Difference between revisions of "Permissions Catalog: Recommendations for Reuse"
| Line 33: | Line 33: | ||
|} | |} | ||
| − | ==Healthcare Operations rather | + | ==Healthcare Operations rather RBAC Operations== |
The healthcare work flow as specified in HL7, provides for "trigger events" that correspond to healthcare-specific operations: | The healthcare work flow as specified in HL7, provides for "trigger events" that correspond to healthcare-specific operations: | ||
{|border="1" cellspacing="0" cellpadding="3" width="75%" style="border-style:solid;border-width:1pt;border-color:#808080" | {|border="1" cellspacing="0" cellpadding="3" width="75%" style="border-style:solid;border-width:1pt;border-color:#808080" | ||
|- | |- | ||
| − | |'''HL7 Operations''' ( | + | |'''HL7 Operations''' (trigger event) |
|'''RBAC Operations''' | |'''RBAC Operations''' | ||
|- | |- | ||
Revision as of 22:25, 25 August 2008
The current Permissions Catalog for Role-Based Access Control specifies a set of normative permissions that specify operations that may be applied to a variety of object types.
The permission catalog is a normative specification and it is available for download.
- The most recently published permission catalog is 20071112_HL7_RBAC_Healthcare_Permission_Catalog_v3_37.pdf
The operations refer to the ability to:
- append,
- create,
- read,
- update,
- delete, and
- execute
specific "objects" identified in the RBAC standards. The "objects specify:
| Permission | ||
|
Operation |
Object |
Effect |
|
append |
Administrative Ad-hoc Report |
A role that has this permission, allows the user that logs in with that role to append information to an existing ad-hoc administrative report. |
Healthcare Operations rather RBAC Operations
The healthcare work flow as specified in HL7, provides for "trigger events" that correspond to healthcare-specific operations:
| HL7 Operations (trigger event) | RBAC Operations |
| create | create |
| revise | update,append |
| activate | NA |
| complete | execute(?) |
| suspend | NA |
| resume | NA |
| abort | NA |
| hold | NA |
| release | NA |
| cancel | NA |
| obsolete | NA |
| nullify | delete(?) |
| NA | read |
- revise
- activate
- complete
- suspend
- resume
- abort
- hold
- release
- cancel
- obsolete
- nullify
The following diagram shows the trigger events and the states that correspond to the healthcare work flow for healthcare object (e.g. Act). For example, an order may be created, activated, then canceled. Similarly an order may be created, activate, revised, and eventually completed.
The following diagram is an extract from HL7 RIM reference documentation and illustrates how HL7 defines "healthcare trigger events" and it illustrates that the objects
Value Sets for "Object"
Concept Domains
