R6 Ballot (2nd Draft)

Publish-box (todo)

4.4.1.146 ValueSet http://hl7.org/fhir/ValueSet/security-label-data-examples

Security icon Work Group  Maturity Level: 0 Informative Use Context: Country: World
Official URL: http://hl7.org/fhir/ValueSet/security-label-data-examples Version: 6.0.0-ballot2
draft as of 2022-05-10 Computable Name: SecurityLabelDataExamples
Flags: OID: 2.16.840.1.113883.4.642.3.3013

This value set is not currently used

A sample of security labels from Healthcare Privacy and Security Classification System used on data (.meta.security) to indicate confidentialityCode classification and maybe sensitivity codes.


Generated Narrative: ValueSet security-label-data-examples

Last updated: 2024-08-12T16:52:12.437+08:00

Profile: Shareable ValueSet

This value set includes codes based on the following rules:

  • Include these codes as defined in http://terminology.hl7.org/CodeSystem/v3-Confidentiality icon
    CodeDisplayDefinition
    N iconnormalPrivacy metadata indicating the level of protection required to safeguard personal and healthcare information, which if disclosed without authorization, would present a considerable risk of harm to an individual's reputation and sense of privacy.

    *Usage Note:* The level of protection afforded normatively confidential information is dictated by the prevailing normative privacy policies, which are intended to engender patient trust in their healthcare providers.

    Privacy policies mandating normative levels of protection, which preempt less protective privacy policies when the information is used in the delivery and management of healthcare. May be pre-empted by jurisdictional law (e.g., for public health reporting or emergency treatment).

    Confidentiality code total order hierarchy: Normal (N) is less protective than *V* and *R*, and subsumes all other protection levels (i.e., *M, L, and U*).

    **Map:**Partial Map to ISO 13606-4 Sensitivity Level (3) Clinical Care when purpose of use is treatment: Default for normal clinical care access (i.e., most clinical staff directly caring for the patient should be able to access nearly all of the EHR). Maps to normal confidentiality for treatment information but not to ancillary care, payment and operations.

    **Examples:**

    n the US, this includes what HIPAA identifies as protected health information (PHI) under 45 CFR Section 160.103.
    R iconrestrictedPrivacy metadata indicating the level of protection required to safeguard potentially stigmatizing information, which if disclosed without authorization, would present a high risk of harm to an individual's reputation and sense of privacy.

    *Usage Note:* The level of protection afforded restricted confidential information is dictated by specially protective organizational or jurisdictional privacy policies, including at an authorized individual's request, intended to engender patient trust in providers of sensitive services.

    Privacy policies mandating additional levels of protection by restricting information access preempt less protective privacy policies when the information is used in the delivery and management of healthcare. May be pre-empted by jurisdictional law (e.g., for public health reporting or emergency treatment).

    Confidentiality code total order hierarchy: Restricted (R) is less protective than *V*, and subsumes all other protection levels (i.e., *N, M, L, and U*).

    **Examples:**

    Includes information that is additionally protected such as sensitive conditions mental health, HIV, substance abuse, domestic violence, child abuse, genetic disease, and reproductive health; or sensitive demographic information such as a patient's standing as an employee or a celebrity. May be used to indicate proprietary or classified information that is not related to an individual (e.g., secret ingredients in a therapeutic substance; or the name of a manufacturer).
  • Include these codes as defined in http://terminology.hl7.org/CodeSystem/v3-ActCode icon
    CodeDisplayDefinition
    ETH icon substance abuse information sensitivity Policy for handling alcohol or drug-abuse information, which will be afforded heightened confidentiality. Information handling protocols based on organizational policies related to alcohol or drug-abuse information that is deemed sensitive.

    *Usage Note:* If there is a jurisdictional mandate, then use the applicable ActPrivacyLaw code system, and specify the law rather than or in addition to this more generic code.
    PSY icon psychiatry disorder information sensitivity Policy for handling psychiatry psychiatric disorder information, which is afforded heightened confidentiality.

    *Usage Note:* If there is a jurisdictional mandate, then use the applicable ActPrivacyLaw code system, and specify the law rather than or in addition to this more generic code.
    STD icon sexually transmitted disease information sensitivity Policy for handling sexually transmitted disease information, which will be afforded heightened confidentiality. Information handling protocols based on organizational policies related to sexually transmitted disease information that is deemed sensitive.

    *Usage Note:* If there is a jurisdictional mandate, then use the applicable ActPrivacyLaw code system, and specify the law rather than or in addition to this more generic code.

 

This expansion generated 12 Aug 2024


Generated Narrative: ValueSet

Last updated: 2024-08-12T16:52:12.437+08:00

Profile: Shareable ValueSet

This value set contains 5 concepts

CodeSystemDisplayDefinition
  N icon http://terminology.hl7.org/CodeSystem/v3-Confidentiality normal

Privacy metadata indicating the level of protection required to safeguard personal and healthcare information, which if disclosed without authorization, would present a considerable risk of harm to an individual's reputation and sense of privacy.

Usage Note: The level of protection afforded normatively confidential information is dictated by the prevailing normative privacy policies, which are intended to engender patient trust in their healthcare providers.

Privacy policies mandating normative levels of protection, which preempt less protective privacy policies when the information is used in the delivery and management of healthcare. May be pre-empted by jurisdictional law (e.g., for public health reporting or emergency treatment).

Confidentiality code total order hierarchy: Normal (N) is less protective than V and R, and subsumes all other protection levels (i.e., M, L, and U).

**Map:**Partial Map to ISO 13606-4 Sensitivity Level (3) Clinical Care when purpose of use is treatment: Default for normal clinical care access (i.e., most clinical staff directly caring for the patient should be able to access nearly all of the EHR). Maps to normal confidentiality for treatment information but not to ancillary care, payment and operations.

Examples:

n the US, this includes what HIPAA identifies as protected health information (PHI) under 45 CFR Section 160.103.

  R icon http://terminology.hl7.org/CodeSystem/v3-Confidentiality restricted

Privacy metadata indicating the level of protection required to safeguard potentially stigmatizing information, which if disclosed without authorization, would present a high risk of harm to an individual's reputation and sense of privacy.

Usage Note: The level of protection afforded restricted confidential information is dictated by specially protective organizational or jurisdictional privacy policies, including at an authorized individual's request, intended to engender patient trust in providers of sensitive services.

Privacy policies mandating additional levels of protection by restricting information access preempt less protective privacy policies when the information is used in the delivery and management of healthcare. May be pre-empted by jurisdictional law (e.g., for public health reporting or emergency treatment).

Confidentiality code total order hierarchy: Restricted (R) is less protective than V, and subsumes all other protection levels (i.e., N, M, L, and U).

Examples:

Includes information that is additionally protected such as sensitive conditions mental health, HIV, substance abuse, domestic violence, child abuse, genetic disease, and reproductive health; or sensitive demographic information such as a patient's standing as an employee or a celebrity. May be used to indicate proprietary or classified information that is not related to an individual (e.g., secret ingredients in a therapeutic substance; or the name of a manufacturer).

  ETH icon http://terminology.hl7.org/CodeSystem/v3-ActCode substance abuse information sensitivity

Policy for handling alcohol or drug-abuse information, which will be afforded heightened confidentiality. Information handling protocols based on organizational policies related to alcohol or drug-abuse information that is deemed sensitive.

Usage Note: If there is a jurisdictional mandate, then use the applicable ActPrivacyLaw code system, and specify the law rather than or in addition to this more generic code.

  PSY icon http://terminology.hl7.org/CodeSystem/v3-ActCode psychiatry disorder information sensitivity

Policy for handling psychiatry psychiatric disorder information, which is afforded heightened confidentiality.

Usage Note: If there is a jurisdictional mandate, then use the applicable ActPrivacyLaw code system, and specify the law rather than or in addition to this more generic code.

  STD icon http://terminology.hl7.org/CodeSystem/v3-ActCode sexually transmitted disease information sensitivity

Policy for handling sexually transmitted disease information, which will be afforded heightened confidentiality. Information handling protocols based on organizational policies related to sexually transmitted disease information that is deemed sensitive.

Usage Note: If there is a jurisdictional mandate, then use the applicable ActPrivacyLaw code system, and specify the law rather than or in addition to this more generic code.

Additional Designations and Language Displays

Codehttp://terminology.hl7.org/CodeSystem/designation-usage#displayEnglish (English, en)
N
R
ETH substance abuse information sensitivity substance abuse information sensitivity
PSY psychiatry disorder information sensitivity psychiatry disorder information sensitivity
STD sexually transmitted disease information sensitivity sexually transmitted disease information sensitivity

 

See the full registry of value sets defined as part of FHIR.


Explanation of the columns that may appear on this page:

Lvl A few code lists that FHIR defines are hierarchical - each code is assigned a level. For value sets, levels are mostly used to organize codes for user convenience, but may follow code system hierarchy - see Code System for further information
Source The source of the definition of the code (when the value set draws in codes defined elsewhere)
Code The code (used as the code in the resource instance). If the code is in italics, this indicates that the code is not selectable ('Abstract')
Display The display (used in the display element of a Coding). If there is no display, implementers should not simply display the code, but map the concept into their application
Definition An explanation of the meaning of the concept
Comments Additional notes about how to use the code