eHealth Infrastructure - Local Development build (v2.3.0). See the Directory of published versions
Official URL: http://ehealth.sundhed.dk/fhir/StructureDefinition/ehealth-consent | Version: 2.3.0 | |||
Active as of 2022-09-27 | Computable Name: ehealth-consent |
A Consent resource is a record of a healthcare consumer’s policy choices, which permits or denies identified actors(s) or identified role(s) to perform one or more actions within a given policy context, for specific purpose(s) and period of time.
In the eHealth infrastructure a Consent resource is used
When a Patient gives a consent, this consent must be recorded as a Consent resource. This resource can be created by the Patient herself or by a Practitioner as a result of conversations or correspondence with the Patient.
eHealth operates with two categories of consents:
Category PITEOC: Consent given by a Patient to be enrolled into a telemedical EpisodeOfCare. This Consent is interpretated to also apply to all CarePlan instances related to the consented EpisodeOfCare.
Category SSLPCI: Consent given by a Patient to have his/her contact information (physical address and telecommunication endpoints) being disclosed to a specified actor supplying device(s) and service(s) to the Patient as part of an EpisodeOfCare and related CarePlan(s).
Consents of category PITEOC are expressed by creating a Consent resource with:
Consent.category.coding.system = "http://ehealth.sundhed.dk/cs/consent-category"
Consent.category.coding.code = "PITEOC"
.Consents of category SSLPCI are expressed by creating a Consent resource with:
Consent.category.coding.system = "http://ehealth.sundhed.dk/cs/consent-category"
Consent.category.coding.code = "SSLPCI"
.Business rules are built into eHealth infrastructure to ensure that data can only be processed or forwarded to other systems and actors when the proper Consent is given.
This means, that:
active
if a Consent with category PITEOC has been given.submitted
if a Consent with category SSLPCI has been given.In addition to the Consent.category
element, the following elements must be set on a Consent resource for the policy enforcing business logic to take effect:
Consent.patient
- the patient who is the subject of this consent (must coincide with the EpisodeOfCare.patient
referenced by Consent.data.reference
)Consent.data.reference
- the EpisodeOfCare for which this Consent is in force.Consent.actor
- the actor (Organization, CareTeam, Practitioner) whose behaviour is controlled by this consent.Consent.status
- the status of this consent (only active consents are considered to be in force)Consent.period
- the (possibly open-ended) period for which this consent is in force.For more information see the element descriptions in the snapshot table on this page and also see the example Consent resources on the Examples tab.
The update operation on Consent only accepts changes to the patient, category, data.reference, actor, status, and period contents.
Usage:
Description of Profiles, Differentials, Snapshots and how the different presentations work.
This structure is derived from Consent
Summary
Mandatory: 1 element
Structures
This structure refers to these other structures:
This structure is derived from Consent
Name | Flags | Card. | Type | Description & Constraints |
---|---|---|---|---|
Consent | 0..* | Consent | A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time | |
category | 1..* | CodeableConcept | Classification of the consent statement - for indexing/retrieval Binding: Consent Category (required) | |
patient | 1..1 | Reference(ehealth-patient) {r} | Who the consent applies to | |
organization | 0..* | Reference(ehealth-organization) {r} | Custodian of the consent | |
sourceReference | 0..1 | Reference(ehealth-consent | ehealth-documentreference | Contract | ehealth-questionnaireresponse) | Source from which this consent is taken | |
Documentation for this format |
Name | Flags | Card. | Type | Description & Constraints | ||||
---|---|---|---|---|---|---|---|---|
Consent | C | 0..* | Consent | A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time | ||||
id | Σ | 0..1 | id | Logical id of this artifact | ||||
meta | Σ | 0..1 | Meta | Metadata about the resource | ||||
implicitRules | ?!Σ | 0..1 | uri | A set of rules under which this content was created | ||||
language | 0..1 | code | Language of the resource content Binding: CommonLanguages (preferred): A human language.
| |||||
text | 0..1 | Narrative | Text summary of the resource, for human interpretation | |||||
contained | 0..* | Resource | Contained, inline Resources | |||||
extension | 0..* | Extension | Additional content defined by implementations | |||||
modifierExtension | ?! | 0..* | Extension | Extensions that cannot be ignored | ||||
identifier | Σ | 0..* | Identifier | Identifier for this record (external references) Example General: {"system":"urn:ietf:rfc:3986","value":"Local eCMS identifier"} | ||||
status | ?!Σ | 1..1 | code | draft | proposed | active | rejected | inactive | entered-in-error Binding: ConsentState (required): Indicates the state of the consent. | ||||
scope | ?!Σ | 1..1 | CodeableConcept | Which of the four areas this resource covers (extensible) Binding: ConsentScopeCodes (extensible): The four anticipated uses for the Consent Resource. | ||||
category | Σ | 1..* | CodeableConcept | Classification of the consent statement - for indexing/retrieval Binding: Consent Category (required) | ||||
patient | Σ | 1..1 | Reference(ehealth-patient) {r} | Who the consent applies to | ||||
dateTime | Σ | 0..1 | dateTime | When this Consent was created or indexed | ||||
performer | Σ | 0..* | Reference(Organization | Patient | Practitioner | RelatedPerson | PractitionerRole) | Who is agreeing to the policy and rules | ||||
organization | Σ | 0..* | Reference(ehealth-organization) {r} | Custodian of the consent | ||||
Slices for source[x] | Σ | 0..1 | Source from which this consent is taken Slice: Unordered, Open by type:$this | |||||
sourceAttachment | Attachment | |||||||
sourceReference | Reference(Consent | DocumentReference | Contract | QuestionnaireResponse) | |||||||
source[x]:sourceReference | Σ | 0..1 | Reference(ehealth-consent | ehealth-documentreference | Contract | ehealth-questionnaireresponse) | Source from which this consent is taken | ||||
policy | 0..* | BackboneElement | Policies covered by this consent | |||||
id | 0..1 | string | Unique id for inter-element referencing | |||||
extension | 0..* | Extension | Additional content defined by implementations | |||||
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
authority | C | 0..1 | uri | Enforcement source for policy | ||||
uri | C | 0..1 | uri | Specific policy covered by this consent | ||||
policyRule | ΣC | 0..1 | CodeableConcept | Regulation that this consents to Binding: ConsentPolicyRuleCodes (extensible): Regulatory policy examples. | ||||
verification | Σ | 0..* | BackboneElement | Consent Verified by patient or family | ||||
id | 0..1 | string | Unique id for inter-element referencing | |||||
extension | 0..* | Extension | Additional content defined by implementations | |||||
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
verified | Σ | 1..1 | boolean | Has been verified | ||||
verifiedWith | 0..1 | Reference(Patient | RelatedPerson) | Person who verified | |||||
verificationDate | 0..1 | dateTime | When consent verified | |||||
provision | Σ | 0..1 | BackboneElement | Constraints to the base Consent.policyRule | ||||
id | 0..1 | string | Unique id for inter-element referencing | |||||
extension | 0..* | Extension | Additional content defined by implementations | |||||
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
type | Σ | 0..1 | code | deny | permit Binding: ConsentProvisionType (required): How a rule statement is applied, such as adding additional consent or removing consent. | ||||
period | Σ | 0..1 | Period | Timeframe for this rule | ||||
actor | 0..* | BackboneElement | Who|what controlled by this rule (or group, by role) | |||||
id | 0..1 | string | Unique id for inter-element referencing | |||||
extension | 0..* | Extension | Additional content defined by implementations | |||||
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
role | 1..1 | CodeableConcept | How the actor is involved Binding: SecurityRoleType (extensible): How an actor is involved in the consent considerations. | |||||
reference | 1..1 | Reference(Device | Group | CareTeam | Organization | Patient | Practitioner | RelatedPerson | PractitionerRole) | Resource for the actor (or group, by role) | |||||
action | Σ | 0..* | CodeableConcept | Actions controlled by this rule Binding: ConsentActionCodes (example): Detailed codes for the consent action. | ||||
securityLabel | Σ | 0..* | Coding | Security Labels that define affected resources Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System. | ||||
purpose | Σ | 0..* | Coding | Context of activities covered by this rule Binding: PurposeOfUse (extensible): What purposes of use are controlled by this exception. If more than one label is specified, operations must have all the specified labels. | ||||
class | Σ | 0..* | Coding | e.g. Resource Type, Profile, CDA, etc. Binding: ConsentContentClass (extensible): The class (type) of information a consent rule covers. | ||||
code | Σ | 0..* | CodeableConcept | e.g. LOINC or SNOMED CT code, etc. in the content Binding: ConsentContentCodes (example): If this code is found in an instance, then the exception applies. | ||||
dataPeriod | Σ | 0..1 | Period | Timeframe for data controlled by this rule | ||||
data | Σ | 0..* | BackboneElement | Data controlled by this rule | ||||
id | 0..1 | string | Unique id for inter-element referencing | |||||
extension | 0..* | Extension | Additional content defined by implementations | |||||
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
meaning | Σ | 1..1 | code | instance | related | dependents | authoredby Binding: ConsentDataMeaning (required): How a resource reference is interpreted when testing consent restrictions. | ||||
reference | Σ | 1..1 | Reference(Resource) | The actual data reference | ||||
provision | 0..* | See provision (Consent) | Nested Exception Rules | |||||
Documentation for this format |
Name | Flags | Card. | Type | Description & Constraints |
---|---|---|---|---|
Consent | C | 0..* | Consent | A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time |
Documentation for this format |
This structure is derived from Consent
Summary
Mandatory: 1 element
Structures
This structure refers to these other structures:
Differential View
This structure is derived from Consent
Name | Flags | Card. | Type | Description & Constraints |
---|---|---|---|---|
Consent | 0..* | Consent | A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time | |
category | 1..* | CodeableConcept | Classification of the consent statement - for indexing/retrieval Binding: Consent Category (required) | |
patient | 1..1 | Reference(ehealth-patient) {r} | Who the consent applies to | |
organization | 0..* | Reference(ehealth-organization) {r} | Custodian of the consent | |
sourceReference | 0..1 | Reference(ehealth-consent | ehealth-documentreference | Contract | ehealth-questionnaireresponse) | Source from which this consent is taken | |
Documentation for this format |
Snapshot View
Name | Flags | Card. | Type | Description & Constraints | ||||
---|---|---|---|---|---|---|---|---|
Consent | C | 0..* | Consent | A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time | ||||
id | Σ | 0..1 | id | Logical id of this artifact | ||||
meta | Σ | 0..1 | Meta | Metadata about the resource | ||||
implicitRules | ?!Σ | 0..1 | uri | A set of rules under which this content was created | ||||
language | 0..1 | code | Language of the resource content Binding: CommonLanguages (preferred): A human language.
| |||||
text | 0..1 | Narrative | Text summary of the resource, for human interpretation | |||||
contained | 0..* | Resource | Contained, inline Resources | |||||
extension | 0..* | Extension | Additional content defined by implementations | |||||
modifierExtension | ?! | 0..* | Extension | Extensions that cannot be ignored | ||||
identifier | Σ | 0..* | Identifier | Identifier for this record (external references) Example General: {"system":"urn:ietf:rfc:3986","value":"Local eCMS identifier"} | ||||
status | ?!Σ | 1..1 | code | draft | proposed | active | rejected | inactive | entered-in-error Binding: ConsentState (required): Indicates the state of the consent. | ||||
scope | ?!Σ | 1..1 | CodeableConcept | Which of the four areas this resource covers (extensible) Binding: ConsentScopeCodes (extensible): The four anticipated uses for the Consent Resource. | ||||
category | Σ | 1..* | CodeableConcept | Classification of the consent statement - for indexing/retrieval Binding: Consent Category (required) | ||||
patient | Σ | 1..1 | Reference(ehealth-patient) {r} | Who the consent applies to | ||||
dateTime | Σ | 0..1 | dateTime | When this Consent was created or indexed | ||||
performer | Σ | 0..* | Reference(Organization | Patient | Practitioner | RelatedPerson | PractitionerRole) | Who is agreeing to the policy and rules | ||||
organization | Σ | 0..* | Reference(ehealth-organization) {r} | Custodian of the consent | ||||
Slices for source[x] | Σ | 0..1 | Source from which this consent is taken Slice: Unordered, Open by type:$this | |||||
sourceAttachment | Attachment | |||||||
sourceReference | Reference(Consent | DocumentReference | Contract | QuestionnaireResponse) | |||||||
source[x]:sourceReference | Σ | 0..1 | Reference(ehealth-consent | ehealth-documentreference | Contract | ehealth-questionnaireresponse) | Source from which this consent is taken | ||||
policy | 0..* | BackboneElement | Policies covered by this consent | |||||
id | 0..1 | string | Unique id for inter-element referencing | |||||
extension | 0..* | Extension | Additional content defined by implementations | |||||
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
authority | C | 0..1 | uri | Enforcement source for policy | ||||
uri | C | 0..1 | uri | Specific policy covered by this consent | ||||
policyRule | ΣC | 0..1 | CodeableConcept | Regulation that this consents to Binding: ConsentPolicyRuleCodes (extensible): Regulatory policy examples. | ||||
verification | Σ | 0..* | BackboneElement | Consent Verified by patient or family | ||||
id | 0..1 | string | Unique id for inter-element referencing | |||||
extension | 0..* | Extension | Additional content defined by implementations | |||||
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
verified | Σ | 1..1 | boolean | Has been verified | ||||
verifiedWith | 0..1 | Reference(Patient | RelatedPerson) | Person who verified | |||||
verificationDate | 0..1 | dateTime | When consent verified | |||||
provision | Σ | 0..1 | BackboneElement | Constraints to the base Consent.policyRule | ||||
id | 0..1 | string | Unique id for inter-element referencing | |||||
extension | 0..* | Extension | Additional content defined by implementations | |||||
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
type | Σ | 0..1 | code | deny | permit Binding: ConsentProvisionType (required): How a rule statement is applied, such as adding additional consent or removing consent. | ||||
period | Σ | 0..1 | Period | Timeframe for this rule | ||||
actor | 0..* | BackboneElement | Who|what controlled by this rule (or group, by role) | |||||
id | 0..1 | string | Unique id for inter-element referencing | |||||
extension | 0..* | Extension | Additional content defined by implementations | |||||
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
role | 1..1 | CodeableConcept | How the actor is involved Binding: SecurityRoleType (extensible): How an actor is involved in the consent considerations. | |||||
reference | 1..1 | Reference(Device | Group | CareTeam | Organization | Patient | Practitioner | RelatedPerson | PractitionerRole) | Resource for the actor (or group, by role) | |||||
action | Σ | 0..* | CodeableConcept | Actions controlled by this rule Binding: ConsentActionCodes (example): Detailed codes for the consent action. | ||||
securityLabel | Σ | 0..* | Coding | Security Labels that define affected resources Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System. | ||||
purpose | Σ | 0..* | Coding | Context of activities covered by this rule Binding: PurposeOfUse (extensible): What purposes of use are controlled by this exception. If more than one label is specified, operations must have all the specified labels. | ||||
class | Σ | 0..* | Coding | e.g. Resource Type, Profile, CDA, etc. Binding: ConsentContentClass (extensible): The class (type) of information a consent rule covers. | ||||
code | Σ | 0..* | CodeableConcept | e.g. LOINC or SNOMED CT code, etc. in the content Binding: ConsentContentCodes (example): If this code is found in an instance, then the exception applies. | ||||
dataPeriod | Σ | 0..1 | Period | Timeframe for data controlled by this rule | ||||
data | Σ | 0..* | BackboneElement | Data controlled by this rule | ||||
id | 0..1 | string | Unique id for inter-element referencing | |||||
extension | 0..* | Extension | Additional content defined by implementations | |||||
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
meaning | Σ | 1..1 | code | instance | related | dependents | authoredby Binding: ConsentDataMeaning (required): How a resource reference is interpreted when testing consent restrictions. | ||||
reference | Σ | 1..1 | Reference(Resource) | The actual data reference | ||||
provision | 0..* | See provision (Consent) | Nested Exception Rules | |||||
Documentation for this format |
Other representations of profile: CSV, Excel, Schematron
Path | Conformance | ValueSet |
Consent.language | preferred | CommonLanguages Max Binding: AllLanguages |
Consent.status | required | ConsentState |
Consent.scope | extensible | ConsentScopeCodes |
Consent.category | required | ConsentCategory |
Consent.policyRule | extensible | ConsentPolicyRuleCodes |
Consent.provision.type | required | ConsentProvisionType |
Consent.provision.actor.role | extensible | SecurityRoleType |
Consent.provision.action | example | ConsentActionCodes |
Consent.provision.securityLabel | extensible | All Security Labels |
Consent.provision.purpose | extensible | PurposeOfUse |
Consent.provision.class | extensible | ConsentContentClass |
Consent.provision.code | example | ConsentContentCodes |
Consent.provision.data.meaning | required | ConsentDataMeaning |