FHIR Release 3 (STU)
This page is part of the FHIR Specification (v3.0.2: STU 3). The current version which supercedes this version is 5.0.0. For a full list of available versions, see the Directory of published versions 
. Page versions: R5 R4B R4 R3
| Vocabulary Work Group | Maturity Level: N/A | Ballot Status: Informative |
Definition for Value SetSecurityRoleType
<ValueSet xmlns="http://hl7.org/fhir"> <id value="security-role-type"/> <meta> <lastUpdated value="2019-10-24T11:53:00+11:00"/> </meta> <text> <status value="generated"/> <div xmlns="http://www.w3.org/1999/xhtml"> This value set includes example contract singer codes. <hr/> <h2> SecurityRoleType</h2> <div> <p> This example FHIR value set is comprised of example Actor Type codes, which can be used to value FHIR agents, actors, and other role elements such as those specified in financial transactions. The FHIR Actor value set is based on DICOM Audit Message, C402; ASTM Standard, E1762-95 [2013]; selected codes and derived actor roles from HL7 RoleClass OID 2.16.840.1.113883.5.110; HL7 Role Code 2.16.840.1.113883.5.111, including AgentRoleType; HL7 ParticipationType OID: 2.16.840.1.113883.5.90; and HL7 ParticipationFunction codes OID: 2.16.840.1.113883.5.88. This value set includes, by reference, role codes from external code systems: NUCC Health Care Provider Taxonomy OID: 2.16.840.1.113883.6.101; North American Industry Classification System [NAICS]OID: 2.16.840.1.113883.6.85; IndustryClassificationSystem 2.16.840.1.113883.1.11.16039 ; and US Census Occupation Code OID: 2.16.840.1.113883.6.243 for relevant recipient or custodian codes not included in this value set. If no source is indicated in the definition comments, then these are example FHIR codes. It can be extended with appropriate roles described by SNOMED as well as those described in the HL7 Role Based Access Control Catalog and the HL7 Healthcare (Security and Privacy) Access Control Catalog. In Role-Based Access Control (RBAC), permissions are operations on an object that a user wishes to access. Permissions are grouped into roles. A role characterizes the functions a user is allowed to perform. Roles are assigned to users. If the user's role has the appropriate permissions to access an object, then that user is granted access to the object. FHIR readily enables RBAC, as FHIR Resources are object types and the CRUDE events (the FHIR equivalent to permissions in the RBAC scheme) are operations on those objects. In Attribute-Based Access Control (ABAC), a user requests to perform operations on objects. That user's access request is granted or denied based on a set of access control policies that are specified in terms of attributes and conditions. FHIR readily enables ABAC, as instances of a Resource in FHIR (again, Resources are object types) can have attributes associated with them. These attributes include security tags, environment conditions, and a host of user and object characteristics, which are the same attributes as those used in ABAC. Attributes help define the access control policies that determine the operations a user may perform on a Resource (in FHIR) or object (in ABAC). For example, a tag (or attribute) may specify that the identified Resource (object) is not to be further disclosed without explicit consent from the patient.</p> </div> <p> <b> Copyright Statement:</b> This is an example FHIR value set based on ASTM Standard, E1762-95 (2013) HL7 RoleClass OID 2.16.840.1.113883.5.110, HL7 Role Code 2.16.840.1.113883.5.111, HL7 ParticipationType OID: 2.16.840.1.113883.5.90, HL7 ParticipationFunction codes at OID: 2.16.840.1.113883.5.88, and HL7 Security and Privacy Domain Analysis Model roles classes. These codes are excerpted from Digital Imaging and Communications in Medicine (DICOM) Standard, Part 16: Content Mapping Resource, Copyright © 2011 by the National Electrical Manufacturers Association. </p> <p> This value set includes codes from the following code systems:</p> <ul> <li> Include these codes as defined in <a href="codesystem-contract-signer-type.html"> <code> http://www.hl7.org/fhir/contractsignertypecodes</code> </a> <table class="none"> <tr> <td> <b> Code</b> </td> <td> <b> Display</b> </td> </tr> <tr> <td> <a href="codesystem-contract-signer-type.html#contract-signer-type-AMENDER">AMENDER</a> </td> <td> Amender</td> <td> A person who has corrected, edited, or amended pre-existing information.</td> </tr> <tr> <td> <a href="codesystem-contract-signer-type.html#contract-signer-type-COAUTH">COAUTH</a> </td> <td> Co-Author</td> <td> The entity that co-authored content. There can be multiple co-authors of content,which may take such forms as a such as a contract, a healthcare record entry or document, a policy, or a consent directive.</td> </tr> <tr> <td> <a href="codesystem-contract-signer-type.html#contract-signer-type-CONT">CONT</a> </td> <td> Contact</td> <td> A person or an organization that provides or receives information regarding another entity. Examples; patient NOK and emergency contacts; guarantor contact; employer contact.</td> </tr> <tr> <td> <a href="codesystem-contract-signer-type.html#contract-signer-type-EVTWIT">EVTWIT</a> </td> <td> Event Witness</td> <td> A person who attests to observing an occurrence. For example, the witness has observed a procedure and is attesting to this fact.</td> </tr> <tr> <td> <a href="codesystem-contract-signer-type.html#contract-signer-type-PRIMAUTH">PRIMAUTH</a> </td> <td> Primary Author</td> <td> An entity that is the primary or sole author of information content. In the healthcare context, there can be only one primary author of health information content in a record entry or document.</td> </tr> <tr> <td> <a href="codesystem-contract-signer-type.html#contract-signer-type-REVIEWER">REVIEWER</a> </td> <td> Reviewer</td> <td> A person, device, or algorithm that has used approved criteria for filtered data for inclusion into the patient record. Examples: (1) a medical records clerk who scans a document for inclusion in the medical record, enters header information, or catalogues and classifies the data, or a combination thereof; (2) a gateway that receives data from another computer system and interprets that data or changes its format, or both, before entering it into the patient record.</td> </tr> <tr> <td> <a href="codesystem-contract-signer-type.html#contract-signer-type-SOURCE">SOURCE</a> </td> <td> Source</td> <td> An automated data source that generates a signature along with content. Examples: (1) the signature for an image that is generated by a device for inclusion in the patient record; (2) the signature for an ECG derived by an ECG system for inclusion in the patient record; (3) the data from a biomedical monitoring device or system that is for inclusion in the patient record.</td> </tr> <tr> <td> <a href="codesystem-contract-signer-type.html#contract-signer-type-TRANS">TRANS</a> </td> <td> Transcriber</td> <td> An entity entering the data into the originating system. This includes the transcriptionist for dictated text transcribed into electronic form.</td> </tr> <tr> <td> <a href="codesystem-contract-signer-type.html#contract-signer-type-VALID">VALID</a> </td> <td> Validator</td> <td> A person who validates a health information document for inclusion in the patient record. For example, a medical student or resident is credentialed to perform history or physical examinations and to write progress notes. The attending physician signs the history and physical examination to validate the entry for inclusion in the patient's medical record.</td> </tr> <tr> <td> <a href="codesystem-contract-signer-type.html#contract-signer-type-VERF">VERF</a> </td> <td> Verifier</td> <td> A person who asserts the correctness and appropriateness of an act or the recording of the act, and is accountable for the assertion that the act or the recording of the act complies with jurisdictional or organizational policy. For example, a physician is required to countersign a verbal order that has previously been recorded in the medical record by a registered nurse who has carried out the verbal order.</td> </tr> </table> </li> <li> Include these codes as defined in <a href="v3/RoleClass/cs.html"> <code> http://hl7.org/fhir/v3/RoleClass</code> </a> <table class="none"> <tr> <td> <b> Code</b> </td> <td> <b> Display</b> </td> </tr> <tr> <td> <a href="v3/RoleClass/cs.html#v3-RoleClass-AFFL">AFFL</a> </td> <td> affiliate</td> <td> Player of the Affiliate role has a business/professional relationship with scoper. Player and scoper may be persons or organization. The Affiliate relationship does not imply membership in a group, nor does it exist for resource scheduling purposes. <br/> Example: A healthcare provider is affiliated with another provider as a business associate. </td> </tr> <tr> <td> <a href="v3/RoleClass/cs.html#v3-RoleClass-AGNT">AGNT</a> </td> <td> agent</td> <td> An entity (player) that acts or is authorized to act on behalf of another entity (scoper).</td> </tr> <tr> <td> <a href="v3/RoleClass/cs.html#v3-RoleClass-ASSIGNED">ASSIGNED</a> </td> <td> assigned entity</td> <td> An agent role in which the agent is an Entity acting in the employ of an organization. The focus is on functional role on behalf of the organization, unlike the Employee role where the focus is on the 'Human Resources' relationship between the employee and the organization.</td> </tr> <tr> <td> <a href="v3/RoleClass/cs.html#v3-RoleClass-CLAIM">CLAIM</a> </td> <td> claimant</td> <td> Description: A role played by a party making a claim for coverage under a policy or program. A claimant must be either a person or organization, or a group of persons or organizations. A claimant is not a named insured or a program eligible. <br/> Discussion: With respect to liability insurance such as property and casualty insurance, a claimant must file a claim requesting indemnification for a loss that the claimant considers covered under the policy of a named insured. The claims adjuster for the policy underwriter will review the claim to determine whether the loss meets the benefit coverage criteria under a policy, and base any indemnification or coverage payment on that review. If a third party is liable in whole or part for the loss, the underwriter may pursue third party liability recovery. A claimant may be involved in civil or criminal legal proceedings involving claims against a defendant party that is indemnified by an insurance policy or to protest the finding of a claims adjustor. With respect to life insurance, a beneficiary designated by a named insured becomes a claimant of the proceeds of coverage, as in the case of a life insurance policy. However, a claimant for coverage under life insurance is not necessarily a designated beneficiary. <br/> Note: A claimant is not a named insured. However, a named insured may make a claim under a policy, e.g., an insured driver may make a claim for an injury under his or her comprehensive automobile insurance policy. Similarly, a program eligible may make a claim under program, e.g., an unemployed worker may claim benefits under an unemployment insurance program, but parties playing these covered party role classes are not, for purposes of this vocabulary and in an effort to clearly distinguish role classes, considered claimants. <br/> In the case of a named insured making a claim, a role type code INSCLM (insured claimant) subtypes the class to indicate that either a named insured or an individual insured has filed a claim for a loss. In the case of a program eligible, a role type code INJWKR (injured worker) subtypes the class to indicate that the covered party in a workers compensation program is an injured worker, and as such, has filed a "claim" under the program for benefits. Likewise, a covered role type code UNEMP (unemployed worker) subtypes the program eligible class to indicate that the covered party in an unemployment insurance program has filed a claim for unemployment benefits. <br/> Example: A claimant under automobile policy that is not the named insured. </td> </tr> <tr> <td> <a href="v3/RoleClass/cs.html#v3-RoleClass-COVPTY">COVPTY</a> </td> <td> covered party</td> <td> A role class played by a person who receives benefit coverage under the terms of a particular insurance policy. The underwriter of that policy is the scoping entity. The covered party receives coverage because of some contractual or other relationship with the holder of that policy. <br/> Discussion:This reason for coverage is captured in 'Role.code' and a relationship link with type code of indirect authority should be included using the policy holder role as the source, and the covered party role as the target. <br/> Note that a particular policy may cover several individuals one of whom may be, but need not be, the policy holder. Thus the notion of covered party is a role that is distinct from that of the policy holder. </td> </tr> <tr> <td> <a href="v3/RoleClass/cs.html#v3-RoleClass-DEPEN">DEPEN</a> </td> <td> dependent</td> <td> Description: A role played by a person covered under a policy or program based on an association with a subscriber, which is recognized by the policy holder. <br/> Note: The party playing the role of a dependent is not a claimant in the sense conveyed by the RoleClassCoveredParty CLAIM (claimant). However, a dependent may make a claim under a policy, e.g., a dependent under a health insurance policy may become the claimant for coverage under that policy for wellness examines or if injured and there is no liable third party. In the case of a dependent making a claim, a role type code INSCLM (insured claimant) subtypes the class to indicate that the dependent has filed a claim for services covered under the health insurance policy. <br/> Example: The dependent has an association with the subscriber such as a financial dependency or personal relationship such as that of a spouse, or a natural or adopted child. The policy holder may be required by law to recognize certain associations or may have discretion about the associations. For example, a policy holder may dictate the criteria for the dependent status of adult children who are students, such as requiring full time enrollment, or may recognize domestic partners as dependents. Under certain circumstances, the dependent may be under the indirect authority of a responsible party acting as a surrogate for the subscriber, for example, if the subscriber is differently abled or deceased, a guardian ad Lidem or estate executor may be appointed to assume the subscriberaTMs legal standing in the relationship with the dependent. </td> </tr> <tr> <td> <a href="v3/RoleClass/cs.html#v3-RoleClass-ECON">ECON</a> </td> <td> emergency contact</td> <td> An entity to be contacted in the event of an emergency.</td> </tr> <tr> <td> <a href="v3/RoleClass/cs.html#v3-RoleClass-EMP">EMP</a> </td> <td> employee</td> <td> A relationship between a person or organization and a person or organization formed for the purpose of exchanging work for compensation. The purpose of the role is to identify the type of relationship the employee has to the employer, rather than the nature of the work actually performed. (Contrast with AssignedEntity.)</td> </tr> <tr> <td> <a href="v3/RoleClass/cs.html#v3-RoleClass-GUARD">GUARD</a> </td> <td> guardian</td> <td> Guardian of a ward</td> </tr> <tr> <td> <a href="v3/RoleClass/cs.html#v3-RoleClass-INVSBJ">INVSBJ</a> </td> <td> Investigation Subject</td> <td> An entity that is the subject of an investigation. This role is scoped by the party responsible for the investigation.</td> </tr> <tr> <td> <a href="v3/RoleClass/cs.html#v3-RoleClass-NAMED">NAMED</a> </td> <td> named insured</td> <td> Description: A role played by a party to an insurance policy to which the insurer agrees to indemnify for losses, provides benefits for, or renders services. A named insured may be either a person, non-person living subject, or an organization, or a group of persons, non-person living subjects, or organizations. <br/> Discussion: The coded concept NAMED should not be used where a more specific child concept in this Specializable value set applies. In some cases, the named insured may not be the policy holder, e.g., where a policy holder purchases life insurance policy in which another party is the named insured and the policy holder is the beneficiary of the policy. <br/> Note: The party playing the role of a named insured is not a claimant in the sense conveyed by the RoleClassCoveredParty CLAIM (claimant). However, a named insured may make a claim under a policy, e.g., e.g., a party that is the named insured and policy holder under a comprehensive automobile insurance policy may become the claimant for coverage under that policy e.g., if injured in an automobile accident and there is no liable third party. In the case of a named insured making a claim, a role type code INSCLM (insured claimant) subtypes the class to indicate that a named insured has filed a claim for a loss. <br/> Example: The named insured under a comprehensive automobile, disability, or property and casualty policy that is the named insured and may or may not be the policy holder. </td> </tr> <tr> <td> <a href="v3/RoleClass/cs.html#v3-RoleClass-NOK">NOK</a> </td> <td> next of kin</td> <td> An individual designated for notification as the next of kin for a given entity.</td> </tr> <tr> <td> <a href="v3/RoleClass/cs.html#v3-RoleClass-PAT">PAT</a> </td> <td> patient</td> <td> A Role of a LivingSubject (player) as an actual or potential recipient of health care services from a healthcare provider organization (scoper). <br/> Usage Note: Communication about relationships between patients and specific healthcare practitioners (people) is not done via scoper. Instead this is generally done using the CareProvision act. This allows linkage between patient and a particular healthcare practitioner role and also allows description of the type of care involved in the relationship. </td> </tr> <tr> <td> <a href="v3/RoleClass/cs.html#v3-RoleClass-PROV">PROV</a> </td> <td> healthcare provider</td> <td> An Entity (player) that is authorized to provide health care services by some authorizing agency (scoper).</td> </tr> <tr> <td> <a href="v3/RoleClass/cs.html#v3-RoleClass-NOT">NOT</a> </td> <td> notary public</td> <td> notary public</td> </tr> </table> </li> <li> Include these codes as defined in <a href="v3/RoleCode/cs.html"> <code> http://hl7.org/fhir/v3/RoleCode</code> </a> <table class="none"> <tr> <td> <b> Code</b> </td> <td> <b> Display</b> </td> </tr> <tr> <td> <a href="v3/RoleCode/cs.html#v3-RoleCode-CLASSIFIER">CLASSIFIER</a> </td> <td> classifier</td> <td> An individual authorized to assign an original classification to information, including compilations of unclassified information, based on a determination that the information requires protection against unauthorized disclosure. The individual marks the information with immutable, computable, and human readable security labels in accordance with applicable security labeling policies. The labeling policies provide instructions on whether and if so how the security labels may be later reclassified [i.e., upgraded, downgraded, used in derivative classification, or declassified] in a manner that preserves the overridden original classification binding and provenance.</td> </tr> <tr> <td> <a href="v3/RoleCode/cs.html#v3-RoleCode-CONSENTER">CONSENTER</a> </td> <td> consenter</td> <td> An entity or an entity's delegatee who is the grantee in an agreement such as a consent for services, advanced directive, or a privacy consent directive in accordance with jurisdictional, organizational, or patient policy.</td> </tr> <tr> <td> <a href="v3/RoleCode/cs.html#v3-RoleCode-CONSWIT">CONSWIT</a> </td> <td> consent witness</td> <td> An entity which has witnessed and attests to observing another entity being counseled about an agreement such as a consent for services, advanced directive, or a privacy consent directive.</td> </tr> <tr> <td> <a href="v3/RoleCode/cs.html#v3-RoleCode-COPART">COPART</a> </td> <td> co-participant</td> <td> An entity which participates in the generation of and attest to veracity of content, but is not an author or coauthor. For example a surgeon who is required by institutional, regulatory, or legal rules to sign an operative report, but who was not involved in the authorship of that report.</td> </tr> <tr> <td> <a href="v3/RoleCode/cs.html#v3-RoleCode-DECLASSIFIER">DECLASSIFIER</a> </td> <td> declassifier</td> <td> An individual which is authorized to declassify information based on a determination that the information no longer requires protection against unauthorized disclosure. The individual marks the information being declassified using computable and human readable security labels indicating that this is copy of previously classified information is unclassified in accordance with applicable security labeling policies. The labeling policies provide instructions on whether and if so how the security labels may be later reclassified [i.e., upgraded or used in derivative classification] in a manner that preserves the overridden original classification binding and provenance.</td> </tr> <tr> <td> <a href="v3/RoleCode/cs.html#v3-RoleCode-DELEGATEE">DELEGATEE</a> </td> <td> delegatee</td> <td> A party to whom some right or authority is granted by a delegator.</td> </tr> <tr> <td> <a href="v3/RoleCode/cs.html#v3-RoleCode-DELEGATOR">DELEGATOR</a> </td> <td> delegator</td> <td> A party that grants all or some portion its right or authority to another party.</td> </tr> <tr> <td> <a href="v3/RoleCode/cs.html#v3-RoleCode-DOWNGRDER">DOWNGRDER</a> </td> <td> downgrader</td> <td> An individual authorized to lower the classification level of labeled content and provide rationale for doing so as directed by a classification guide.</td> </tr> <tr> <td> <a href="v3/RoleCode/cs.html#v3-RoleCode-DPOWATT">DPOWATT</a> </td> <td> durable power of attorney</td> <td> A relationship between two people in which one person authorizes another, usually a family member or relative, to act for him or her in a manner which is a legally binding upon the person giving such authority as if he or she personally were to do the acts that is often limited in the kinds of powers that can be assigned. Unlike ordinary powers of attorney, durable powers can survive for long periods of time, and again, unlike standard powers of attorney, durable powers can continue after incompetency.</td> </tr> <tr> <td> <a href="v3/RoleCode/cs.html#v3-RoleCode-EXCEST">EXCEST</a> </td> <td> executor of estate</td> <td> The role played by a person acting as the estate executor for a deceased subscriber or policyholder who was the responsible party</td> </tr> <tr> <td> <a href="v3/RoleCode/cs.html#v3-RoleCode-GRANTEE">GRANTEE</a> </td> <td> grantee</td> <td> An entity which accepts certain rights or authority from a grantor.</td> </tr> <tr> <td> <a href="v3/RoleCode/cs.html#v3-RoleCode-GRANTOR">GRANTOR</a> </td> <td> grantor</td> <td> An entity which agrees to confer certain rights or authority to a grantee.</td> </tr> <tr> <td> <a href="v3/RoleCode/cs.html#v3-RoleCode-GT">GT</a> </td> <td> Guarantor</td> <td> An individual or organization that makes or gives a promise, assurance, pledge to pay or has paid the healthcare service provider.</td> </tr> <tr> <td> <a href="v3/RoleCode/cs.html#v3-RoleCode-GUADLTM">GUADLTM</a> </td> <td> guardian ad lidem</td> <td> The role played by a person appointed by the court to look out for the best interests of a minor child during the course of legal proceedings.</td> </tr> <tr> <td> <a href="v3/RoleCode/cs.html#v3-RoleCode-HPOWATT">HPOWATT</a> </td> <td> healthcare power of attorney</td> <td> A relationship between two people in which one person authorizes another to act for him or her in a manner which is a legally binding upon the person giving such authority as if he or she personally were to do the acts that continues (by its terms) to be effective even though the grantor has become mentally incompetent after signing the document.</td> </tr> <tr> <td> <a href="v3/RoleCode/cs.html#v3-RoleCode-INTPRTER">INTPRTER</a> </td> <td> interpreter</td> <td> An entity which converts spoken or written language into the language of key participants in an event such as when a provider is obtaining a patient's consent to treatment or permission to disclose information.</td> </tr> <tr> <td> <a href="v3/RoleCode/cs.html#v3-RoleCode-POWATT">POWATT</a> </td> <td> power of attorney</td> <td> A relationship between two people in which one person authorizes another to act for him in a manner which is a legally binding upon the person giving such authority as if he or she personally were to do the acts.</td> </tr> <tr> <td> <a href="v3/RoleCode/cs.html#v3-RoleCode-RESPRSN">RESPRSN</a> </td> <td> responsible party</td> <td> The role played by a party who has legal responsibility for another party.</td> </tr> <tr> <td> <a href="v3/RoleCode/cs.html#v3-RoleCode-SPOWATT">SPOWATT</a> </td> <td> special power of attorney</td> <td> A relationship between two people in which one person authorizes another to act for him or her in a manner which is a legally binding upon the person giving such authority as if he or she personally were to do the acts that is often limited in the kinds of powers that can be assigned.</td> </tr> </table> </li> <li> Include codes from <a href="v3/RoleCode/cs.html"> <code> http://hl7.org/fhir/v3/RoleCode</code> </a> where concept is-a <a href="v3/RoleCode/cs.html#v3-RoleCode-_CitizenRoleType">_CitizenRoleType</a> </li> <li> Include these codes as defined in <a href="v3/ParticipationFunction/cs.html"> <code> http://hl7.org/fhir/v3/ParticipationFunction</code> </a> <table class="none"> <tr> <td> <b> Code</b> </td> <td> <b> Display</b> </td> </tr> <tr> <td> <a href="v3/ParticipationFunction/cs.html#v3-ParticipationFunction-AUCG">AUCG</a> </td> <td> caregiver information receiver</td> <td> Description:Caregiver authorized to receive patient health information.</td> </tr> <tr> <td> <a href="v3/ParticipationFunction/cs.html#v3-ParticipationFunction-AULR">AULR</a> </td> <td> legitimate relationship information receiver</td> <td> Description:Provider with legitimate relationship authorized to receive patient health information.</td> </tr> <tr> <td> <a href="v3/ParticipationFunction/cs.html#v3-ParticipationFunction-AUTM">AUTM</a> </td> <td> care team information receiver</td> <td> Description:Member of care team authorized to receive patient health information.</td> </tr> <tr> <td> <a href="v3/ParticipationFunction/cs.html#v3-ParticipationFunction-AUWA">AUWA</a> </td> <td> work area information receiver</td> <td> Description:Entities within specified work area authorized to receive patient health information.</td> </tr> <tr> <td> <a href="v3/ParticipationFunction/cs.html#v3-ParticipationFunction-PROMSK">PROMSK</a> </td> <td> authorized provider masking author</td> <td> Definition:Provider authorized to mask information to protect the patient, a third party, or to ensure that the provider has consulted with the patient prior to release of this information.</td> </tr> </table> </li> <li> Include these codes as defined in <a href="v3/ParticipationType/cs.html"> <code> http://hl7.org/fhir/v3/ParticipationType</code> </a> <table class="none"> <tr> <td> <b> Code</b> </td> <td> <b> Display</b> </td> </tr> <tr> <td> <a href="v3/ParticipationType/cs.html#v3-ParticipationType-AUT">AUT</a> </td> <td> author (originator)</td> <td> Definition: A party that originates the Act and therefore has responsibility for the information given in the Act and ownership of this Act. <br/> Example: the report writer, the person writing the act definition, the guideline author, the placer of an order, the EKG cart (device) creating a report etc. Every Act should have an author. Authorship is regardless of mood always actual authorship. <br/> Examples of such policies might include: <br/> The author and anyone they explicitly delegate may update the report; <br/> All administrators within the same clinic may cancel and reschedule appointments created by other administrators within that clinic; <br/> A party that is neither an author nor a party who is extended authorship maintenance rights by policy, may only amend, reverse, override, replace, or follow up in other ways on this Act, whereby the Act remains intact and is linked to another Act authored by that other party. </td> </tr> <tr> <td> <a href="v3/ParticipationType/cs.html#v3-ParticipationType-CST">CST</a> </td> <td> custodian</td> <td> An entity (person, organization or device) that is in charge of maintaining the information of this act (e.g., who maintains the report or the master service catalog item, etc.).</td> </tr> <tr> <td> <a href="v3/ParticipationType/cs.html#v3-ParticipationType-INF">INF</a> </td> <td> informant</td> <td> A source of reported information (e.g., a next of kin who answers questions about the patient's history). For history questions, the patient is logically an informant, yet the informant of history questions is implicitly the subject.</td> </tr> <tr> <td> <a href="v3/ParticipationType/cs.html#v3-ParticipationType-IRCP">IRCP</a> </td> <td> information recipient</td> <td> A party, who may or should receive or who has recieved the Act or subsequent or derivative information of that Act. Information recipient is inert, i.e., independent of mood." Rationale: this is a generalization of a too diverse family that the definition can't be any more specific, and the concept is abstract so one of the specializations should be used.</td> </tr> <tr> <td> <a href="v3/ParticipationType/cs.html#v3-ParticipationType-LA">LA</a> </td> <td> legal authenticator</td> <td> A verifier who legally authenticates the accuracy of an act. An example would be a staff physician who sees a patient and dictates a note, then later signs it. Their signature constitutes a legal authentication.</td> </tr> <tr> <td> <a href="v3/ParticipationType/cs.html#v3-ParticipationType-IRCP">IRCP</a> </td> <td> information recipient</td> <td> A party, who may or should receive or who has recieved the Act or subsequent or derivative information of that Act. Information recipient is inert, i.e., independent of mood." Rationale: this is a generalization of a too diverse family that the definition can't be any more specific, and the concept is abstract so one of the specializations should be used.</td> </tr> <tr> <td> <a href="v3/ParticipationType/cs.html#v3-ParticipationType-TRC">TRC</a> </td> <td> tracker</td> <td> A secondary information recipient, who receives copies (e.g., a primary care provider receiving copies of results as ordered by specialist).</td> </tr> <tr> <td> <a href="v3/ParticipationType/cs.html#v3-ParticipationType-WIT">WIT</a> </td> <td> witness</td> <td> Only with service events. A person witnessing the action happening without doing anything. A witness is not necessarily aware, much less approves of anything stated in the service event. Example for a witness is students watching an operation or an advanced directive witness.</td> </tr> </table> </li> <li> Include all codes defined in <a href="codesystem-extra-security-role-type.html"> <code> http://hl7.org/fhir/extra-security-role-type</code> </a> </li> <li> Include these codes as defined in <a href="http://dicom.nema.org/resources/ontology/DCM"> <code> http://dicom.nema.org/resources/ontology/DCM</code> </a> <table class="none"> <tr> <td> <b> Code</b> </td> <td> <b> Display</b> </td> </tr> <tr> <td> <a href="codesystem-dicom-dcim.html#dicom-dcim-110150">110150</a> </td> <td> Application</td> <td> Audit participant role ID of software application</td> </tr> <tr> <td> <a href="codesystem-dicom-dcim.html#dicom-dcim-110151">110151</a> </td> <td> Application Launcher</td> <td> Audit participant role ID of software application launcher, i.e., the entity that started or stopped an application</td> </tr> <tr> <td> <a href="codesystem-dicom-dcim.html#dicom-dcim-110152">110152</a> </td> <td> Destination Role ID</td> <td> Audit participant role ID of the receiver of data</td> </tr> <tr> <td> <a href="codesystem-dicom-dcim.html#dicom-dcim-110153">110153</a> </td> <td> Source Role ID</td> <td> Audit participant role ID of the sender of data</td> </tr> <tr> <td> <a href="codesystem-dicom-dcim.html#dicom-dcim-110154">110154</a> </td> <td> Destination Media</td> <td> Audit participant role ID of media receiving data during an export</td> </tr> <tr> <td> <a href="codesystem-dicom-dcim.html#dicom-dcim-110155">110155</a> </td> <td> Source Media</td> <td> Audit participant role ID of media providing data during an import</td> </tr> </table> </li> </ul> </div> </text> <extension url="http://hl7.org/fhir/StructureDefinition/structuredefinition-wg"> <valueCode value="sec"/> </extension> <extension url="http://hl7.org/fhir/StructureDefinition/structuredefinition-ballot-status"> <valueString value="Trial Use"/> </extension> <extension url="http://hl7.org/fhir/StructureDefinition/structuredefinition-fmm"> <valueInteger value="3"/> </extension> <url value="http://hl7.org/fhir/ValueSet/security-role-type"/> <version value="1.8.0"/> <name value="SecurityRoleType"/> <status value="draft"/> <experimental value="false"/> <date value="2017-01-30T18:00:00+01:00"/> <publisher value="HL7 (FHIR Project)"/> <contact> <telecom> <system value="url"/> <value value="http://hl7.org/fhir"/> </telecom> <telecom> <system value="email"/> <value value="fhir@lists.hl7.org"/> </telecom> </contact> <description value="This example FHIR value set is comprised of example Actor Type codes, which can be used to value FHIR agents, actors, and other role elements such as those specified in financial transactions. The FHIR Actor value set is based on DICOM Audit Message, C402; ASTM Standard, E1762-95 [2013]; selected codes and derived actor roles from HL7 RoleClass OID 2.16.840.1.113883.5.110; HL7 Role Code 2.16.840.1.113883.5.111, including AgentRoleType; HL7 ParticipationType OID: 2.16.840.1.113883.5.90; and HL7 ParticipationFunction codes OID: 2.16.840.1.113883.5.88. This value set includes, by reference, role codes from external code systems: NUCC Health Care Provider Taxonomy OID: 2.16.840.1.113883.6.101; North American Industry Classification System [NAICS]OID: 2.16.840.1.113883.6.85; IndustryClassificationSystem 2.16.840.1.113883.1.11.16039 ; and US Census Occupation Code OID: 2.16.840.1.113883.6.243 for relevant recipient or custodian codes not included in this value set. If no source is indicated in the definition comments, then these are example FHIR codes. It can be extended with appropriate roles described by SNOMED as well as those described in the HL7 Role Based Access Control Catalog and the HL7 Healthcare (Security and Privacy) Access Control Catalog. In Role-Based Access Control (RBAC), permissions are operations on an object that a user wishes to access. Permissions are grouped into roles. A role characterizes the functions a user is allowed to perform. Roles are assigned to users. If the user's role has the appropriate permissions to access an object, then that user is granted access to the object. FHIR readily enables RBAC, as FHIR Resources are object types and the CRUDE events (the FHIR equivalent to permissions in the RBAC scheme) are operations on those objects. In Attribute-Based Access Control (ABAC), a user requests to perform operations on objects. That user's access request is granted or denied based on a set of access control policies that are specified in terms of attributes and conditions. FHIR readily enables ABAC, as instances of a Resource in FHIR (again, Resources are object types) can have attributes associated with them. These attributes include security tags, environment conditions, and a host of user and object characteristics, which are the same attributes as those used in ABAC. Attributes help define the access control policies that determine the operations a user may perform on a Resource (in FHIR) or object (in ABAC). For example, a tag (or attribute) may specify that the identified Resource (object) is not to be further disclosed without explicit consent from the patient."/> <copyright value="This is an example FHIR value set based on ASTM Standard, E1762-95 (2013) HL7 RoleClass OID 2.16.840.1.113883.5.110, HL7 Role Code 2.16.840.1.113883.5.111, HL7 ParticipationType OID: 2.16.840.1.113883.5.90, HL7 ParticipationFunction codes at OID: 2.16.840.1.113883.5.88, and HL7 Security and Privacy Domain Analysis Model roles classes. These codes are excerpted from Digital Imaging and Communications in Medicine (DICOM) Standard, Part 16: Content Mapping Resource, Copyright © 2011 by the National Electrical Manufacturers Association."/> <extensible value="true"/> <compose> <include> <system value="http://www.hl7.org/fhir/contractsignertypecodes"/> <concept> <code value="AMENDER"/> </concept> <concept> <code value="COAUTH"/> </concept> <concept> <code value="CONT"/> </concept> <concept> <code value="EVTWIT"/> </concept> <concept> <code value="PRIMAUTH"/> </concept> <concept> <code value="REVIEWER"/> </concept> <concept> <code value="SOURCE"/> </concept> <concept> <code value="TRANS"/> </concept> <concept> <code value="VALID"/> </concept> <concept> <code value="VERF"/> </concept> </include> <include> <system value="http://hl7.org/fhir/v3/RoleClass"/> <concept> <code value="AFFL"/> </concept> <concept> <code value="AGNT"/> </concept> <concept> <code value="ASSIGNED"/> </concept> <concept> <code value="CLAIM"/> </concept> <concept> <code value="COVPTY"/> </concept> <concept> <code value="DEPEN"/> </concept> <concept> <code value="ECON"/> </concept> <concept> <code value="EMP"/> </concept> <concept> <code value="GUARD"/> </concept> <concept> <code value="INVSBJ"/> </concept> <concept> <code value="NAMED"/> </concept> <concept> <code value="NOK"/> </concept> <concept> <code value="PAT"/> </concept> <concept> <code value="PROV"/> </concept> <concept> <code value="NOT"/> </concept> </include> <include> <system value="http://hl7.org/fhir/v3/RoleCode"/> <concept> <code value="CLASSIFIER"/> </concept> <concept> <code value="CONSENTER"/> </concept> <concept> <code value="CONSWIT"/> </concept> <concept> <code value="COPART"/> </concept> <concept> <code value="DECLASSIFIER"/> </concept> <concept> <code value="DELEGATEE"/> </concept> <concept> <code value="DELEGATOR"/> </concept> <concept> <code value="DOWNGRDER"/> </concept> <concept> <code value="DPOWATT"/> </concept> <concept> <code value="EXCEST"/> </concept> <concept> <code value="GRANTEE"/> </concept> <concept> <code value="GRANTOR"/> </concept> <concept> <code value="GT"/> </concept> <concept> <code value="GUADLTM"/> </concept> <concept> <code value="HPOWATT"/> </concept> <concept> <code value="INTPRTER"/> </concept> <concept> <code value="POWATT"/> </concept> <concept> <code value="RESPRSN"/> </concept> <concept> <code value="SPOWATT"/> </concept> </include> <include> <system value="http://hl7.org/fhir/v3/RoleCode"/> <filter> <property value="concept"/> <op value="is-a"/> <value value="_CitizenRoleType"/> </filter> </include> <include> <system value="http://hl7.org/fhir/v3/ParticipationFunction"/> <concept> <code value="AUCG"/> </concept> <concept> <code value="AULR"/> </concept> <concept> <code value="AUTM"/> </concept> <concept> <code value="AUWA"/> </concept> <concept> <code value="PROMSK"/> </concept> </include> <include> <system value="http://hl7.org/fhir/v3/ParticipationType"/> <concept> <code value="AUT"/> </concept> <concept> <code value="CST"/> </concept> <concept> <code value="INF"/> </concept> <concept> <code value="IRCP"/> </concept> <concept> <code value="LA"/> </concept> <concept> <code value="IRCP"/> </concept> <concept> <code value="TRC"/> </concept> <concept> <code value="WIT"/> </concept> </include> <include> <system value="http://hl7.org/fhir/extra-security-role-type"/> </include> <include> <system value="http://dicom.nema.org/resources/ontology/DCM"/> <concept> <code value="110150"/> </concept> <concept> <code value="110151"/> </concept> <concept> <code value="110152"/> </concept> <concept> <code value="110153"/> </concept> <concept> <code value="110154"/> </concept> <concept> <code value="110155"/> </concept> </include> </compose> </ValueSet>
Usage note: every effort has been made to ensure that the examples are correct and useful, but they are not a normative part of the specification.
®© HL7.org 2011+. FHIR Release 3 (STU; v3.0.2-11200) generated on Thurs, Oct 24, 2019 11:53+1100. QA Page
Links: Search |
Version History |
Table of Contents |
Credits |
Compare to DSTU2 |
|
Propose a change
Terminology