0.2.2 - ci-build

FastAccessControl, published by MITRE. This guide is not an authorized publication; it is the continuous build for version 0.2.2 built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/awatson1978/fhir-access-control-ig/ and changes regularly. See the Directory of published versions

Resource Profile: AccessControlConsent

Official URL: https://gitlab.mitre.org/awatson/fast-access-control/StructureDefinition/ConsentToAcces Version: 0.2.2
Active as of 2017-12-15 Computable Name: ConsentToAcces

Restriction on use/release of exchanged information

Usage:

  • This Resource Profile is not used by any profiles in this Implementation Guide

Formal Views of Profile Content

Description of Profiles, Differentials, Snapshots and how the different presentations work.

This structure is derived from Consent

NameFlagsCard.TypeDescription & Constraintsdoco
.. Consent 0..* Consent A policy may permit or deny recipients or roles to perform actions for specific purposes and periods of time
... status S 1..1 code Indicates the current state of this restriction
... category S 1..* CodeableConcept Type of restriction
... dateTime S 0..1 dateTime date/time of last update for this restriction
.... authority S 0..0
.... uri S 0..1 uri Specific policy covered by this restriction
... provision S 0..1 BackboneElement Access rights
.... type 0..1 code deny | permit
Fixed Value: deny
.... provision 0..* BackboneElement Nested Exception Rules
..... type S 0..1 code deny | permit
Fixed Value: permit
..... actor S 1..* BackboneElement Who|what controlled by this rule (or group, by role)
...... role S 1..1 CodeableConcept How the actor is involved
..... securityLabel S 1..* Coding Security Labels that define affected resources
..... class 1..* Coding e.g. Resource Type, Profile, CDA, etc.

doco Documentation for this format
NameFlagsCard.TypeDescription & Constraintsdoco
.. Consent C 0..* Consent A policy may permit or deny recipients or roles to perform actions for specific purposes and periods of time
ppc-1: Either a Policy or PolicyRule
ppc-2: IF Scope=privacy, there must be a patient
ppc-3: IF Scope=research, there must be a patient
ppc-4: IF Scope=adr, there must be a patient
ppc-5: IF Scope=treatment, there must be a patient
... implicitRules ?!Σ 0..1 uri A set of rules under which this content was created
... modifierExtension ?! 0..* Extension Extensions that cannot be ignored
... status ?!SΣ 1..1 code Indicates the current state of this restriction
Binding: ConsentState (required): Indicates the state of the consent.

... category SΣ 1..* CodeableConcept Type of restriction
Binding: ConsentCategoryCodes (extensible): A classification of the type of consents found in a consent statement.


... dateTime SΣ 0..1 dateTime date/time of last update for this restriction
... policy S 0..* BackboneElement Policies covered by this consent
.... modifierExtension ?!Σ 0..* Extension Extensions that cannot be ignored even if unrecognized
.... uri SC 0..1 uri Specific policy covered by this restriction
... provision SΣ 0..1 BackboneElement Access rights
.... modifierExtension ?!Σ 0..* Extension Extensions that cannot be ignored even if unrecognized
.... type Σ 0..1 code deny | permit
Binding: ConsentProvisionType (required): How a rule statement is applied, such as adding additional consent or removing consent.


Fixed Value: deny
.... provision 0..* BackboneElement Nested Exception Rules
..... modifierExtension ?!Σ 0..* Extension Extensions that cannot be ignored even if unrecognized
..... type SΣ 0..1 code deny | permit
Binding: ConsentProvisionType (required): How a rule statement is applied, such as adding additional consent or removing consent.


Fixed Value: permit
..... actor S 1..* BackboneElement Who|what controlled by this rule (or group, by role)
...... modifierExtension ?!Σ 0..* Extension Extensions that cannot be ignored even if unrecognized
...... role S 1..1 CodeableConcept How the actor is involved
Binding: SecurityRoleType (extensible): How an actor is involved in the consent considerations.

...... reference 1..1 Reference(Device | Group | CareTeam | Organization | Patient | Practitioner | RelatedPerson | PractitionerRole) Resource for the actor (or group, by role)
..... securityLabel SΣ 1..* Coding Security Labels that define affected resources
Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System.


..... class Σ 1..* Coding e.g. Resource Type, Profile, CDA, etc.
Binding: ConsentContentClass (extensible): The class (type) of information a consent rule covers.



doco Documentation for this format

Terminology Bindings

PathConformanceValueSet / CodeURI
Consent.statusrequiredConsentState
http://hl7.org/fhir/ValueSet/consent-state-codes|4.0.1
from the FHIR Standard
Consent.scopeextensibleConsentScopeCodes
http://hl7.org/fhir/ValueSet/consent-scope
from the FHIR Standard
Consent.categoryextensibleConsentCategoryCodes
http://hl7.org/fhir/ValueSet/consent-category
from the FHIR Standard
Consent.provision.typerequiredFixed Value: deny
http://hl7.org/fhir/ValueSet/consent-provision-type|4.0.1
from the FHIR Standard
Consent.provision.provision.typerequiredFixed Value: permit
http://hl7.org/fhir/ValueSet/consent-provision-type|4.0.1
from the FHIR Standard
Consent.provision.provision.actor.roleextensibleSecurityRoleType
http://hl7.org/fhir/ValueSet/security-role-type
from the FHIR Standard
Consent.provision.provision.securityLabelextensibleAll Security Labels
http://hl7.org/fhir/ValueSet/security-labels
from the FHIR Standard
Consent.provision.provision.classextensibleConsentContentClass
http://hl7.org/fhir/ValueSet/consent-content-class
from the FHIR Standard

Constraints

IdGradePath(s)DetailsRequirements
dom-2errorConsentIf the resource is contained in another resource, it SHALL NOT contain nested Resources
: contained.contained.empty()
dom-3errorConsentIf the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource
: contained.where((('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(canonical) = '#').exists()).not()).trace('unmatched', id).empty()
dom-4errorConsentIf a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated
: contained.meta.versionId.empty() and contained.meta.lastUpdated.empty()
dom-5errorConsentIf a resource is contained in another resource, it SHALL NOT have a security label
: contained.meta.security.empty()
dom-6best practiceConsentA resource should have narrative for robust management
: text.`div`.exists()
ele-1error**ALL** elementsAll FHIR elements must have a @value or children
: hasValue() or (children().count() > id.count())
ext-1error**ALL** extensionsMust have either extensions or value[x], not both
: extension.exists() != value.exists()
ppc-1errorConsentEither a Policy or PolicyRule
: policy.exists() or policyRule.exists()
ppc-2errorConsentIF Scope=privacy, there must be a patient
: patient.exists() or scope.coding.where(system='something' and code='patient-privacy').exists().not()
ppc-3errorConsentIF Scope=research, there must be a patient
: patient.exists() or scope.coding.where(system='something' and code='research').exists().not()
ppc-4errorConsentIF Scope=adr, there must be a patient
: patient.exists() or scope.coding.where(system='something' and code='adr').exists().not()
ppc-5errorConsentIF Scope=treatment, there must be a patient
: patient.exists() or scope.coding.where(system='something' and code='treatment').exists().not()
NameFlagsCard.TypeDescription & Constraintsdoco
.. Consent C 0..* Consent A policy may permit or deny recipients or roles to perform actions for specific purposes and periods of time
ppc-1: Either a Policy or PolicyRule
ppc-2: IF Scope=privacy, there must be a patient
ppc-3: IF Scope=research, there must be a patient
ppc-4: IF Scope=adr, there must be a patient
ppc-5: IF Scope=treatment, there must be a patient
... id Σ 0..1 id Logical id of this artifact
... meta Σ 0..1 Meta Metadata about the resource
... implicitRules ?!Σ 0..1 uri A set of rules under which this content was created
... text 0..1 Narrative Text summary of the resource, for human interpretation
... contained 0..* Resource Contained, inline Resources
... extension 0..* Extension Additional content defined by implementations
... modifierExtension ?! 0..* Extension Extensions that cannot be ignored
... identifier Σ 0..* Identifier Identifier for this record (external references)

Example General: {"system":"http://acme.org/identifier/local/eCMS","value":"Local eCMS identifier"}
... status ?!SΣ 1..1 code Indicates the current state of this restriction
Binding: ConsentState (required): Indicates the state of the consent.

... scope ?!Σ 1..1 CodeableConcept Which of the four areas this resource covers (extensible)
Binding: ConsentScopeCodes (extensible): The four anticipated uses for the Consent Resource.

... category SΣ 1..* CodeableConcept Type of restriction
Binding: ConsentCategoryCodes (extensible): A classification of the type of consents found in a consent statement.


... patient Σ 0..1 Reference(Patient) Who the consent applies to
... dateTime SΣ 0..1 dateTime date/time of last update for this restriction
... performer Σ 0..* Reference(Organization | Patient | Practitioner | RelatedPerson | PractitionerRole) Who is agreeing to the policy and rules
... organization Σ 0..* Reference(Organization) Custodian of the consent
... source[x] Σ 0..1 Source from which this consent is taken
.... sourceAttachment Attachment
.... sourceReference Reference(Consent | DocumentReference | Contract | QuestionnaireResponse)
... policy S 0..* BackboneElement Policies covered by this consent
.... id 0..1 string Unique id for inter-element referencing
.... extension 0..* Extension Additional content defined by implementations
.... modifierExtension ?!Σ 0..* Extension Extensions that cannot be ignored even if unrecognized
.... uri SC 0..1 uri Specific policy covered by this restriction
... policyRule ΣC 0..1 CodeableConcept Regulation that this consents to
Binding: ConsentPolicyRuleCodes (extensible): Regulatory policy examples.

... verification Σ 0..* BackboneElement Consent Verified by patient or family
.... id 0..1 string Unique id for inter-element referencing
.... extension 0..* Extension Additional content defined by implementations
.... modifierExtension ?!Σ 0..* Extension Extensions that cannot be ignored even if unrecognized
.... verified Σ 1..1 boolean Has been verified
.... verifiedWith 0..1 Reference(Patient | RelatedPerson) Person who verified
.... verificationDate 0..1 dateTime When consent verified
... provision SΣ 0..1 BackboneElement Access rights
.... id 0..1 string Unique id for inter-element referencing
.... extension 0..* Extension Additional content defined by implementations
.... modifierExtension ?!Σ 0..* Extension Extensions that cannot be ignored even if unrecognized
.... type Σ 0..1 code deny | permit
Binding: ConsentProvisionType (required): How a rule statement is applied, such as adding additional consent or removing consent.


Fixed Value: deny
.... period Σ 0..1 Period Timeframe for this rule
.... actor 0..* BackboneElement Who|what controlled by this rule (or group, by role)
..... id 0..1 string Unique id for inter-element referencing
..... extension 0..* Extension Additional content defined by implementations
..... modifierExtension ?!Σ 0..* Extension Extensions that cannot be ignored even if unrecognized
..... role 1..1 CodeableConcept How the actor is involved
Binding: SecurityRoleType (extensible): How an actor is involved in the consent considerations.

..... reference 1..1 Reference(Device | Group | CareTeam | Organization | Patient | Practitioner | RelatedPerson | PractitionerRole) Resource for the actor (or group, by role)
.... action Σ 0..* CodeableConcept Actions controlled by this rule
Binding: ConsentActionCodes (example): Detailed codes for the consent action.


.... securityLabel Σ 0..* Coding Security Labels that define affected resources
Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System.


.... purpose Σ 0..* Coding Context of activities covered by this rule
Binding: PurposeOfUse (extensible): What purposes of use are controlled by this exception. If more than one label is specified, operations must have all the specified labels.


.... class Σ 0..* Coding e.g. Resource Type, Profile, CDA, etc.
Binding: ConsentContentClass (extensible): The class (type) of information a consent rule covers.


.... code Σ 0..* CodeableConcept e.g. LOINC or SNOMED CT code, etc. in the content
Binding: ConsentContentCodes (example): If this code is found in an instance, then the exception applies.


.... dataPeriod Σ 0..1 Period Timeframe for data controlled by this rule
.... data Σ 0..* BackboneElement Data controlled by this rule
..... id 0..1 string Unique id for inter-element referencing
..... extension 0..* Extension Additional content defined by implementations
..... modifierExtension ?!Σ 0..* Extension Extensions that cannot be ignored even if unrecognized
..... meaning Σ 1..1 code instance | related | dependents | authoredby
Binding: ConsentDataMeaning (required): How a resource reference is interpreted when testing consent restrictions.

..... reference Σ 1..1 Reference(Resource) The actual data reference
.... provision 0..* BackboneElement Nested Exception Rules
..... id 0..1 string Unique id for inter-element referencing
..... extension 0..* Extension Additional content defined by implementations
..... modifierExtension ?!Σ 0..* Extension Extensions that cannot be ignored even if unrecognized
..... type SΣ 0..1 code deny | permit
Binding: ConsentProvisionType (required): How a rule statement is applied, such as adding additional consent or removing consent.


Fixed Value: permit
..... period Σ 0..1 Period Timeframe for this rule
..... actor S 1..* BackboneElement Who|what controlled by this rule (or group, by role)
...... id 0..1 string Unique id for inter-element referencing
...... extension 0..* Extension Additional content defined by implementations
...... modifierExtension ?!Σ 0..* Extension Extensions that cannot be ignored even if unrecognized
...... role S 1..1 CodeableConcept How the actor is involved
Binding: SecurityRoleType (extensible): How an actor is involved in the consent considerations.

...... reference 1..1 Reference(Device | Group | CareTeam | Organization | Patient | Practitioner | RelatedPerson | PractitionerRole) Resource for the actor (or group, by role)
..... action Σ 0..* CodeableConcept Actions controlled by this rule
Binding: ConsentActionCodes (example): Detailed codes for the consent action.


..... securityLabel SΣ 1..* Coding Security Labels that define affected resources
Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System.


..... purpose Σ 0..* Coding Context of activities covered by this rule
Binding: PurposeOfUse (extensible): What purposes of use are controlled by this exception. If more than one label is specified, operations must have all the specified labels.


..... class Σ 1..* Coding e.g. Resource Type, Profile, CDA, etc.
Binding: ConsentContentClass (extensible): The class (type) of information a consent rule covers.


..... code Σ 0..* CodeableConcept e.g. LOINC or SNOMED CT code, etc. in the content
Binding: ConsentContentCodes (example): If this code is found in an instance, then the exception applies.


..... dataPeriod Σ 0..1 Period Timeframe for data controlled by this rule
..... data Σ 0..* BackboneElement Data controlled by this rule
...... id 0..1 string Unique id for inter-element referencing
...... extension 0..* Extension Additional content defined by implementations
...... modifierExtension ?!Σ 0..* Extension Extensions that cannot be ignored even if unrecognized
...... meaning Σ 1..1 code instance | related | dependents | authoredby
Binding: ConsentDataMeaning (required): How a resource reference is interpreted when testing consent restrictions.

...... reference Σ 1..1 Reference(Resource) The actual data reference
..... provision 0..* See provision (Consent) Nested Exception Rules

doco Documentation for this format

Terminology Bindings

PathConformanceValueSet / CodeURI
Consent.languagepreferredCommonLanguages
Additional Bindings Purpose
AllLanguages Max Binding
http://hl7.org/fhir/ValueSet/languages
from the FHIR Standard
Consent.statusrequiredConsentState
http://hl7.org/fhir/ValueSet/consent-state-codes|4.0.1
from the FHIR Standard
Consent.scopeextensibleConsentScopeCodes
http://hl7.org/fhir/ValueSet/consent-scope
from the FHIR Standard
Consent.categoryextensibleConsentCategoryCodes
http://hl7.org/fhir/ValueSet/consent-category
from the FHIR Standard
Consent.policyRuleextensibleConsentPolicyRuleCodes
http://hl7.org/fhir/ValueSet/consent-policy
from the FHIR Standard
Consent.provision.typerequiredFixed Value: deny
http://hl7.org/fhir/ValueSet/consent-provision-type|4.0.1
from the FHIR Standard
Consent.provision.actor.roleextensibleSecurityRoleType
http://hl7.org/fhir/ValueSet/security-role-type
from the FHIR Standard
Consent.provision.actionexampleConsentActionCodes
http://hl7.org/fhir/ValueSet/consent-action
from the FHIR Standard
Consent.provision.securityLabelextensibleAll Security Labels
http://hl7.org/fhir/ValueSet/security-labels
from the FHIR Standard
Consent.provision.purposeextensiblePurposeOfUse
http://terminology.hl7.org/ValueSet/v3-PurposeOfUse
Consent.provision.classextensibleConsentContentClass
http://hl7.org/fhir/ValueSet/consent-content-class
from the FHIR Standard
Consent.provision.codeexampleConsentContentCodes (a valid code from LOINC)
http://hl7.org/fhir/ValueSet/consent-content-code
from the FHIR Standard
Consent.provision.data.meaningrequiredConsentDataMeaning
http://hl7.org/fhir/ValueSet/consent-data-meaning|4.0.1
from the FHIR Standard
Consent.provision.provision.typerequiredFixed Value: permit
http://hl7.org/fhir/ValueSet/consent-provision-type|4.0.1
from the FHIR Standard
Consent.provision.provision.actor.roleextensibleSecurityRoleType
http://hl7.org/fhir/ValueSet/security-role-type
from the FHIR Standard
Consent.provision.provision.actionexampleConsentActionCodes
http://hl7.org/fhir/ValueSet/consent-action
from the FHIR Standard
Consent.provision.provision.securityLabelextensibleAll Security Labels
http://hl7.org/fhir/ValueSet/security-labels
from the FHIR Standard
Consent.provision.provision.purposeextensiblePurposeOfUse
http://terminology.hl7.org/ValueSet/v3-PurposeOfUse
Consent.provision.provision.classextensibleConsentContentClass
http://hl7.org/fhir/ValueSet/consent-content-class
from the FHIR Standard
Consent.provision.provision.codeexampleConsentContentCodes (a valid code from LOINC)
http://hl7.org/fhir/ValueSet/consent-content-code
from the FHIR Standard
Consent.provision.provision.data.meaningrequiredConsentDataMeaning
http://hl7.org/fhir/ValueSet/consent-data-meaning|4.0.1
from the FHIR Standard

Constraints

IdGradePath(s)DetailsRequirements
dom-2errorConsentIf the resource is contained in another resource, it SHALL NOT contain nested Resources
: contained.contained.empty()
dom-3errorConsentIf the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource
: contained.where((('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(canonical) = '#').exists()).not()).trace('unmatched', id).empty()
dom-4errorConsentIf a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated
: contained.meta.versionId.empty() and contained.meta.lastUpdated.empty()
dom-5errorConsentIf a resource is contained in another resource, it SHALL NOT have a security label
: contained.meta.security.empty()
dom-6best practiceConsentA resource should have narrative for robust management
: text.`div`.exists()
ele-1error**ALL** elementsAll FHIR elements must have a @value or children
: hasValue() or (children().count() > id.count())
ext-1error**ALL** extensionsMust have either extensions or value[x], not both
: extension.exists() != value.exists()
ppc-1errorConsentEither a Policy or PolicyRule
: policy.exists() or policyRule.exists()
ppc-2errorConsentIF Scope=privacy, there must be a patient
: patient.exists() or scope.coding.where(system='something' and code='patient-privacy').exists().not()
ppc-3errorConsentIF Scope=research, there must be a patient
: patient.exists() or scope.coding.where(system='something' and code='research').exists().not()
ppc-4errorConsentIF Scope=adr, there must be a patient
: patient.exists() or scope.coding.where(system='something' and code='adr').exists().not()
ppc-5errorConsentIF Scope=treatment, there must be a patient
: patient.exists() or scope.coding.where(system='something' and code='treatment').exists().not()

This structure is derived from Consent

Summary

Mandatory: 0 element(3 nested mandatory elements)
Must-Support: 11 elements
Fixed: 2 elements
Prohibited: 1 element

Differential View

This structure is derived from Consent

NameFlagsCard.TypeDescription & Constraintsdoco
.. Consent 0..* Consent A policy may permit or deny recipients or roles to perform actions for specific purposes and periods of time
... status S 1..1 code Indicates the current state of this restriction
... category S 1..* CodeableConcept Type of restriction
... dateTime S 0..1 dateTime date/time of last update for this restriction
.... authority S 0..0
.... uri S 0..1 uri Specific policy covered by this restriction
... provision S 0..1 BackboneElement Access rights
.... type 0..1 code deny | permit
Fixed Value: deny
.... provision 0..* BackboneElement Nested Exception Rules
..... type S 0..1 code deny | permit
Fixed Value: permit
..... actor S 1..* BackboneElement Who|what controlled by this rule (or group, by role)
...... role S 1..1 CodeableConcept How the actor is involved
..... securityLabel S 1..* Coding Security Labels that define affected resources
..... class 1..* Coding e.g. Resource Type, Profile, CDA, etc.

doco Documentation for this format

Key Elements View

NameFlagsCard.TypeDescription & Constraintsdoco
.. Consent C 0..* Consent A policy may permit or deny recipients or roles to perform actions for specific purposes and periods of time
ppc-1: Either a Policy or PolicyRule
ppc-2: IF Scope=privacy, there must be a patient
ppc-3: IF Scope=research, there must be a patient
ppc-4: IF Scope=adr, there must be a patient
ppc-5: IF Scope=treatment, there must be a patient
... implicitRules ?!Σ 0..1 uri A set of rules under which this content was created
... modifierExtension ?! 0..* Extension Extensions that cannot be ignored
... status ?!SΣ 1..1 code Indicates the current state of this restriction
Binding: ConsentState (required): Indicates the state of the consent.

... category SΣ 1..* CodeableConcept Type of restriction
Binding: ConsentCategoryCodes (extensible): A classification of the type of consents found in a consent statement.


... dateTime SΣ 0..1 dateTime date/time of last update for this restriction
... policy S 0..* BackboneElement Policies covered by this consent
.... modifierExtension ?!Σ 0..* Extension Extensions that cannot be ignored even if unrecognized
.... uri SC 0..1 uri Specific policy covered by this restriction
... provision SΣ 0..1 BackboneElement Access rights
.... modifierExtension ?!Σ 0..* Extension Extensions that cannot be ignored even if unrecognized
.... type Σ 0..1 code deny | permit
Binding: ConsentProvisionType (required): How a rule statement is applied, such as adding additional consent or removing consent.


Fixed Value: deny
.... provision 0..* BackboneElement Nested Exception Rules
..... modifierExtension ?!Σ 0..* Extension Extensions that cannot be ignored even if unrecognized
..... type SΣ 0..1 code deny | permit
Binding: ConsentProvisionType (required): How a rule statement is applied, such as adding additional consent or removing consent.


Fixed Value: permit
..... actor S 1..* BackboneElement Who|what controlled by this rule (or group, by role)
...... modifierExtension ?!Σ 0..* Extension Extensions that cannot be ignored even if unrecognized
...... role S 1..1 CodeableConcept How the actor is involved
Binding: SecurityRoleType (extensible): How an actor is involved in the consent considerations.

...... reference 1..1 Reference(Device | Group | CareTeam | Organization | Patient | Practitioner | RelatedPerson | PractitionerRole) Resource for the actor (or group, by role)
..... securityLabel SΣ 1..* Coding Security Labels that define affected resources
Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System.


..... class Σ 1..* Coding e.g. Resource Type, Profile, CDA, etc.
Binding: ConsentContentClass (extensible): The class (type) of information a consent rule covers.



doco Documentation for this format

Terminology Bindings

PathConformanceValueSet / CodeURI
Consent.statusrequiredConsentState
http://hl7.org/fhir/ValueSet/consent-state-codes|4.0.1
from the FHIR Standard
Consent.scopeextensibleConsentScopeCodes
http://hl7.org/fhir/ValueSet/consent-scope
from the FHIR Standard
Consent.categoryextensibleConsentCategoryCodes
http://hl7.org/fhir/ValueSet/consent-category
from the FHIR Standard
Consent.provision.typerequiredFixed Value: deny
http://hl7.org/fhir/ValueSet/consent-provision-type|4.0.1
from the FHIR Standard
Consent.provision.provision.typerequiredFixed Value: permit
http://hl7.org/fhir/ValueSet/consent-provision-type|4.0.1
from the FHIR Standard
Consent.provision.provision.actor.roleextensibleSecurityRoleType
http://hl7.org/fhir/ValueSet/security-role-type
from the FHIR Standard
Consent.provision.provision.securityLabelextensibleAll Security Labels
http://hl7.org/fhir/ValueSet/security-labels
from the FHIR Standard
Consent.provision.provision.classextensibleConsentContentClass
http://hl7.org/fhir/ValueSet/consent-content-class
from the FHIR Standard

Constraints

IdGradePath(s)DetailsRequirements
dom-2errorConsentIf the resource is contained in another resource, it SHALL NOT contain nested Resources
: contained.contained.empty()
dom-3errorConsentIf the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource
: contained.where((('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(canonical) = '#').exists()).not()).trace('unmatched', id).empty()
dom-4errorConsentIf a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated
: contained.meta.versionId.empty() and contained.meta.lastUpdated.empty()
dom-5errorConsentIf a resource is contained in another resource, it SHALL NOT have a security label
: contained.meta.security.empty()
dom-6best practiceConsentA resource should have narrative for robust management
: text.`div`.exists()
ele-1error**ALL** elementsAll FHIR elements must have a @value or children
: hasValue() or (children().count() > id.count())
ext-1error**ALL** extensionsMust have either extensions or value[x], not both
: extension.exists() != value.exists()
ppc-1errorConsentEither a Policy or PolicyRule
: policy.exists() or policyRule.exists()
ppc-2errorConsentIF Scope=privacy, there must be a patient
: patient.exists() or scope.coding.where(system='something' and code='patient-privacy').exists().not()
ppc-3errorConsentIF Scope=research, there must be a patient
: patient.exists() or scope.coding.where(system='something' and code='research').exists().not()
ppc-4errorConsentIF Scope=adr, there must be a patient
: patient.exists() or scope.coding.where(system='something' and code='adr').exists().not()
ppc-5errorConsentIF Scope=treatment, there must be a patient
: patient.exists() or scope.coding.where(system='something' and code='treatment').exists().not()

Snapshot View

NameFlagsCard.TypeDescription & Constraintsdoco
.. Consent C 0..* Consent A policy may permit or deny recipients or roles to perform actions for specific purposes and periods of time
ppc-1: Either a Policy or PolicyRule
ppc-2: IF Scope=privacy, there must be a patient
ppc-3: IF Scope=research, there must be a patient
ppc-4: IF Scope=adr, there must be a patient
ppc-5: IF Scope=treatment, there must be a patient
... id Σ 0..1 id Logical id of this artifact
... meta Σ 0..1 Meta Metadata about the resource
... implicitRules ?!Σ 0..1 uri A set of rules under which this content was created
... text 0..1 Narrative Text summary of the resource, for human interpretation
... contained 0..* Resource Contained, inline Resources
... extension 0..* Extension Additional content defined by implementations
... modifierExtension ?! 0..* Extension Extensions that cannot be ignored
... identifier Σ 0..* Identifier Identifier for this record (external references)

Example General: {"system":"http://acme.org/identifier/local/eCMS","value":"Local eCMS identifier"}
... status ?!SΣ 1..1 code Indicates the current state of this restriction
Binding: ConsentState (required): Indicates the state of the consent.

... scope ?!Σ 1..1 CodeableConcept Which of the four areas this resource covers (extensible)
Binding: ConsentScopeCodes (extensible): The four anticipated uses for the Consent Resource.

... category SΣ 1..* CodeableConcept Type of restriction
Binding: ConsentCategoryCodes (extensible): A classification of the type of consents found in a consent statement.


... patient Σ 0..1 Reference(Patient) Who the consent applies to
... dateTime SΣ 0..1 dateTime date/time of last update for this restriction
... performer Σ 0..* Reference(Organization | Patient | Practitioner | RelatedPerson | PractitionerRole) Who is agreeing to the policy and rules
... organization Σ 0..* Reference(Organization) Custodian of the consent
... source[x] Σ 0..1 Source from which this consent is taken
.... sourceAttachment Attachment
.... sourceReference Reference(Consent | DocumentReference | Contract | QuestionnaireResponse)
... policy S 0..* BackboneElement Policies covered by this consent
.... id 0..1 string Unique id for inter-element referencing
.... extension 0..* Extension Additional content defined by implementations
.... modifierExtension ?!Σ 0..* Extension Extensions that cannot be ignored even if unrecognized
.... uri SC 0..1 uri Specific policy covered by this restriction
... policyRule ΣC 0..1 CodeableConcept Regulation that this consents to
Binding: ConsentPolicyRuleCodes (extensible): Regulatory policy examples.

... verification Σ 0..* BackboneElement Consent Verified by patient or family
.... id 0..1 string Unique id for inter-element referencing
.... extension 0..* Extension Additional content defined by implementations
.... modifierExtension ?!Σ 0..* Extension Extensions that cannot be ignored even if unrecognized
.... verified Σ 1..1 boolean Has been verified
.... verifiedWith 0..1 Reference(Patient | RelatedPerson) Person who verified
.... verificationDate 0..1 dateTime When consent verified
... provision SΣ 0..1 BackboneElement Access rights
.... id 0..1 string Unique id for inter-element referencing
.... extension 0..* Extension Additional content defined by implementations
.... modifierExtension ?!Σ 0..* Extension Extensions that cannot be ignored even if unrecognized
.... type Σ 0..1 code deny | permit
Binding: ConsentProvisionType (required): How a rule statement is applied, such as adding additional consent or removing consent.


Fixed Value: deny
.... period Σ 0..1 Period Timeframe for this rule
.... actor 0..* BackboneElement Who|what controlled by this rule (or group, by role)
..... id 0..1 string Unique id for inter-element referencing
..... extension 0..* Extension Additional content defined by implementations
..... modifierExtension ?!Σ 0..* Extension Extensions that cannot be ignored even if unrecognized
..... role 1..1 CodeableConcept How the actor is involved
Binding: SecurityRoleType (extensible): How an actor is involved in the consent considerations.

..... reference 1..1 Reference(Device | Group | CareTeam | Organization | Patient | Practitioner | RelatedPerson | PractitionerRole) Resource for the actor (or group, by role)
.... action Σ 0..* CodeableConcept Actions controlled by this rule
Binding: ConsentActionCodes (example): Detailed codes for the consent action.


.... securityLabel Σ 0..* Coding Security Labels that define affected resources
Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System.


.... purpose Σ 0..* Coding Context of activities covered by this rule
Binding: PurposeOfUse (extensible): What purposes of use are controlled by this exception. If more than one label is specified, operations must have all the specified labels.


.... class Σ 0..* Coding e.g. Resource Type, Profile, CDA, etc.
Binding: ConsentContentClass (extensible): The class (type) of information a consent rule covers.


.... code Σ 0..* CodeableConcept e.g. LOINC or SNOMED CT code, etc. in the content
Binding: ConsentContentCodes (example): If this code is found in an instance, then the exception applies.


.... dataPeriod Σ 0..1 Period Timeframe for data controlled by this rule
.... data Σ 0..* BackboneElement Data controlled by this rule
..... id 0..1 string Unique id for inter-element referencing
..... extension 0..* Extension Additional content defined by implementations
..... modifierExtension ?!Σ 0..* Extension Extensions that cannot be ignored even if unrecognized
..... meaning Σ 1..1 code instance | related | dependents | authoredby
Binding: ConsentDataMeaning (required): How a resource reference is interpreted when testing consent restrictions.

..... reference Σ 1..1 Reference(Resource) The actual data reference
.... provision 0..* BackboneElement Nested Exception Rules
..... id 0..1 string Unique id for inter-element referencing
..... extension 0..* Extension Additional content defined by implementations
..... modifierExtension ?!Σ 0..* Extension Extensions that cannot be ignored even if unrecognized
..... type SΣ 0..1 code deny | permit
Binding: ConsentProvisionType (required): How a rule statement is applied, such as adding additional consent or removing consent.


Fixed Value: permit
..... period Σ 0..1 Period Timeframe for this rule
..... actor S 1..* BackboneElement Who|what controlled by this rule (or group, by role)
...... id 0..1 string Unique id for inter-element referencing
...... extension 0..* Extension Additional content defined by implementations
...... modifierExtension ?!Σ 0..* Extension Extensions that cannot be ignored even if unrecognized
...... role S 1..1 CodeableConcept How the actor is involved
Binding: SecurityRoleType (extensible): How an actor is involved in the consent considerations.

...... reference 1..1 Reference(Device | Group | CareTeam | Organization | Patient | Practitioner | RelatedPerson | PractitionerRole) Resource for the actor (or group, by role)
..... action Σ 0..* CodeableConcept Actions controlled by this rule
Binding: ConsentActionCodes (example): Detailed codes for the consent action.


..... securityLabel SΣ 1..* Coding Security Labels that define affected resources
Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System.


..... purpose Σ 0..* Coding Context of activities covered by this rule
Binding: PurposeOfUse (extensible): What purposes of use are controlled by this exception. If more than one label is specified, operations must have all the specified labels.


..... class Σ 1..* Coding e.g. Resource Type, Profile, CDA, etc.
Binding: ConsentContentClass (extensible): The class (type) of information a consent rule covers.


..... code Σ 0..* CodeableConcept e.g. LOINC or SNOMED CT code, etc. in the content
Binding: ConsentContentCodes (example): If this code is found in an instance, then the exception applies.


..... dataPeriod Σ 0..1 Period Timeframe for data controlled by this rule
..... data Σ 0..* BackboneElement Data controlled by this rule
...... id 0..1 string Unique id for inter-element referencing
...... extension 0..* Extension Additional content defined by implementations
...... modifierExtension ?!Σ 0..* Extension Extensions that cannot be ignored even if unrecognized
...... meaning Σ 1..1 code instance | related | dependents | authoredby
Binding: ConsentDataMeaning (required): How a resource reference is interpreted when testing consent restrictions.

...... reference Σ 1..1 Reference(Resource) The actual data reference
..... provision 0..* See provision (Consent) Nested Exception Rules

doco Documentation for this format

Terminology Bindings

PathConformanceValueSet / CodeURI
Consent.languagepreferredCommonLanguages
Additional Bindings Purpose
AllLanguages Max Binding
http://hl7.org/fhir/ValueSet/languages
from the FHIR Standard
Consent.statusrequiredConsentState
http://hl7.org/fhir/ValueSet/consent-state-codes|4.0.1
from the FHIR Standard
Consent.scopeextensibleConsentScopeCodes
http://hl7.org/fhir/ValueSet/consent-scope
from the FHIR Standard
Consent.categoryextensibleConsentCategoryCodes
http://hl7.org/fhir/ValueSet/consent-category
from the FHIR Standard
Consent.policyRuleextensibleConsentPolicyRuleCodes
http://hl7.org/fhir/ValueSet/consent-policy
from the FHIR Standard
Consent.provision.typerequiredFixed Value: deny
http://hl7.org/fhir/ValueSet/consent-provision-type|4.0.1
from the FHIR Standard
Consent.provision.actor.roleextensibleSecurityRoleType
http://hl7.org/fhir/ValueSet/security-role-type
from the FHIR Standard
Consent.provision.actionexampleConsentActionCodes
http://hl7.org/fhir/ValueSet/consent-action
from the FHIR Standard
Consent.provision.securityLabelextensibleAll Security Labels
http://hl7.org/fhir/ValueSet/security-labels
from the FHIR Standard
Consent.provision.purposeextensiblePurposeOfUse
http://terminology.hl7.org/ValueSet/v3-PurposeOfUse
Consent.provision.classextensibleConsentContentClass
http://hl7.org/fhir/ValueSet/consent-content-class
from the FHIR Standard
Consent.provision.codeexampleConsentContentCodes (a valid code from LOINC)
http://hl7.org/fhir/ValueSet/consent-content-code
from the FHIR Standard
Consent.provision.data.meaningrequiredConsentDataMeaning
http://hl7.org/fhir/ValueSet/consent-data-meaning|4.0.1
from the FHIR Standard
Consent.provision.provision.typerequiredFixed Value: permit
http://hl7.org/fhir/ValueSet/consent-provision-type|4.0.1
from the FHIR Standard
Consent.provision.provision.actor.roleextensibleSecurityRoleType
http://hl7.org/fhir/ValueSet/security-role-type
from the FHIR Standard
Consent.provision.provision.actionexampleConsentActionCodes
http://hl7.org/fhir/ValueSet/consent-action
from the FHIR Standard
Consent.provision.provision.securityLabelextensibleAll Security Labels
http://hl7.org/fhir/ValueSet/security-labels
from the FHIR Standard
Consent.provision.provision.purposeextensiblePurposeOfUse
http://terminology.hl7.org/ValueSet/v3-PurposeOfUse
Consent.provision.provision.classextensibleConsentContentClass
http://hl7.org/fhir/ValueSet/consent-content-class
from the FHIR Standard
Consent.provision.provision.codeexampleConsentContentCodes (a valid code from LOINC)
http://hl7.org/fhir/ValueSet/consent-content-code
from the FHIR Standard
Consent.provision.provision.data.meaningrequiredConsentDataMeaning
http://hl7.org/fhir/ValueSet/consent-data-meaning|4.0.1
from the FHIR Standard

Constraints

IdGradePath(s)DetailsRequirements
dom-2errorConsentIf the resource is contained in another resource, it SHALL NOT contain nested Resources
: contained.contained.empty()
dom-3errorConsentIf the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource
: contained.where((('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(canonical) = '#').exists()).not()).trace('unmatched', id).empty()
dom-4errorConsentIf a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated
: contained.meta.versionId.empty() and contained.meta.lastUpdated.empty()
dom-5errorConsentIf a resource is contained in another resource, it SHALL NOT have a security label
: contained.meta.security.empty()
dom-6best practiceConsentA resource should have narrative for robust management
: text.`div`.exists()
ele-1error**ALL** elementsAll FHIR elements must have a @value or children
: hasValue() or (children().count() > id.count())
ext-1error**ALL** extensionsMust have either extensions or value[x], not both
: extension.exists() != value.exists()
ppc-1errorConsentEither a Policy or PolicyRule
: policy.exists() or policyRule.exists()
ppc-2errorConsentIF Scope=privacy, there must be a patient
: patient.exists() or scope.coding.where(system='something' and code='patient-privacy').exists().not()
ppc-3errorConsentIF Scope=research, there must be a patient
: patient.exists() or scope.coding.where(system='something' and code='research').exists().not()
ppc-4errorConsentIF Scope=adr, there must be a patient
: patient.exists() or scope.coding.where(system='something' and code='adr').exists().not()
ppc-5errorConsentIF Scope=treatment, there must be a patient
: patient.exists() or scope.coding.where(system='something' and code='treatment').exists().not()

This structure is derived from Consent

Summary

Mandatory: 0 element(3 nested mandatory elements)
Must-Support: 11 elements
Fixed: 2 elements
Prohibited: 1 element

 

Other representations of profile: CSV, Excel, Schematron