CH EPR FHIR (R4)
5.0.0-ci-build - ci-build Switzerland flag

CH EPR FHIR (R4), published by eHealth Suisse. This guide is not an authorized publication; it is the continuous build for version 5.0.0-ci-build built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/ehealthsuisse/ch-epr-fhir/ and changes regularly. See the Directory of published versions

Resource Profile: PpqmConsent - Mappings

Active as of 2025-08-05

Mappings for the PpqmConsent resource profile.

Mapping between PpqmConsent Resources and CH:PPQ Policy Sets

Transformation of PpqmConsent Resources into CH:PPQ Policy Sets

Each PpqmConsent resource contains an element identifier with type.coding.code equal to "templateId". In this element, the attribute value contains the ID of the official Policy Stack template. For example:

{ 
  "type": {
    "coding": [{
      "system": "http://fhir.ch/ig/ch-epr-fhir/CodeSystem/PpqmConsentIdentifierType",
      "code": "templateId"
    }]
  },
  "value": "201" 
}

The PPQ-conformant XACML 2.0 Policy Set SHALL be created according to this template. Thereby, the value placeholders SHALL be filled according to the table below:

Placeholder PpqmConsent attribute
Policy Set ID identifier.value where identifier.type.coding.code equals to "policySetId"
EPR-SPID patient.identifier.value
GLN provision.actor.reference.identifier.value
Group OID provision.actor.reference.identifier.value
Representative ID provision.actor.reference.identifier.value
PolicySetIDReference policyRule.coding.code
Start date provision.period.start
End date provision.period.end

Table 1: Mapping of PpqmConsent attributes onto CH:PPQ policy set template placeholders

Transformation of CH:PPQ Policy Sets into PpqmConsent Resources

Each patient-related CH:PPQ policy set is generated from a template provided in the official Policy Stack, but does not hold a direct reference to this template. Therefore, the first step is to determine the template ID. For that, the following heuristics SHALL be used:

  • The policy set contains an element /PolicySet/Target/Subjects with three sub-elements Subject → template 203.
  • The policy set contains an element /PolicySet/Target/Subjects/Subject/SubjectMatch/AttributeValue/CodedValue with @codeSystem equal to "2.16.756.5.30.1.127.3.10.6" and:
    • @code equal to "PAT" → template 201.
    • @code equal to "REP" → template 303.
  • The policy set contains an element /PolicySet/Target/Subjects/Subject/SubjectMatch/AttributeValue/CodedValue with @codeSystem equal to "2.16.756.5.30.1.127.3.10.5" and @code equal to "EMER" → template 202.
  • The policy set contains an element /PolicySet/Target/Subjects/Subject/SubjectMatch/SubjectAttributeDesignator with @AttributeId equal to "urn:oasis:names:tc:xspa:1.0:subject:organization-id" → template 302.
  • The ID of the referenced policy set (value of the element <PolicySetIdReference>) contains the substring "delegation" → template 304.
  • Otherwise → template 301.

The PpqmConsent resource attributes SHALL be populated according to the rules defined for each template in the table below:

PpqmConsent attribute Template 201
(full access for the patient)		 Template 202
(confidentiality level for emergency read access)		 Template 203
(minimal confidentiality level for upload)		 Template 301
(individual read access permissions)		 Template 302
(group read access permissions)		 Template 303
(full access for the patient's representative)		 Template 304
(individual read access permissions with delegation)
identifier.value (1) value of /PolicySet/@PolicySetId
identifier.type (1) fixed value: code "http://fhir.ch/ig/ch-epr-fhir/CodeSystem/PpqmConsentIdentifierType|policySetId"
identifier.value (2) fixed value: "201" fixed value: "202" fixed value: "203" fixed value: "301" fixed value: "302" fixed value: "303" fixed value: "304"
identifier.type (2) fixed value: code "http://fhir.ch/ig/ch-epr-fhir/CodeSystem/PpqmConsentIdentifierType|templateId"
status fixed value: code "active"
scope fixed value: code "http://terminology.hl7.org/CodeSystem/consentscope|patient-privacy"
category fixed value: code "http://terminology.hl7.org/CodeSystem/v3-ActCode|INFA"
patient.identifier.system fixed value: "urn:oid:2.16.756.5.30.1.127.3.10.3"
patient.identifier.value EPR-SPID of the patient
policyRule.coding.code value of /PolicySet/PolicySetIdReference
provision.period.start not populated not populated not populated allowed only if the end date is provided optional not populated optional
provision.period.end not populated not populated not populated optional required not populated required
provision.actor.role.coding.code fixed value: "PAT" fixed value: "HCP" fixed value: "HCP" fixed value: "HCP" fixed value: "HCP" fixed value: "REP" fixed value: "HCP"
provision.actor.role.coding.system fixed value: "urn:oid:2.16.756.5.30.1.127.3.10.6"
provision.actor.reference.identifier.type.coding.code fixed value: "urn:e-health-suisse:2015:epr-spid" not populated not populated fixed value: "urn:gs1:gln" fixed value: "urn:oasis:names:tc:xspa:1.0:subject:organization-id" fixed value: "urn:e-health-suisse:representative-id" fixed value: "urn:gs1:gln"
provision.actor.reference.identifier.value EPR‑SPID of the patient not populated not populated GLN of the healthcare professional OID of the HCP group, in URN format ID of the patient's representative GLN of the healthcare professional
provision.actor.reference.identifier.system fixed value: "urn:oid:2.16.756.5.30.1.127.3.10.3" not populated not populated fixed value: "urn:oid:2.51.1.3" not populated not populated fixed value: "urn:oid:2.51.1.3"
provision.actor.reference.display not populated fixed value: "all" fixed value: "all" not populated not populated not populated not populated
provision.purpose.code not populated fixed value: "EMER" fixed values: "NORM", "AUTO", "DICOM_AUTO"
(each in its own repetition of provision.purpose)		 fixed value: "NORM" fixed value: "NORM" not populated fixed value: "NORM"
provision.purpose.system fixed value: "urn:oid:2.16.756.5.30.1.127.3.10.5" if provision.purpose.code is provided; otherwise not present

Table 2: Mapping of CH:PPQ policy set elements onto PpqmConsent attributes

Mappings to Structures in this Implementation Guide

No Mappings Found

Mappings to other Structures

No Mappings Found

Other Mappings

NameCH:PPQ XACML 2.0 Policy SetWorkflow PatternHL7 v2 MappingRIM MappingFiveWs Pattern Mappingdoco
.. Consent
PolicySet
Event
CON
FinancialConsent
... id
... meta
... implicitRules
... text
Act.text?
... contained
N/A
... extension
N/A
... modifierExtension
N/A
... Slices for identifier
Event.identifier
.id
FiveWs.identifier
.... identifier:All Slices
..... id
n/a
..... extension
n/a
..... use
N/A
Role.code or implied by context
..... type
CX.5
Role.code or implied by context
..... system
CX.4 / EI-2-4
II.root or Role.id.root
..... value
/PolicySet/@PolicySetId
CX.1 / EI.1
II.extension or II.root if system indicates OID or GUID (Or Role.id.extension or root)
..... period
CX.7 + CX.8
Role.effectiveTime or implied by context
..... assigner
  • CX.4 / (CX.4
  • CX.9
  • CX.10)
II.assigningAuthorityName but note that this is an improper use by the definition of the field. Also Role.scoper
.... identifier:policySetId
Event.identifier
.id
FiveWs.identifier
..... id
n/a
..... extension
n/a
..... use
N/A
Role.code or implied by context
..... type
CX.5
Role.code or implied by context
...... id
n/a
...... extension
n/a
...... coding
  • C*E.1-8
  • C*E.10-22
  • union(.
  • ./translation)
...... text
C*E.9. But note many systems use C*E.2 for this
./originalText[mediaType/code="text/plain"]/data
..... system
CX.4 / EI-2-4
II.root or Role.id.root
..... value
CX.1 / EI.1
II.extension or II.root if system indicates OID or GUID (Or Role.id.extension or root)
..... period
CX.7 + CX.8
Role.effectiveTime or implied by context
..... assigner
  • CX.4 / (CX.4
  • CX.9
  • CX.10)
II.assigningAuthorityName but note that this is an improper use by the definition of the field. Also Role.scoper
.... identifier:templateId
Event.identifier
.id
FiveWs.identifier
..... id
n/a
..... extension
n/a
..... use
N/A
Role.code or implied by context
..... type
CX.5
Role.code or implied by context
...... id
n/a
...... extension
n/a
...... coding
  • C*E.1-8
  • C*E.10-22
  • union(.
  • ./translation)
...... text
C*E.9. But note many systems use C*E.2 for this
./originalText[mediaType/code="text/plain"]/data
..... system
CX.4 / EI-2-4
II.root or Role.id.root
..... value
CX.1 / EI.1
II.extension or II.root if system indicates OID or GUID (Or Role.id.extension or root)
..... period
CX.7 + CX.8
Role.effectiveTime or implied by context
..... assigner
  • CX.4 / (CX.4
  • CX.9
  • CX.10)
II.assigningAuthorityName but note that this is an improper use by the definition of the field. Also Role.scoper
... status
Event.status
HL7 Table 0498 - Consent Status
.statusCode
FiveWs.status
... scope
.... id
n/a
.... extension
n/a
.... coding
  • C*E.1-8
  • C*E.10-22
  • union(.
  • ./translation)
.... text
C*E.9. But note many systems use C*E.2 for this
./originalText[mediaType/code="text/plain"]/data
... category
Event.code
HL7 Table 0497 - Consent Type
CNTRCT
FiveWs.class
.... id
n/a
.... extension
n/a
.... coding
  • C*E.1-8
  • C*E.10-22
  • union(.
  • ./translation)
.... text
C*E.9. But note many systems use C*E.2 for this
./originalText[mediaType/code="text/plain"]/data
... patient
Event.subject
Role
FiveWs.subject
.... id
n/a
.... extension
n/a
.... reference
N/A
.... type
N/A
.... identifier
.identifier
..... id
n/a
..... extension
n/a
..... use
N/A
Role.code or implied by context
..... type
CX.5
Role.code or implied by context
..... system
/PolicySet/Target/Resources/Resource/ResourceMatch/AttributeValue/InstanceIdentifier/@root
CX.4 / EI-2-4
II.root or Role.id.root
..... value
/PolicySet/Target/Resources/Resource/ResourceMatch/AttributeValue/InstanceIdentifier/@extension
CX.1 / EI.1
II.extension or II.root if system indicates OID or GUID (Or Role.id.extension or root)
..... period
CX.7 + CX.8
Role.effectiveTime or implied by context
..... assigner
  • CX.4 / (CX.4
  • CX.9
  • CX.10)
II.assigningAuthorityName but note that this is an improper use by the definition of the field. Also Role.scoper
.... display
N/A
... dateTime
Event.occurrence[x]
Field 13/ Consent Decision Date
FinancialConsent effectiveTime
FiveWs.recorded
... performer
Event.performer
Field 24/ ConsenterID
FiveWs.actor
... organization
Event.performer
FiveWs.witness
... source[x]
Field 19 Informational Material Supplied Indicator
... policy
... policyRule
.... id
n/a
.... extension
n/a
.... coding
  • C*E.1-8
  • C*E.10-22
  • union(.
  • ./translation)
..... id
n/a
..... extension
n/a
..... system
C*E.3
./codeSystem
..... version
C*E.7
./codeSystemVersion
..... code
/PolicySet/PolicySetIdReference
C*E.1
./code
..... display
C*E.2 - but note this is not well followed
CV.displayName
..... userSelected
Sometimes implied by being first
CD.codingRationale
.... text
C*E.9. But note many systems use C*E.2 for this
./originalText[mediaType/code="text/plain"]/data
... verification
... provision
.... id
n/a
.... extension
n/a
.... modifierExtension
N/A
.... type
.... period
..... id
n/a
..... extension
n/a
..... start
oasis:names:tc:xacml:1.0:function:date-less-than-or-equal']/AtributeValue
DR.1
./low
..... end
oasis:names:tc:xacml:1.0:function:date-greater-than-or-equal']/AtributeValue
DR.2
./high
.... actor
..... id
n/a
..... extension
n/a
..... modifierExtension
N/A
..... role
...... id
n/a
...... extension
n/a
...... coding
  • C*E.1-8
  • C*E.10-22
  • union(.
  • ./translation)
....... id
n/a
....... extension
n/a
....... system
oasis:names:tc:xacml:2.0:subject:role']/AttributeValue/CodedValue/@codeSystem
C*E.3
./codeSystem
....... version
C*E.7
./codeSystemVersion
....... code
oasis:names:tc:xacml:2.0:subject:role']/AttributeValue/CodedValue/@code
C*E.1
./code
....... display
C*E.2 - but note this is not well followed
CV.displayName
....... userSelected
Sometimes implied by being first
CD.codingRationale
...... text
C*E.9. But note many systems use C*E.2 for this
./originalText[mediaType/code="text/plain"]/data
..... reference
...... id
n/a
...... extension
n/a
...... reference
N/A
...... type
N/A
...... identifier
.identifier
....... id
n/a
....... extension
n/a
....... use
N/A
Role.code or implied by context
....... type
CX.5
Role.code or implied by context
........ id
n/a
........ extension
n/a
........ coding
  • C*E.1-8
  • C*E.10-22
  • union(.
  • ./translation)
......... id
n/a
......... extension
n/a
......... system
C*E.3
./codeSystem
......... version
C*E.7
./codeSystemVersion
......... code
oasis:names:tc:xacml:1.0:subject:subject-id-qualifier']/AttributeValueif NOT equal to 'urn:oasis:names:tc:xspa:1.0:subject:organization-id'
C*E.1
./code
......... display
C*E.2 - but note this is not well followed
CV.displayName
......... userSelected
Sometimes implied by being first
CD.codingRationale
........ text
C*E.9. But note many systems use C*E.2 for this
./originalText[mediaType/code="text/plain"]/data
....... system
CX.4 / EI-2-4
II.root or Role.id.root
....... value
oasis:names:tc:xspa:1.0:subject:organization-id']/AttributeValueif identifier.type is equal to 'urn:oasis:names:tc:xspa:1.0:subject:organization-id'
CX.1 / EI.1
II.extension or II.root if system indicates OID or GUID (Or Role.id.extension or root)
....... period
CX.7 + CX.8
Role.effectiveTime or implied by context
....... assigner
  • CX.4 / (CX.4
  • CX.9
  • CX.10)
II.assigningAuthorityName but note that this is an improper use by the definition of the field. Also Role.scoper
...... display
N/A
.... action
.... securityLabel
.... purpose
..... id
n/a
..... extension
n/a
..... system
oasis:names:tc:xspa:1.0:subject:purposeofuse']/AttributeValue/CodedValue/@codeSystem
C*E.3
./codeSystem
..... version
C*E.7
./codeSystemVersion
..... code
oasis:names:tc:xspa:1.0:subject:purposeofuse']/AttributeValue/CodedValue/@code
C*E.1
./code
..... display
C*E.2 - but note this is not well followed
CV.displayName
..... userSelected
Sometimes implied by being first
CD.codingRationale
.... class
.... code
.... dataPeriod
.... data
Role
.... provision

doco Documentation for this format