Release 5 Ballot

This page is part of the FHIR Specification (v5.0.0-ballot: FHIR R5 Ballot Preview). The current version which supercedes this version is 5.0.0. For a full list of available versions, see the Directory of published versions

Security Work GroupMaturity Level: N/AStandards Status: Informative Compartments: Not linked to any defined compartments

This is a representation of the json schema for Permission, which is just a part of the full JSON Schema.

{
  "$schema": "http://json-schema.org/draft-06/schema#",
  "id": "http://hl7.org/fhir/json-schema/Permission",
  "$ref": "#/definitions/Permission",
  "description": "see http://hl7.org/fhir/json.html#schema for information about the FHIR Json Schemas",
  "definitions": {
    "Permission": {
      "description": "Permission resource holds access rules for a given data and context.",
      "properties": {
        "resourceType": {
          "description": "This is a Permission resource",
          "const": "Permission"
        },
        "id": {
          "description": "The logical id of the resource, as used in the URL for the resource. Once assigned, this value never changes.",
          "$ref": "id.schema.json#/definitions/id"
        },
        "meta": {
          "description": "The metadata about the resource. This is content that is maintained by the infrastructure. Changes to the content might not always be associated with version changes to the resource.",
          "$ref": "Meta.schema.json#/definitions/Meta"
        },
        "implicitRules": {
          "description": "A reference to a set of rules that were followed when the resource was constructed, and which must be understood when processing the content. Often, this is a reference to an implementation guide that defines the special rules along with other profiles etc.",
          "$ref": "#/definitions/uri"
        },
        "_implicitRules": {
          "description": "Extensions for implicitRules",
          "$ref": "Element.schema.json#/definitions/Element"
        },
        "language": {
          "description": "The base language in which the resource is written.",
          "$ref": "#/definitions/code"
        },
        "_language": {
          "description": "Extensions for language",
          "$ref": "Element.schema.json#/definitions/Element"
        },
        "text": {
          "description": "A human-readable narrative that contains a summary of the resource and can be used to represent the content of the resource to a human. The narrative need not encode all the structured data, but is required to contain sufficient detail to make it \"clinically safe\" for a human to just read the narrative. Resource definitions may define what content should be represented in the narrative to ensure clinical safety.",
          "$ref": "Narrative.schema.json#/definitions/Narrative"
        },
        "contained": {
          "description": "These resources do not have an independent existence apart from the resource that contains them - they cannot be identified independently, nor can they have their own independent transaction scope. This is allowed to be a Parameters resource if and only if it is referenced by a resource that provides context/meaning.",
          "items": {
            "$ref": "ResourceList.schema.json#/definitions/ResourceList"
          },
          "type": "array"
        },
        "extension": {
          "description": "May be used to represent additional information that is not part of the basic definition of the resource. To make the use of extensions safe and manageable, there is a strict set of governance  applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.",
          "items": {
            "$ref": "Extension.schema.json#/definitions/Extension"
          },
          "type": "array"
        },
        "modifierExtension": {
          "description": "May be used to represent additional information that is not part of the basic definition of the resource and that modifies the understanding of the element that contains it and/or the understanding of the containing element\u0027s descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer is allowed to define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.\n\nModifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).",
          "items": {
            "$ref": "Extension.schema.json#/definitions/Extension"
          },
          "type": "array"
        },
        "status": {
          "description": "Status.",
          "$ref": "#/definitions/code"
        },
        "_status": {
          "description": "Extensions for status",
          "$ref": "Element.schema.json#/definitions/Element"
        },
        "asserter": {
          "description": "The person or entity that asserts the permission.",
          "$ref": "Reference.schema.json#/definitions/Reference"
        },
        "date": {
          "description": "The date that permission was asserted.",
          "items": {
            "$ref": "#/definitions/dateTime"
          },
          "type": "array"
        },
        "_date": {
          "description": "Extensions for date",
          "items": {
            "$ref": "Element.schema.json#/definitions/Element"
          },
          "type": "array"
        },
        "validity": {
          "description": "The period in which the permission is active.",
          "$ref": "Period.schema.json#/definitions/Period"
        },
        "justification": {
          "description": "The asserted justification for using the data.",
          "$ref": "#/definitions/Permission_Justification"
        },
        "combining": {
          "description": "Defines a procedure for arriving at an access decision given the set of rules.",
          "$ref": "#/definitions/code"
        },
        "_combining": {
          "description": "Extensions for combining",
          "$ref": "Element.schema.json#/definitions/Element"
        },
        "rule": {
          "description": "A set of rules.",
          "items": {
            "$ref": "#/definitions/Permission_Rule"
          },
          "type": "array"
        }
      },
      "type": "object",
      "additionalProperties": false,
      "required": [
        "resourceType"
      ]
    },
    "Permission_Justification": {
      "description": "Permission resource holds access rules for a given data and context.",
      "properties": {
        "id": {
          "description": "Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.",
          "$ref": "string.schema.json#/definitions/string"
        },
        "extension": {
          "description": "May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance  applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.",
          "items": {
            "$ref": "Extension.schema.json#/definitions/Extension"
          },
          "type": "array"
        },
        "modifierExtension": {
          "description": "May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element\u0027s descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.\n\nModifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).",
          "items": {
            "$ref": "Extension.schema.json#/definitions/Extension"
          },
          "type": "array"
        },
        "basis": {
          "description": "This would be a codeableconcept, or a coding, which can be constrained to , for example, the 6 grounds for processing in GDPR.",
          "items": {
            "$ref": "CodeableConcept.schema.json#/definitions/CodeableConcept"
          },
          "type": "array"
        },
        "evidence": {
          "description": "Justifing rational.",
          "items": {
            "$ref": "Reference.schema.json#/definitions/Reference"
          },
          "type": "array"
        }
      },
      "type": "object",
      "additionalProperties": false
    },
    "Permission_Rule": {
      "description": "Permission resource holds access rules for a given data and context.",
      "properties": {
        "id": {
          "description": "Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.",
          "$ref": "string.schema.json#/definitions/string"
        },
        "extension": {
          "description": "May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance  applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.",
          "items": {
            "$ref": "Extension.schema.json#/definitions/Extension"
          },
          "type": "array"
        },
        "modifierExtension": {
          "description": "May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element\u0027s descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.\n\nModifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).",
          "items": {
            "$ref": "Extension.schema.json#/definitions/Extension"
          },
          "type": "array"
        },
        "type": {
          "description": "deny | permit.",
          "$ref": "#/definitions/code"
        },
        "_type": {
          "description": "Extensions for type",
          "$ref": "Element.schema.json#/definitions/Element"
        },
        "data": {
          "description": "A description or definition of which activities are allowed to be done on the data.",
          "items": {
            "$ref": "#/definitions/Permission_Data"
          },
          "type": "array"
        },
        "activity": {
          "description": "A description or definition of which activities are allowed to be done on the data.",
          "items": {
            "$ref": "#/definitions/Permission_Activity"
          },
          "type": "array"
        },
        "limit": {
          "description": "What limits apply to the use of the data.",
          "items": {
            "$ref": "CodeableConcept.schema.json#/definitions/CodeableConcept"
          },
          "type": "array"
        }
      },
      "type": "object",
      "additionalProperties": false
    },
    "Permission_Data": {
      "description": "Permission resource holds access rules for a given data and context.",
      "properties": {
        "id": {
          "description": "Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.",
          "$ref": "string.schema.json#/definitions/string"
        },
        "extension": {
          "description": "May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance  applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.",
          "items": {
            "$ref": "Extension.schema.json#/definitions/Extension"
          },
          "type": "array"
        },
        "modifierExtension": {
          "description": "May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element\u0027s descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.\n\nModifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).",
          "items": {
            "$ref": "Extension.schema.json#/definitions/Extension"
          },
          "type": "array"
        },
        "resource": {
          "description": "Explicit FHIR Resource references.",
          "items": {
            "$ref": "#/definitions/Permission_Resource"
          },
          "type": "array"
        },
        "security": {
          "description": "The data in scope are those with the given codes present in that data .meta.security element.",
          "items": {
            "$ref": "Coding.schema.json#/definitions/Coding"
          },
          "type": "array"
        },
        "period": {
          "description": "Clinical or Operational Relevant period of time that bounds the data controlled by this rule.",
          "items": {
            "$ref": "Period.schema.json#/definitions/Period"
          },
          "type": "array"
        },
        "expression": {
          "description": "Used when other data selection elements are insufficient.",
          "$ref": "Expression.schema.json#/definitions/Expression"
        }
      },
      "type": "object",
      "additionalProperties": false
    },
    "Permission_Resource": {
      "description": "Permission resource holds access rules for a given data and context.",
      "properties": {
        "id": {
          "description": "Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.",
          "$ref": "string.schema.json#/definitions/string"
        },
        "extension": {
          "description": "May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance  applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.",
          "items": {
            "$ref": "Extension.schema.json#/definitions/Extension"
          },
          "type": "array"
        },
        "modifierExtension": {
          "description": "May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element\u0027s descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.\n\nModifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).",
          "items": {
            "$ref": "Extension.schema.json#/definitions/Extension"
          },
          "type": "array"
        },
        "meaning": {
          "description": "How the resource reference is interpreted when testing consent restrictions.",
          "$ref": "#/definitions/code"
        },
        "_meaning": {
          "description": "Extensions for meaning",
          "$ref": "Element.schema.json#/definitions/Element"
        },
        "reference": {
          "description": "A reference to a specific resource that defines which resources are covered by this consent.",
          "$ref": "Reference.schema.json#/definitions/Reference"
        }
      },
      "type": "object",
      "additionalProperties": false,
      "required": [
        "reference"
      ]
    },
    "Permission_Activity": {
      "description": "Permission resource holds access rules for a given data and context.",
      "properties": {
        "id": {
          "description": "Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.",
          "$ref": "string.schema.json#/definitions/string"
        },
        "extension": {
          "description": "May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance  applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.",
          "items": {
            "$ref": "Extension.schema.json#/definitions/Extension"
          },
          "type": "array"
        },
        "modifierExtension": {
          "description": "May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element\u0027s descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.\n\nModifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).",
          "items": {
            "$ref": "Extension.schema.json#/definitions/Extension"
          },
          "type": "array"
        },
        "actor": {
          "description": "The actor(s) authorized for the defined activity.",
          "items": {
            "$ref": "Reference.schema.json#/definitions/Reference"
          },
          "type": "array"
        },
        "action": {
          "description": "Actions controlled by this Rule.",
          "items": {
            "$ref": "CodeableConcept.schema.json#/definitions/CodeableConcept"
          },
          "type": "array"
        },
        "purpose": {
          "description": "The purpose for which the permission is given.",
          "items": {
            "$ref": "CodeableConcept.schema.json#/definitions/CodeableConcept"
          },
          "type": "array"
        }
      },
      "type": "object",
      "additionalProperties": false
    }
  }
}