This page is part of the FHIR Specification (v5.0.0-ballot: FHIR R5 Ballot Preview). The current version which supercedes this version is 5.0.0. For a full list of available versions, see the Directory of published versions
Security Work Group | Maturity Level: N/A | Standards Status: Informative | Compartments: Not linked to any defined compartments |
Raw XML (canonical form + also see XML Format Specification)
Example of permission for VhDir (id = "example-vhdir")
<?xml version="1.0" encoding="UTF-8"?> <Permission xmlns="http://hl7.org/fhir"> <id value="example-vhdir"/> <text> <status value="generated"/> <div xmlns="http://www.w3.org/1999/xhtml"> <p> VhDir has identified a need to identify specific entries in the Directory and indicate some restrictions upon use of that entry. This example is the example from VhDir with some additional details added. </p> <p> womens-shelter : All entries related to Women's Shelter can only be read by members of a CareTeam defined for councellors for womens abuse. Uses the existing example CareTeam that is not actually about women abuse councellors, used as example only. Presumes that directory entries related to womens shelter are marked with .meta.security of WSHELTER sensitivity code, a code that is not standard so would exist in a domain using this example Permission. </p> <p> Thus the dataScope is for all data with .meta.security of WSHELTER. </p> <p> Activities by those in the CareTeam. Explicit action and purpose are given, but they are likely not critical to the usecase. </p> </div> </text> <status value="active"/> <date value="2022-08-04"/> <combining value="deny-overrides"/> <rule> <type value="permit"/> <data> <security> <system value="https://example.org"/> <code value="WSHELTER"/> </security> </data> <activity> <actor> <reference value="CareTeam/example"/> </actor> <action> <coding> <system value="http://terminology.hl7.org/CodeSystem/consentaction"/> <code value="access"/> </coding> </action> <purpose> <coding> <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/> <code value="HOPERAT"/> </coding> </purpose> </activity> </rule> </Permission>
Usage note: every effort has been made to ensure that the examples are correct and useful, but they are not a normative part of the specification.