide the ability to control-access to data, and/or functionality according to scope of practice, organizational policy, and/or jurisdictional law."/>
</statement>
<statement>
<extension
url="http://hl7.org/ehrs/uv/phrsfmr2/StructureDefinition/requirements-dependent">
<valueBoolean value="false"/>
</extension>
<key value="PHRSFMR2-TI.1.3-09"/>
<label value="TI.1.3#09"/>
<conformance value="SHALL"/>
<conditionality value="false"/>
<requirement
value="The system SHALL control-access to data, and/or functionality by using authentication mechanisms that comply with regulatory and policy guidelines (e.g.,by using a combination of Username and Password, Digital Certificates, Secure Tokens, and/or Biometrics)."/>
</statement>
<statement>
<extension
url="http://hl7.org/ehrs/uv/phrsfmr2/StructureDefinition/requirements-dependent">
<valueBoolean value="false"/>
</extension>
<key value="PHRSFMR2-TI.1.3-10"/>
<label value="TI.1.3#10"/>
<conformance value="MAY"/>
<conditionality value="false"/>
<requirement
value="The system MAY provide the ability to determine the identity of public health agencies for healthcare purposes through the use of internal, and/or external registry services or directories."/>
</statement>
<statement>
<extension
url="http://hl7.org/ehrs/uv/phrsfmr2/StructureDefinition/requirements-dependent">
<valueBoolean value="false"/>
</extension>
<key value="PHRSFMR2-TI.1.3-11"/>
<label value="TI.1.3#11"/>
<conformance value="MAY"/>
<conditionality value="false"/>
<requirement
value="The system MAY provide the ability to determine the identity of healthcare resources (e.g., Meal Delivery services for home-based patients) and devices (e.g., wheelchairs) for resource management purposes through the use of internal, and/or external registry services or directories."/>
</statement>
</Requirements>
IG © 2023 EHR WG.
Package hl7.ehrs.uv.phrsfmr2#2.0.1 based on FHIR 5.0.0.
Generated
2025-12-07
Links: Table of Contents |
QA Report
| Version History |
|
Propose a change