|
Level
|
Code
|
Display
|
Definition
|
|
1
|
_Confidentiality
|
Confidentiality
|
A
specializable
code
and
its
leaf
codes
used
in
Confidentiality
value
sets
to
value
the
Act.Confidentiality
and
Role.Confidentiality
attribute
in
accordance
with
the
definition
for
concept
domain
"Confidentiality".
|
|
2
|
L
|
low
|
Definition:
Privacy
metadata
indicating
that
the
information
has
been
de-identified,
a
low
level
of
protection
is
required
to
safeguard
personal
and
there
are
mitigating
circumstances
that
prevent
re-identification,
healthcare
information,
which
has
been
altered
in
such
a
way
as
to
minimize
the
need
for
confidentiality
protections
with
some
residual
risks
associated
with
re-linking.
The
risk
of
harm
from
unauthorized
disclosure.
The
information
requires
protection
to
maintain
low
sensitivity.
an
individual's
reputation
and
sense
of
privacy
if
disclosed
without
authorization
is
considered
negligible,
and
mitigations
are
in
place
to
address
reidentification
risk.
Examples:
Includes
anonymized,
Usage
Note:
The
level
of
protection
afforded
anonymized
and
pseudonymized,
or
and
non-personally
identifiable
information
such
as
HIPAA
(e.g.,
a
limited
data
sets.
Map:
No
clear
map
set)
is
dictated
by
privacy
policies
and
data
use
agreements
intended
to
ISO
13606-4
Sensitivity
Level
(1)
Care
Management:
RECORD_COMPONENTs
engender
trust
that
might
need
to
health
information
can
be
accessed
used
and
disclosed
with
little
or
no
risk
of
re-identification.
Example:
Personal
and
healthcare
information,
which
excludes
16
designated
categories
of
direct
identifiers
in
a
HIPAA
Limited
Data
Set.
This
information
may
be
disclosed
by
HIPAA
Covered
Entities
without
patient
authorization
for
a
wide
range
of
administrative
staff
to
manage
research,
public
health,
and
operations
purposes
if
conditions
are
met,
which
includes
obtaining
a
signed
data
use
agreement
from
the
subject
of
care's
access
to
health
services.
recipient.
See
45
CFR
Section
164.514.
Usage
Note:
This
metadata
indicates
that
the
receiver
may
have
an
obligation
to
comply
with
a
data
use
agreement.
agreement
with
the
discloser.
The
discloser
may
have
obligations
to
comply
with
policies
dictating
the
methods
for
de-identification.
Confidentiality
code
total
order
hierarchy:
Low
(L)
is
less
protective
than
V,
R,
N,
and
M,
and
subsumes
U.
|
|
2
|
M
|
moderate
|
Definition:
Privacy
metadata
indicating
moderately
sensitive
the
level
of
protection
required
to
safeguard
personal
and
healthcare
information,
which
presents
if
disclosed
without
authorization,
would
present
a
moderate
risk
of
harm
if
disclosed
to
an
individual's
reputation
and
sense
of
privacy.
Usage
Note:
The
level
of
protection
afforded
moderately
confidential
information
is
dictated
by
privacy
policies
intended
to
engender
trust
in
a
service
provider.
May
include
publicly
available
information
in
jurisdictions
that
restrict
uses
of
that
information
without
authorization.
the
consent
of
the
data
subject.
Examples:
Includes
allergies
Privacy
policies
mandating
moderate
levels
of
non-sensitive
nature
protection,
which
preempt
less
protective
privacy
policies.
"Moderate"
confidentiality
policies
differ
from
and
would
be
preempted
by
the
prevailing
privacy
policies
mandating
the
normative
level
of
protection
for
information
used
inform
food
service;
in
the
delivery
and
management
of
healthcare.
Confidentiality
code
total
order
hierarchy:
Moderate
(M)
is
less
protective
than
V,
R,
and
N,
and
subsumes
all
other
protection
levels
(i.e.,
L
and
U).
Examples:
Includes
personal
and
health
information
a
patient
that
an
individual
authorizes
to
be
collected,
accessed,
used
for
marketing,
released
or
disclosed
to
a
bank
for
a
health
credit
card
or
savings
account;
or
information
in
personal
health
record
systems
that
are
not
governed
under
health
privacy
laws.
Map:
Partial
Map
to
ISO
13606-4
Sensitivity
Level
(2)
Clinical
Management:
Less
sensitive
RECORD_COMPONENTs
that
might
need
health
oversight
authorities;
to
be
accessed
by
a
wider
range
of
personnel
not
all
of
whom
are
actively
caring
for
the
hospital
patient
(e.g.
radiology
staff).
Usage
Note:
This
metadata
indicates
that
the
receiver
may
be
obligated
directory;
to
comply
with
the
receiver's
terms
of
use
worker
compensation,
disability,
property
and
casualty
or
privacy
policies.
life
insurers;
and
to
personal
health
record
systems,
consumer-controlled
devices,
social
media
accounts
and
online
Apps;
or
for
marketing
purposes
|
|
2
|
N
|
normal
|
Definition:
Privacy
metadata
indicating
that
the
information
is
typical,
non-stigmatizing
health
level
of
protection
required
to
safeguard
personal
and
healthcare
information,
which
presents
typical
risk
of
harm
if
disclosed
without
authorization.
authorization,
would
present
a
considerable
risk
of
harm
to
an
individual's
reputation
and
sense
of
privacy.
Examples:
In
the
US,
this
includes
what
HIPAA
identifies
as
the
minimum
necessary
protected
health
Usage
Note:
The
level
of
protection
afforded
normatively
confidential
information
(PHI)
given
a
covered
purpose
is
dictated
by
the
prevailing
normative
privacy
policies,
which
are
intended
to
engender
patient
trust
in
their
healthcare
providers.
Privacy
policies
mandating
normative
levels
of
use
(treatment,
payment,
or
operations).
Includes
typical,
non-stigmatizing
health
protection,
which
preempt
less
protective
privacy
policies
when
the
information
disclosed
is
used
in
an
application
the
delivery
and
management
of
healthcare.
May
be
pre-empted
by
jurisdictional
law
(e.g.,
for
health,
workers
compensation,
disability,
public
health
reporting
or
life
insurance.
emergency
treatment).
Map:
Partial
Confidentiality
code
total
order
hierarchy:
Normal
(N)
is
less
protective
than
V
and
R,
and
subsumes
all
other
protection
levels
(i.e.,
M,
L,
and
U).
Map:Partial
Map
to
ISO
13606-4
Sensitivity
Level
(3)
Clinical
Care:
Care
when
purpose
of
use
is
treatment:
Default
for
normal
clinical
care
access
(i.e.
(i.e.,
most
clinical
staff
directly
caring
for
the
patient
should
be
able
to
access
nearly
all
of
the
EHR).
Maps
to
normal
confidentiality
for
treatment
information
but
not
to
ancillary
care,
payment
and
operations.
Usage
Note:
This
metadata
indicates
that
the
receiver
may
be
obligated
to
comply
with
applicable
jurisdictional
privacy
law
or
disclosure
authorization.
Examples:
n
the
US,
this
includes
what
HIPAA
identifies
as
protected
health
information
(PHI)
under
45
CFR
Section
160.103.
|
|
2
|
R
|
restricted
|
Privacy
metadata
indicating
highly
sensitive,
the
level
of
protection
required
to
safeguard
potentially
stigmatizing
information,
which
presents
if
disclosed
without
authorization,
would
present
a
high
risk
of
harm
to
an
individual's
reputation
and
sense
of
privacy.
Usage
Note:
The
level
of
protection
afforded
restricted
confidential
information
is
dictated
by
specially
protective
organizational
or
jurisdictional
privacy
policies,
including
at
an
authorized
individual’s
request,
intended
to
engender
patient
trust
in
providers
of
sensitive
services.
Privacy
policies
mandating
additional
levels
of
protection
by
restricting
information
access
preempt
less
protective
privacy
policies
when
the
information
subject
if
disclosed
without
authorization.
is
used
in
the
delivery
and
management
of
healthcare.
May
be
pre-empted
by
jurisdictional
law,
e.g.,
law
(e.g.,
for
public
health
reporting
or
emergency
treatment.
treatment).
Confidentiality
code
total
order
hierarchy:
Restricted
(R)
is
less
protective
than
V,
and
subsumes
all
other
protection
levels
(i.e.,
N,
M,
L,
and
U).
Examples:
Includes
information
that
is
additionally
protected
such
as
sensitive
conditions
mental
health,
HIV,
substance
abuse,
domestic
violence,
child
abuse,
genetic
disease,
and
reproductive
health;
or
sensitive
demographic
information
such
as
a
patient's
patient’s
standing
as
an
employee
or
a
celebrity.
May
be
used
to
indicate
proprietary
or
classified
information
that
is
not
related
to
an
individual,
e.g.,
individual
(e.g.,
secret
ingredients
in
a
therapeutic
substance;
or
the
name
of
a
manufacturer.
Map:
Partial
Map
to
ISO
13606-4
Sensitivity
Level
(3)
Clinical
Care:
Default
for
normal
clinical
care
access
(i.e.
most
clinical
staff
directly
caring
for
the
patient
should
be
able
to
access
nearly
all
of
the
EHR).
Maps
to
normal
confidentiality
for
treatment
information
but
not
to
ancillary
care,
payment
and
operations..
Usage
Note:
This
metadata
indicates
that
the
receiver
may
be
obligated
to
comply
with
applicable,
prevailing
(default)
jurisdictional
privacy
law
or
disclosure
authorization..
manufacturer).
|
|
2
|
U
|
unrestricted
|
Definition:
Privacy
metadata
indicating
that
the
information
no
level
of
protection
is
not
classified
as
sensitive.
required
to
safeguard
personal
and
healthcare
information
that
has
been
disclosed
by
an
authorized
individual
without
restrictions
on
its
use.
Examples:
Includes
publicly
available
information,
information
e.g.,
business
name,
phone,
email
or
and
physical
address.
Usage
Note:
The
authorization
to
collect,
access,
use,
and
disclose
this
information
may
be
stipulated
in
a
contract
of
adhesion
by
a
data
user
(e.g.,
via
terms
of
service
or
data
user
privacy
policies)
in
exchange
for
the
data
subject's
use
of
a
service.
This
metadata
indicates
that
the
receiver
has
no
obligation
to
consider
additional
privacy
policies
other
than
its
own
when
making
access
control
decisions.
Note
This
metadata
indicates
that
in
some
jurisdictions,
personally
identifiable
information
must
be
protected
as
confidential,
so
it
would
not
be
appropriate
the
receiver
has
no
obligation
to
assign
a
confidentiality
consider
privacy
policies
other
than
its
own
when
making
access
control
decisions.
Confidentiality
code
of
"unrestricted"
to
that
information
even
if
it
total
order
hierarchy:
Unrestricted
(U)
is
publicly
available.
less
protective
than
V,
R,
N,
M,
and
L,
and
is
the
lowest
protection
levels.
|
|
2
|
V
|
very
restricted
|
.
Privacy
metadata
indicating
that
the
information
is
level
of
protection
required
under
atypical
cicumstances
to
safeguard
potentially
damaging
or
harmful
information,
which
if
disclosed
without
authorization,
would
(1)
present
an
extremely
sensitive
high
risk
of
harm
to
an
individual's
reputation,
sense
of
privacy,
and
likely
stigmatizing
health
possibly
safety;
or
(2)
impact
an
individual's
or
organization's
legal
matters.
Usage
Note:
The
level
of
protection
afforded
very
restricted
confidential
information
is
dictated
by
specially
protective
privacy
or
legal
policies
intended
to
ensure
that
presents
under
atypical
circumstances
additional
protections
limit
access
to
only
those
with
a
very
high
risk
if
disclosed
without
authorization.
This
'need
to
know'
and
the
information
must
be
is
kept
in
highest
confidence..
Privacy
and
legal
policies
mandating
the
highest
confidence.
level
of
protection
by
stringently
restricting
information
access,
preempt
less
protective
privacy
policies
when
the
information
is
used
in
the
delivery
and
management
of
healthcare
including
legal
proceedings
related
to
healthcare.
May
be
pre-empted
by
jurisdictional
law
(e.g.,
for
public
health
reporting
or
emergency
treatment
but
only
under
limited
circumstances).
Confidentiality
code
total
order
hierarchy:
Very
Restricted
(V)
is
the
highest
protection
level
and
subsumes
all
other
protection
levels
s
(i.e.,
R,
N,
M,
L,
and
UI).
Examples:
Includes
information
about
a
victim
of
abuse,
patient
requested
information
sensitivity,
and
taboo
subjects
relating
to
health
status
that
must
be
discussed
with
the
patient
by
an
attending
provider
before
sharing
with
the
patient.
May
also
include
information
held
under
“legal
lock�
a
legal
hold
or
attorney-client
privilege
Map:
This
metadata
indicates
that
the
receiver
may
not
disclose
this
information
except
as
directed
by
the
information
custodian,
who
may
be
the
information
subject.
Usage
Note:
This
metadata
indicates
that
the
receiver
may
not
disclose
this
information
except
as
directed
by
the
information
custodian,
who
may
be
the
information
subject.
privilege.
|
|
1
|
(_ConfidentialityByAccessKind)
Abstract
Deprecated
|
|
Description:
By
accessing
subject
/
role
and
relationship
based
rights
(These
concepts
are
mutually
exclusive,
one
and
only
one
is
required
for
a
valid
confidentiality
coding.)
Deprecation
Comment:Deprecated
due
to
updated
confidentiality
codes
under
ActCode
|
|
2
|
B
Deprecated
|
business
|
Description:
Since
the
service
class
can
represent
knowledge
structures
that
may
be
considered
a
trade
or
business
secret,
there
is
sometimes
(though
rarely)
the
need
to
flag
those
items
as
of
business
level
confidentiality.
However,
no
patient
related
information
may
ever
be
of
this
confidentiality
level.
Deprecation
Comment:
Replced
by
ActCode.B
|
|
2
|
D
Deprecated
|
clinician
|
Description:
Only
clinicians
may
see
this
item,
billing
and
administration
persons
can
not
access
this
item
without
special
permission.
Deprecation
Comment:Deprecated
due
to
updated
confidentiality
codes
under
ActCode
|
|
2
|
I
Deprecated
|
individual
|
Description:
Access
only
to
individual
persons
who
are
mentioned
explicitly
as
actors
of
this
service
and
whose
actor
type
warrants
that
access
(cf.
to
actor
type
code).
Deprecation
Comment:Deprecated
due
to
updated
confidentiality
codes
under
ActCode
|
|
1
|
(_ConfidentialityByInfoType)
Abstract
Deprecated
|
|
Description:
By
information
type,
only
for
service
catalog
entries
(multiples
allowed).
Not
to
be
used
with
actual
patient
data!
Deprecation
Comment:Deprecated
due
to
updated
confidentiality
codes
under
ActCode
|
|
2
|
ETH
Deprecated
|
substance
abuse
related
|
Description:
Alcohol/drug-abuse
related
item
Deprecation
Comment:Replced
by
ActCode.ETH
|
|
2
|
HIV
Deprecated
|
HIV
related
|
Description:
HIV
and
AIDS
related
item
Deprecation
Comment:Replced
by
ActCode.HIV
|
|
2
|
PSY
Deprecated
|
psychiatry
relate
|
Description:
Psychiatry
related
item
Deprecation
Comment:Replced
by
ActCode.PSY
|
|
2
|
SDV
Deprecated
|
sexual
and
domestic
violence
related
|
Description:
Sexual
assault
/
domestic
violence
related
item
Deprecation
Comment:Replced
by
ActCode.SDV
|
|
1
|
(_ConfidentialityModifiers)
Abstract
Deprecated
|
|
Description:
Modifiers
of
role
based
access
rights
(multiple
allowed)
Deprecation
Comment:Deprecated
due
to
updated
confidentiality
codes
under
ActCode
|
|
2
|
C
Deprecated
|
celebrity
|
Description:
Celebrities
are
people
of
public
interest
(VIP)
including
employees,
whose
information
require
special
protection.
Deprecation
Comment:Replced
by
ActCode.CEL
|
|
2
|
S
Deprecated
|
sensitive
|
Description:
Information
for
which
the
patient
seeks
heightened
confidentiality.
Sensitive
information
is
not
to
be
shared
with
family
members.
Information
reported
by
the
patient
about
family
members
is
sensitive
by
default.
Flag
can
be
set
or
cleared
on
patient's
request.
Deprecation
Comment:Deprecated
due
to
updated
confidentiality
codes
under
ActCode
|
|
2
|
T
Deprecated
|
taboo
|
Description:
Information
not
to
be
disclosed
or
discussed
with
patient
except
through
physician
assigned
to
patient
in
this
case.
This
is
usually
a
temporary
constraint
only,
example
use
is
a
new
fatal
diagnosis
or
finding,
such
as
malignancy
or
HIV.
Deprecation
Note:Replced
by
ActCode.TBOO
|
.
Page
versions:
R4
R3
Work
Group
|
Propose
a
change
Terminology