This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

Difference between revisions of "Permissions Catalog: Recommendations for Reuse"

From HL7Wiki
Jump to navigation Jump to search
Line 38: Line 38:
 
|
 
|
 
|-
 
|-
|* create
+
|
 +
|HL7 Operations (triggers)
 +
|
 +
|RBAC Operations
 +
|-
 +
| create
 +
|
 +
|create
 
|-
 
|-
 
|}
 
|}

Revision as of 20:24, 25 August 2008

The current Permissions Catalog for Role-Based Access Control specifies a set of normative permissions that specify operations that may be applied to a variety of object types.

The permission catalog is a normative specification and it is available for download.


The operations refer to the ability to:

  • append,
  • create,
  • read,
  • update,
  • delete, and
  • execute

specific "objects" identified in the RBAC standards. The "objects specify:

Permission

Operation

Object

Effect

append

Administrative Ad-hoc Report

A role that has this permission, allows the user that logs in with that role to append information to an existing ad-hoc administrative report.

Healthcare Operations rather ACRUDE operations

The healthcare work flow as specified in HL7, provides for "trigger events" that correspond to healthcare-specific operations:

HL7 Operations (triggers) RBAC Operations
create create
  • revise
  • activate
  • complete
  • suspend
  • resume
  • abort
  • hold
  • release
  • cancel
  • obsolete
  • nullify

The following diagram shows the trigger events and the states that correspond to the healthcare work flow for healthcare object (e.g. Act). For example, an order may be created, activated, then canceled. Similarly an order may be created, activate, revised, and eventually completed.

The following diagram is an extract from HL7 RIM reference documentation and illustrates how HL7 defines "healthcare trigger events" and it illustrates that the objects RIM ActStatus.gif

Value Sets for "Object"

Concept Domains

Example.jpg