R4 Ballot #1 (Mixed Normative/Trial use)

This page is part of the FHIR Specification (v3.3.0: R4 Ballot 2). The current version which supercedes this version is 5.0.0. For a full list of available versions, see the Directory of published versions . Page versions: R4B R4 R3

4.2.13.null Code System http://hl7.org/fhir/extra-security-role-type

Vocabulary Work Group Maturity Level: 0Informative Use Context: Not Intended for Production use

This is a code system defined by the FHIR project.

Summary

Defining URL:http://hl7.org/fhir/extra-security-role-type
Name:SecurityRoleType
Definition:

This CodeSystem contains Additional FHIR-defined Security Role types not defined elsewhere

Committee:??
OID: (for OID based terminology systems)
Source ResourceXML / JSON

This Code system is used in the following value sets:

  • ParticipationRoleType (This FHIR value set is comprised of Actor participation Type codes, which can be used to value FHIR agents, actors, and other role elements. The FHIR Actor participation type value set is based on DICOM Audit Message, C402; ASTM Standard, E1762-95 [2013]; selected codes and derived actor roles from HL7 RoleClass OID 2.16.840.1.113883.5.110; HL7 Role Code 2.16.840.1.113883.5.111, including AgentRoleType; HL7 ParticipationType OID: 2.16.840.1.113883.5.90; and HL7 ParticipationFunction codes OID: 2.16.840.1.113883.5.88. This value set includes, by reference, role codes from external code systems: NUCC Health Care Provider Taxonomy OID: 2.16.840.1.113883.6.101; North American Industry Classification System [NAICS]OID: 2.16.840.1.113883.6.85; IndustryClassificationSystem 2.16.840.1.113883.1.11.16039; and US Census Occupation Code OID: 2.16.840.1.113883.6.243 for relevant recipient or custodian codes not included in this value set. If no source is indicated in the definition comments, then these are example FHIR codes.)
  • SecurityRoleType (This example FHIR value set is comprised of example Actor Type codes, which can be used to value FHIR agents, actors, and other role elements such as those specified in financial transactions. The FHIR Actor value set is based on DICOM Audit Message, C402; ASTM Standard, E1762-95 [2013]; selected codes and derived actor roles from HL7 RoleClass OID 2.16.840.1.113883.5.110; HL7 Role Code 2.16.840.1.113883.5.111, including AgentRoleType; HL7 ParticipationType OID: 2.16.840.1.113883.5.90; and HL7 ParticipationFunction codes OID: 2.16.840.1.113883.5.88. This value set includes, by reference, role codes from external code systems: NUCC Health Care Provider Taxonomy OID: 2.16.840.1.113883.6.101; North American Industry Classification System [NAICS]OID: 2.16.840.1.113883.6.85; IndustryClassificationSystem 2.16.840.1.113883.1.11.16039; and US Census Occupation Code OID: 2.16.840.1.113883.6.243 for relevant recipient or custodian codes not included in this value set. If no source is indicated in the definition comments, then these are example FHIR codes. It can be extended with appropriate roles described by SNOMED as well as those described in the HL7 Role Based Access Control Catalog and the HL7 Healthcare (Security and Privacy) Access Control Catalog. In Role-Based Access Control (RBAC), permissions are operations on an object that a user wishes to access. Permissions are grouped into roles. A role characterizes the functions a user is allowed to perform. Roles are assigned to users. If the user's role has the appropriate permissions to access an object, then that user is granted access to the object. FHIR readily enables RBAC, as FHIR Resources are object types and the CRUDE events (the FHIR equivalent to permissions in the RBAC scheme) are operations on those objects. In Attribute-Based Access Control (ABAC), a user requests to perform operations on objects. That user's access request is granted or denied based on a set of access control policies that are specified in terms of attributes and conditions. FHIR readily enables ABAC, as instances of a Resource in FHIR (again, Resources are object types) can have attributes associated with them. These attributes include security tags, environment conditions, and a host of user and object characteristics, which are the same attributes as those used in ABAC. Attributes help define the access control policies that determine the operations a user may perform on a Resource (in FHIR) or object (in ABAC). For example, a tag (or attribute) may specify that the identified Resource (object) is not to be further disclosed without explicit consent from the patient.)

This CodeSystem contains Additional FHIR-defined Security Role types not defined elsewhere

This code system http://hl7.org/fhir/extra-security-role-type defines the following codes:

CodeDisplayDefinition
authserver authorization serverAn entity providing authorization services to enable the electronic sharing of health-related information based on resource owner's preapproved permissions. For example, an UMA Authorization Server[UMA]
datacollector data collectorAn entity that collects information over which the data subject may have certain rights under policy or law to control that information's management and distribution by data collectors, including the right to access, retrieve, distribute, or delete that information.
dataprocessor data processorAn entity that processes collected information over which the data subject may have certain rights under policy or law to control that information's management and distribution by data processors, including the right to access, retrieve, distribute, or delete that information.
datasubject data subjectA person whose personal information is collected or processed, and who may have certain rights under policy or law to control that information's management and distribution by data collectors or processors, including the right to access, retrieve, distribute, or delete that information.
humanuser human userThe human user that has participated.

 

See the full registry of value sets defined as part of FHIR.


Explanation of the columns that may appear on this page:

LvlA few code lists that FHIR defines are hierarchical - each code is assigned a level. See Code System for further information.
SourceThe source of the definition of the code (when the value set draws in codes defined elsewhere)
CodeThe code (used as the code in the resource instance). If the code is in italics, this indicates that the code is not selectable ('Abstract')
DisplayThe display (used in the display element of a Coding). If there is no display, implementers should not simply display the code, but map the concept into their application
DefinitionAn explanation of the meaning of the concept
CommentsAdditional notes about how to use the code