DSTU2 Ballot Source

This page is part of the FHIR Specification (v0.5.0: DSTU 2 Ballot 2). The current version which supercedes this version is 5.0.0. For a full list of available versions, see the Directory of published versions . Page versions: R4 R3 R2

V3-ActUSPrivacyLaw.xml

Raw XML (canonical form)

Description: A jurisdictional mandate in the US relating to privacy.

Raw XML

<ValueSet xmlns="http://hl7.org/fhir">
  <id value="v3-ActUSPrivacyLaw"/>
  <meta>
    <lastUpdated value="2015-03-23T00:00:00.000+11:00"/>
    <profile value="http://hl7.org/fhir/StructureDefinition/valueset-shareable-definition"/>
  </meta>
  <text>
    <status value="generated"/>
    <div xmlns="http://www.w3.org/1999/xhtml"><!-- Snipped for brevity --></div>
  </text>
  <url value="http://hl7.org/fhir/v3/vs/ActUSPrivacyLaw"/>
  <version value="2015-03-23"/>
  <name value="v3 Code System ActUSPrivacyLaw"/>
  <publisher value="HL7, Inc"/>
  <contact>
    <telecom>
      <system value="url"/>
      <value value="http://hl7.org"/>
    </telecom>
  </contact>
  <description value="  Description: A jurisdictional mandate in the US relating to privacy."/>
  <status value="active"/>
  <experimental value="false"/>
  <date value="2015-03-23"/>
  <define>
    <extension url="http://hl7.org/fhir/StructureDefinition/valueset-oid">
      <valueUri value="urn:oid:2.16.840.1.113883.5.1138"/>
    </extension>
    <system value="http://hl7.org/fhir/v3/ActUSPrivacyLaw"/>
    <caseSensitive value="true"/>
    <concept>
      <code value="_ActUSPrivacyLaw"/>
      <abstract value="false"/>
      <display value="ActUSPrivacyLaw"/>
      <definition value="Definition: A jurisdictional mandate in the U.S. relating to privacy.                
                                              Usage Note: ActPrivacyLaw codes may be associated
         with an Act or a Role to indicate the legal provision to which the assignment of an Act.confidential
        ityCode or Role.confidentialtyCode complies.  May be used to further specify rationale
         for assignment of other ActPrivacyPolicy codes in the US realm, e.g., ETH and 42CFRPart2
         can be differentiated from ETH and Title38Part1."/>
      <concept>
        <code value="42CFRPart2"/>
        <abstract value="false"/>
        <display value="42 CFR Part2"/>
        <definition value="42 CFR Part 2 stipulates the right of an individual who has applied for or been given
           diagnosis or treatment for alcohol or drug abuse at a federally assisted program.    
                                                            Definition: Non-disclosure of health
           information relating to health care paid for by a federally assisted substance abuse program
           without patient consent.                                                      Usage Note:
           May be associated with an Act or a Role to indicate the legal provision to which the assignment
           of an Act.confidentialityCode or Role.confidentialityCode complies."/>
      </concept>
      <concept>
        <code value="CommonRule"/>
        <abstract value="false"/>
        <display value="Common Rule"/>
        <definition value="U.S. Federal regulations governing the protection of human subjects in research (codified
           at Subpart A of 45 CFR part 46) that has been adopted by 15 U.S. Federal departments and
           agencies in an effort to promote uniformity, understanding, and compliance with human
           subject protections. Existing regulations governing the protection of human subjects in
           Food and Drug Administration (FDA)-regulated research (21 CFR parts 50, 56, 312, and 812)
           are separate from the Common Rule but include similar requirements.                  
                                              Definition: U.S. federal laws governing research-related
           privacy policies.                                                      Usage Note: May
           be associated with an Act or a Role to indicate the legal provision to which the assignment
           of an Act.confidentialityCode or Role.confidentialtyCode complies."/>
      </concept>
      <concept>
        <code value="HIPAANOPP"/>
        <abstract value="false"/>
        <display value="HIPAA notice of privacy practices"/>
        <definition value="The U.S. Public Law 104-191 Health Insurance Portability and Accountability Act (HIPAA)
           Privacy Rule (45 CFR Part 164 Subpart E) permits access, use and disclosure of certain
           personal health information (PHI as defined under the law) for purposes of Treatment,
           Payment, and Operations, and requires that the provider ask that patients acknowledge
           the Provider's Notice of Privacy Practices as permitted conduct under the law.       
                                                         Definition: Notification of HIPAA Privacy
           Practices.                                                      Usage Note: May be associated
           with an Act or a Role to indicate the legal provision to which the assignment of an Act.confidential
          ityCode or Role.confidentialtyCode complies."/>
      </concept>
      <concept>
        <code value="HIPAAPsyNotes"/>
        <abstract value="false"/>
        <display value="HIPAA psychotherapy notes"/>
        <definition value="The U.S. Public Law 104-191 Health Insurance Portability and Accountability Act (HIPAA)
           Privacy Rule (45 CFR Part 164 Section 164.508) requires authorization for certain uses
           and disclosure of psychotherapy notes.                                               
                 Definition: Authorization that must be obtained for disclosure of psychotherapy
           notes.                                                      Usage Note: May be associated
           with an Act or a Role to indicate the legal provision to which the assignment of an Act.confidential
          ityCode or Role.confidentialityCode complies."/>
      </concept>
      <concept>
        <code value="HIPAASelfPay"/>
        <abstract value="false"/>
        <display value="HIPAA self-pay"/>
        <definition value="Section 13405(a) of the Health Information Technology for Economic and Clinical Health
           Act (HITECH) stipulates the right of an individual to have disclosures regarding certain
           health care items or services for which the individual pays out of pocket in full restricted
           from a health plan.                                                      Definition: Non-disclosure
           of health information to a health plan relating to health care items or services for which
           an individual pays out of pocket in full.                                            
                    Usage Note: May be associated with an Act or a Role to indicate the legal provision
           to which the assignment of an Act.confidentialityCode or Role.confidentialityCode complies."/>
      </concept>
      <concept>
        <code value="Title38Section7332"/>
        <abstract value="false"/>
        <display value="Title 38 Section 7332"/>
        <definition value="Title 38 Part 1-protected information may only be disclosed to a third party with the
           special written consent of the patient except where expressly authorized by 38 USC 7332.
           VA may disclose this information for specific purposes to: VA employees on a need to know
           basis - more restrictive than Privacy Act need to know; contractors who need the information
           in order to perform or fulfill the duties of the contract; and researchers who provide
           assurances that the information will not be identified in any report.  This information
           may also be disclosed without consent where patient lacks decision-making capacity; in
           a medical emergency for the purpose of treating a condition which poses an immediate threat
           to the health of any individual and which requires immediate medical intervention; for
           eye, tissue, or organ donation purposes; and disclosure of HIV information for public
           health purposes.                                                      Definition: Title
           38 Part 1 - §1.462 Confidentiality restrictions.                           (a) General.
           The patient records to which §§1.460 through 1.499 of this part apply may be disclosed
           or used only as permitted by these regulations and may not otherwise be disclosed or used
           in any civil, criminal, administrative, or legislative proceedings conducted by any Federal,
           State, or local authority. Any disclosure made under these regulations must be limited
           to that information which is necessary to carry out the purpose of the disclosure. SUBCHAPTER
           III--PROTECTION OF PATIENT RIGHTS Sec. 7332. Confidentiality of certain medical records
           (a)(1) Records of the identity, diagnosis, prognosis, or treatment of any patient or subject
           which are maintained in connection with the performance of any program or activity (including
           education, training, treatment, rehabilitation, or research) relating to drug abuse, alcoholism
           or alcohol abuse, infection with the human immunodeficiency virus, or sickle cell anemia
           which is carried out by or for the Department under this title shall, except as provided
           in subsections (e) and (f), be confidential, and (section 5701 of this title to the contrary
           notwithstanding) such records may be disclosed only for the purposes and under the circumstances
           expressly authorized under subsection (b).                                           
                     Usage Note: May be associated with an Act or a Role to indicate the legal provision
           to which the assignment of an Act.confidentialityCode or Role.confidentialityCode complies."/>
      </concept>
    </concept>
  </define>
</ValueSet>

Usage note: every effort has been made to ensure that the examples are correct and useful, but they are not a normative part of the specification.