This example FHIR value set is comprised of example Actor Type codes, which can be
used to value FHIR agents, actors, and other role elements such as those specified
in financial transactions. The FHIR Actor value set is based on DICOM Audit Message,
C402; ASTM Standard, E1762-95 [2013]; selected codes and derived actor
roles from HL7 RoleClass OID 2.16.840.1.113883.5.110; HL7 Role Code 2.16.840.1.113883.5.111,
including AgentRoleType; HL7 ParticipationType OID: 2.16.840.1.113883.5.90;
and HL7 ParticipationFunction codes OID: 2.16.840.1.113883.5.88. This
value set includes, by reference, role codes from external code systems: NUCC Health
Care Provider Taxonomy OID: 2.16.840.1.113883.6.101; North American Industry
Classification System [NAICS]OID: 2.16.840.1.113883.6.85; IndustryClassificationSystem
2.16.840.1.113883.1.11.16039; and US Census Occupation Code OID: 2.16.840.1.113883.6.243
for relevant recipient or custodian codes not included in this value set.
If no source is indicated in the definition comments, then these are example FHIR
codes. It can be extended with appropriate roles described by SNOMED as well
as those described in the HL7 Role Based Access Control Catalog and the HL7
Healthcare (Security and Privacy) Access Control Catalog. In Role-Based
Access Control (RBAC), permissions are operations on an object that a user wishes
to access. Permissions are grouped into roles. A role characterizes the functions
a user is allowed to perform. Roles are assigned to users. If the user's role has
the appropriate permissions to access an object, then that user is granted
access to the object. FHIR readily enables RBAC, as FHIR Resources are object types
and the CRUDE events (the FHIR equivalent to permissions in the RBAC scheme)
are operations on those objects. In Attribute-Based Access Control (ABAC),
a user requests to perform operations on objects. That user's access request is granted
or denied based on a set of access control policies that are specified in
terms of attributes and conditions. FHIR readily enables ABAC, as instances of
a Resource in FHIR (again, Resources are object types) can have attributes associated
with them. These attributes include security tags, environment conditions,
and a host of user and object characteristics, which are the same attributes as those
used in ABAC. Attributes help define the access control policies that determine
the operations a user may perform on a Resource (in FHIR) or object (in ABAC). For
example, a tag (or attribute) may specify that the identified Resource (object)
is not to be further disclosed without explicit consent from the patient.
Waardelijst SecurityRoleType 2019‑03‑29
This example FHIR value set is comprised of example Actor Type codes, which can be
used to value FHIR agents, actors, and other role elements such as those specified
in financial transactions. The FHIR Actor value set is based on DICOM Audit Message,
C402; ASTM Standard, E1762-95 [2013]; selected codes and derived actor
roles from HL7 RoleClass OID 2.16.840.1.113883.5.110; HL7 Role Code 2.16.840.1.113883.5.111,
including AgentRoleType; HL7 ParticipationType OID: 2.16.840.1.113883.5.90;
and HL7 ParticipationFunction codes OID: 2.16.840.1.113883.5.88. This
value set includes, by reference, role codes from external code systems: NUCC Health
Care Provider Taxonomy OID: 2.16.840.1.113883.6.101; North American Industry
Classification System [NAICS]OID: 2.16.840.1.113883.6.85; IndustryClassificationSystem
2.16.840.1.113883.1.11.16039; and US Census Occupation Code OID: 2.16.840.1.113883.6.243
for relevant recipient or custodian codes not included in this value set.
If no source is indicated in the definition comments, then these are example FHIR
codes. It can be extended with appropriate roles described by SNOMED as well
as those described in the HL7 Role Based Access Control Catalog and the HL7
Healthcare (Security and Privacy) Access Control Catalog. In Role-Based
Access Control (RBAC), permissions are operations on an object that a user wishes
to access. Permissions are grouped into roles. A role characterizes the functions
a user is allowed to perform. Roles are assigned to users. If the user's role has
the appropriate permissions to access an object, then that user is granted
access to the object. FHIR readily enables RBAC, as FHIR Resources are object types
and the CRUDE events (the FHIR equivalent to permissions in the RBAC scheme)
are operations on those objects. In Attribute-Based Access Control (ABAC),
a user requests to perform operations on objects. That user's access request is granted
or denied based on a set of access control policies that are specified in
terms of attributes and conditions. FHIR readily enables ABAC, as instances of
a Resource in FHIR (again, Resources are object types) can have attributes associated
with them. These attributes include security tags, environment conditions,
and a host of user and object characteristics, which are the same attributes as those
used in ABAC. Attributes help define the access control policies that determine
the operations a user may perform on a Resource (in FHIR) or object (in ABAC). For
example, a tag (or attribute) may specify that the identified Resource (object)
is not to be further disclosed without explicit consent from the patient.
Inclusief
