0.2.2 - ci-build
FastAccessControl, published by MITRE. This guide is not an authorized publication; it is the continuous build for version 0.2.2 built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/awatson1978/fhir-access-control-ig/ and changes regularly. See the Directory of published versions
Contents:
This page provides a list of the FHIR artifacts defined as part of this implementation guide.
The following artifacts define the specific capabilities that different types of systems are expected to have in order to comply with this implementation guide. Systems conforming to this implementation guide are expected to declare conformance to one or more of the following capability statements.
| AccessControlRequirements |
Access Control Capability Statement |
These are custom operations that can be supported by and/or invoked by systems conforming to this implementation guide.
| canAccess |
Determine if a user can access a particular record |
| diff |
Determine differential between two Consent records |
| digest |
Input a Bundle which contains list of 1 or more Consent records; Returns a flattened Consent that has merged the records |
| equals |
Determines if two Consent records are equal |
| oauthScopes |
Return a list of OAuth scopes |
| parseToBundle |
Rollup multiple Consent records into a Bundle |
| rollup |
Rollup multiple Consent records into a Bundle |
| toAcl |
Return the access control list for a user. |
These define data models that represent the domain covered by this implementation guide in more business-friendly terms than the underlying FHIR resources.
| OAuth Authentication Request |
This structure defines an OAuth authentication response body |
| OAuth Authentication Response |
This structure defines an OAuth authentication response body |
| OAuth Registration Request |
This structure defines an OAuth registration request body |
| OAuth Registration Response |
This structure defines an OAuth registration response body |
| OAuth Token Response |
This structure defines an OAuth token response body |
These define constraints on FHIR resources for systems conforming to this implementation guide.
| AccessControlConsent |
Restriction on use/release of exchanged information |
These define sets of codes used by systems conforming to this implementation guide.
| ConsentExchangeCategoryCodes |
Consent Exchange - Category Codes |
| ConsentExchangePolicies |
Consent Exchange - Policies |
| ConsentExchangeRelations |
Consent Exchange - Relationships |
| ConsentExchangeScopeCodes |
Consent Exchange - Scope Codes |
These define new code systems used by systems conforming to this implementation guide.
| CmsInteroperabilityPolicyCodes |
Policy provisions defined under CMS-9115-F, CMS Interoperability and Patient Access final rule |
| ConsentExchangeRelationships |
Relationships used to model and exchange consent relationships |
| PayorToPayorExchangePolicyCodes |
Policy codes used to define legal frameworks under which consent exchange occurs between payors. |
These define transformations to convert between data structures used by systems conforming to this implementation guide.
| DnrToConsent |
Do Not Recussitate questionnaire to Consent record |
| FirstNameToGiven |
First name to given name |
| HipaaPrivacyToConsent |
HIPAA Privacy questionnaire to Consent record |
| LastNameToFamily |
Last name to family name |
| LivingWillToConsent |
Living Will questionnaire to Consent record |
| PoaContractToConsent |
Power of Attorney contract to Consent record |
| PoaMentalHealthToConsent |
Power of Attorney Mental Health questionnaire to Consent record |
| PoaQuestinonaireToConsent |
Power of Attorney questionnaire to Consent record |
| PolstToConsent |
Physician Orders for Life Sustaining Treatment (POLST) to Consent record |
These are example instances that show what data produced and consumed by systems conforming with this implementation guide might look like.
| ConsentAnonOrg | |
| ConsentAnonPatient | |
| ConsentAnonPractitioner | |
| ConsentClinicianOrg | |
| ConsentClinicianPatient | |
| ConsentPatientOwner | |
| ConsentSystemPatient | |
| OAuthRegistrationRequest1 |
OAuth Registration of Test Harness |
| Org-StDymphnas |
Organization - St. Dympha's Womens Shelter |
| Org-StJames |
Organization - St. Jame's Infirmary |
| SMART Client Registration |
R4 TestScript - SMART on FHIR Client Registration |
| Scenario 1A |
R4 TestScript - Directories with Anonymous Access (Work in Progress) |
| Scenario 1B |
R4 TestScript - Directories With Restricted Data (Work in Progress) |
| Scenario 2A |
R4 TestScript - PHI System - Anonymous Access (Work in Progress) |
| Scenario 2B |
R4 TestScript - PHI System - Patient Self Access (Work in Progress) |
| Scenario 2C |
R4 TestScript - PHI System - Patient Multi-User Access (Work in Progress) |
| Scenario 2D |
R4 TestScript - PHI System - General Practitioner Access (Work in Progress) |
| Scenario 2E |
R4 TestScript - PHI System - Dependents Access (Work in Progress) |
| Scenario 3 |
R4 TestScript - Back End Acces |
| fast-patient-privacy |
Sample Legal Document - FAST Patient Privacy (HIPAA) |
| leap-dnr |
Sample Legal Document - Do Not Rescussitate |
| leap-livingwill |
Sample Legal Document - Living Will |
| leap-patient-privacy |
Sample Legal Document - HIPAA Patient Privacy |
| leap-poahealthcare |
Sample Legal Document - Power of Attorney |
| leap-poamentalhealth |
Sample Legal Document - Power of Attorney - Mental Health |
| leap-polst |
Sample Legal Document - National Portable Medical Order |
| patient-jane-doe |
Patient - Jane Doe patient not part of relationship model, used for checking security access. |
| patient-jennifer-smith |
Patient - Jennifer Smith - Patient demographics record. |
| patient-john-smith |
Patient - John Smith - Patient demographics record. |
| patient-katie-klepti |
Patient - Katie Klepti - a woman without much sense of boundaries or traditional notions of property ownership. |
| practitioner-alison-camron |
Practitioner - Dr. Alison Camron, Attending Physician |
| practitioner-susan-social |
Practitioner - Susan Social - Social Worker |
These are resources that are used within this implementation guide that do not fit into one of the other categories.
| auth-request-3 |
Backend Service - Authorization Reques |
| auth-response-3 |
Backend Service - Authorization Response |
| registration-request-3 |
Backend Service - Registration Request |
| registration-response-3 |
Backend Service - Registration Response |
| token-response-3 |
Backend Service - Token Response |