Details
-
Change Request
-
Resolution: Persuasive with Modification
-
Medium
-
FHIR Core (FHIR)
-
R5
-
Modeling & Methodology
-
AuditEvent
Contract
Provenance -
Security & Privacy Module (secpriv-module)
Security Labels -
Terminology
-
-
Lloyd McKenzie/Grahame Grieve: 2-0-0
-
Clarification
-
Non-substantive
-
R5
Description
Need guidance on if the following is allowed or forbidden?
There is a CR asking that Security include in a PurposeOfUse valueset, that would be used as conformance recommendation in multiple places, both the current set of codes from HL7 v3 PurposeOfUse AND also ISO-14265 purpose of use. (secondary issue is how to get the ISO codes). Primary to this CR is that security needs guidance if there is a problem with having a valueset with code values from different systems where the codes are almost completely overlapping.
Note the reason the user base wants both codesystems is because europe doesn't use the HL7 purposeOfUse, they use the ISO vocabulary. Without adding the ISO vocabulary (current R4) forces them to map to HL7 v3 purposeOfUse. Something they don't want to do. The security wg was not able to explain why this would be needed, so agreed to combine the two. Note that we do offer the mapping to the ISO codes, so the mapping is already available for use. The issue is real-time use, and especially putting the mapping as a required step in a huge number of time-critical locations.
PurposeOfUse is used in many places: This value set is used in the following places:
- Resource: Consent.provision.purpose (Coding / Extensible)
- Resource: Contract.term.action.intent (CodeableConcept / Example)
- Resource: Contract.term.action.reason (CodeableReference(Condition|Observation|DiagnosticReport|DocumentReference|Questionnaire|QuestionnaireResponse) / Example)
- Resource: Provenance.reason (CodeableConcept / Extensible)
- Profile: provenance-relevant-history: Provenance.reason (CodeableConcept / Extensible)
- Resource: AuditEvent.purposeOfEvent (CodeableConcept / Extensible)
- Resource: AuditEvent.agent.purposeOfUse (CodeableConcept / Extensible)
Attachments
Issue Links
- has to be done before
-
FHIR-24676 Where security uses PurposeOfUse the valueSet should assemble the v3 PoU and ISO PoU
- Published