ISO/HL7 10781 - Electronic Health Record System Functional Model, Release 2.1
0.16.0 - CI Build
ISO/HL7 10781 - Electronic Health Record System Functional Model, Release 2.1
0.16.0 - CI Build
Publish Box goes here
| Active as of 2024-08-12 |
{
"resourceType" : "Requirements",
"id" : "EHRSFMR2.1-AS.2.6",
"meta" : {
"profile" : [
🔗 "http://hl7.org/ehrs/StructureDefinition/FMFunction"
]
},
"text" : {
"status" : "extensions",
"div" : "<div xmlns=\"http://www.w3.org/1999/xhtml\">\n <span id=\"description\"><b>Statement <a href=\"https://hl7.org/fhir/versions.html#std-process\" title=\"Normative Content\" class=\"normative-flag\">N</a>:</b> <div><p>Provide the ability to record and manage patient-specific privacy consent directive consistent with privacy policies.</p>\n</div></span>\n\n \n <span id=\"purpose\"><b>Description <a href=\"https://hl7.org/fhir/versions.html#std-process\" title=\"Informative Content\" class=\"informative-flag\">I</a>:</b> <div><p>The system enables the management of information access to support privacy policies. These policies allow patients to stipulate specific privacy preferences as a privacy consent directive. The consent may be issued for a specific disclosure, for a period of time, or until it is explicitly revoked. This function depends on infrastructure to enforce the privacy consent and any associated privacy policies using a combination of access control, secure messaging, secure data routing, and data segmentation.</p>\n</div></span>\n \n\n \n\n \n <span id=\"requirements\"><b>Criteria <a href=\"https://hl7.org/fhir/versions.html#std-process\" title=\"Normative Content\" class=\"normative-flag\">N</a>:</b></span>\n \n <table id=\"statements\" class=\"grid dict\">\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>AS.2.6#01</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>SHOULD</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHOULD provide the ability to manage the privacy preferences of patients (e.g., opt-in with exceptions, opt-out with exceptions, opt-in, opt-out) in their privacy consent directive.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>AS.2.6#02</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>SHOULD</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHOULD provide the ability to capture the patient's preferences regarding providers who are permitted to access, or explicitly excluded from accessing, the patient's information.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>AS.2.6#03</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>SHOULD</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHOULD provide the ability to render disclosure events.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>AS.2.6#04</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>SHOULD</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHOULD provide the ability to render an accounting of any patient identifiable information disclosed to other providers.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>AS.2.6#05</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>MAY</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system MAY provide the ability to enter, import or receive information that documents the patient's expressed selection of privacy preferences related to the disclosure of information identified by its content type (e.g., related diagnosis or payment method), and a specific purpose.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>AS.2.6#06</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>SHOULD</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHOULD provide the ability to manage data visibility based on both privacy policy, and patient's privacy consent.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>AS.2.6#07</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>MAY</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system MAY provide the ability to link to privacy consent management systems to access patients' privacy consent directives and digital certificates.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n </table>\n</div>"
},
"url" : "http://hl7.org/ehrs/Requirements/EHRSFMR2.1-AS.2.6",
"version" : "0.16.0",
"name" : "AS_2_6_Manage_Patient_Privacy_Consent_Directives",
"title" : "AS.2.6 Manage Patient Privacy Consent Directives (Function)",
"status" : "active",
"date" : "2024-08-12T10:56:01+00:00",
"publisher" : "EHR WG",
"contact" : [
{
"telecom" : [
{
"system" : "url",
"value" : "http://www.hl7.org/Special/committees/ehr"
}
]
}
],
"description" : "Provide the ability to record and manage patient-specific privacy consent directive consistent with privacy policies.",
"purpose" : "The system enables the management of information access to support privacy policies. These policies allow patients to stipulate specific privacy preferences as a privacy consent directive. The consent may be issued for a specific disclosure, for a period of time, or until it is explicitly revoked. This function depends on infrastructure to enforce the privacy consent and any associated privacy policies using a combination of access control, secure messaging, secure data routing, and data segmentation.",
"statement" : [
{
"extension" : [
{
"url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
"valueBoolean" : false
}
],
"key" : "EHRSFMR2.1-AS.2.6-01",
"label" : "AS.2.6#01",
"conformance" : [
"SHOULD"
],
"conditionality" : false,
"requirement" : "The system SHOULD provide the ability to manage the privacy preferences of patients (e.g., opt-in with exceptions, opt-out with exceptions, opt-in, opt-out) in their privacy consent directive."
},
{
"extension" : [
{
"url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
"valueBoolean" : false
}
],
"key" : "EHRSFMR2.1-AS.2.6-02",
"label" : "AS.2.6#02",
"conformance" : [
"SHOULD"
],
"conditionality" : false,
"requirement" : "The system SHOULD provide the ability to capture the patient's preferences regarding providers who are permitted to access, or explicitly excluded from accessing, the patient's information."
},
{
"extension" : [
{
"url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
"valueBoolean" : false
}
],
"key" : "EHRSFMR2.1-AS.2.6-03",
"label" : "AS.2.6#03",
"conformance" : [
"SHOULD"
],
"conditionality" : false,
"requirement" : "The system SHOULD provide the ability to render disclosure events."
},
{
"extension" : [
{
"url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
"valueBoolean" : false
}
],
"key" : "EHRSFMR2.1-AS.2.6-04",
"label" : "AS.2.6#04",
"conformance" : [
"SHOULD"
],
"conditionality" : false,
"requirement" : "The system SHOULD provide the ability to render an accounting of any patient identifiable information disclosed to other providers."
},
{
"extension" : [
{
"url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
"valueBoolean" : false
}
],
"key" : "EHRSFMR2.1-AS.2.6-05",
"label" : "AS.2.6#05",
"conformance" : [
"MAY"
],
"conditionality" : false,
"requirement" : "The system MAY provide the ability to enter, import or receive information that documents the patient's expressed selection of privacy preferences related to the disclosure of information identified by its content type (e.g., related diagnosis or payment method), and a specific purpose."
},
{
"extension" : [
{
"url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
"valueBoolean" : false
}
],
"key" : "EHRSFMR2.1-AS.2.6-06",
"label" : "AS.2.6#06",
"conformance" : [
"SHOULD"
],
"conditionality" : false,
"requirement" : "The system SHOULD provide the ability to manage data visibility based on both privacy policy, and patient's privacy consent."
},
{
"extension" : [
{
"url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
"valueBoolean" : false
}
],
"key" : "EHRSFMR2.1-AS.2.6-07",
"label" : "AS.2.6#07",
"conformance" : [
"MAY"
],
"conditionality" : false,
"requirement" : "The system MAY provide the ability to link to privacy consent management systems to access patients' privacy consent directives and digital certificates."
}
]
}