HL7 Electronic Health Record System Functional Model, Release 2.1.1
2.1.1 -
HL7 Electronic Health Record System Functional Model, Release 2.1.1
2.1.1 -
HL7 Electronic Health Record System Functional Model, Release 2.1.1, published by HL7 International / Electronic Health Records. This guide is not an authorized publication; it is the continuous build for version 2.1.1 built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/mvdzel/ehrsfm-fhir-r5/ and changes regularly. See the Directory of published versions
| Official URL: http://hl7.org/ehrs/uv/ehrsfmr2/Requirements/EHRSFMR2-TI.1.3 | Version: 2.1.1 | |||
| Standards status: Normative Active as of 2025-10-31 | Computable Name: TI_1_3_Entity_Access_Control | |||
Manage access to EHR-S resources.
Manage access to EHR-S resources.
To ensure access is controlled, an EHR-S must authenticate and check authorization of entities for appropriate operations.
|
TI.1.3#01
|
SHALL
|
The system SHALL conform to function TI.1.1 (Entity Authentication). |
|
TI.1.3#02
|
SHALL
|
The system SHALL conform to function TI.1.2 (Entity Authorization). |
|
TI.1.3#03
|
dependent
SHALL
|
The system SHALL provide the ability to manage system and data access rules for all EHR-S resources according to scope of practice, organizational policy, and/or jurisdictional law. |
|
TI.1.3#04
|
SHALL
|
The system SHALL manage the enforcement of authorizations to access EHR-S resources. |
|
TI.1.3#05
|
dependent
SHALL
|
The system SHALL control access to EHR-S resources after a configurable period of inactivity by terminating the session, or by initiating a session lock that remains in effect until the entity re-establishes access using appropriate identification and authentication procedures, according to organizational policy, and/or jurisdictional law. |
|
TI.1.3#06
|
dependent
SHOULD
|
The system SHOULD provide the ability to control-access to data, and/or functionality according to scope of practice, organizational policy, and/or jurisdictional law. |
|
TI.1.3#07
|
SHALL
|
The system SHALL control-access to data, and/or functionality by using authentication mechanisms that comply with regulatory and policy guidelines (e.g.,by using a combination of Username and Password, Digital Certificates, Secure Tokens, and/or Biometrics). |
|
TI.1.3#08
|
MAY
|
The system MAY provide the ability to determine the identity of public health agencies for healthcare purposes through the use of internal, and/or external registry services or directories. |
|
TI.1.3#09
|
MAY
|
The system MAY provide the ability to determine the identity of healthcare resources (e.g., Meal Delivery services for home-based patients) and devices (e.g., wheelchairs) for resource management purposes through the use of internal, and/or external registry services or directories. |
IG © 2025 HL7 International / Electronic Health Records.
Package hl7.ehrs.uv.ehrsfmr2#2.1.1 based on FHIR 5.0.0.
Generated 2025-10-31
Links: Table of Contents |
QA Report
| Version History |
|
Propose a change