STU 3 Candidate

This page is part of the FHIR Specification (v1.4.0: STU 3 Ballot 3). The current version which supercedes this version is 5.0.0. For a full list of available versions, see the Directory of published versions . Page versions: R4 R3

V3-Confidentiality.cs.xml

Raw XML (canonical form)

A set of codes specifying the security classification of acts and roles in accordance with the definition for concept domain "Confidentiality".

<CodeSystem xmlns="http://hl7.org/fhir">
  <id value="v3-Confidentiality"/>
  <meta>
    <lastUpdated value="2016-03-23T00:00:00.000+11:00"/>
  </meta>
  <text>
    <status value="generated"/>
    <div xmlns="http://www.w3.org/1999/xhtml">
      <p>Release Date: 2016-03-23</p>

      <table class="grid">
 
        <tr>
          <td>
            <b>Level</b>
          </td>
          <td>
            <b>Code</b>
          </td>
          <td>
            <b>Display</b>
          </td>
          <td>
            <b>Definition</b>
          </td>
        </tr>
 
        <tr>
          <td>1</td>
          <td>_Confidentiality
            <a name="_Confidentiality"> </a>
          </td>
          <td>Confidentiality</td>
          <td>
                        A specializable code and its leaf codes used in Confidentiality
               value sets to value the Act.Confidentiality and Role.Confidentiality attribute in accordance
               with the definition for concept domain &quot;Confidentiality&quot;.
            <br/>

                     
          </td>
        </tr>
 
        <tr>
          <td>2</td>
          <td>  L
            <a name="L"> </a>
          </td>
          <td>low</td>
          <td>
                        
                           Definition: Privacy metadata indicating that the information
               has been de-identified, and there are mitigating circumstances that prevent re-identification,
               which minimize risk of harm from unauthorized disclosure.  The information requires protection
               to maintain low sensitivity.
            <br/>

                        
                           Examples: Includes anonymized, pseudonymized, or non-personally
               identifiable information such as HIPAA limited data sets.
            <br/>

                        
                           Map: No clear map to ISO 13606-4 Sensitivity Level (1) Care
               Management:   RECORD_COMPONENTs that might need to be accessed by a wide range of administrative
               staff to manage the subject of care's access to health services.
            <br/>

                        
                           Usage Note: This metadata indicates the receiver may have an
               obligation to comply with a data use agreement.
            <br/>

                     
          </td>
        </tr>
 
        <tr>
          <td>2</td>
          <td>  M
            <a name="M"> </a>
          </td>
          <td>moderate</td>
          <td>
                        
                           Definition: Privacy metadata indicating moderately sensitive
               information, which presents moderate risk of harm if disclosed without authorization.
            <br/>

                        
                           Examples: Includes allergies of non-sensitive nature used inform
               food service; health information a patient authorizes to be used for marketing, released
               to a bank for a health credit card or savings account; or information in personal health
               record systems that are not governed under health privacy laws.
            <br/>

                        
                           Map: Partial Map to ISO 13606-4 Sensitivity Level (2) Clinical
               Management:  Less sensitive RECORD_COMPONENTs that might need to be accessed by a wider
               range of personnel not all of whom are actively caring for the patient (e.g. radiology
               staff).
            <br/>

                        
                           Usage Note: This metadata indicates that the receiver may be
               obligated to comply with the receiver's terms of use or privacy policies.
            <br/>

                     
          </td>
        </tr>
 
        <tr>
          <td>2</td>
          <td>  N
            <a name="N"> </a>
          </td>
          <td>normal</td>
          <td>
                        
                           Definition: Privacy metadata indicating that the information
               is typical, non-stigmatizing health information, which presents typical risk of harm if
               disclosed without authorization.
            <br/>

                        
                           Examples: In the US, this includes what HIPAA identifies as
               the minimum necessary protected health information (PHI) given a covered purpose of use
               (treatment, payment, or operations).  Includes typical, non-stigmatizing health information
               disclosed in an application for health, workers compensation, disability, or life insurance.
            <br/>

                        
                           Map: Partial Map to ISO 13606-4 Sensitivity Level (3) Clinical
               Care:   Default for normal clinical care access (i.e. most clinical staff directly caring
               for the patient should be able to access nearly all of the EHR).   Maps to normal confidentiality
               for treatment information but not to ancillary care, payment and operations.
            <br/>

                        
                           Usage Note: This metadata indicates that the receiver may be
               obligated to comply with applicable jurisdictional privacy law or disclosure authorization.
            <br/>

                     
          </td>
        </tr>
 
        <tr>
          <td>2</td>
          <td>  R
            <a name="R"> </a>
          </td>
          <td>restricted</td>
          <td>
                        Privacy metadata indicating highly sensitive, potentially stigmatizing
               information, which presents a high risk to the information subject if disclosed without
               authorization. May be pre-empted by jurisdictional law, e.g., for public health reporting
               or emergency treatment.
            <br/>

                        
                           Examples: Includes information that is additionally protected
               such as sensitive conditions mental health, HIV, substance abuse, domestic violence, child
               abuse, genetic disease, and reproductive health; or sensitive demographic information
               such as a patient's standing as an employee or a celebrity. May be used to indicate proprietary
               or classified information that is not related to an individual, e.g., secret ingredients
               in a therapeutic substance; or the name of a manufacturer.
            <br/>

                        
                           Map: Partial Map to ISO 13606-4 Sensitivity Level (3) Clinical
               Care: Default for normal clinical care access (i.e. most clinical staff directly caring
               for the patient should be able to access nearly all of the EHR). Maps to normal confidentiality
               for treatment information but not to ancillary care, payment and operations..
            <br/>

                        
                           Usage Note: This metadata indicates that the receiver may be
               obligated to comply with applicable, prevailing (default) jurisdictional privacy law or
               disclosure authorization..
            <br/>

                     
          </td>
        </tr>
 
        <tr>
          <td>2</td>
          <td>  U
            <a name="U"> </a>
          </td>
          <td>unrestricted</td>
          <td>
                        
                           Definition: Privacy metadata indicating that the information
               is not classified as sensitive.
            <br/>

                        
                           Examples: Includes publicly available information, e.g., business
               name, phone, email or physical address.
            <br/>

                        
                           Usage Note: This metadata indicates that the receiver has no
               obligation to consider additional policies when making access control decisions.   Note
               that in some jurisdictions, personally identifiable information must be protected as confidential,
               so it would not be appropriate to assign a confidentiality code of &quot;unrestricted&quot;
                to that information even if it is publicly available.
            <br/>

                     
          </td>
        </tr>
 
        <tr>
          <td>2</td>
          <td>  V
            <a name="V"> </a>
          </td>
          <td>very restricted</td>
          <td>
                        . Privacy metadata indicating that the information is extremely
               sensitive and likely stigmatizing health information that presents a very high risk if
               disclosed without authorization.  This information must be kept in the highest confidence.
                
            <br/>

                        
                           Examples:  Includes information about a victim of abuse, patient
               requested information sensitivity, and taboo subjects relating to health status that must
               be discussed with the patient by an attending provider before sharing with the patient.
                May also include information held under “legal lock� or attorney-client privilege
            <br/>

                        
                           Map:  This metadata indicates that the receiver may not disclose
               this information except as directed by the information custodian, who may be the information
               subject.
            <br/>

                        
                           Usage Note:  This metadata indicates that the receiver may
               not disclose this information except as directed by the information custodian, who may
               be the information subject.
            <br/>

                     
          </td>
        </tr>
 
        <tr style="background: #EFEFEF">
          <td>1</td>
          <td>
            <span style="color: grey">
              <i>(_ConfidentialityByAccessKind)</i>
            </span> 
            <b>
              <i>Abstract</i>
            </b> 
            <b>
              <i>Deprecated</i>
            </b>
          </td>
          <td>
            <a name="_ConfidentialityByAccessKind"> </a>
          </td>
          <td>
                        
                           Description: By accessing subject / role and relationship based
                rights  (These concepts are mutually exclusive, one and only one is required for a valid
               confidentiality coding.)
            <br/>

                        
                           Deprecation Comment:Deprecated due to updated confidentiality
               codes under ActCode
            <br/>

                     
          </td>
        </tr>
 
        <tr style="background: #EFEFEF">
          <td>2</td>
          <td>  B
            <a name="B"> </a> 
            <b>
              <i>Deprecated</i>
            </b>
          </td>
          <td>business</td>
          <td>
                        
                           Description: Since the service class can represent knowledge
               structures that may be considered a trade or business secret, there is sometimes (though
               rarely) the need to flag those items as of business level confidentiality.  However, no
               patient related information may ever be of this confidentiality level.
            <br/>

                        
                           Deprecation Comment: Replced by ActCode.B
            <br/>

                     
          </td>
        </tr>
 
        <tr style="background: #EFEFEF">
          <td>2</td>
          <td>  D
            <a name="D"> </a> 
            <b>
              <i>Deprecated</i>
            </b>
          </td>
          <td>clinician</td>
          <td>
                        
                           Description: Only clinicians may see this item, billing and
               administration persons can not access this item without special permission.
            <br/>

                        
                           Deprecation Comment:Deprecated due to updated confidentiality
               codes under ActCode
            <br/>

                     
          </td>
        </tr>
 
        <tr style="background: #EFEFEF">
          <td>2</td>
          <td>  I
            <a name="I"> </a> 
            <b>
              <i>Deprecated</i>
            </b>
          </td>
          <td>individual</td>
          <td>
                        
                           Description: Access only to individual persons who are mentioned
               explicitly as actors of this service and whose actor type warrants that access (cf. to
               actor type code).
            <br/>

                        
                           Deprecation Comment:Deprecated due to updated confidentiality
               codes under ActCode
            <br/>

                     
          </td>
        </tr>
 
        <tr style="background: #EFEFEF">
          <td>1</td>
          <td>
            <span style="color: grey">
              <i>(_ConfidentialityByInfoType)</i>
            </span> 
            <b>
              <i>Abstract</i>
            </b> 
            <b>
              <i>Deprecated</i>
            </b>
          </td>
          <td>
            <a name="_ConfidentialityByInfoType"> </a>
          </td>
          <td>
                        
                           Description: By information type, only for service catalog
               entries (multiples allowed). Not to be used with actual patient data!
            <br/>

                        
                           Deprecation Comment:Deprecated due to updated confidentiality
               codes under ActCode
            <br/>

                     
          </td>
        </tr>
 
        <tr style="background: #EFEFEF">
          <td>2</td>
          <td>  ETH
            <a name="ETH"> </a> 
            <b>
              <i>Deprecated</i>
            </b>
          </td>
          <td>substance abuse related</td>
          <td>
                        
                           Description: Alcohol/drug-abuse related item
            <br/>

                        
                           Deprecation Comment:Replced by ActCode.ETH
            <br/>

                     
          </td>
        </tr>
 
        <tr style="background: #EFEFEF">
          <td>2</td>
          <td>  HIV
            <a name="HIV"> </a> 
            <b>
              <i>Deprecated</i>
            </b>
          </td>
          <td>HIV related</td>
          <td>
                        
                           Description: HIV and AIDS related item
            <br/>

                        
                           Deprecation Comment:Replced by ActCode.HIV
            <br/>

                     
          </td>
        </tr>
 
        <tr style="background: #EFEFEF">
          <td>2</td>
          <td>  PSY
            <a name="PSY"> </a> 
            <b>
              <i>Deprecated</i>
            </b>
          </td>
          <td>psychiatry relate</td>
          <td>
                        
                           Description: Psychiatry related item
            <br/>

                        
                           Deprecation Comment:Replced by ActCode.PSY
            <br/>

                     
          </td>
        </tr>
 
        <tr style="background: #EFEFEF">
          <td>2</td>
          <td>  SDV
            <a name="SDV"> </a> 
            <b>
              <i>Deprecated</i>
            </b>
          </td>
          <td>sexual and domestic violence related</td>
          <td>
                        
                           Description: Sexual assault / domestic violence related item
            <br/>

                        
                           Deprecation Comment:Replced by ActCode.SDV
            <br/>

                     
          </td>
        </tr>
 
        <tr style="background: #EFEFEF">
          <td>1</td>
          <td>
            <span style="color: grey">
              <i>(_ConfidentialityModifiers)</i>
            </span> 
            <b>
              <i>Abstract</i>
            </b> 
            <b>
              <i>Deprecated</i>
            </b>
          </td>
          <td>
            <a name="_ConfidentialityModifiers"> </a>
          </td>
          <td>
                        
                           Description: Modifiers of role based access rights  (multiple
               allowed)
            <br/>

                        
                           Deprecation Comment:Deprecated due to updated confidentiality
               codes under ActCode
            <br/>

                     
          </td>
        </tr>
 
        <tr style="background: #EFEFEF">
          <td>2</td>
          <td>  C
            <a name="C"> </a> 
            <b>
              <i>Deprecated</i>
            </b>
          </td>
          <td>celebrity</td>
          <td>
                        
                           Description: Celebrities are people of public interest (VIP)
               including employees, whose information require special protection.
            <br/>

                        
                           Deprecation Comment:Replced by ActCode.CEL
            <br/>

                     
          </td>
        </tr>
 
        <tr style="background: #EFEFEF">
          <td>2</td>
          <td>  S
            <a name="S"> </a> 
            <b>
              <i>Deprecated</i>
            </b>
          </td>
          <td>sensitive</td>
          <td>
                        
                           Description: 
                        
            <br/>
Information for which the patient seeks heightened confidentiality. Sensitive information
               is not to be shared with family members.  Information reported by the patient about family
               members is sensitive by default. Flag can be set or cleared on patient's request.
                           Deprecation Comment:Deprecated due to updated confidentiality
               codes under ActCode
            <br/>

                     
          </td>
        </tr>
 
        <tr style="background: #EFEFEF">
          <td>2</td>
          <td>  T
            <a name="T"> </a> 
            <b>
              <i>Deprecated</i>
            </b>
          </td>
          <td>taboo</td>
          <td>
                        
                           Description: Information not to be disclosed or discussed with
               patient except through physician assigned to patient in this case.  This is usually a
               temporary constraint only, example use is a new fatal diagnosis or finding, such as malignancy
               or HIV.
            <br/>

                        
                           Deprecation Note:Replced by ActCode.TBOO
            <br/>

                     
          </td>
        </tr>

      </table>

    </div>
  </text>
  <extension url="http://hl7.org/fhir/StructureDefinition/valueset-oid">
    <valueUri value="urn:oid:2.16.840.1.113883.5.25"/>
  </extension>
  <url value="http://hl7.org/fhir/v3/Confidentiality"/>
  <version value="2016-03-23"/>
  <name value="v3 Code System Confidentiality"/>
  <status value="active"/>
  <experimental value="false"/>
  <publisher value="HL7, Inc"/>
  <contact>
    <telecom>
      <system value="other"/>
      <value value="http://hl7.org"/>
    </telecom>
  </contact>
  <date value="2016-03-23T00:00:00+11:00"/>
  <description value=" A set of codes specifying the security classification of acts and roles in accordance
     with the definition for concept domain &quot;Confidentiality&quot;."/>
  <caseSensitive value="true"/>
  <valueSet value="http://hl7.org/fhir/ValueSet/v3-Confidentiality"/>
  <content value="complete"/>
  <property>
    <code value="abstract"/>
    <description value="Indicates that the code is abstract - only intended to be used as a selector for other
       concepts"/>
    <type value="boolean"/>
  </property>
  <concept>
    <code value="_Confidentiality"/>
    <display value="Confidentiality"/>
    <definition value="A specializable code and its leaf codes used in Confidentiality value sets to value the
       Act.Confidentiality and Role.Confidentiality attribute in accordance with the definition
       for concept domain &quot;Confidentiality&quot;."/>
    <concept>
      <code value="L"/>
      <display value="low"/>
      <definition value="Definition: Privacy metadata indicating that the information has been de-identified, and
         there are mitigating circumstances that prevent re-identification, which minimize risk
         of harm from unauthorized disclosure.  The information requires protection to maintain
         low sensitivity.                                                      Examples: Includes
         anonymized, pseudonymized, or non-personally identifiable information such as HIPAA limited
         data sets.                                                      Map: No clear map to ISO
         13606-4 Sensitivity Level (1) Care Management:   RECORD_COMPONENTs that might need to
         be accessed by a wide range of administrative staff to manage the subject of care's access
         to health services.                                                      Usage Note: This
         metadata indicates the receiver may have an obligation to comply with a data use agreement."/>
    </concept>
    <concept>
      <code value="M"/>
      <display value="moderate"/>
      <definition value="Definition: Privacy metadata indicating moderately sensitive information, which presents
         moderate risk of harm if disclosed without authorization.                            
                                  Examples: Includes allergies of non-sensitive nature used inform
         food service; health information a patient authorizes to be used for marketing, released
         to a bank for a health credit card or savings account; or information in personal health
         record systems that are not governed under health privacy laws.                      
                                        Map: Partial Map to ISO 13606-4 Sensitivity Level (2) Clinical
         Management:  Less sensitive RECORD_COMPONENTs that might need to be accessed by a wider
         range of personnel not all of whom are actively caring for the patient (e.g. radiology
         staff).                                                      Usage Note: This metadata
         indicates that the receiver may be obligated to comply with the receiver's terms of use
         or privacy policies."/>
    </concept>
    <concept>
      <code value="N"/>
      <display value="normal"/>
      <definition value="Definition: Privacy metadata indicating that the information is typical, non-stigmatizing
         health information, which presents typical risk of harm if disclosed without authorization.
                                                              Examples: In the US, this includes
         what HIPAA identifies as the minimum necessary protected health information (PHI) given
         a covered purpose of use (treatment, payment, or operations).  Includes typical, non-stigmatizing
         health information disclosed in an application for health, workers compensation, disability,
         or life insurance.                                                      Map: Partial Map
         to ISO 13606-4 Sensitivity Level (3) Clinical Care:   Default for normal clinical care
         access (i.e. most clinical staff directly caring for the patient should be able to access
         nearly all of the EHR).   Maps to normal confidentiality for treatment information but
         not to ancillary care, payment and operations.                                       
                       Usage Note: This metadata indicates that the receiver may be obligated to
         comply with applicable jurisdictional privacy law or disclosure authorization."/>
    </concept>
    <concept>
      <code value="R"/>
      <display value="restricted"/>
      <definition value="Privacy metadata indicating highly sensitive, potentially stigmatizing information, which
         presents a high risk to the information subject if disclosed without authorization. May
         be pre-empted by jurisdictional law, e.g., for public health reporting or emergency treatment.
                                                              Examples: Includes information that
         is additionally protected such as sensitive conditions mental health, HIV, substance abuse,
         domestic violence, child abuse, genetic disease, and reproductive health; or sensitive
         demographic information such as a patient's standing as an employee or a celebrity. May
         be used to indicate proprietary or classified information that is not related to an individual,
         e.g., secret ingredients in a therapeutic substance; or the name of a manufacturer.  
                                                            Map: Partial Map to ISO 13606-4 Sensitivity
         Level (3) Clinical Care: Default for normal clinical care access (i.e. most clinical staff
         directly caring for the patient should be able to access nearly all of the EHR). Maps
         to normal confidentiality for treatment information but not to ancillary care, payment
         and operations..                                                      Usage Note: This
         metadata indicates that the receiver may be obligated to comply with applicable, prevailing
         (default) jurisdictional privacy law or disclosure authorization.."/>
    </concept>
    <concept>
      <code value="U"/>
      <display value="unrestricted"/>
      <definition value="Definition: Privacy metadata indicating that the information is not classified as sensitive.
                                                              Examples: Includes publicly available
         information, e.g., business name, phone, email or physical address.                  
                                            Usage Note: This metadata indicates that the receiver
         has no obligation to consider additional policies when making access control decisions.
           Note that in some jurisdictions, personally identifiable information must be protected
         as confidential, so it would not be appropriate to assign a confidentiality code of &quot;unrestrict
        ed&quot;  to that information even if it is publicly available."/>
    </concept>
    <concept>
      <code value="V"/>
      <display value="very restricted"/>
      <definition value=". Privacy metadata indicating that the information is extremely sensitive and likely stigmatizing
         health information that presents a very high risk if disclosed without authorization.
          This information must be kept in the highest confidence.                            
                                    Examples:  Includes information about a victim of abuse, patient
         requested information sensitivity, and taboo subjects relating to health status that must
         be discussed with the patient by an attending provider before sharing with the patient.
          May also include information held under “legal lock� or attorney-client privilege
                                                              Map:  This metadata indicates that
         the receiver may not disclose this information except as directed by the information custodian,
         who may be the information subject.                                                  
            Usage Note:  This metadata indicates that the receiver may not disclose this information
         except as directed by the information custodian, who may be the information subject."/>
    </concept>
  </concept>
  <concept>
    <code value="_ConfidentialityByAccessKind"/>
    <display value="ConfidentialityByAccessKind"/>
    <definition value="Description: By accessing subject / role and relationship based  rights  (These concepts
       are mutually exclusive, one and only one is required for a valid confidentiality coding.)
                                                            Deprecation Comment:Deprecated due
       to updated confidentiality codes under ActCode"/>
    <property>
      <code value="abstract"/>
      <valueBoolean value="true"/>
    </property>
    <property>
      <code value="deprecated"/>
      <valueBoolean value="true"/>
    </property>
    <concept>
      <code value="B"/>
      <display value="business"/>
      <definition value="Description: Since the service class can represent knowledge structures that may be considered
         a trade or business secret, there is sometimes (though rarely) the need to flag those
         items as of business level confidentiality.  However, no patient related information may
         ever be of this confidentiality level.                                               
               Deprecation Comment: Replced by ActCode.B"/>
      <property>
        <code value="deprecated"/>
        <valueBoolean value="true"/>
      </property>
    </concept>
    <concept>
      <code value="D"/>
      <display value="clinician"/>
      <definition value="Description: Only clinicians may see this item, billing and administration persons can
         not access this item without special permission.                                     
                         Deprecation Comment:Deprecated due to updated confidentiality codes under
         ActCode"/>
      <property>
        <code value="deprecated"/>
        <valueBoolean value="true"/>
      </property>
    </concept>
    <concept>
      <code value="I"/>
      <display value="individual"/>
      <definition value="Description: Access only to individual persons who are mentioned explicitly as actors
         of this service and whose actor type warrants that access (cf. to actor type code).  
                                                            Deprecation Comment:Deprecated due
         to updated confidentiality codes under ActCode"/>
      <property>
        <code value="deprecated"/>
        <valueBoolean value="true"/>
      </property>
    </concept>
  </concept>
  <concept>
    <code value="_ConfidentialityByInfoType"/>
    <display value="ConfidentialityByInfoType"/>
    <definition value="Description: By information type, only for service catalog entries (multiples allowed).
       Not to be used with actual patient data!                                             
               Deprecation Comment:Deprecated due to updated confidentiality codes under ActCode"/>
    <property>
      <code value="abstract"/>
      <valueBoolean value="true"/>
    </property>
    <property>
      <code value="deprecated"/>
      <valueBoolean value="true"/>
    </property>
    <concept>
      <code value="ETH"/>
      <display value="substance abuse related"/>
      <definition value="Description: Alcohol/drug-abuse related item                                         
                     Deprecation Comment:Replced by ActCode.ETH"/>
      <property>
        <code value="deprecated"/>
        <valueBoolean value="true"/>
      </property>
    </concept>
    <concept>
      <code value="HIV"/>
      <display value="HIV related"/>
      <definition value="Description: HIV and AIDS related item                                               
               Deprecation Comment:Replced by ActCode.HIV"/>
      <property>
        <code value="deprecated"/>
        <valueBoolean value="true"/>
      </property>
    </concept>
    <concept>
      <code value="PSY"/>
      <display value="psychiatry relate"/>
      <definition value="Description: Psychiatry related item                                                 
             Deprecation Comment:Replced by ActCode.PSY"/>
      <property>
        <code value="deprecated"/>
        <valueBoolean value="true"/>
      </property>
    </concept>
    <concept>
      <code value="SDV"/>
      <display value="sexual and domestic violence related"/>
      <definition value="Description: Sexual assault / domestic violence related item                         
                                     Deprecation Comment:Replced by ActCode.SDV"/>
      <property>
        <code value="deprecated"/>
        <valueBoolean value="true"/>
      </property>
    </concept>
  </concept>
  <concept>
    <code value="_ConfidentialityModifiers"/>
    <display value="ConfidentialityModifiers"/>
    <definition value="Description: Modifiers of role based access rights  (multiple allowed)               
                                             Deprecation Comment:Deprecated due to updated confidentiality
       codes under ActCode"/>
    <property>
      <code value="abstract"/>
      <valueBoolean value="true"/>
    </property>
    <property>
      <code value="deprecated"/>
      <valueBoolean value="true"/>
    </property>
    <concept>
      <code value="C"/>
      <display value="celebrity"/>
      <definition value="Description: Celebrities are people of public interest (VIP) including employees, whose
         information require special protection.                                              
                Deprecation Comment:Replced by ActCode.CEL"/>
      <property>
        <code value="deprecated"/>
        <valueBoolean value="true"/>
      </property>
    </concept>
    <concept>
      <code value="S"/>
      <display value="sensitive"/>
      <definition value="Description:                           Information for which the patient seeks heightened
         confidentiality. Sensitive information is not to be shared with family members.  Information
         reported by the patient about family members is sensitive by default. Flag can be set
         or cleared on patient's request.                            Deprecation Comment:Deprecated
         due to updated confidentiality codes under ActCode"/>
      <property>
        <code value="deprecated"/>
        <valueBoolean value="true"/>
      </property>
    </concept>
    <concept>
      <code value="T"/>
      <display value="taboo"/>
      <definition value="Description: Information not to be disclosed or discussed with patient except through
         physician assigned to patient in this case.  This is usually a temporary constraint only,
         example use is a new fatal diagnosis or finding, such as malignancy or HIV.          
                                                    Deprecation Note:Replced by ActCode.TBOO"/>
      <property>
        <code value="deprecated"/>
        <valueBoolean value="true"/>
      </property>
    </concept>
  </concept>
</CodeSystem>

Usage note: every effort has been made to ensure that the examples are correct and useful, but they are not a normative part of the specification.