Release 5 Draft Ballot

This page is part of the FHIR Specification (v4.6.0: R5 Draft Ballot - see ballot notes). The current version which supercedes this version is 5.0.0. For a full list of available versions, see the Directory of published versions

6.5.7 Resource Permission - Detailed Descriptions

Security Work GroupMaturity Level: 0 Trial UseSecurity Category: Not Classified Compartments: Not linked to any defined compartments

Detailed Descriptions for the elements in the Permission resource.

Permission
Element IdPermission
Definition

Permission.

Cardinality0..*
TypeDomainResource
Summaryfalse
Permission.status
Element IdPermission.status
Definition

Status.

Cardinality1..1
Terminology BindingPermissionStatus (Required)
Typecode
Summarytrue
Permission.intent
Element IdPermission.intent
Definition

grant|refuse.

Cardinality0..1
TypeCodeableConcept
Summarytrue
Permission.asserter
Element IdPermission.asserter
Definition

The person or entity that asserts the permission.

Cardinality0..1
TypeReference(Person)
Summarytrue
Permission.assertionDate
Element IdPermission.assertionDate
Definition

The date that permission was asserted.

Cardinality0..*
TypedateTime
Alternate Namesclass
Summarytrue
Permission.validity
Element IdPermission.validity
Definition

The period in which the permission is active.

Cardinality0..1
TypePeriod
Alternate Namestype
Summarytrue
Permission.purpose
Element IdPermission.purpose
Definition

The purpose for which the permission is given.

Cardinality0..*
TypeCodeableConcept
Summarytrue
Permission.dataScope
Element IdPermission.dataScope
Definition

This can be 1) the definition of data elements, or 2) a category or label) e.g. “sensitive”. It could also be a c) graph-like definition of a set of data elements.

Cardinality0..*
TypeExpression
Summarytrue
Permission.processingActivity
Element IdPermission.processingActivity
Definition

A description or definition of which activities are allowed to be done on the data.

Cardinality0..*
Summarytrue
Permission.processingActivity.partyReference
Element IdPermission.processingActivity.partyReference
Definition

If the processing is a transfer, we must capture where it the data allowed or expected to be shared - with a party or person.

Cardinality0..*
TypeReference(Organization)
Summarytrue
Permission.processingActivity.partyCodeableConcept
Element IdPermission.processingActivity.partyCodeableConcept
Definition

If the processing is a transfer, or involves another party, we must capture where it the data allowed or expected to be shared - with a party or person. This can be a party instance or party type § Purpose – a specific purpose of the data.

Cardinality0..*
TypeCodeableConcept
Summarytrue
Permission.processingActivity.purpose
Element IdPermission.processingActivity.purpose
Definition

The purpose for which the permission is given.

Cardinality0..*
TypeCodeableConcept
Summarytrue
Permission.justification
Element IdPermission.justification
Definition

The asserted justification for using the data.

Cardinality0..1
Summarytrue
Permission.justification.evidence
Element IdPermission.justification.evidence
Definition

Evidence – reference to consent, or a contract, or a policy, or a regulation, or an attachment that contains a screenshot.

Cardinality0..*
TypeReference(Consent)
Summarytrue
Permission.justification.grounds
Element IdPermission.justification.grounds
Definition

This would be a codeableconcept, or a coding, which can be constrained to , for example, the 6 grounds for processing in GDPR.

Cardinality0..*
TypeCodeableConcept
Summarytrue
Permission.usageLimitations
Element IdPermission.usageLimitations
Definition

What limits apply to the use of the data.

Cardinality0..*
TypeCodeableConcept
Summarytrue