FHIR Cross-Version Extensions package for FHIR R4B from FHIR R4
0.0.1-snapshot-2 - informative
FHIR Cross-Version Extensions package for FHIR R4B from FHIR R4
0.0.1-snapshot-2 - informative
FHIR Cross-Version Extensions package for FHIR R4B from FHIR R4 - Version 0.0.1-snapshot-2. See the Directory of published versions
| Official URL: http://hl7.org/fhir/4.0/ValueSet/R4-resource-security-category-for-R4B | Version: 0.0.1-snapshot-2 | |||
| Standards status: Informative | Maturity Level: 0 | Computable Name: R4_resource_security_category_for_R4B | ||
| This cross-version ValueSet represents concepts from http://hl7.org/fhir/ValueSet/resource-security-category | 4.0.1 for use in FHIR R4B. Concepts not present here have direct equivalent mappings crossing all versions from R4 to R4B. |
References
This value set is not used here; it may be used elsewhere (e.g. specifications and/or implementations that use this content)
http://terminology.hl7.org/CodeSystem/resource-security-category version 4.0.1| Code | Display | Definition |
| anonymous | Anonymous READ Access Resource | These resources tend to not contain any individual data, or business sensitive data. Most often these Resources will be available for anonymous access, meaning there is no access control based on the user or system requesting. However these Resources do tend to contain important information that must be authenticated back to the source publishing them, and protected from integrity failures in communication. For this reason server authenticated https (TLS) is recommended to provide authentication of the server and integrity protection in transit. This is normal web-server use of https. |
| individual | Individual Sensitive Resource | These Resources do NOT contain Patient data, but do contain individual information about other participants. These other individuals are Practitioners, PractionerRole, CareTeam, or other users. These identities are needed to enable the practice of healthcare. These identities are identities under general privacy regulations, and thus must consider Privacy risk. Often access to these other identities are covered by business relationships. For this purpose access to these Resources will tend to be Role specific using methods such as RBAC or ABAC. |
| not-classified | Not classified | Some Resources can be used for a wide scope of use-cases that span very sensitive to very non-sensitive. These Resources do not fall into any of the above classifications, as their sensitivity is highly variable. These Resources will need special handling. These Resources often contain metadata that describes the content in a way that can be used for Access Control decisions. |
This value set expansion contains 3 concepts.
| Code | System | Display | Definition |
| anonymous | http://terminology.hl7.org/CodeSystem/resource-security-category | Anonymous READ Access Resource | These resources tend to not contain any individual data, or business sensitive data. Most often these Resources will be available for anonymous access, meaning there is no access control based on the user or system requesting. However these Resources do tend to contain important information that must be authenticated back to the source publishing them, and protected from integrity failures in communication. For this reason server authenticated https (TLS) is recommended to provide authentication of the server and integrity protection in transit. This is normal web-server use of https. |
| individual | http://terminology.hl7.org/CodeSystem/resource-security-category | Individual Sensitive Resource | These Resources do NOT contain Patient data, but do contain individual information about other participants. These other individuals are Practitioners, PractionerRole, CareTeam, or other users. These identities are needed to enable the practice of healthcare. These identities are identities under general privacy regulations, and thus must consider Privacy risk. Often access to these other identities are covered by business relationships. For this purpose access to these Resources will tend to be Role specific using methods such as RBAC or ABAC. |
| not-classified | http://terminology.hl7.org/CodeSystem/resource-security-category | Not classified | Some Resources can be used for a wide scope of use-cases that span very sensitive to very non-sensitive. These Resources do not fall into any of the above classifications, as their sensitivity is highly variable. These Resources will need special handling. These Resources often contain metadata that describes the content in a way that can be used for Access Control decisions. |
Explanation of the columns that may appear on this page:
| Level | A few code lists that FHIR defines are hierarchical - each code is assigned a level. In this scheme, some codes are under other codes, and imply that the code they are under also applies |
| System | The source of the definition of the code (when the value set draws in codes defined elsewhere) |
| Code | The code (used as the code in the resource instance) |
| Display | The display (used in the display element of a Coding). If there is no display, implementers should not simply display the code, but map the concept into their application |
| Definition | An explanation of the meaning of the concept |
| Comments | Additional notes about how to use the code |
IG © 2025+ FHIR Infrastructure. Package hl7.fhir.uv.xver-r4.r4b#0.0.1-snapshot-2 based on FHIR 4.3.0. Generated 2025-09-13
Links: Table of Contents |
QA Report
| Version History |
|
History