HL7 FHIR Malaysia Core (MY Core) Implementation Guide - Local Development build (v2.0.0) built by the FHIR (HL7® FHIR® Standard) Build Tools. See the Directory of published versions
Resource Profile: Consent (MY Core)
| Official URL: http://fhir.hie.moh.gov.my/StructureDefinition/Consent-my-core | Version: 2.0.0 | |||
| Active as of 2024-02-12 | Computable Name: ConsentMyCore | |||
A record of a healthcare consumer's choices, which permits or denies identified recipient(s) or recipient role(s) to perform one or more actions within a given policy context, for specific purposes and periods of time. In the Malaysian context, the consent for information exchange between Ministry of Health facilities is obtained through an opt-out approach. Consent for decision-making in procedures, referrals and the creation of an International Patient Summary with QR sharing is obtained separately.
Usage:
- Examples for this Resource Profile: Consent/example-consent
Formal Views of Profile Content
Description of Profiles, Differentials, Snapshots and how the different presentations work.
| Name | Flags | Card. | Type | Description & Constraints |
|---|---|---|---|---|
  Consent |
C | 0..* | Consent | A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time dom-2: If the resource is contained in another resource, it SHALL NOT contain nested Resources dom-3: If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource dom-4: If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated dom-5: If a resource is contained in another resource, it SHALL NOT have a security label dom-6: A resource should have narrative for robust management ppc-1: Either a Policy or PolicyRule ppc-2: IF Scope=privacy, there must be a patient ppc-3: IF Scope=research, there must be a patient ppc-4: IF Scope=adr, there must be a patient ppc-5: IF Scope=treatment, there must be a patient |
  implicitRules |
?!Σ | 0..1 | uri | A set of rules under which this content was created ele-1: All FHIR elements must have a @value or children |
 modifierExtension |
?! | 0..* | Extension | Extensions that cannot be ignored ele-1: All FHIR elements must have a @value or children ext-1: Must have either extensions or value[x], not both |
| status |
?!Σ | 1..1 | code | draft | proposed | active | rejected | inactive | entered-in-error Binding: ConsentState (required): Indicates the state of the consent. ele-1: All FHIR elements must have a @value or children |
 scope |
?!Σ | 1..1 | CodeableConcept | Which of the four areas this resource covers (extensible) Binding: ConsentScopeCodes (extensible): The four anticipated uses for the Consent Resource. ele-1: All FHIR elements must have a @value or children |
| category |
Σ | 1..* | CodeableConcept | Classification of the consent statement - for indexing/retrieval Binding: ValueSetConsentCategory (MY Core) (extensible) ele-1: All FHIR elements must have a @value or children |
  patient |
Σ | 1..1 | Reference(Patient) | Who the consent applies to ele-1: All FHIR elements must have a @value or children |
| Documentation for this format | ||||
Terminology Bindings
| Path | Conformance | ValueSet | URI |
| Consent.status | required | ConsentStatehttp://hl7.org/fhir/ValueSet/consent-state-codes|4.0.1from the FHIR Standard | |
| Consent.scope | extensible | ConsentScopeCodeshttp://hl7.org/fhir/ValueSet/consent-scopefrom the FHIR Standard | |
| Consent.category | extensible | ValueSetConsentCategoryMyCorehttp://fhir.hie.moh.gov.my/ValueSet/consent-category-my-corefrom this IG |
Constraints
| Id | Grade | Path(s) | Details | Requirements |
| dom-2 | error | Consent | If the resource is contained in another resource, it SHALL NOT contain nested Resources : contained.contained.empty() | |
| dom-3 | error | Consent | If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource : contained.where((('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(canonical) = '#').exists()).not()).trace('unmatched', id).empty() | |
| dom-4 | error | Consent | If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated : contained.meta.versionId.empty() and contained.meta.lastUpdated.empty() | |
| dom-5 | error | Consent | If a resource is contained in another resource, it SHALL NOT have a security label : contained.meta.security.empty() | |
| dom-6 | best practice | Consent | A resource should have narrative for robust management : text.`div`.exists() | |
| ele-1 | error | **ALL** elements | All FHIR elements must have a @value or children : hasValue() or (children().count() > id.count()) | |
| ext-1 | error | **ALL** extensions | Must have either extensions or value[x], not both : extension.exists() != value.exists() | |
| ppc-1 | error | Consent | Either a Policy or PolicyRule : policy.exists() or policyRule.exists() | |
| ppc-2 | error | Consent | IF Scope=privacy, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='patient-privacy').exists().not() | |
| ppc-3 | error | Consent | IF Scope=research, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='research').exists().not() | |
| ppc-4 | error | Consent | IF Scope=adr, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='adr').exists().not() | |
| ppc-5 | error | Consent | IF Scope=treatment, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='treatment').exists().not() |
This structure is derived from Consent
| Name | Flags | Card. | Type | Description & Constraints |
|---|---|---|---|---|
| Consent |
0..* | Consent | A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time | |
 category |
1..* | CodeableConcept | Classification of the consent statement - for indexing/retrieval Binding: ValueSetConsentCategory (MY Core) (extensible) | |
| patient |
1..1 | Reference(Patient) | Who the consent applies to | |
| Documentation for this format | ||||
Terminology Bindings (Differential)
| Path | Conformance | ValueSet | URI |
| Consent.category | extensible | ValueSetConsentCategoryMyCorehttp://fhir.hie.moh.gov.my/ValueSet/consent-category-my-corefrom this IG |
| Name | Flags | Card. | Type | Description & Constraints | ||||
|---|---|---|---|---|---|---|---|---|
| Consent |
C | 0..* | Consent | A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time ppc-1: Either a Policy or PolicyRule ppc-2: IF Scope=privacy, there must be a patient ppc-3: IF Scope=research, there must be a patient ppc-4: IF Scope=adr, there must be a patient ppc-5: IF Scope=treatment, there must be a patient | ||||
| id |
Σ | 0..1 | id | Logical id of this artifact | ||||
| meta |
Σ | 0..1 | Meta | Metadata about the resource | ||||
| implicitRules |
?!Σ | 0..1 | uri | A set of rules under which this content was created | ||||
| language |
0..1 | code | Language of the resource content Binding: CommonLanguages (preferred): A human language.
| |||||
| text |
0..1 | Narrative | Text summary of the resource, for human interpretation | |||||
| contained |
0..* | Resource | Contained, inline Resources | |||||
 extension |
0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension |
?! | 0..* | Extension | Extensions that cannot be ignored | ||||
| identifier |
Σ | 0..* | Identifier | Identifier for this record (external references) Example General: {"system":"http://acme.org/identifier/local/eCMS","value":"Local eCMS identifier"} | ||||
| status |
?!Σ | 1..1 | code | draft | proposed | active | rejected | inactive | entered-in-error Binding: ConsentState (required): Indicates the state of the consent. | ||||
| scope |
?!Σ | 1..1 | CodeableConcept | Which of the four areas this resource covers (extensible) Binding: ConsentScopeCodes (extensible): The four anticipated uses for the Consent Resource. | ||||
| category |
Σ | 1..* | CodeableConcept | Classification of the consent statement - for indexing/retrieval Binding: ValueSetConsentCategory (MY Core) (extensible) | ||||
| patient |
Σ | 1..1 | Reference(Patient) | Who the consent applies to | ||||
| dateTime |
Σ | 0..1 | dateTime | When this Consent was created or indexed | ||||
| performer |
Σ | 0..* | Reference(Organization | Patient | Practitioner | RelatedPerson | PractitionerRole) | Who is agreeing to the policy and rules | ||||
| organization |
Σ | 0..* | Reference(Organization) | Custodian of the consent | ||||
  source[x] |
Σ | 0..1 | Source from which this consent is taken | |||||
 sourceAttachment |
Attachment | |||||||
| sourceReference |
Reference(Consent | DocumentReference | Contract | QuestionnaireResponse) | |||||||
| policy |
0..* | BackboneElement | Policies covered by this consent | |||||
| id |
0..1 | string | Unique id for inter-element referencing | |||||
| extension |
0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension |
?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| authority |
C | 0..1 | uri | Enforcement source for policy | ||||
| uri |
C | 0..1 | uri | Specific policy covered by this consent | ||||
| policyRule |
ΣC | 0..1 | CodeableConcept | Regulation that this consents to Binding: ConsentPolicyRuleCodes (extensible): Regulatory policy examples. | ||||
| verification |
Σ | 0..* | BackboneElement | Consent Verified by patient or family | ||||
| id |
0..1 | string | Unique id for inter-element referencing | |||||
| extension |
0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension |
?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| verified |
Σ | 1..1 | boolean | Has been verified | ||||
| verifiedWith |
0..1 | Reference(Patient | RelatedPerson) | Person who verified | |||||
| verificationDate |
0..1 | dateTime | When consent verified | |||||
 provision |
Σ | 0..1 | BackboneElement | Constraints to the base Consent.policyRule | ||||
 id |
0..1 | string | Unique id for inter-element referencing | |||||
| extension |
0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension |
?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| type |
Σ | 0..1 | code | deny | permit Binding: ConsentProvisionType (required): How a rule statement is applied, such as adding additional consent or removing consent. | ||||
| period |
Σ | 0..1 | Period | Timeframe for this rule | ||||
| actor |
0..* | BackboneElement | Who|what controlled by this rule (or group, by role) | |||||
| id |
0..1 | string | Unique id for inter-element referencing | |||||
| extension |
0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension |
?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| role |
1..1 | CodeableConcept | How the actor is involved Binding: SecurityRoleType (extensible): How an actor is involved in the consent considerations. | |||||
| reference |
1..1 | Reference(Device | Group | CareTeam | Organization | Patient | Practitioner | RelatedPerson | PractitionerRole) | Resource for the actor (or group, by role) | |||||
| action |
Σ | 0..* | CodeableConcept | Actions controlled by this rule Binding: ConsentActionCodes (example): Detailed codes for the consent action. | ||||
| securityLabel |
Σ | 0..* | Coding | Security Labels that define affected resources Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System. | ||||
| purpose |
Σ | 0..* | Coding | Context of activities covered by this rule Binding: PurposeOfUse (extensible): What purposes of use are controlled by this exception. If more than one label is specified, operations must have all the specified labels. | ||||
| class |
Σ | 0..* | Coding | e.g. Resource Type, Profile, CDA, etc. Binding: ConsentContentClass (extensible): The class (type) of information a consent rule covers. | ||||
| code |
Σ | 0..* | CodeableConcept | e.g. LOINC or SNOMED CT code, etc. in the content Binding: ConsentContentCodes (example): If this code is found in an instance, then the exception applies. | ||||
| dataPeriod |
Σ | 0..1 | Period | Timeframe for data controlled by this rule | ||||
| data |
Σ | 0..* | BackboneElement | Data controlled by this rule | ||||
| id |
0..1 | string | Unique id for inter-element referencing | |||||
| extension |
0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension |
?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| meaning |
Σ | 1..1 | code | instance | related | dependents | authoredby Binding: ConsentDataMeaning (required): How a resource reference is interpreted when testing consent restrictions. | ||||
| reference |
Σ | 1..1 | Reference(Resource) | The actual data reference | ||||
| provision |
0..* | See provision (Consent) | Nested Exception Rules | |||||
| Documentation for this format | ||||||||
Terminology Bindings
| Path | Conformance | ValueSet | URI | |||
| Consent.language | preferred | CommonLanguageshttp://hl7.org/fhir/ValueSet/languagesfrom the FHIR Standard
| ||||
| Consent.status | required | ConsentStatehttp://hl7.org/fhir/ValueSet/consent-state-codes|4.0.1from the FHIR Standard | ||||
| Consent.scope | extensible | ConsentScopeCodeshttp://hl7.org/fhir/ValueSet/consent-scopefrom the FHIR Standard | ||||
| Consent.category | extensible | ValueSetConsentCategoryMyCorehttp://fhir.hie.moh.gov.my/ValueSet/consent-category-my-corefrom this IG | ||||
| Consent.policyRule | extensible | ConsentPolicyRuleCodeshttp://hl7.org/fhir/ValueSet/consent-policyfrom the FHIR Standard | ||||
| Consent.provision.type | required | ConsentProvisionTypehttp://hl7.org/fhir/ValueSet/consent-provision-type|4.0.1from the FHIR Standard | ||||
| Consent.provision.actor.role | extensible | SecurityRoleTypehttp://hl7.org/fhir/ValueSet/security-role-typefrom the FHIR Standard | ||||
| Consent.provision.action | example | ConsentActionCodeshttp://hl7.org/fhir/ValueSet/consent-actionfrom the FHIR Standard | ||||
| Consent.provision.securityLabel | extensible | All Security Labelshttp://hl7.org/fhir/ValueSet/security-labelsfrom the FHIR Standard | ||||
| Consent.provision.purpose | extensible | PurposeOfUsehttp://terminology.hl7.org/ValueSet/v3-PurposeOfUse | ||||
| Consent.provision.class | extensible | ConsentContentClasshttp://hl7.org/fhir/ValueSet/consent-content-classfrom the FHIR Standard | ||||
| Consent.provision.code | example | ConsentContentCodes (a valid code from LOINC)http://hl7.org/fhir/ValueSet/consent-content-codefrom the FHIR Standard | ||||
| Consent.provision.data.meaning | required | ConsentDataMeaninghttp://hl7.org/fhir/ValueSet/consent-data-meaning|4.0.1from the FHIR Standard |
Constraints
| Id | Grade | Path(s) | Details | Requirements |
| dom-2 | error | Consent | If the resource is contained in another resource, it SHALL NOT contain nested Resources : contained.contained.empty() | |
| dom-3 | error | Consent | If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource : contained.where((('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(canonical) = '#').exists()).not()).trace('unmatched', id).empty() | |
| dom-4 | error | Consent | If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated : contained.meta.versionId.empty() and contained.meta.lastUpdated.empty() | |
| dom-5 | error | Consent | If a resource is contained in another resource, it SHALL NOT have a security label : contained.meta.security.empty() | |
| dom-6 | best practice | Consent | A resource should have narrative for robust management : text.`div`.exists() | |
| ele-1 | error | **ALL** elements | All FHIR elements must have a @value or children : hasValue() or (children().count() > id.count()) | |
| ext-1 | error | **ALL** extensions | Must have either extensions or value[x], not both : extension.exists() != value.exists() | |
| ppc-1 | error | Consent | Either a Policy or PolicyRule : policy.exists() or policyRule.exists() | |
| ppc-2 | error | Consent | IF Scope=privacy, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='patient-privacy').exists().not() | |
| ppc-3 | error | Consent | IF Scope=research, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='research').exists().not() | |
| ppc-4 | error | Consent | IF Scope=adr, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='adr').exists().not() | |
| ppc-5 | error | Consent | IF Scope=treatment, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='treatment').exists().not() |
This structure is derived from Consent
Key Elements View
| Name | Flags | Card. | Type | Description & Constraints |
|---|---|---|---|---|
| Consent |
C | 0..* | Consent | A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time dom-2: If the resource is contained in another resource, it SHALL NOT contain nested Resources dom-3: If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource dom-4: If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated dom-5: If a resource is contained in another resource, it SHALL NOT have a security label dom-6: A resource should have narrative for robust management ppc-1: Either a Policy or PolicyRule ppc-2: IF Scope=privacy, there must be a patient ppc-3: IF Scope=research, there must be a patient ppc-4: IF Scope=adr, there must be a patient ppc-5: IF Scope=treatment, there must be a patient |
| implicitRules |
?!Σ | 0..1 | uri | A set of rules under which this content was created ele-1: All FHIR elements must have a @value or children |
| modifierExtension |
?! | 0..* | Extension | Extensions that cannot be ignored ele-1: All FHIR elements must have a @value or children ext-1: Must have either extensions or value[x], not both |
| status |
?!Σ | 1..1 | code | draft | proposed | active | rejected | inactive | entered-in-error Binding: ConsentState (required): Indicates the state of the consent. ele-1: All FHIR elements must have a @value or children |
| scope |
?!Σ | 1..1 | CodeableConcept | Which of the four areas this resource covers (extensible) Binding: ConsentScopeCodes (extensible): The four anticipated uses for the Consent Resource. ele-1: All FHIR elements must have a @value or children |
| category |
Σ | 1..* | CodeableConcept | Classification of the consent statement - for indexing/retrieval Binding: ValueSetConsentCategory (MY Core) (extensible) ele-1: All FHIR elements must have a @value or children |
| patient |
Σ | 1..1 | Reference(Patient) | Who the consent applies to ele-1: All FHIR elements must have a @value or children |
| Documentation for this format | ||||
Terminology Bindings
| Path | Conformance | ValueSet | URI |
| Consent.status | required | ConsentStatehttp://hl7.org/fhir/ValueSet/consent-state-codes|4.0.1from the FHIR Standard | |
| Consent.scope | extensible | ConsentScopeCodeshttp://hl7.org/fhir/ValueSet/consent-scopefrom the FHIR Standard | |
| Consent.category | extensible | ValueSetConsentCategoryMyCorehttp://fhir.hie.moh.gov.my/ValueSet/consent-category-my-corefrom this IG |
Constraints
| Id | Grade | Path(s) | Details | Requirements |
| dom-2 | error | Consent | If the resource is contained in another resource, it SHALL NOT contain nested Resources : contained.contained.empty() | |
| dom-3 | error | Consent | If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource : contained.where((('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(canonical) = '#').exists()).not()).trace('unmatched', id).empty() | |
| dom-4 | error | Consent | If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated : contained.meta.versionId.empty() and contained.meta.lastUpdated.empty() | |
| dom-5 | error | Consent | If a resource is contained in another resource, it SHALL NOT have a security label : contained.meta.security.empty() | |
| dom-6 | best practice | Consent | A resource should have narrative for robust management : text.`div`.exists() | |
| ele-1 | error | **ALL** elements | All FHIR elements must have a @value or children : hasValue() or (children().count() > id.count()) | |
| ext-1 | error | **ALL** extensions | Must have either extensions or value[x], not both : extension.exists() != value.exists() | |
| ppc-1 | error | Consent | Either a Policy or PolicyRule : policy.exists() or policyRule.exists() | |
| ppc-2 | error | Consent | IF Scope=privacy, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='patient-privacy').exists().not() | |
| ppc-3 | error | Consent | IF Scope=research, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='research').exists().not() | |
| ppc-4 | error | Consent | IF Scope=adr, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='adr').exists().not() | |
| ppc-5 | error | Consent | IF Scope=treatment, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='treatment').exists().not() |
Differential View
This structure is derived from Consent
| Name | Flags | Card. | Type | Description & Constraints |
|---|---|---|---|---|
| Consent |
0..* | Consent | A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time | |
| category |
1..* | CodeableConcept | Classification of the consent statement - for indexing/retrieval Binding: ValueSetConsentCategory (MY Core) (extensible) | |
| patient |
1..1 | Reference(Patient) | Who the consent applies to | |
| Documentation for this format | ||||
Terminology Bindings (Differential)
| Path | Conformance | ValueSet | URI |
| Consent.category | extensible | ValueSetConsentCategoryMyCorehttp://fhir.hie.moh.gov.my/ValueSet/consent-category-my-corefrom this IG |
Snapshot View
| Name | Flags | Card. | Type | Description & Constraints | ||||
|---|---|---|---|---|---|---|---|---|
| Consent |
C | 0..* | Consent | A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time ppc-1: Either a Policy or PolicyRule ppc-2: IF Scope=privacy, there must be a patient ppc-3: IF Scope=research, there must be a patient ppc-4: IF Scope=adr, there must be a patient ppc-5: IF Scope=treatment, there must be a patient | ||||
| id |
Σ | 0..1 | id | Logical id of this artifact | ||||
| meta |
Σ | 0..1 | Meta | Metadata about the resource | ||||
| implicitRules |
?!Σ | 0..1 | uri | A set of rules under which this content was created | ||||
| language |
0..1 | code | Language of the resource content Binding: CommonLanguages (preferred): A human language.
| |||||
| text |
0..1 | Narrative | Text summary of the resource, for human interpretation | |||||
| contained |
0..* | Resource | Contained, inline Resources | |||||
| extension |
0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension |
?! | 0..* | Extension | Extensions that cannot be ignored | ||||
| identifier |
Σ | 0..* | Identifier | Identifier for this record (external references) Example General: {"system":"http://acme.org/identifier/local/eCMS","value":"Local eCMS identifier"} | ||||
| status |
?!Σ | 1..1 | code | draft | proposed | active | rejected | inactive | entered-in-error Binding: ConsentState (required): Indicates the state of the consent. | ||||
| scope |
?!Σ | 1..1 | CodeableConcept | Which of the four areas this resource covers (extensible) Binding: ConsentScopeCodes (extensible): The four anticipated uses for the Consent Resource. | ||||
| category |
Σ | 1..* | CodeableConcept | Classification of the consent statement - for indexing/retrieval Binding: ValueSetConsentCategory (MY Core) (extensible) | ||||
| patient |
Σ | 1..1 | Reference(Patient) | Who the consent applies to | ||||
| dateTime |
Σ | 0..1 | dateTime | When this Consent was created or indexed | ||||
| performer |
Σ | 0..* | Reference(Organization | Patient | Practitioner | RelatedPerson | PractitionerRole) | Who is agreeing to the policy and rules | ||||
| organization |
Σ | 0..* | Reference(Organization) | Custodian of the consent | ||||
| source[x] |
Σ | 0..1 | Source from which this consent is taken | |||||
| sourceAttachment |
Attachment | |||||||
| sourceReference |
Reference(Consent | DocumentReference | Contract | QuestionnaireResponse) | |||||||
| policy |
0..* | BackboneElement | Policies covered by this consent | |||||
| id |
0..1 | string | Unique id for inter-element referencing | |||||
| extension |
0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension |
?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| authority |
C | 0..1 | uri | Enforcement source for policy | ||||
| uri |
C | 0..1 | uri | Specific policy covered by this consent | ||||
| policyRule |
ΣC | 0..1 | CodeableConcept | Regulation that this consents to Binding: ConsentPolicyRuleCodes (extensible): Regulatory policy examples. | ||||
| verification |
Σ | 0..* | BackboneElement | Consent Verified by patient or family | ||||
| id |
0..1 | string | Unique id for inter-element referencing | |||||
| extension |
0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension |
?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| verified |
Σ | 1..1 | boolean | Has been verified | ||||
| verifiedWith |
0..1 | Reference(Patient | RelatedPerson) | Person who verified | |||||
| verificationDate |
0..1 | dateTime | When consent verified | |||||
| provision |
Σ | 0..1 | BackboneElement | Constraints to the base Consent.policyRule | ||||
| id |
0..1 | string | Unique id for inter-element referencing | |||||
| extension |
0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension |
?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| type |
Σ | 0..1 | code | deny | permit Binding: ConsentProvisionType (required): How a rule statement is applied, such as adding additional consent or removing consent. | ||||
| period |
Σ | 0..1 | Period | Timeframe for this rule | ||||
| actor |
0..* | BackboneElement | Who|what controlled by this rule (or group, by role) | |||||
| id |
0..1 | string | Unique id for inter-element referencing | |||||
| extension |
0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension |
?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| role |
1..1 | CodeableConcept | How the actor is involved Binding: SecurityRoleType (extensible): How an actor is involved in the consent considerations. | |||||
| reference |
1..1 | Reference(Device | Group | CareTeam | Organization | Patient | Practitioner | RelatedPerson | PractitionerRole) | Resource for the actor (or group, by role) | |||||
| action |
Σ | 0..* | CodeableConcept | Actions controlled by this rule Binding: ConsentActionCodes (example): Detailed codes for the consent action. | ||||
| securityLabel |
Σ | 0..* | Coding | Security Labels that define affected resources Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System. | ||||
| purpose |
Σ | 0..* | Coding | Context of activities covered by this rule Binding: PurposeOfUse (extensible): What purposes of use are controlled by this exception. If more than one label is specified, operations must have all the specified labels. | ||||
| class |
Σ | 0..* | Coding | e.g. Resource Type, Profile, CDA, etc. Binding: ConsentContentClass (extensible): The class (type) of information a consent rule covers. | ||||
| code |
Σ | 0..* | CodeableConcept | e.g. LOINC or SNOMED CT code, etc. in the content Binding: ConsentContentCodes (example): If this code is found in an instance, then the exception applies. | ||||
| dataPeriod |
Σ | 0..1 | Period | Timeframe for data controlled by this rule | ||||
| data |
Σ | 0..* | BackboneElement | Data controlled by this rule | ||||
| id |
0..1 | string | Unique id for inter-element referencing | |||||
| extension |
0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension |
?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| meaning |
Σ | 1..1 | code | instance | related | dependents | authoredby Binding: ConsentDataMeaning (required): How a resource reference is interpreted when testing consent restrictions. | ||||
| reference |
Σ | 1..1 | Reference(Resource) | The actual data reference | ||||
| provision |
0..* | See provision (Consent) | Nested Exception Rules | |||||
| Documentation for this format | ||||||||
Terminology Bindings
| Path | Conformance | ValueSet | URI | |||
| Consent.language | preferred | CommonLanguageshttp://hl7.org/fhir/ValueSet/languagesfrom the FHIR Standard
| ||||
| Consent.status | required | ConsentStatehttp://hl7.org/fhir/ValueSet/consent-state-codes|4.0.1from the FHIR Standard | ||||
| Consent.scope | extensible | ConsentScopeCodeshttp://hl7.org/fhir/ValueSet/consent-scopefrom the FHIR Standard | ||||
| Consent.category | extensible | ValueSetConsentCategoryMyCorehttp://fhir.hie.moh.gov.my/ValueSet/consent-category-my-corefrom this IG | ||||
| Consent.policyRule | extensible | ConsentPolicyRuleCodeshttp://hl7.org/fhir/ValueSet/consent-policyfrom the FHIR Standard | ||||
| Consent.provision.type | required | ConsentProvisionTypehttp://hl7.org/fhir/ValueSet/consent-provision-type|4.0.1from the FHIR Standard | ||||
| Consent.provision.actor.role | extensible | SecurityRoleTypehttp://hl7.org/fhir/ValueSet/security-role-typefrom the FHIR Standard | ||||
| Consent.provision.action | example | ConsentActionCodeshttp://hl7.org/fhir/ValueSet/consent-actionfrom the FHIR Standard | ||||
| Consent.provision.securityLabel | extensible | All Security Labelshttp://hl7.org/fhir/ValueSet/security-labelsfrom the FHIR Standard | ||||
| Consent.provision.purpose | extensible | PurposeOfUsehttp://terminology.hl7.org/ValueSet/v3-PurposeOfUse | ||||
| Consent.provision.class | extensible | ConsentContentClasshttp://hl7.org/fhir/ValueSet/consent-content-classfrom the FHIR Standard | ||||
| Consent.provision.code | example | ConsentContentCodes (a valid code from LOINC)http://hl7.org/fhir/ValueSet/consent-content-codefrom the FHIR Standard | ||||
| Consent.provision.data.meaning | required | ConsentDataMeaninghttp://hl7.org/fhir/ValueSet/consent-data-meaning|4.0.1from the FHIR Standard |
Constraints
| Id | Grade | Path(s) | Details | Requirements |
| dom-2 | error | Consent | If the resource is contained in another resource, it SHALL NOT contain nested Resources : contained.contained.empty() | |
| dom-3 | error | Consent | If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource : contained.where((('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(canonical) = '#').exists()).not()).trace('unmatched', id).empty() | |
| dom-4 | error | Consent | If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated : contained.meta.versionId.empty() and contained.meta.lastUpdated.empty() | |
| dom-5 | error | Consent | If a resource is contained in another resource, it SHALL NOT have a security label : contained.meta.security.empty() | |
| dom-6 | best practice | Consent | A resource should have narrative for robust management : text.`div`.exists() | |
| ele-1 | error | **ALL** elements | All FHIR elements must have a @value or children : hasValue() or (children().count() > id.count()) | |
| ext-1 | error | **ALL** extensions | Must have either extensions or value[x], not both : extension.exists() != value.exists() | |
| ppc-1 | error | Consent | Either a Policy or PolicyRule : policy.exists() or policyRule.exists() | |
| ppc-2 | error | Consent | IF Scope=privacy, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='patient-privacy').exists().not() | |
| ppc-3 | error | Consent | IF Scope=research, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='research').exists().not() | |
| ppc-4 | error | Consent | IF Scope=adr, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='adr').exists().not() | |
| ppc-5 | error | Consent | IF Scope=treatment, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='treatment').exists().not() |
This structure is derived from Consent
Other representations of profile: CSV, Excel, Schematron
Notes:
Mandatory Data Elements
This structure defines these elements as mandatory data fields:
| Element | Description |
|---|---|
Consent.status
|
Status of the Consent in the workflow. |
Consent.scope
|
Type of Consent given, e.g. treatment-related, privacy-type consent. |
Consent.category
|
General category of Consent given, e.g. patient consent, research-related, advanced directive. |
Consent.patient
|
References the Patient who is the subject of the Consent. |