Onyx Consent Authorization SAFHIR Implementation and Operations Guide - Local Development build (v0.0.2). See the Directory of published versions
Resource Profile: SafhirProxyConsent
| Defining URL: | http://ig.fhir.safhir.io/ig/safhir-ocasio/StructureDefinition/SafhirProxyConsent |
| Version: | 0.0.2 |
| Name: | SafhirProxyConsent |
| Status: | Draft as of 2021-11-29T21:14:01+00:00 |
| Definition: | FHIR Consent resource generated from an authorized request by an individual to grant or deny access to their data. The request can also be made to the privacy/compliance department of a payer by someone with authority/power of attorney to act on behalf of the data subject. |
| Publisher: | Onyx Technology, LLC |
| Source Resource: | XML / JSON / Turtle |
The official URL for this profile is:
http://ig.fhir.safhir.io/ig/safhir-ocasio/StructureDefinition/SafhirProxyConsent
Formal Views of Profile Content
Description of Profiles, Differentials, Snapshots and how the different presentations work.
This structure is derived from Consent
This structure is derived from Consent
| Name | Flags | Card. | Type | Description & Constraints |
|---|---|---|---|---|
  Consent | 0..* | Consent | A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time | |
| Documentation for this format | ||||
| Name | Flags | Card. | Type | Description & Constraints |
|---|---|---|---|---|
| Consent | I | 0..* | Consent | A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time |
  id | Σ | 0..1 | string | Logical id of this artifact |
 meta | Σ | 0..1 | Meta | Metadata about the resource |
| implicitRules | ?!Σ | 0..1 | uri | A set of rules under which this content was created |
| language | 0..1 | code | Language of the resource content Binding: CommonLanguages (preferred) Max Binding: AllLanguages: A human language. | |
| text | 0..1 | Narrative | Text summary of the resource, for human interpretation | |
| contained | 0..* | Resource | Contained, inline Resources | |
 extension | 0..* | Extension | Additional content defined by implementations | |
 modifierExtension | ?! | 0..* | Extension | Extensions that cannot be ignored |
| identifier | Σ | 0..* | Identifier | Identifier for this record (external references) Example General: {"system":"urn:ietf:rfc:3986","value":"Local eCMS identifier"} |
| status | ?!Σ | 1..1 | code | draft | proposed | active | rejected | inactive | entered-in-error Binding: ConsentState (required): Indicates the state of the consent. |
| scope | ?!Σ | 1..1 | CodeableConcept | Which of the four areas this resource covers (extensible) Binding: ConsentScopeCodes (extensible): The four anticipated uses for the Consent Resource. |
| category | Σ | 1..* | CodeableConcept | Classification of the consent statement - for indexing/retrieval Binding: ConsentCategoryCodes (extensible): A classification of the type of consents found in a consent statement. |
 patient | Σ | 0..1 | Reference(Patient) | Who the consent applies to |
| dateTime | Σ | 0..1 | dateTime | When this Consent was created or indexed |
| performer | Σ | 0..* | Reference(Organization | Patient | Practitioner | RelatedPerson | PractitionerRole) | Who is agreeing to the policy and rules |
| organization | Σ | 0..* | Reference(Organization) | Custodian of the consent |
  source[x] | Σ | 0..1 | Source from which this consent is taken | |
 sourceAttachment | Attachment | |||
 sourceReference | Reference(Consent | DocumentReference | Contract | QuestionnaireResponse) | |||
| policy | 0..* | BackboneElement | Policies covered by this consent | |
| id | 0..1 | string | Unique id for inter-element referencing | |
| extension | 0..* | Extension | Additional content defined by implementations | |
| modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized |
| authority | I | 0..1 | uri | Enforcement source for policy |
| uri | I | 0..1 | uri | Specific policy covered by this consent |
| policyRule | ΣI | 0..1 | CodeableConcept | Regulation that this consents to Binding: ConsentPolicyRuleCodes (extensible): Regulatory policy examples. |
| verification | Σ | 0..* | BackboneElement | Consent Verified by patient or family |
| id | 0..1 | string | Unique id for inter-element referencing | |
| extension | 0..* | Extension | Additional content defined by implementations | |
| modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized |
| verified | Σ | 1..1 | boolean | Has been verified |
| verifiedWith | 0..1 | Reference(Patient | RelatedPerson) | Person who verified | |
| verificationDate | 0..1 | dateTime | When consent verified | |
 provision | Σ | 0..1 | BackboneElement | Constraints to the base Consent.policyRule |
 id | 0..1 | string | Unique id for inter-element referencing | |
| extension | 0..* | Extension | Additional content defined by implementations | |
| modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized |
| type | Σ | 0..1 | code | deny | permit Binding: ConsentProvisionType (required): How a rule statement is applied, such as adding additional consent or removing consent. |
| period | Σ | 0..1 | Period | Timeframe for this rule |
| actor | 0..* | BackboneElement | Who|what controlled by this rule (or group, by role) | |
| id | 0..1 | string | Unique id for inter-element referencing | |
| extension | 0..* | Extension | Additional content defined by implementations | |
| modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized |
| role | 1..1 | CodeableConcept | How the actor is involved Binding: SecurityRoleType (extensible): How an actor is involved in the consent considerations. | |
| reference | 1..1 | Reference(Device | Group | CareTeam | Organization | Patient | Practitioner | RelatedPerson | PractitionerRole) | Resource for the actor (or group, by role) | |
| action | Σ | 0..* | CodeableConcept | Actions controlled by this rule Binding: ConsentActionCodes (example): Detailed codes for the consent action. |
| securityLabel | Σ | 0..* | Coding | Security Labels that define affected resources Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System. |
| purpose | Σ | 0..* | Coding | Context of activities covered by this rule Binding: PurposeOfUse (extensible): What purposes of use are controlled by this exception. If more than one label is specified, operations must have all the specified labels. |
| class | Σ | 0..* | Coding | e.g. Resource Type, Profile, CDA, etc. Binding: ConsentContentClass (extensible): The class (type) of information a consent rule covers. |
| code | Σ | 0..* | CodeableConcept | e.g. LOINC or SNOMED CT code, etc. in the content Binding: ConsentContentCodes (example): If this code is found in an instance, then the exception applies. |
| dataPeriod | Σ | 0..1 | Period | Timeframe for data controlled by this rule |
| data | Σ | 0..* | BackboneElement | Data controlled by this rule |
| id | 0..1 | string | Unique id for inter-element referencing | |
| extension | 0..* | Extension | Additional content defined by implementations | |
| modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized |
| meaning | Σ | 1..1 | code | instance | related | dependents | authoredby Binding: ConsentDataMeaning (required): How a resource reference is interpreted when testing consent restrictions. |
| reference | Σ | 1..1 | Reference(Resource) | The actual data reference |
 provision | 0..* | See provision (Consent) | Nested Exception Rules | |
| Documentation for this format | ||||
| Name | Flags | Card. | Type | Description & Constraints |
|---|---|---|---|---|
| Consent | I | 0..* | Consent | A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time |
| Documentation for this format | ||||
This structure is derived from Consent
Differential View
This structure is derived from Consent
| Name | Flags | Card. | Type | Description & Constraints |
|---|---|---|---|---|
| Consent | 0..* | Consent | A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time | |
| Documentation for this format | ||||
Snapshot View
| Name | Flags | Card. | Type | Description & Constraints |
|---|---|---|---|---|
| Consent | I | 0..* | Consent | A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time |
| id | Σ | 0..1 | string | Logical id of this artifact |
| meta | Σ | 0..1 | Meta | Metadata about the resource |
| implicitRules | ?!Σ | 0..1 | uri | A set of rules under which this content was created |
| language | 0..1 | code | Language of the resource content Binding: CommonLanguages (preferred) Max Binding: AllLanguages: A human language. | |
| text | 0..1 | Narrative | Text summary of the resource, for human interpretation | |
| contained | 0..* | Resource | Contained, inline Resources | |
| extension | 0..* | Extension | Additional content defined by implementations | |
| modifierExtension | ?! | 0..* | Extension | Extensions that cannot be ignored |
| identifier | Σ | 0..* | Identifier | Identifier for this record (external references) Example General: {"system":"urn:ietf:rfc:3986","value":"Local eCMS identifier"} |
| status | ?!Σ | 1..1 | code | draft | proposed | active | rejected | inactive | entered-in-error Binding: ConsentState (required): Indicates the state of the consent. |
| scope | ?!Σ | 1..1 | CodeableConcept | Which of the four areas this resource covers (extensible) Binding: ConsentScopeCodes (extensible): The four anticipated uses for the Consent Resource. |
| category | Σ | 1..* | CodeableConcept | Classification of the consent statement - for indexing/retrieval Binding: ConsentCategoryCodes (extensible): A classification of the type of consents found in a consent statement. |
| patient | Σ | 0..1 | Reference(Patient) | Who the consent applies to |
| dateTime | Σ | 0..1 | dateTime | When this Consent was created or indexed |
| performer | Σ | 0..* | Reference(Organization | Patient | Practitioner | RelatedPerson | PractitionerRole) | Who is agreeing to the policy and rules |
| organization | Σ | 0..* | Reference(Organization) | Custodian of the consent |
| source[x] | Σ | 0..1 | Source from which this consent is taken | |
| sourceAttachment | Attachment | |||
| sourceReference | Reference(Consent | DocumentReference | Contract | QuestionnaireResponse) | |||
| policy | 0..* | BackboneElement | Policies covered by this consent | |
| id | 0..1 | string | Unique id for inter-element referencing | |
| extension | 0..* | Extension | Additional content defined by implementations | |
| modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized |
| authority | I | 0..1 | uri | Enforcement source for policy |
| uri | I | 0..1 | uri | Specific policy covered by this consent |
| policyRule | ΣI | 0..1 | CodeableConcept | Regulation that this consents to Binding: ConsentPolicyRuleCodes (extensible): Regulatory policy examples. |
| verification | Σ | 0..* | BackboneElement | Consent Verified by patient or family |
| id | 0..1 | string | Unique id for inter-element referencing | |
| extension | 0..* | Extension | Additional content defined by implementations | |
| modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized |
| verified | Σ | 1..1 | boolean | Has been verified |
| verifiedWith | 0..1 | Reference(Patient | RelatedPerson) | Person who verified | |
| verificationDate | 0..1 | dateTime | When consent verified | |
| provision | Σ | 0..1 | BackboneElement | Constraints to the base Consent.policyRule |
| id | 0..1 | string | Unique id for inter-element referencing | |
| extension | 0..* | Extension | Additional content defined by implementations | |
| modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized |
| type | Σ | 0..1 | code | deny | permit Binding: ConsentProvisionType (required): How a rule statement is applied, such as adding additional consent or removing consent. |
| period | Σ | 0..1 | Period | Timeframe for this rule |
| actor | 0..* | BackboneElement | Who|what controlled by this rule (or group, by role) | |
| id | 0..1 | string | Unique id for inter-element referencing | |
| extension | 0..* | Extension | Additional content defined by implementations | |
| modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized |
| role | 1..1 | CodeableConcept | How the actor is involved Binding: SecurityRoleType (extensible): How an actor is involved in the consent considerations. | |
| reference | 1..1 | Reference(Device | Group | CareTeam | Organization | Patient | Practitioner | RelatedPerson | PractitionerRole) | Resource for the actor (or group, by role) | |
| action | Σ | 0..* | CodeableConcept | Actions controlled by this rule Binding: ConsentActionCodes (example): Detailed codes for the consent action. |
| securityLabel | Σ | 0..* | Coding | Security Labels that define affected resources Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System. |
| purpose | Σ | 0..* | Coding | Context of activities covered by this rule Binding: PurposeOfUse (extensible): What purposes of use are controlled by this exception. If more than one label is specified, operations must have all the specified labels. |
| class | Σ | 0..* | Coding | e.g. Resource Type, Profile, CDA, etc. Binding: ConsentContentClass (extensible): The class (type) of information a consent rule covers. |
| code | Σ | 0..* | CodeableConcept | e.g. LOINC or SNOMED CT code, etc. in the content Binding: ConsentContentCodes (example): If this code is found in an instance, then the exception applies. |
| dataPeriod | Σ | 0..1 | Period | Timeframe for data controlled by this rule |
| data | Σ | 0..* | BackboneElement | Data controlled by this rule |
| id | 0..1 | string | Unique id for inter-element referencing | |
| extension | 0..* | Extension | Additional content defined by implementations | |
| modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized |
| meaning | Σ | 1..1 | code | instance | related | dependents | authoredby Binding: ConsentDataMeaning (required): How a resource reference is interpreted when testing consent restrictions. |
| reference | Σ | 1..1 | Reference(Resource) | The actual data reference |
| provision | 0..* | See provision (Consent) | Nested Exception Rules | |
| Documentation for this format | ||||
Other representations of profile: CSV, Excel, Schematron
Terminology Bindings
| Path | Conformance | ValueSet |
| Consent.language | preferred | CommonLanguages Max Binding: AllLanguages |
| Consent.status | required | ConsentState |
| Consent.scope | extensible | ConsentScopeCodes |
| Consent.category | extensible | ConsentCategoryCodes |
| Consent.policyRule | extensible | ConsentPolicyRuleCodes |
| Consent.provision.type | required | ConsentProvisionType |
| Consent.provision.actor.role | extensible | SecurityRoleType |
| Consent.provision.action | example | ConsentActionCodes |
| Consent.provision.securityLabel | extensible | All Security Labels |
| Consent.provision.purpose | extensible | PurposeOfUse |
| Consent.provision.class | extensible | ConsentContentClass |
| Consent.provision.code | example | ConsentContentCodes |
| Consent.provision.data.meaning | required | ConsentDataMeaning |