Security
and
Privacy
This
page
is
part
of
the
Continuous
Integration
Build
of
FHIR
Specification
(v5.0.0:
R5
-
STU
).
This
is
the
current
published
version
in
it's
permanent
home
(it
will
always
(will
be
available
incorrect/inconsistent
at
this
URL).
For
a
full
list
of
available
versions,
see
times).
See
the
Directory
of
published
versions
.
Page
versions:
R5
R4B
R4
R3
| Responsible Owner: Community Based Collaborative Care Work Group | Standards Status : Informative | Compartments : Group , Patient |
Raw XML ( canonical form + also see XML Format Specification )
Example of Patients Know Best Usage (id = "consent-example-pkb")
<?xml version="1.0" encoding="UTF-8"?> <Consent xmlns="http://hl7.org/fhir"> <id value="consent-example-pkb"/> <text><status value="generated"/> <div xmlns="http://www.w3.org/1999/xhtml"> <p> This example demonstrates how to encode this screen shot in a consent resource:</p> <p> <img alt="Screenshot from Patient Knows Best" src="pkb.png"/> </p> <p> Thanks to <a href="https://www.patientsknowbest.com/">Patients Know Best</a> for contributing this example</p> <p> Example uses SecurityLabels to define data types</p> </div> </text> <status value="active"/> <category> <coding> <system value="http://loinc.org"/> <code value="59284-0"/> </coding> </category> <subject> <reference value="Patient/example"/> <display value="Peter James Chalmers"/> </subject> <date value="2018-12-28"/> <controller> <reference value="Organization/f001"/> </controller><!-- nothing is approved unless the patient says it is --> <regulatoryBasis> <coding> <system value="http://terminology.hl7.org/CodeSystem/v3-ActCode"/> <code value="INFA"/> </coding> </regulatoryBasis> <decision value="deny"/> <provision><!-- we permit --> <actor><!-- as a receiver of data --> <role> <coding> <system value="http://terminology.hl7.org/CodeSystem/v3-ParticipationType"/> <code value="PRCP"/> </coding> </role><!-- the non-migrated team --> <reference> <reference value="Organization/f001"/> </reference> </actor><!-- to read --> <action> <coding> <system value="http://terminology.hl7.org/CodeSystem/consentaction"/> <code value="access"/> </coding> </action><!-- any data with confidentiality N --> <securityLabel> <system value="http://terminology.hl7.org/CodeSystem/v3-Confidentiality"/> <code value="N"/> </securityLabel> <provision><!-- we permit --> <actor><!-- as a receiver of data --> <role> <coding> <system value="http://terminology.hl7.org/CodeSystem/v3-ParticipationType"/> <code value="PRCP"/> </coding> </role><!-- the non-migrated team --> <reference> <reference value="Organization/f001"/> </reference> </actor><!-- to read --> <action> <coding> <system value="http://terminology.hl7.org/CodeSystem/consentaction"/> <code value="access"/> </coding> </action><!-- any data with tag PSY (see security labels) --> <securityLabel> <system value="http://terminology.hl7.org/CodeSystem/v3-ActCode"/> <code value="PSY"/> </securityLabel> </provision> <provision><!-- we permit --> <actor><!-- as a receiver of data --> <role> <coding> <system value="http://terminology.hl7.org/CodeSystem/v3-ParticipationType"/> <code value="PRCP"/> </coding> </role><!-- the non-migrated team --> <reference> <reference value="Organization/f001"/> </reference> </actor><!-- to read --> <action> <coding> <system value="http://terminology.hl7.org/CodeSystem/consentaction"/> <code value="access"/> </coding> </action><!-- any data with and tag SPI (see security labels). SPI is nearest? --> <securityLabel> <system value="http://terminology.hl7.org/CodeSystem/v3-ActCode"/> <code value="SPI"/> </securityLabel> </provision><!-- other teams follow the same pattern --> <provision> <actor> <role> <coding> <system value="http://terminology.hl7.org/CodeSystem/v3-ParticipationType"/> <code value="PRCP"/> </coding> </role> <reference> <reference value="Organization/f001"/> </reference> </actor> <action> <coding> <system value="http://terminology.hl7.org/CodeSystem/consentaction"/> <code value="access"/> </coding> </action> <securityLabel> <system value="http://terminology.hl7.org/CodeSystem/v3-Confidentiality"/> <code value="N"/> </securityLabel> </provision> <provision> <actor> <role> <coding> <system value="http://terminology.hl7.org/CodeSystem/v3-ParticipationType"/> <code value="PRCP"/> </coding> </role> <reference> <reference value="Organization/f001"/> </reference> </actor> <action> <coding> <system value="http://terminology.hl7.org/CodeSystem/consentaction"/> <code value="access"/> </coding> </action> <securityLabel> <system value="http://terminology.hl7.org/CodeSystem/v3-ActCode"/> <code value="PSY"/> </securityLabel> </provision> <provision> <actor> <role> <coding> <system value="http://terminology.hl7.org/CodeSystem/v3-ParticipationType"/> <code value="PRCP"/> </coding> </role> <reference> <reference value="Organization/f001"/> </reference> </actor> <action> <coding> <system value="http://terminology.hl7.org/CodeSystem/consentaction"/> <code value="access"/> </coding> </action> <securityLabel> <system value="http://terminology.hl7.org/CodeSystem/v3-ActCode"/> <code value="SPI"/> </securityLabel> </provision> <provision> <actor> <role> <coding> <system value="http://terminology.hl7.org/CodeSystem/v3-ParticipationType"/> <code value="PRCP"/> </coding> </role> <reference> <reference value="Organization/f001"/> </reference> </actor> <action> <coding> <system value="http://terminology.hl7.org/CodeSystem/consentaction"/> <code value="access"/> </coding> </action> <securityLabel> <system value="http://terminology.hl7.org/CodeSystem/v3-ActCode"/> <code value="SEX"/> </securityLabel> </provision> <provision> <actor> <role> <coding> <system value="http://terminology.hl7.org/CodeSystem/v3-ParticipationType"/> <code value="PRCP"/> </coding> </role> <reference> <reference value="Organization/f001"/> </reference> </actor> <action> <coding> <system value="http://terminology.hl7.org/CodeSystem/consentaction"/> <code value="access"/> </coding> </action> <securityLabel> <system value="http://terminology.hl7.org/CodeSystem/v3-Confidentiality"/> <code value="N"/> </securityLabel> </provision> <provision> <actor> <role> <coding> <system value="http://terminology.hl7.org/CodeSystem/v3-ParticipationType"/> <code value="PRCP"/> </coding> </role> <reference> <reference value="Organization/f001"/> </reference> </actor> <action> <coding> <system value="http://terminology.hl7.org/CodeSystem/consentaction"/> <code value="access"/> </coding> </action> <securityLabel> <system value="http://terminology.hl7.org/CodeSystem/v3-ActCode"/> <code value="PSY"/> </securityLabel> </provision> <provision> <actor> <role> <coding> <system value="http://terminology.hl7.org/CodeSystem/v3-ParticipationType"/> <code value="PRCP"/> </coding> </role> <reference> <reference value="Organization/f001"/> </reference> </actor> <action> <coding> <system value="http://terminology.hl7.org/CodeSystem/consentaction"/> <code value="access"/> </coding> </action> <securityLabel> <system value="http://terminology.hl7.org/CodeSystem/v3-ActCode"/> <code value="SPI"/> </securityLabel> </provision> <provision> <actor> <role> <coding> <system value="http://terminology.hl7.org/CodeSystem/v3-ParticipationType"/> <code value="PRCP"/> </coding> </role> <reference> <reference value="Organization/f001"/> </reference> </actor> <action> <coding> <system value="http://terminology.hl7.org/CodeSystem/consentaction"/> <code value="access"/> </coding> </action> <securityLabel> <system value="http://terminology.hl7.org/CodeSystem/v3-ActCode"/> <code value="SEX"/> </securityLabel> </provision> <provision> <actor> <role> <coding> <system value="http://terminology.hl7.org/CodeSystem/v3-ParticipationType"/> <code value="PRCP"/> </coding> </role> <reference> <reference value="Organization/f001"/> </reference> </actor> <action> <coding> <system value="http://terminology.hl7.org/CodeSystem/consentaction"/> <code value="access"/> </coding> </action> <securityLabel> <system value="http://terminology.hl7.org/CodeSystem/v3-Confidentiality"/> <code value="N"/> </securityLabel> </provision> </provision> </ Consent >
Usage note: every effort has been made to ensure that the examples are correct and useful, but they are not a normative part of the specification.
FHIR
®©
HL7.org
2011+.
FHIR
R5
hl7.fhir.core#5.0.0
R6
hl7.fhir.core#6.0.0-ballot3
generated
on
Sun,
Mar
26,
2023
15:24+1100.
Mon,
Nov
10,
2025
15:21+0000.
Links:
Search
|
Version
History
|
Contents
|
Glossary
|
QA
|
Compare
to
R4
|
Compare
to
R4B
R5
|
Compare
to
Last
Ballot
|
|
Propose
a
change