Difference between revisions of "EHR Interop - CDA R3 - Access Control"
Gdickinson (talk | contribs) |
Gdickinson (talk | contribs) |
||
Line 2: | Line 2: | ||
Submitted by: HL7 EHR Interoperability WG - Gary Dickinson Revision date: 1 October 2009 | Submitted by: HL7 EHR Interoperability WG - Gary Dickinson Revision date: 1 October 2009 | ||
+ | |||
Submitted date: 1 October 2009 Change request ID: <<Change Request ID>> | Submitted date: 1 October 2009 Change request ID: <<Change Request ID>> | ||
− | |||
− | + | Contents | |
+ | |||
+ | Issue | ||
+ | |||
+ | Allow Access Permissions/Authorizations in CDA R3 Instances | ||
+ | |||
+ | Recommendation | ||
+ | |||
+ | Embed access controls specific to: individuals or roles | ||
+ | Embed access controls to: entire document content, section content, template content, discrete attribute content | ||
− | + | Rationale | |
− | + | Possibly the best way to establish and persists permissions/authorizations is to embed access control notations in each document instance. This access control request is embedded at request of document subject (e.g., patient), author or source organization and is carried out (honored) by each downstream document recipient. | |
− | + | Discussion | |
− | + | Recommended Action Items | |
[edit] Resolution | [edit] Resolution | ||
(Resolution is to be recorded here and in the referenced minutes, which are the authoritative source of resolution). | (Resolution is to be recorded here and in the referenced minutes, which are the authoritative source of resolution). |
Revision as of 17:23, 1 October 2009
Submitted by: HL7 EHR Interoperability WG - Gary Dickinson Revision date: 1 October 2009
Submitted date: 1 October 2009 Change request ID: <<Change Request ID>>
Contents
Issue
Allow Access Permissions/Authorizations in CDA R3 Instances
Recommendation
Embed access controls specific to: individuals or roles Embed access controls to: entire document content, section content, template content, discrete attribute content
Rationale
Possibly the best way to establish and persists permissions/authorizations is to embed access control notations in each document instance. This access control request is embedded at request of document subject (e.g., patient), author or source organization and is carried out (honored) by each downstream document recipient.
Discussion
Recommended Action Items
[edit] Resolution
(Resolution is to be recorded here and in the referenced minutes, which are the authoritative source of resolution).