Release
4
4B
Security
and
Privacy
This
page
is
part
of
the
FHIR
Specification
(v4.0.1:
R4
(v4.3.0:
R4B
-
Mixed
Normative
and
STU
)
in
it's
permanent
home
(it
will
always
be
available
at
this
URL).
).
The
current
version
which
supercedes
this
version
is
5.0.0
.
For
a
full
list
of
available
versions,
see
the
Directory
of
published
versions
.
Page
versions:
R5
R4B
R4
R4B
R4
R3
R2
|
Community
Based
Collaborative
Care
Work
Group
|
Maturity Level : 2 | Trial Use | Security Category : Patient | Compartments : Patient |
A record of a healthcare consumer’s choices, which permits or denies identified recipient(s) or recipient role(s) to perform one or more actions within a given policy context, for specific purposes and periods of time.
The purpose of this Resource is to be used to express a Consent regarding Healthcare. There are four anticipated uses for the Consent Resource, all of which are written or verbal agreements by a healthcare consumer [grantor] or a personal representative, made to an authorized entity [grantee] concerning authorized or restricted actions with any limitations on purpose of use, and handling instructions to which the authorized entity must comply:
This resource is scoped to cover all four uses, but at this time, only the privacy use case is modeled. The scope of the resource may change when the other possible scopes are investigated, tested, or profiled.
A FHIR Consent Directive instance is considered the encoded legally binding Consent Directive if it meets requirements of a policy domain requirements for an enforceable contract. In some domains, electronic signatures of one or both of the parties to the content of an encoded representation of a Consent Form is deemed to constitute a legally binding Consent Directive. Some domains accept a notary’s electronic signature over the wet or electronic signature of a party to the Consent Directive as the additional identity proofing required to make an encoded Consent Directive legally binding. Other domains may only accept a wet signature or might not require the parties’ signatures at all.
Whatever the criteria are for making an encoded FHIR Consent Directive legally binding, anything less than a legally binding representation of a Consent Directive must be identified as such, i.e., as a derivative of the legally binding Consent Directive, which has specific usage in Consent Directive workflow management.
Definitions:
| Consent | The record of a healthcare consumer’s policy choices, which permits or denies identified recipient(s) or recipient role(s) to perform one or more actions within a given policy context, for specific purposes and periods of time |
| Consent Directive | The legal record of a healthcare consumer's agreement with a party responsible for enforcing the consumer’s choices, which permits or denies identified actors or roles to perform actions affecting the consumer within a given context for specific purposes and periods of time |
| Consent Form | Human readable consent content describing one or more actions impacting the grantor for which the grantee would be authorized or prohibited from performing. It includes the terms, rules, and conditions pertaining to the authorization or restrictions, such as effective time, applicability or scope, purposes of use, obligations and prohibitions to which the grantee must comply. Once a Consent Form is “executed” by means required by policy, such as verbal agreement, wet signature, or electronic/digital signature, it becomes a legally binding Consent Directive. |
| Consent Directive Derivative |
Consent
Content
that
conveys
the
minimal
set
of
information
needed
to
manage
Consent
Directive
workflow,
including
providing
Consent
Directive
content
sufficient
to:
Derived Consent content includes the Security Labels encoding the applicable privacy and security policies. Consent Security Labels inform recipients about specific access control measures required for compliance. |
| Consent Statement | A Consent Directive derivative has less than full fidelity to the legally binding Consent Directive from which it was "transcribed". It provides recipients with the full content representation they may require for compliance purposes, and typically include a reference to or an attached unstructured representation for recipients needing an exact copy of the legal agreement. |
| Consent Registration | The legal record of a healthcare consumer's agreement with a party responsible for enforcing the consumer’s choices, which permits or denies identified actors or roles to perform actions affecting the consumer within a given context for specific purposes and periods of timeA Consent Directive derivative that conveys the minimal set of information needed to register an active and revoked Consent Directive, or to update Consent status as it changes during its lifecycle. |
| Consent Query/Response Types |
The
FHIR
Consent
Resource
specifies
multiple
Consent
Search
parameters,
which
support
many
types
of
queries
for
Consent
Resource
content.
There
are
several
Query/Response
patterns
that
are
typically
used
for
obtaining
information
about
consent
directive
content
for
the
following
use
cases:
|
| Policy context | Any organizational or jurisdictional policies, which may limit the consumer’s policy choices, and which includes the named range of actions allowed |
| Healthcare Consumer | The individual establishing his/her personal consent (i.e. Consenter). In FHIR, this is referred to as the 'Patient' though this word is not used across all contexts of care |
Privacy policies define how Individually Identifiable Health Information (IIHI) is to be collected, accessed, used and disclosed. A Privacy Consent Directive as a legal record of a patient's (e.g. a healthcare consumer) agreement with a party responsible for enforcing the patient's choices, which permits or denies identified actors or roles to perform actions affecting the patient within a given context for specific purposes and periods of time. All consent directives have a policy context, which is any set of organizational or jurisdictional policies which may limit the consumer’s policy choices, and which include a named range of actions allowed. In addition, Privacy Consent Directives provide the ability for a healthcare consumer to delegate authority to a Substitute Decision Maker who may act on behalf of that individual. Alternatively, a consumer may author/publish their privacy preferences as a self-declared Privacy Consent Directive.
The Consent resource on FHIR provides support for alternative representations for expressing interoperable health information privacy consent directives in a standard form for the exchange and enforcement by sending, intermediating, or receiving systems of privacy policies that can be enforced by consuming systems (e.g., scanned documents, of computable structured entries elements, FHIR structures with optional attached, or referenced unstructured representations.) It may be used to represent the Privacy Consent Directive itself, a Consent Statement, which electronically represents a Consent Directive, or Consent Metadata, which is the minimum necessary consent content derived from a Consent Directive for use in workflow management.
Consent management - particularly privacy consent - is complicated by the fact that consent to share is often itself necessary to protect. The need to protect the privacy of the privacy statement itself competes with the execution of the consent statement. For this reason, it is common to deal with 'consent statements' that are only partial representations of the full consent statement that the patient provided.
For this reason, the consent resource contains two elements that refer back to the source: a master identifier, and a direct reference to content from which this Consent Statement was derived. That reference can be one of several things:
,
which
incorporated
the
IHE
Basic
Patient
Privacy
Consents
(BPPC)
),
either
directly,
or
in
a
reference
The consent statements represent a chain that refers back to the original source consent directive. Applications may be able to follow the chain back to the source but should not generally assume that they are authorized to do this.
Consent Directives are executed by verbal acknowledge or by being signed - either on paper, or digitally. Consent Signatures will be found in the Provenance resource (example consent and signature ). Implementation Guides will generally make rules about what signatures are required, and how they are to be shared and used.
Change to "The Consent resource is structured with a base policy (represented as Consent.policy/Consent.policyRule) which is either opt-in or opt-out, followed by a listing of exceptions to that policy (represented as Consent.provision(s)). The exceptions can be additional positive or negative exceptions upon the base policy. The set of exceptions include a list of data objects, list of authors, list of recipients, list of Organizations, list of purposeOfUse, and Date Range.
The enforcement of the Privacy Consent Directive is not included but is expected that enforcement can be done using a mix of the various Access Control enforcement methodologies (e.g. OAuth, UMA, XACML). This enforcement includes the details of the enforcement meaning of the elements of the Privacy Consent Directive, such as the rules in place when there is an opt-in consent would be specific about which organizational roles have access to what kinds of resources (e.g. RBAC, ABAC). The specification of these details is not in scope for the Consent resource.
This resource is referenced by itself and ResearchSubject .
This resource implements the Event pattern.
Structure
| Name | Flags | Card. | Type |
Description
&
Constraints
|
|---|---|---|---|---|
Consent
|
|
DomainResource |
A
healthcare
consumer's
choices
to
permit
or
deny
recipients
or
roles
to
perform
actions
for
specific
purposes
and
periods
of
time
+ Rule: Either a Policy or PolicyRule + Rule: IF Scope=privacy, there must be a patient + Rule: IF Scope=research, there must be a patient + Rule: IF Scope=adr, there must be a patient + Rule: IF Scope=treatment, there must be a patient Elements defined in Ancestors: id , meta , implicitRules , language , text , contained , extension , modifierExtension |
|
identifier
|
Σ | 0..* | Identifier |
Identifier
for
this
record
(external
references)
|
status
|
?! Σ | 1..1 | code |
draft
|
proposed
|
active
|
rejected
|
inactive
|
entered-in-error
ConsentState ( Required ) |
|
scope
|
?! Σ | 1..1 | CodeableConcept |
Which
of
the
four
areas
this
resource
covers
(extensible)
Consent Scope Codes ( Extensible ) |
|
category
|
Σ | 1..* | CodeableConcept |
Classification
of
the
consent
statement
-
for
indexing/retrieval
Consent Category Codes ( Extensible ) |
patient
|
Σ | 0..1 | Reference ( Patient ) | Who the consent applies to |
|
dateTime
|
Σ | 0..1 | dateTime | When this Consent was created or indexed |
|
performer
|
Σ | 0..* | Reference ( Organization | Patient | Practitioner | RelatedPerson | PractitionerRole ) |
Who
is
agreeing
to
the
policy
and
rules
|
|
organization
|
Σ | 0..* | Reference ( Organization ) |
Custodian
of
the
consent
|
source[x]
|
Σ | 0..1 | Source from which this consent is taken | |
sourceAttachment
|
Attachment | |||
sourceReference
|
Reference ( Consent | DocumentReference | Contract | QuestionnaireResponse ) | |||
policy
|
0..* | BackboneElement |
Policies
covered
by
this
consent
|
|
|
authority
|
I | 0..1 | uri | Enforcement source for policy |
|
uri
|
I | 0..1 | uri | Specific policy covered by this consent |
|
policyRule
|
Σ I | 0..1 | CodeableConcept |
Regulation
that
this
consents
to
Consent PolicyRule Codes ( Extensible ) |
|
verification
|
Σ | 0..* | BackboneElement |
Consent
Verified
by
patient
or
family
|
|
verified
|
Σ | 1..1 | boolean | Has been verified |
|
verifiedWith
|
0..1 | Reference ( Patient | RelatedPerson ) | Person who verified | |
|
verificationDate
|
0..1 | dateTime | When consent verified | |
provision
|
Σ | 0..1 | BackboneElement | Constraints to the base Consent.policyRule |
type
|
Σ | 0..1 | code |
deny
|
permit
ConsentProvisionType ( Required ) |
|
period
|
Σ | 0..1 | Period | Timeframe for this rule |
|
actor
|
0..* | BackboneElement |
Who|what
controlled
by
this
rule
(or
group,
by
role)
|
|
|
role
|
1..1 | CodeableConcept |
How
the
actor
is
involved
SecurityRoleType ( Extensible ) |
|
|
reference
|
1..1 | Reference ( Device | Group | CareTeam | Organization | Patient | Practitioner | RelatedPerson | PractitionerRole ) | Resource for the actor (or group, by role) | |
|
action
|
Σ | 0..* | CodeableConcept |
Actions
controlled
by
this
rule
Consent Action Codes ( Example ) |
|
securityLabel
|
Σ | 0..* | Coding |
Security
Labels
that
define
affected
resources
SecurityLabels ( Extensible ) |
|
purpose
|
Σ | 0..* | Coding |
Context
of
activities
covered
by
this
rule
(
Extensible
)
|
|
class
|
Σ | 0..* | Coding |
e.g.
Resource
Type,
Profile,
CDA,
etc.
Consent Content Class ( Extensible ) |
|
code
|
Σ | 0..* | CodeableConcept |
e.g.
LOINC
or
SNOMED
CT
code,
etc.
in
the
content
Consent Content Codes ( Example ) |
|
dataPeriod
|
Σ | 0..1 | Period | Timeframe for data controlled by this rule |
|
data
|
Σ | 0..* | BackboneElement |
Data
controlled
by
this
rule
|
|
meaning
|
Σ | 1..1 | code |
instance
|
related
|
dependents
|
authoredby
ConsentDataMeaning ( Required ) |
|
reference
|
Σ | 1..1 | Reference ( Any ) | The actual data reference |
provision
|
0..* | see provision |
Nested
Exception
Rules
|
|
|
Documentation
for
this
format
|
||||
UML Diagram ( Legend )
XML Template
<<Consent xmlns="http://hl7.org/fhir"><!-- from Resource: id, meta, implicitRules, and language --> <!-- from DomainResource: text, contained, extension, and modifierExtension --> <identifier><!-- 0..* Identifier Identifier for this record (external references) --></identifier> <status value="[code]"/><!-- 1..1 draft | proposed | active | rejected | inactive | entered-in-error --> <scope><!-- 1..1 CodeableConcept Which of the four areas this resource covers (extensible) --></scope> <category><!-- 1..* CodeableConcept Classification of the consent statement - for indexing/retrieval --></category> <patient><!-- 0..1 Reference(Patient) Who the consent applies to --></patient> <dateTime value="[dateTime]"/><!-- 0..1 When this Consent was created or indexed -->
<| </performer><performer><!-- 0..* Reference(Organization|Patient|Practitioner| PractitionerRole|RelatedPerson) Who is agreeing to the policy and rules --></performer> <organization><!-- 0..* Reference(Organization) Custodian of the consent --></organization><|<source[x]><!-- 0..1 Attachment|Reference(Consent|Contract|DocumentReference| QuestionnaireResponse) Source from which this consent is taken --></source[x]> <policy> <!-- 0..* Policies covered by this consent --> <authority value="[uri]"/><!--0..1 Enforcement source for policy --> <uri value="[uri]"/><!--
<| </reference><reference><!-- 1..1 Reference(CareTeam|Device|Group|Organization|Patient| Practitioner|PractitionerRole|RelatedPerson) Resource for the actor (or group, by role) --></reference> </actor> <action><!-- 0..* CodeableConcept Actions controlled by this rule --></action> <securityLabel><!-- 0..* Coding Security Labels that define affected resources --></securityLabel><</purpose><purpose><!-- 0..* Coding Context of activities covered by this rule
JSON Template
{
"resourceType" : "",
"resourceType" : "Consent",
// from Resource: id, meta, implicitRules, and language
// from DomainResource: text, contained, extension, and modifierExtension
"identifier" : [{ Identifier }], // Identifier for this record (external references)
"status" : "<code>", // R! draft | proposed | active | rejected | inactive | entered-in-error
"scope" : { CodeableConcept }, // R! Which of the four areas this resource covers (extensible)
"category" : [{ CodeableConcept }], // R! Classification of the consent statement - for indexing/retrieval
"patient" : { Reference(Patient) }, // Who the consent applies to
"dateTime" : "<dateTime>", // When this Consent was created or indexed
"|
"performer" : [{ Reference(Organization|Patient|Practitioner|
PractitionerRole|RelatedPerson) }], // Who is agreeing to the policy and rules
"organization" : [{ Reference(Organization) }], // Custodian of the consent
// source[x]: Source from which this consent is taken. One of these 2:
"sourceAttachment" : { Attachment },
"|
"sourceReference" : { Reference(Consent|Contract|DocumentReference|
QuestionnaireResponse) },
"policy" : [{ // Policies covered by this consent
"authority" : "<uri>", // C? Enforcement source for policy
"uri" : "<uri>" // C? Specific policy covered by this consent
}],
"policyRule" : { CodeableConcept }, // C? Regulation that this consents to
"verification" : [{ // Consent Verified by patient or family
"verified" : <boolean>, // R! Has been verified
"verifiedWith" : { Reference(Patient|RelatedPerson) }, // Person who verified
"verificationDate" : "<dateTime>" // When consent verified
}],
"provision" : { // Constraints to the base Consent.policyRule
"type" : "<code>", // deny | permit
"period" : { Period }, // Timeframe for this rule
"actor" : [{ // Who|what controlled by this rule (or group, by role)
"role" : { CodeableConcept }, // R! How the actor is involved
"|
"reference" : { Reference(CareTeam|Device|Group|Organization|Patient|
Practitioner|PractitionerRole|RelatedPerson) } // R! Resource for the actor (or group, by role)
}],
"action" : [{ CodeableConcept }], // Actions controlled by this rule
"securityLabel" : [{ Coding }], // Security Labels that define affected resources
"
"purpose" : [{ Coding }], // Context of activities covered by this rule
"class" : [{ Coding }], // e.g. Resource Type, Profile, CDA, etc.
"code" : [{ CodeableConcept }], // e.g. LOINC or SNOMED CT code, etc. in the content
"dataPeriod" : { Period }, // Timeframe for data controlled by this rule
"data" : [{ // Data controlled by this rule
"meaning" : "<code>", // R! instance | related | dependents | authoredby
"reference" : { Reference(Any) } // R! The actual data reference
}],
"provision" : [{ Content as for Consent.provision }] // Nested Exception Rules
}
}
Turtle Template
@prefix fhir: <http://hl7.org/fhir/> .[ a fhir:;[ a fhir:Consent; fhir:nodeRole fhir:treeRoot; # if this is the parser root # from Resource: .id, .meta, .implicitRules, and .language # from DomainResource: .text, .contained, .extension, and .modifierExtension fhir:Consent.identifier [ Identifier ], ... ; # 0..* Identifier for this record (external references) fhir:Consent.status [ code ]; # 1..1 draft | proposed | active | rejected | inactive | entered-in-error fhir:Consent.scope [ CodeableConcept ]; # 1..1 Which of the four areas this resource covers (extensible) fhir:Consent.category [ CodeableConcept ], ... ; # 1..* Classification of the consent statement - for indexing/retrieval fhir:Consent.patient [ Reference(Patient) ]; # 0..1 Who the consent applies to fhir:Consent.dateTime [ dateTime ]; # 0..1 When this Consent was created or indexedfhir:fhir:Consent.performer [ Reference(Organization|Patient|Practitioner|PractitionerRole|RelatedPerson) ], ... ; # 0..* Who is agreeing to the policy and rules fhir:Consent.organization [ Reference(Organization) ], ... ; # 0..* Custodian of the consent # Consent.source[x] : 0..1 Source from which this consent is taken. One of these 2 fhir:Consent.sourceAttachment [ Attachment ]fhir:) ]fhir:Consent.sourceReference [ Reference(Consent|Contract|DocumentReference|QuestionnaireResponse) ] fhir:Consent.policy [ # 0..* Policies covered by this consent fhir:Consent.policy.authority [ uri ]; # 0..1 Enforcement source for policy fhir:Consent.policy.uri [ uri ]; # 0..1 Specific policy covered by this consent ], ...; fhir:Consent.policyRule [ CodeableConcept ]; # 0..1 Regulation that this consents to fhir:Consent.verification [ # 0..* Consent Verified by patient or family fhir:Consent.verification.verified [ boolean ]; # 1..1 Has been verified fhir:Consent.verification.verifiedWith [ Reference(Patient|RelatedPerson) ]; # 0..1 Person who verified fhir:Consent.verification.verificationDate [ dateTime ]; # 0..1 When consent verified ], ...; fhir:Consent.provision [ # 0..1 Constraints to the base Consent.policyRule fhir:Consent.provision.type [ code ]; # 0..1 deny | permit fhir:Consent.provision.period [ Period ]; # 0..1 Timeframe for this rule fhir:Consent.provision.actor [ # 0..* Who|what controlled by this rule (or group, by role) fhir:Consent.provision.actor.role [ CodeableConcept ]; # 1..1 How the actor is involvedfhir:|fhir:Consent.provision.actor.reference [ Reference(CareTeam|Device|Group|Organization|Patient|Practitioner|PractitionerRole| RelatedPerson) ]; # 1..1 Resource for the actor (or group, by role) ], ...; fhir:Consent.provision.action [ CodeableConcept ], ... ; # 0..* Actions controlled by this rule fhir:Consent.provision.securityLabel [ Coding ], ... ; # 0..* Security Labels that define affected resources fhir:Consent.provision.purpose [ Coding ], ... ; # 0..* Context of activities covered by this rule fhir:Consent.provision.class [ Coding ], ... ; # 0..* e.g. Resource Type, Profile, CDA, etc. fhir:Consent.provision.code [ CodeableConcept ], ... ; # 0..* e.g. LOINC or SNOMED CT code, etc. in the content fhir:Consent.provision.dataPeriod [ Period ]; # 0..1 Timeframe for data controlled by this rule fhir:Consent.provision.data [ # 0..* Data controlled by this rule fhir:Consent.provision.data.meaning [ code ]; # 1..1 instance | related | dependents | authoredby fhir:Consent.provision.data.reference [ Reference(Any) ]; # 1..1 The actual data reference ], ...; fhir:Consent.provision.provision [ See Consent.provision ], ... ; # 0..* Nested Exception Rules ]; ]
Changes
since
R3
R4
| Consent |
|
See the Full Difference for further information
This analysis is available as XML or JSON .
Conversions between R3 and R4
See R3 <--> R4 Conversion Maps (status = 12 tests that all execute ok. All tests pass round-trip testing and 12 r3 resources are invalid (0 errors). )
Structure
| Name | Flags | Card. | Type |
Description
&
Constraints
|
|---|---|---|---|---|
|
Consent
|
|
DomainResource |
A
healthcare
consumer's
choices
to
permit
or
deny
recipients
or
roles
to
perform
actions
for
specific
purposes
and
periods
of
time
+ Rule: Either a Policy or PolicyRule + Rule: IF Scope=privacy, there must be a patient + Rule: IF Scope=research, there must be a patient + Rule: IF Scope=adr, there must be a patient + Rule: IF Scope=treatment, there must be a patient Elements defined in Ancestors: id , meta , implicitRules , language , text , contained , extension , modifierExtension |
|
|
identifier
|
Σ | 0..* | Identifier |
Identifier
for
this
record
(external
references)
|
|
status
|
?! Σ | 1..1 | code |
draft
|
proposed
|
active
|
rejected
|
inactive
|
entered-in-error
ConsentState ( Required ) |
|
scope
|
?! Σ | 1..1 | CodeableConcept |
Which
of
the
four
areas
this
resource
covers
(extensible)
Consent Scope Codes ( Extensible ) |
|
category
|
Σ | 1..* | CodeableConcept |
Classification
of
the
consent
statement
-
for
indexing/retrieval
Consent Category Codes ( Extensible ) |
|
patient
|
Σ | 0..1 | Reference ( Patient ) | Who the consent applies to |
|
dateTime
|
Σ | 0..1 | dateTime | When this Consent was created or indexed |
|
performer
|
Σ | 0..* | Reference ( Organization | Patient | Practitioner | RelatedPerson | PractitionerRole ) |
Who
is
agreeing
to
the
policy
and
rules
|
|
organization
|
Σ | 0..* | Reference ( Organization ) |
Custodian
of
the
consent
|
|
source[x]
|
Σ | 0..1 | Source from which this consent is taken | |
|
sourceAttachment
|
Attachment | |||
|
sourceReference
|
Reference ( Consent | DocumentReference | Contract | QuestionnaireResponse ) | |||
|
policy
|
0..* | BackboneElement |
Policies
covered
by
this
consent
|
|
|
authority
|
I | 0..1 | uri | Enforcement source for policy |
|
uri
|
I | 0..1 | uri | Specific policy covered by this consent |
|
policyRule
|
Σ I | 0..1 | CodeableConcept |
Regulation
that
this
consents
to
Consent PolicyRule Codes ( Extensible ) |
|
verification
|
Σ | 0..* | BackboneElement |
Consent
Verified
by
patient
or
family
|
|
verified
|
Σ | 1..1 | boolean | Has been verified |
|
verifiedWith
|
0..1 | Reference ( Patient | RelatedPerson ) | Person who verified | |
|
verificationDate
|
0..1 | dateTime | When consent verified | |
|
provision
|
Σ | 0..1 | BackboneElement | Constraints to the base Consent.policyRule |
|
type
|
Σ | 0..1 | code |
deny
|
permit
ConsentProvisionType ( Required ) |
|
period
|
Σ | 0..1 | Period | Timeframe for this rule |
|
actor
|
0..* | BackboneElement |
Who|what
controlled
by
this
rule
(or
group,
by
role)
|
|
|
role
|
1..1 | CodeableConcept |
How
the
actor
is
involved
SecurityRoleType ( Extensible ) |
|
|
reference
|
1..1 | Reference ( Device | Group | CareTeam | Organization | Patient | Practitioner | RelatedPerson | PractitionerRole ) | Resource for the actor (or group, by role) | |
|
action
|
Σ | 0..* | CodeableConcept |
Actions
controlled
by
this
rule
Consent Action Codes ( Example ) |
|
securityLabel
|
Σ | 0..* | Coding |
Security
Labels
that
define
affected
resources
SecurityLabels ( Extensible ) |
|
purpose
|
Σ | 0..* | Coding |
Context
of
activities
covered
by
this
rule
(
Extensible
)
|
|
class
|
Σ | 0..* | Coding |
e.g.
Resource
Type,
Profile,
CDA,
etc.
Consent Content Class ( Extensible ) |
|
code
|
Σ | 0..* | CodeableConcept |
e.g.
LOINC
or
SNOMED
CT
code,
etc.
in
the
content
Consent Content Codes ( Example ) |
|
dataPeriod
|
Σ | 0..1 | Period | Timeframe for data controlled by this rule |
|
data
|
Σ | 0..* | BackboneElement |
Data
controlled
by
this
rule
|
|
meaning
|
Σ | 1..1 | code |
instance
|
related
|
dependents
|
authoredby
ConsentDataMeaning ( Required ) |
|
reference
|
Σ | 1..1 | Reference ( Any ) | The actual data reference |
|
provision
|
0..* | see provision |
Nested
Exception
Rules
|
|
|
Documentation
for
this
format
|
||||
XML Template
<<Consent xmlns="http://hl7.org/fhir"><| </performer><performer><!-- 0..* Reference(Organization|Patient|Practitioner| PractitionerRole|RelatedPerson) Who is agreeing to the policy and rules --></performer> <organization><!-- 0..* Reference(Organization) Custodian of the consent --></organization><|<source[x]><!-- 0..1 Attachment|Reference(Consent|Contract|DocumentReference| QuestionnaireResponse) Source from which this consent is taken --></source[x]> <policy> <!-- 0..* Policies covered by this consent --> <authority value="[uri]"/><!--<| </reference><reference><!-- 1..1 Reference(CareTeam|Device|Group|Organization|Patient| Practitioner|PractitionerRole|RelatedPerson) Resource for the actor (or group, by role) --></reference> </actor> <action><!-- 0..* CodeableConcept Actions controlled by this rule --></action> <securityLabel><!-- 0..* Coding Security Labels that define affected resources --></securityLabel><</purpose><purpose><!-- 0..* Coding Context of activities covered by this rule
JSON Template
{
"resourceType" : "",
"resourceType" : "Consent",
// from Resource: id, meta, implicitRules, and language
// from DomainResource: text, contained, extension, and modifierExtension
"identifier" : [{ Identifier }], // Identifier for this record (external references)
"status" : "<code>", // R! draft | proposed | active | rejected | inactive | entered-in-error
"scope" : { CodeableConcept }, // R! Which of the four areas this resource covers (extensible)
"category" : [{ CodeableConcept }], // R! Classification of the consent statement - for indexing/retrieval
"patient" : { Reference(Patient) }, // Who the consent applies to
"dateTime" : "<dateTime>", // When this Consent was created or indexed
"|
"performer" : [{ Reference(Organization|Patient|Practitioner|
PractitionerRole|RelatedPerson) }], // Who is agreeing to the policy and rules
"organization" : [{ Reference(Organization) }], // Custodian of the consent
// source[x]: Source from which this consent is taken. One of these 2:
"sourceAttachment" : { Attachment },
"|
"sourceReference" : { Reference(Consent|Contract|DocumentReference|
QuestionnaireResponse) },
"policy" : [{ // Policies covered by this consent
"authority" : "<uri>", // C? Enforcement source for policy
"uri" : "<uri>" // C? Specific policy covered by this consent
}],
"policyRule" : { CodeableConcept }, // C? Regulation that this consents to
"verification" : [{ // Consent Verified by patient or family
"verified" : <boolean>, // R! Has been verified
"verifiedWith" : { Reference(Patient|RelatedPerson) }, // Person who verified
"verificationDate" : "<dateTime>" // When consent verified
}],
"provision" : { // Constraints to the base Consent.policyRule
"type" : "<code>", // deny | permit
"period" : { Period }, // Timeframe for this rule
"actor" : [{ // Who|what controlled by this rule (or group, by role)
"role" : { CodeableConcept }, // R! How the actor is involved
"|
"reference" : { Reference(CareTeam|Device|Group|Organization|Patient|
Practitioner|PractitionerRole|RelatedPerson) } // R! Resource for the actor (or group, by role)
}],
"action" : [{ CodeableConcept }], // Actions controlled by this rule
"securityLabel" : [{ Coding }], // Security Labels that define affected resources
"
"purpose" : [{ Coding }], // Context of activities covered by this rule
"class" : [{ Coding }], // e.g. Resource Type, Profile, CDA, etc.
"code" : [{ CodeableConcept }], // e.g. LOINC or SNOMED CT code, etc. in the content
"dataPeriod" : { Period }, // Timeframe for data controlled by this rule
"data" : [{ // Data controlled by this rule
"meaning" : "<code>", // R! instance | related | dependents | authoredby
"reference" : { Reference(Any) } // R! The actual data reference
}],
"provision" : [{ Content as for Consent.provision }] // Nested Exception Rules
}
}
Turtle Template
@prefix fhir: <http://hl7.org/fhir/> .[ a fhir:;[ a fhir:Consent; fhir:nodeRole fhir:treeRoot; # if this is the parser root # from Resource: .id, .meta, .implicitRules, and .language # from DomainResource: .text, .contained, .extension, and .modifierExtension fhir:Consent.identifier [ Identifier ], ... ; # 0..* Identifier for this record (external references) fhir:Consent.status [ code ]; # 1..1 draft | proposed | active | rejected | inactive | entered-in-error fhir:Consent.scope [ CodeableConcept ]; # 1..1 Which of the four areas this resource covers (extensible) fhir:Consent.category [ CodeableConcept ], ... ; # 1..* Classification of the consent statement - for indexing/retrieval fhir:Consent.patient [ Reference(Patient) ]; # 0..1 Who the consent applies to fhir:Consent.dateTime [ dateTime ]; # 0..1 When this Consent was created or indexedfhir:fhir:Consent.performer [ Reference(Organization|Patient|Practitioner|PractitionerRole|RelatedPerson) ], ... ; # 0..* Who is agreeing to the policy and rules fhir:Consent.organization [ Reference(Organization) ], ... ; # 0..* Custodian of the consent # Consent.source[x] : 0..1 Source from which this consent is taken. One of these 2 fhir:Consent.sourceAttachment [ Attachment ]fhir:) ]fhir:Consent.sourceReference [ Reference(Consent|Contract|DocumentReference|QuestionnaireResponse) ] fhir:Consent.policy [ # 0..* Policies covered by this consent fhir:Consent.policy.authority [ uri ]; # 0..1 Enforcement source for policy fhir:Consent.policy.uri [ uri ]; # 0..1 Specific policy covered by this consent ], ...; fhir:Consent.policyRule [ CodeableConcept ]; # 0..1 Regulation that this consents to fhir:Consent.verification [ # 0..* Consent Verified by patient or family fhir:Consent.verification.verified [ boolean ]; # 1..1 Has been verified fhir:Consent.verification.verifiedWith [ Reference(Patient|RelatedPerson) ]; # 0..1 Person who verified fhir:Consent.verification.verificationDate [ dateTime ]; # 0..1 When consent verified ], ...; fhir:Consent.provision [ # 0..1 Constraints to the base Consent.policyRule fhir:Consent.provision.type [ code ]; # 0..1 deny | permit fhir:Consent.provision.period [ Period ]; # 0..1 Timeframe for this rule fhir:Consent.provision.actor [ # 0..* Who|what controlled by this rule (or group, by role) fhir:Consent.provision.actor.role [ CodeableConcept ]; # 1..1 How the actor is involvedfhir:|fhir:Consent.provision.actor.reference [ Reference(CareTeam|Device|Group|Organization|Patient|Practitioner|PractitionerRole| RelatedPerson) ]; # 1..1 Resource for the actor (or group, by role) ], ...; fhir:Consent.provision.action [ CodeableConcept ], ... ; # 0..* Actions controlled by this rule fhir:Consent.provision.securityLabel [ Coding ], ... ; # 0..* Security Labels that define affected resources fhir:Consent.provision.purpose [ Coding ], ... ; # 0..* Context of activities covered by this rule fhir:Consent.provision.class [ Coding ], ... ; # 0..* e.g. Resource Type, Profile, CDA, etc. fhir:Consent.provision.code [ CodeableConcept ], ... ; # 0..* e.g. LOINC or SNOMED CT code, etc. in the content fhir:Consent.provision.dataPeriod [ Period ]; # 0..1 Timeframe for data controlled by this rule fhir:Consent.provision.data [ # 0..* Data controlled by this rule fhir:Consent.provision.data.meaning [ code ]; # 1..1 instance | related | dependents | authoredby fhir:Consent.provision.data.reference [ Reference(Any) ]; # 1..1 The actual data reference ], ...; fhir:Consent.provision.provision [ See Consent.provision ], ... ; # 0..* Nested Exception Rules ]; ]
Changes
since
Release
3
4
| Consent |
|
See the Full Difference for further information
This analysis is available as XML or JSON .
Conversions between R3 and R4
See R3 <--> R4 Conversion Maps (status = 12 tests that all execute ok. All tests pass round-trip testing and 12 r3 resources are invalid (0 errors). )
See the Profiles & Extensions and the alternate definitions: Master Definition XML + JSON , XML Schema / Schematron + JSON Schema , ShEx (for Turtle ) + see the extensions & the dependency analysis
| Path | Definition | Type | Reference |
|---|---|---|---|
| Consent.status |
|
Required | ConsentState |
| Consent.scope |
|
Extensible | ConsentScopeCodes |
| Consent.category |
|
Extensible | ConsentCategoryCodes |
| Consent.policyRule |
|
Extensible | ConsentPolicyRuleCodes |
| Consent.provision.type |
|
Required | ConsentProvisionType |
| Consent.provision.actor.role |
|
Extensible | SecurityRoleType |
| Consent.provision.action |
|
Example | ConsentActionCodes |
| Consent.provision.securityLabel |
|
Extensible | All Security Labels |
| Consent.provision.purpose |
|
Extensible |
|
| Consent.provision.class |
|
Extensible | ConsentContentClass |
| Consent.provision.code |
|
Example | ConsentContentCodes |
| Consent.provision.data.meaning |
|
Required | ConsentDataMeaning |
| id | Level | Location | Description | Expression |
| ppc-1 | Rule | (base) | Either a Policy or PolicyRule | policy.exists() or policyRule.exists() |
| ppc-2 | Rule | (base) | IF Scope=privacy, there must be a patient | patient.exists() or scope.coding.where(system='something' and code='patient-privacy').exists().not() |
| ppc-3 | Rule | (base) | IF Scope=research, there must be a patient | patient.exists() or scope.coding.where(system='something' and code='research').exists().not() |
| ppc-4 | Rule | (base) | IF Scope=adr, there must be a patient | patient.exists() or scope.coding.where(system='something' and code='adr').exists().not() |
| ppc-5 | Rule | (base) | IF Scope=treatment, there must be a patient | patient.exists() or scope.coding.where(system='something' and code='treatment').exists().not() |
The
Consent
resource
has
a
reference
to
a
single
policyRule
.
Many
organizations
will
work
in
a
context
where
multiple
different
consent
regulations
and
policies
apply.
In
these
cases,
the
single
policy
rule
reference
refers
to
a
policy
document
that
resolves
and
reconciles
the
various
policies
and
presents
a
single
policy
for
patient
consent.
If
it
is
still
necessary
to
track
which
of
the
underlying
policies
an
exception
is
make
in
regard
to,
the
policy
may
be
used.
The following is the general model of Privacy Consent Directives.
There are context setting parameters:
A Privacy Consent may transition through many states including: that no consent has been sought, consent has been proposed, consent has been rejected, and consent approved.
There are set of patterns.
For
each
of
these
patterns
(positive
or
negative
pattern),
there
can
be
exceptions.
These
exceptions
are
explicitly
recorded
in
the
except
element.
Consent.provision
sub-trees.
Five categories of Privacy Consent Directives are described in the Office of the National Coordinator for Health Information (ONC) Consent Directives Document released March 31, 2010, and include the following US-specific "Core consent options" for electronic exchange:
A common exception is to explicitly exclude or explicitly include a period of time .
The following scenarios are based on existing jurisdictional policy and are realized in existing systems in Canada. The default policy is one of implied consent for the provision of care, so these scenarios all deal with withdrawal or withholding consent for that purpose. In other jurisdictions, where an express consent model is used (Opt-In), these examples would contain the phrase "consent to" rather than "withhold" or "withdraw" consent for.
Also shown is an example where a Patient has authorized disclosure to a specific individual for purposes directed by the patient (possibly not a treatment case).
Search parameters for this resource. The common parameters also apply. See Searching for more information about searching in REST, messaging, and services.
| Name | Type | Description | Expression | In Common |
| action | token | Actions controlled by this rule | Consent.provision.action | |
| actor | reference | Resource for the actor (or group, by role) |
Consent.provision.actor.reference
( Practitioner , Group , Organization , CareTeam , Device , Patient , PractitionerRole , RelatedPerson ) |
|
| category | token | Classification of the consent statement - for indexing/retrieval | Consent.category | |
| consentor | reference | Who is agreeing to the policy and rules |
Consent.performer
( Practitioner , Organization , Patient , PractitionerRole , RelatedPerson ) |
|
| data | reference | The actual data reference |
Consent.provision.data.reference
(Any) |
|
| date | date | When this Consent was created or indexed | Consent.dateTime |
|
| identifier | token | Identifier for this record (external references) | Consent.identifier |
|
| organization | reference | Custodian of the consent |
Consent.organization
( Organization ) |
|
| patient | reference | Who the consent applies to |
Consent.patient
( Patient ) |
|
| period | date | Timeframe for this rule | Consent.provision.period | |
| purpose | token | Context of activities covered by this rule | Consent.provision.purpose | |
| scope | token | Which of the four areas this resource covers (extensible) | Consent.scope | |
| security-label | token | Security Labels that define affected resources | Consent.provision.securityLabel | |
| source-reference | reference | Search by reference to a Consent, DocumentReference, Contract or QuestionnaireResponse |
Consent.source
( Consent , Contract , QuestionnaireResponse , DocumentReference ) |
|
| status | token | draft | proposed | active | rejected | inactive | entered-in-error | Consent.status |
FHIR
®©
HL7.org
2011+.
FHIR
Release
4
(Technical
Correction
#1)
(v4.0.1)
4B
(v4.3.0)
hl7.fhir.r4b.core#4.3.0
generated
on
Fri,
Nov
1,
2019
09:34+1100.
QA
Page
Sat,
May
28,
2022
12:54+1000.
Links:
Search
|
Version
History
|
Table
of
Contents
|
Credits
QA
Page
|
Compare
to
R3
R4
|
|
Propose
a
change