Publish Box goes here
Active as of 2024-11-26 |
@prefix fhir: <http://hl7.org/fhir/> .
@prefix owl: <http://www.w3.org/2002/07/owl#> .
@prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> .
@prefix xsd: <http://www.w3.org/2001/XMLSchema#> .
# - resource -------------------------------------------------------------------
a fhir:Requirements ;
fhir:nodeRole fhir:treeRoot ;
fhir:id [ fhir:v "EHRSFMR2.1-TI.1.3"] ; #
fhir:meta [
( fhir:profile [
fhir:v "http://hl7.org/ehrs/StructureDefinition/FMFunction"^^xsd:anyURI ;
fhir:link <http://hl7.org/ehrs/StructureDefinition/FMFunction> ] )
] ; #
fhir:text [
fhir:status [ fhir:v "extensions" ] ;
fhir:div "<div xmlns=\"http://www.w3.org/1999/xhtml\">\n <span id=\"description\"><b>Statement <a href=\"https://hl7.org/fhir/versions.html#std-process\" title=\"Normative Content\" class=\"normative-flag\">N</a>:</b> <div><p>Manage access to EHR-S resources.</p>\n</div></span>\n\n \n <span id=\"purpose\"><b>Description <a href=\"https://hl7.org/fhir/versions.html#std-process\" title=\"Informative Content\" class=\"informative-flag\">I</a>:</b> <div><p>To ensure access is controlled, an EHR-S must authenticate and check authorization of entities for appropriate operations.</p>\n</div></span>\n \n\n \n\n \n <span id=\"requirements\"><b>Criteria <a href=\"https://hl7.org/fhir/versions.html#std-process\" title=\"Normative Content\" class=\"normative-flag\">N</a>:</b></span>\n \n <table id=\"statements\" class=\"grid dict\">\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.1.3#01</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL conform to function [[TI.1.1]] (Entity Authentication).</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.1.3#02</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL conform to function [[TI.1.2]] (Entity Authorization).</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.1.3#03</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n <i>dependent</i>\n \n \n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL provide the ability to manage system and data access rules for all EHR-S resources according to scope of practice, organizational policy, and/or jurisdictional law.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.1.3#04</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL manage the enforcement of authorizations to access EHR-S resources.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.1.3#05</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n <i>dependent</i>\n \n \n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL control access to EHR-S resources after a configurable period of inactivity by terminating the session, or by initiating a session lock that remains in effect until the entity re-establishes access using appropriate identification and authentication procedures, according to organizational policy, and/or jurisdictional law.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.1.3#06</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n <i>dependent</i>\n \n \n \n <span>SHOULD</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHOULD provide the ability to control-access to data, and/or functionality according to scope of practice, organizational policy, and/or jurisdictional law.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.1.3#07</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL control-access to data, and/or functionality by using authentication mechanisms that comply with regulatory and policy guidelines (e.g.,by using a combination of Username and Password, Digital Certificates, Secure Tokens, and/or Biometrics).</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.1.3#08</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>MAY</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system MAY provide the ability to determine the identity of public health agencies for healthcare purposes through the use of internal, and/or external registry services or directories.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.1.3#09</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>MAY</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system MAY provide the ability to determine the identity of healthcare resources (e.g., Meal Delivery services for home-based patients) and devices (e.g., wheelchairs) for resource management purposes through the use of internal, and/or external registry services or directories.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n </table>\n</div>"
] ; #
fhir:url [ fhir:v "http://hl7.org/ehrs/Requirements/EHRSFMR2.1-TI.1.3"^^xsd:anyURI] ; #
fhir:version [ fhir:v "2.1.0"] ; #
fhir:name [ fhir:v "TI_1_3_Entity_Access_Control"] ; #
fhir:title [ fhir:v "TI.1.3 Entity Access Control (Function)"] ; #
fhir:status [ fhir:v "active"] ; #
fhir:date [ fhir:v "2024-11-26T16:30:50+00:00"^^xsd:dateTime] ; #
fhir:publisher [ fhir:v "EHR WG"] ; #
fhir:contact ( [
( fhir:telecom [
fhir:system [ fhir:v "url" ] ;
fhir:value [ fhir:v "http://www.hl7.org/Special/committees/ehr" ] ] )
] ) ; #
fhir:description [ fhir:v "Manage access to EHR-S resources."] ; #
fhir:jurisdiction ( [
( fhir:coding [
fhir:system [ fhir:v "http://unstats.un.org/unsd/methods/m49/m49.htm"^^xsd:anyURI ] ;
fhir:code [ fhir:v "001" ] ;
fhir:display [ fhir:v "World" ] ] )
] ) ; #
fhir:purpose [ fhir:v "To ensure access is controlled, an EHR-S must authenticate and check authorization of entities for appropriate operations."] ; #
fhir:statement ( [
( fhir:extension [
fhir:url [ fhir:v "http://hl7.org/ehrs/StructureDefinition/requirements-dependent"^^xsd:anyURI ] ;
fhir:value [ fhir:v "false"^^xsd:boolean ] ] ) ;
fhir:key [ fhir:v "EHRSFMR2.1-TI.1.3-01" ] ;
fhir:label [ fhir:v "TI.1.3#01" ] ;
( fhir:conformance [ fhir:v "SHALL" ] ) ;
fhir:conditionality [ fhir:v "false"^^xsd:boolean ] ;
fhir:requirement [ fhir:v "The system SHALL conform to function [[TI.1.1]] (Entity Authentication)." ] ;
fhir:derivedFrom [ fhir:v "EHR-S_FM_R1.1 IN.1.3#1" ]
] [
( fhir:extension [
fhir:url [ fhir:v "http://hl7.org/ehrs/StructureDefinition/requirements-dependent"^^xsd:anyURI ] ;
fhir:value [ fhir:v "false"^^xsd:boolean ] ] ) ;
fhir:key [ fhir:v "EHRSFMR2.1-TI.1.3-02" ] ;
fhir:label [ fhir:v "TI.1.3#02" ] ;
( fhir:conformance [ fhir:v "SHALL" ] ) ;
fhir:conditionality [ fhir:v "false"^^xsd:boolean ] ;
fhir:requirement [ fhir:v "The system SHALL conform to function [[TI.1.2]] (Entity Authorization)." ] ;
fhir:derivedFrom [ fhir:v "EHR-S_FM_R1.1 IN.1.3#2" ]
] [
( fhir:extension [
fhir:url [ fhir:v "http://hl7.org/ehrs/StructureDefinition/requirements-dependent"^^xsd:anyURI ] ;
fhir:value [ fhir:v "true"^^xsd:boolean ] ] ) ;
fhir:key [ fhir:v "EHRSFMR2.1-TI.1.3-03" ] ;
fhir:label [ fhir:v "TI.1.3#03" ] ;
( fhir:conformance [ fhir:v "SHALL" ] ) ;
fhir:conditionality [ fhir:v "false"^^xsd:boolean ] ;
fhir:requirement [ fhir:v "The system SHALL provide the ability to manage system and data access rules for all EHR-S resources according to scope of practice, organizational policy, and/or jurisdictional law." ] ;
fhir:derivedFrom [ fhir:v "EHR-S_FM_R1.1 IN.1.3#3" ]
] [
( fhir:extension [
fhir:url [ fhir:v "http://hl7.org/ehrs/StructureDefinition/requirements-dependent"^^xsd:anyURI ] ;
fhir:value [ fhir:v "false"^^xsd:boolean ] ] ) ;
fhir:key [ fhir:v "EHRSFMR2.1-TI.1.3-04" ] ;
fhir:label [ fhir:v "TI.1.3#04" ] ;
( fhir:conformance [ fhir:v "SHALL" ] ) ;
fhir:conditionality [ fhir:v "false"^^xsd:boolean ] ;
fhir:requirement [ fhir:v "The system SHALL manage the enforcement of authorizations to access EHR-S resources." ] ;
fhir:derivedFrom [ fhir:v "EHR-S_FM_R1.1 IN.1.3#4" ]
] [
( fhir:extension [
fhir:url [ fhir:v "http://hl7.org/ehrs/StructureDefinition/requirements-dependent"^^xsd:anyURI ] ;
fhir:value [ fhir:v "true"^^xsd:boolean ] ] ) ;
fhir:key [ fhir:v "EHRSFMR2.1-TI.1.3-05" ] ;
fhir:label [ fhir:v "TI.1.3#05" ] ;
( fhir:conformance [ fhir:v "SHALL" ] ) ;
fhir:conditionality [ fhir:v "false"^^xsd:boolean ] ;
fhir:requirement [ fhir:v "The system SHALL control access to EHR-S resources after a configurable period of inactivity by terminating the session, or by initiating a session lock that remains in effect until the entity re-establishes access using appropriate identification and authentication procedures, according to organizational policy, and/or jurisdictional law." ]
] [
( fhir:extension [
fhir:url [ fhir:v "http://hl7.org/ehrs/StructureDefinition/requirements-dependent"^^xsd:anyURI ] ;
fhir:value [ fhir:v "true"^^xsd:boolean ] ] ) ;
fhir:key [ fhir:v "EHRSFMR2.1-TI.1.3-06" ] ;
fhir:label [ fhir:v "TI.1.3#06" ] ;
( fhir:conformance [ fhir:v "SHOULD" ] ) ;
fhir:conditionality [ fhir:v "false"^^xsd:boolean ] ;
fhir:requirement [ fhir:v "The system SHOULD provide the ability to control-access to data, and/or functionality according to scope of practice, organizational policy, and/or jurisdictional law." ]
] [
( fhir:extension [
fhir:url [ fhir:v "http://hl7.org/ehrs/StructureDefinition/requirements-dependent"^^xsd:anyURI ] ;
fhir:value [ fhir:v "false"^^xsd:boolean ] ] ) ;
fhir:key [ fhir:v "EHRSFMR2.1-TI.1.3-07" ] ;
fhir:label [ fhir:v "TI.1.3#07" ] ;
( fhir:conformance [ fhir:v "SHALL" ] ) ;
fhir:conditionality [ fhir:v "false"^^xsd:boolean ] ;
fhir:requirement [ fhir:v "The system SHALL control-access to data, and/or functionality by using authentication mechanisms that comply with regulatory and policy guidelines (e.g.,by using a combination of Username and Password, Digital Certificates, Secure Tokens, and/or Biometrics)." ]
] [
( fhir:extension [
fhir:url [ fhir:v "http://hl7.org/ehrs/StructureDefinition/requirements-dependent"^^xsd:anyURI ] ;
fhir:value [ fhir:v "false"^^xsd:boolean ] ] ) ;
fhir:key [ fhir:v "EHRSFMR2.1-TI.1.3-08" ] ;
fhir:label [ fhir:v "TI.1.3#08" ] ;
( fhir:conformance [ fhir:v "MAY" ] ) ;
fhir:conditionality [ fhir:v "false"^^xsd:boolean ] ;
fhir:requirement [ fhir:v "The system MAY provide the ability to determine the identity of public health agencies for healthcare purposes through the use of internal, and/or external registry services or directories." ]
] [
( fhir:extension [
fhir:url [ fhir:v "http://hl7.org/ehrs/StructureDefinition/requirements-dependent"^^xsd:anyURI ] ;
fhir:value [ fhir:v "false"^^xsd:boolean ] ] ) ;
fhir:key [ fhir:v "EHRSFMR2.1-TI.1.3-09" ] ;
fhir:label [ fhir:v "TI.1.3#09" ] ;
( fhir:conformance [ fhir:v "MAY" ] ) ;
fhir:conditionality [ fhir:v "false"^^xsd:boolean ] ;
fhir:requirement [ fhir:v "The system MAY provide the ability to determine the identity of healthcare resources (e.g., Meal Delivery services for home-based patients) and devices (e.g., wheelchairs) for resource management purposes through the use of internal, and/or external registry services or directories." ]
] ) . #
IG © 2024 EHR WG. Package hl7.ehrs.ehrsfmr21#2.1.0 based on FHIR 5.0.0. Generated 2024-11-26
Links: Table of Contents |
QA Report