This
page
is
part
of
the
FHIR
Specification
(v4.0.1:
R4
(v4.3.0:
R4B
-
Mixed
Normative
and
STU
)
in
it's
permanent
home
(it
will
always
be
available
at
this
URL).
).
The
current
version
which
supercedes
this
version
is
5.0.0
.
For
a
full
list
of
available
versions,
see
the
Directory
of
published
versions
.
Page
versions:
R4B
R4
R4B
R4
R3
This
Code
system
is
used
in
the
following
value
sets:
ValueSet:
ParticipationRoleType
(This
FHIR
value
set
is
comprised
of
Actor
participation
Type
codes,
which
can
be
used
to
value
FHIR
agents,
actors,
and
other
role
elements.
The
FHIR
Actor
participation
type
value
set
is
based
on
DICOM
Audit
Message,
C402;
ASTM
Standard,
E1762-95
[2013];
selected
codes
and
derived
actor
roles
from
HL7
RoleClass
OID
2.16.840.1.113883.5.110;
HL7
Role
Code
2.16.840.1.113883.5.111,
including
AgentRoleType;
HL7
ParticipationType
OID:
2.16.840.1.113883.5.90;
and
HL7
ParticipationFunction
codes
OID:
2.16.840.1.113883.5.88.
This
value
set
includes,
by
reference,
role
codes
from
external
code
systems:
NUCC
Health
Care
Provider
Taxonomy
OID:
2.16.840.1.113883.6.101;
North
American
Industry
Classification
System
[NAICS]OID:
2.16.840.1.113883.6.85;
IndustryClassificationSystem
2.16.840.1.113883.1.11.16039;
and
US
Census
Occupation
Code
OID:
2.16.840.1.113883.6.243
for
relevant
recipient
or
custodian
codes
not
included
in
this
value
set.
If
no
source
is
indicated
in
the
definition
comments,
then
these
are
example
FHIR
codes.)
ValueSet:
ParticipationRoleType
(This
FHIR
value
set
is
comprised
of
Actor
participation
Type
codes,
which
can
be
used
to
value
FHIR
agents,
actors,
and
other
role
elements.
The
FHIR
Actor
participation
type
value
set
is
based
on
DICOM
Audit
Message,
C402;
ASTM
Standard,
E1762-95
[2013];
selected
codes
and
derived
actor
roles
from
HL7
RoleClass
OID
2.16.840.1.113883.5.110;
HL7
Role
Code
2.16.840.1.113883.5.111,
including
AgentRoleType;
HL7
ParticipationType
OID:
2.16.840.1.113883.5.90;
and
HL7
ParticipationFunction
codes
OID:
2.16.840.1.113883.5.88.
This
value
set
includes,
by
reference,
role
codes
from
external
code
systems:
NUCC
Health
Care
Provider
Taxonomy
OID:
2.16.840.1.113883.6.101;
North
American
Industry
Classification
System
[NAICS]OID:
2.16.840.1.113883.6.85;
IndustryClassificationSystem
2.16.840.1.113883.1.11.16039;
and
US
Census
Occupation
Code
OID:
2.16.840.1.113883.6.243
for
relevant
recipient
or
custodian
codes
not
included
in
this
value
set.
If
no
source
is
indicated
in
the
definition
comments,
then
these
are
example
FHIR
codes.)
ValueSet:
SecurityRoleType
(This
example
FHIR
value
set
is
comprised
of
example
Actor
Type
codes,
which
can
be
used
to
value
FHIR
agents,
actors,
and
other
role
elements
such
as
those
specified
in
financial
transactions.
The
FHIR
Actor
value
set
is
based
on
DICOM
Audit
Message,
C402;
ASTM
Standard,
E1762-95
[2013];
selected
codes
and
derived
actor
roles
from
HL7
RoleClass
OID
2.16.840.1.113883.5.110;
HL7
Role
Code
2.16.840.1.113883.5.111,
including
AgentRoleType;
HL7
ParticipationType
OID:
2.16.840.1.113883.5.90;
and
HL7
ParticipationFunction
codes
OID:
2.16.840.1.113883.5.88.
This
value
set
includes,
by
reference,
role
codes
from
external
code
systems:
NUCC
Health
Care
Provider
Taxonomy
OID:
2.16.840.1.113883.6.101;
North
American
Industry
Classification
System
[NAICS]OID:
2.16.840.1.113883.6.85;
IndustryClassificationSystem
2.16.840.1.113883.1.11.16039;
and
US
Census
Occupation
Code
OID:
2.16.840.1.113883.6.243
for
relevant
recipient
or
custodian
codes
not
included
in
this
value
set.
If
no
source
is
indicated
in
the
definition
comments,
then
these
are
example
FHIR
codes.
It
can
be
extended
with
appropriate
roles
described
by
SNOMED
as
well
as
those
described
in
the
HL7
Role
Based
Access
Control
Catalog
and
the
HL7
Healthcare
(Security
and
Privacy)
Access
Control
Catalog.
In
Role-Based
Access
Control
(RBAC),
permissions
are
operations
on
an
object
that
a
user
wishes
to
access.
Permissions
are
grouped
into
roles.
A
role
characterizes
the
functions
a
user
is
allowed
to
perform.
Roles
are
assigned
to
users.
If
the
user's
role
has
the
appropriate
permissions
to
access
an
object,
then
that
user
is
granted
access
to
the
object.
FHIR
readily
enables
RBAC,
as
FHIR
Resources
are
object
types
and
the
CRUDE
events
(the
FHIR
equivalent
to
permissions
in
the
RBAC
scheme)
are
operations
on
those
objects.
In
Attribute-Based
Access
Control
(ABAC),
a
user
requests
to
perform
operations
on
objects.
That
user's
access
request
is
granted
or
denied
based
on
a
set
of
access
control
policies
that
are
specified
in
terms
of
attributes
and
conditions.
FHIR
readily
enables
ABAC,
as
instances
of
a
Resource
in
FHIR
(again,
Resources
are
object
types)
can
have
attributes
associated
with
them.
These
attributes
include
security
tags,
environment
conditions,
and
a
host
of
user
and
object
characteristics,
which
are
the
same
attributes
as
those
used
in
ABAC.
Attributes
help
define
the
access
control
policies
that
determine
the
operations
a
user
may
perform
on
a
Resource
(in
FHIR)
or
object
(in
ABAC).
For
example,
a
tag
(or
attribute)
may
specify
that
the
identified
Resource
(object)
is
not
to
be
further
disclosed
without
explicit
consent
from
the
patient.)
ValueSet:
SecurityRoleType
ParticipationRoleType
(This
example
FHIR
value
set
is
comprised
of
example
Actor
participation
Type
codes,
which
can
be
used
to
value
FHIR
agents,
actors,
and
other
role
elements
such
as
those
specified
in
financial
transactions.
elements.
The
FHIR
Actor
participation
type
value
set
is
based
on
DICOM
Audit
Message,
C402;
ASTM
Standard,
E1762-95
[2013];
selected
codes
and
derived
actor
roles
from
HL7
RoleClass
OID
2.16.840.1.113883.5.110;
HL7
Role
Code
2.16.840.1.113883.5.111,
including
AgentRoleType;
HL7
ParticipationType
OID:
2.16.840.1.113883.5.90;
and
HL7
ParticipationFunction
codes
OID:
2.16.840.1.113883.5.88.
This
value
set
includes,
by
reference,
role
codes
from
external
code
systems:
NUCC
Health
Care
Provider
Taxonomy
OID:
2.16.840.1.113883.6.101;
North
American
Industry
Classification
System
[NAICS]OID:
2.16.840.1.113883.6.85;
IndustryClassificationSystem
2.16.840.1.113883.1.11.16039;
and
US
Census
Occupation
Code
OID:
2.16.840.1.113883.6.243
for
relevant
recipient
or
custodian
codes
not
included
in
this
value
set.
If
no
source
is
indicated
in
the
definition
comments,
then
these
are
example
FHIR
codes.
It
can
be
extended
with
appropriate
roles
described
by
SNOMED
as
well
as
those
described
in
the
HL7
Role
Based
Access
Control
Catalog
and
the
HL7
Healthcare
(Security
and
Privacy)
Access
Control
Catalog.
In
Role-Based
Access
Control
(RBAC),
permissions
are
operations
on
an
object
that
a
user
wishes
to
access.
Permissions
are
grouped
into
roles.
A
role
characterizes
the
functions
a
user
is
allowed
to
perform.
Roles
are
assigned
to
users.
If
the
user's
role
has
the
appropriate
permissions
to
access
an
object,
then
that
user
is
granted
access
to
the
object.
FHIR
readily
enables
RBAC,
as
FHIR
Resources
are
object
types
and
the
CRUDE
events
(the
FHIR
equivalent
to
permissions
in
the
RBAC
scheme)
are
operations
on
those
objects.
In
Attribute-Based
Access
Control
(ABAC),
a
user
requests
to
perform
operations
on
objects.
That
user's
access
request
is
granted
or
denied
based
on
a
set
of
access
control
policies
that
are
specified
in
terms
of
attributes
and
conditions.
FHIR
readily
enables
ABAC,
as
instances
of
a
Resource
in
FHIR
(again,
Resources
are
object
types)
can
have
attributes
associated
with
them.
These
attributes
include
security
tags,
environment
conditions,
and
a
host
of
user
and
object
characteristics,
which
are
the
same
attributes
as
those
used
in
ABAC.
Attributes
help
define
the
access
control
policies
that
determine
the
operations
a
user
may
perform
on
a
Resource
(in
FHIR)
or
object
(in
ABAC).
For
example,
a
tag
(or
attribute)
may
specify
that
the
identified
Resource
(object)
is
not
to
be
further
disclosed
without
explicit
consent
from
the
patient.)
codes.)
4.3.14.371.1
4.3.14.26.1
Content
4.3.14.371.2
SecurityRoleType
This
CodeSystem
contains
Additional
FHIR-defined
Security
Role
types
not
defined
elsewhere
This
code
system
http://terminology.hl7.org/CodeSystem/extra-security-role-type
defines
the
following
codes:
Code
Display
Definition
authserver
authorization
server
An
entity
providing
authorization
services
to
enable
the
electronic
sharing
of
health-related
information
based
on
resource
owner's
preapproved
permissions.
For
example,
an
UMA
Authorization
Server[UMA]
datacollector
data
collector
An
entity
that
collects
information
over
which
the
data
subject
may
have
certain
rights
under
policy
or
law
to
control
that
information's
management
and
distribution
by
data
collectors,
including
the
right
to
access,
retrieve,
distribute,
or
delete
that
information.
dataprocessor
data
processor
An
entity
that
processes
collected
information
over
which
the
data
subject
may
have
certain
rights
under
policy
or
law
to
control
that
information's
management
and
distribution
by
data
processors,
including
the
right
to
access,
retrieve,
distribute,
or
delete
that
information.
datasubject
data
subject
A
person
whose
personal
information
is
collected
or
processed,
and
who
may
have
certain
rights
under
policy
or
law
to
control
that
information's
management
and
distribution
by
data
collectors
or
processors,
including
the
right
to
access,
retrieve,
distribute,
or
delete
that
information.
Explanation
of
the
columns
that
may
appear
on
this
page:
Level
A
few
code
lists
that
FHIR
defines
are
hierarchical
-
each
code
is
assigned
a
level.
See
Code
System
for
further
information.
Source
The
source
of
the
definition
of
the
code
(when
the
value
set
draws
in
codes
defined
elsewhere)
Code
The
code
(used
as
the
code
in
the
resource
instance).
If
the
code
is
in
italics,
this
indicates
that
the
code
is
not
selectable
('Abstract')
Display
The
display
(used
in
the
display
element
of
a
Coding
).
If
there
is
no
display,
implementers
should
not
simply
display
the
code,
but
map
the
concept
into
their
application
Terminology
.
Page
versions:
|
Propose
a
change