Introduction

A Consent resource is a record of a healthcare consumer’s policy choices, which permits or denies identified actors(s) or identified role(s) to perform one or more actions within a given policy context, for specific purpose(s) and period of time.

Scope and Usage

In the eHealth infrastructure a Consent resource is used

1. as a record of the fact that a Patient has given a Consent and
2. to enforce data policies that require Consent to be given and recorded for a Patient.

The eHealth profile of Consent has the following extensions:

• ehealth-consent-affiliation which specifies the care context level to which the consent applies—either EpisodeOfCare level (mandatory reference) or CarePlan level (optional reference). See section on Affiliation below.

Registration of Consent

When a Patient gives a consent, this consent must be recorded as a Consent resource. This resource can be created by the Patient herself or by a Practitioner as a result of conversations or correspondence with the Patient.

eHealth operates with two categories of consents:

1. Category PITEOC: Consent given by a Patient to be enrolled into a telemedical EpisodeOfCare. This Consent is interpretated to also apply to all CarePlan instances related to the consented EpisodeOfCare.

2. Category SSLPCI: Consent given by a Patient to have his/her contact information (physical address and telecommunication endpoints) being disclosed to a specified actor supplying device(s) and service(s) to the Patient as part of an EpisodeOfCare and related CarePlan(s).

Consents of category PITEOC are expressed by creating a Consent resource with:

• Consent.category.coding.system = "http://ehealth.sundhed.dk/cs/consent-category"
• Consent.category.coding.code = "PITEOC".

Consents of category SSLPCI are expressed by creating a Consent resource with:

• Consent.category.coding.system = "http://ehealth.sundhed.dk/cs/consent-category"
• Consent.category.coding.code = "SSLPCI".

Enforcement of Consent

Business rules are built into eHealth infrastructure to ensure that data can only be processed or forwarded to other systems and actors when the proper Consent is given.

This means, that:

1. An EpisodeOfCare can only change status to active if a Consent with category PITEOC has been given.
2. An SSL Order can only change status to submitted if a Consent with category SSLPCI has been given.

In addition to the Consent.category element, the following elements must be set on a Consent resource for the policy enforcing business logic to take effect:

• Consent.patient - the patient who is the subject of this consent (must coincide with the EpisodeOfCare.patient referenced by Consent.data.reference)
• Consent.provision.data.reference - the EpisodeOfCare for which this Consent is in force.
• Consent.provision.actor - the actor (Organization, CareTeam, Practitioner) whose behaviour is controlled by this consent.
• Consent.status - the status of this consent (only active consents are considered to be in force)
• Consent.provision.period - the (possibly open-ended) period for which this consent is in force.

For more information see the element descriptions in the snapshot table on this page and also see the example Consent resources on the Examples tab.

Affiliation

Specifies the care context level to which the consent applies—either EpisodeOfCare level (mandatory reference) or CarePlan level (optional reference). This enables precise scoping of consent in telemedicine solutions, such as controlling patient access to triage results for specific CarePlan or broader EpisodeOfCare. The Consent.provision.data element is for data controlled by the consent, while ehealth-consent-affiliation indicates the care level to which the consent applies. See Consent/23 for an example of how to use the affiliation extension.

Remarks on operations

Search

• As patient user
  • Search parameter patient is mandatory and must match the patient in the user context.
• As practitioner user
  • Search parameters most contain either data or affiliation that matches the episodeOfCare in the user context.
  • Parameter affiliation:
    • If searching by affiliation for multiple CarePlans, the affiliation parameter must be specified two times ?affiliation=episodeOfCareRef&affiliation=careplanRef1,careplanRef2. A single OR search containing both episodeOfCareRef and CarePlanRefs is not allowed, as there is no guarantee the CarePlan is referencing the specified episodeOfCare.

Create

• As patient user
  • Not allowed to create Consent with policy http://ehealth.sundhed.dk/policy/ehealth/display-triage-result.

Update

• As patient user
  • Not allowed to update Consent with policy http://ehealth.sundhed.dk/policy/ehealth/display-triage-result.

• Key Elements Table
• Differential Table
• Snapshot Table
• Statistics/References
• All

Name	Flags	Card.	Type	Description & Constraints    Filter: Bindings Constraints Obligations
Consent	C	0..*	Consent	A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time Constraints: ppc-1, ppc-2, ppc-3, ppc-4, ppc-5
implicitRules	?!Σ	0..1	uri	A set of rules under which this content was created
Slices for extension		0..*	Extension	Extension Slice: Unordered, Open by value:url
extension:affiliation		0..*	Reference(ehealth-episodeofcare | ehealth-careplan) {r}	Affiliation to EpisodeOfCare and optionally CarePlan URL: http://ehealth.sundhed.dk/fhir/StructureDefinition/ehealth-consent-affiliation
modifierExtension	?!	0..*	Extension	Extensions that cannot be ignored
status	?!Σ	1..1	code	draft | proposed | active | rejected | inactive | entered-in-error Binding: ConsentState (required): Indicates the state of the consent.
scope	?!Σ	1..1	CodeableConcept	Specific scope covered by this consent Binding: Consent Scope (required)
category	Σ	1..*	CodeableConcept	Classification of the consent statement - for indexing/retrieval Binding: Consent Category (required)
patient	Σ	1..1	Reference(ehealth-patient) {r}	Who the consent applies to
organization	Σ	0..*	Reference(ehealth-organization) {r}	Custodian of the consent
Slices for source[x]	Σ	0..1		Source from which this consent is taken Slice: Unordered, Open by type:$this
sourceAttachment			Attachment
sourceReference			Reference(Consent | DocumentReference | Contract | QuestionnaireResponse)
source[x]:sourceReference	Σ	0..1	Reference(ehealth-consent | ehealth-documentreference | Contract | ehealth-questionnaireresponse)	Source from which this consent is taken
Documentation for this format

Terminology Bindings

Path	Conformance	ValueSet	URI
Consent.status	required	ConsentState(a valid code from Consent State Codes) http://hl7.org/fhir/ValueSet/consent-state-codes|4.0.1 From the FHIR Standard
Consent.scope	required	ConsentScope http://ehealth.sundhed.dk/vs/ehealth-consent-scope From this IG
Consent.category	required	ConsentCategory(a valid code from Consent Category) http://ehealth.sundhed.dk/vs/consent-category From this IG

Constraints

Id	Grade	Path(s)	Details	Requirements
dom-2	error	Consent	If the resource is contained in another resource, it SHALL NOT contain nested Resources : contained.contained.empty()
dom-3	error	Consent	If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource : contained.where((('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(canonical) = '#').exists()).not()).trace('unmatched', id).empty()
dom-4	error	Consent	If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated : contained.meta.versionId.empty() and contained.meta.lastUpdated.empty()
dom-5	error	Consent	If a resource is contained in another resource, it SHALL NOT have a security label : contained.meta.security.empty()
dom-6	best practice	Consent	A resource should have narrative for robust management : text.`div`.exists()
ele-1	error	**ALL** elements	All FHIR elements must have a @value or children : hasValue() or (children().count() > id.count())
ext-1	error	**ALL** extensions	Must have either extensions or value[x], not both : extension.exists() != value.exists()
ppc-1	error	Consent	Either a Policy or PolicyRule : policy.exists() or policyRule.exists()
ppc-2	error	Consent	IF Scope=privacy, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='patient-privacy').exists().not()
ppc-3	error	Consent	IF Scope=research, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='research').exists().not()
ppc-4	error	Consent	IF Scope=adr, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='adr').exists().not()
ppc-5	error	Consent	IF Scope=treatment, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='treatment').exists().not()

This structure is derived from Consent

Name	Flags	Card.	Type	Description & Constraints    Filter: Bindings Constraints Obligations
Consent		0..*	Consent	A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time
Slices for extension		0..*	Extension	Extension Slice: Unordered, Open by value:url
extension:affiliation		0..*	Reference(ehealth-episodeofcare | ehealth-careplan) {r}	Affiliation to EpisodeOfCare and optionally CarePlan URL: http://ehealth.sundhed.dk/fhir/StructureDefinition/ehealth-consent-affiliation
scope		1..1	CodeableConcept	Specific scope covered by this consent Binding: Consent Scope (required)
category		1..*	CodeableConcept	Classification of the consent statement - for indexing/retrieval Binding: Consent Category (required)
patient		1..1	Reference(ehealth-patient) {r}	Who the consent applies to
organization		0..*	Reference(ehealth-organization) {r}	Custodian of the consent
Slices for source[x]		0..1	Attachment, Reference(Consent | DocumentReference | Contract | QuestionnaireResponse)	Source from which this consent is taken Slice: Unordered, Open by type:$this
source[x]:sourceReference		0..1	Reference(ehealth-consent | ehealth-documentreference | Contract | ehealth-questionnaireresponse)	Source from which this consent is taken
policy
uri		0..1	uri	Specific policy covered by this consent Binding: Consent Policy (required)
provision
class		0..*	Coding	Specific class covered by this consent Binding: Consent Provision Class (required)
code		0..*	CodeableConcept	Specific code covered by this consent Binding: Consent Provision Code (required)
Documentation for this format

Terminology Bindings (Differential)

Path	Conformance	ValueSet	URI
Consent.scope	required	ConsentScope http://ehealth.sundhed.dk/vs/ehealth-consent-scope From this IG
Consent.category	required	ConsentCategory(a valid code from Consent Category) http://ehealth.sundhed.dk/vs/consent-category From this IG
Consent.policy.uri	required	ConsentPolicy(a valid code from Consent policy) http://ehealth.sundhed.dk/vs/ehealth-consent-policy From this IG
Consent.provision.class	required	ConsentProvisionClass http://ehealth.sundhed.dk/vs/ehealth-consent-provision-class From this IG
Consent.provision.code	required	ConsentProvisionCode http://ehealth.sundhed.dk/vs/ehealth-consent-provision-code From this IG

Name	Flags	Card.	Type	Description & Constraints    Filter: Bindings Constraints Obligations
Consent	C	0..*	Consent	A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time Constraints: ppc-1, ppc-2, ppc-3, ppc-4, ppc-5
id	Σ	0..1	id	Logical id of this artifact
meta	Σ	0..1	Meta	Metadata about the resource
implicitRules	?!Σ	0..1	uri	A set of rules under which this content was created
language		0..1	code	Language of the resource content Binding: CommonLanguages (preferred): A human language. Additional Bindings Purpose AllLanguages Max Binding
text		0..1	Narrative	Text summary of the resource, for human interpretation This profile does not constrain the narrative in regard to content, language, or traceability to data elements
contained		0..*	Resource	Contained, inline Resources
Slices for extension		0..*	Extension	Extension Slice: Unordered, Open by value:url
extension:affiliation		0..*	Reference(ehealth-episodeofcare | ehealth-careplan) {r}	Affiliation to EpisodeOfCare and optionally CarePlan URL: http://ehealth.sundhed.dk/fhir/StructureDefinition/ehealth-consent-affiliation
modifierExtension	?!	0..*	Extension	Extensions that cannot be ignored
identifier	Σ	0..*	Identifier	Identifier for this record (external references) Example General: {"system":"http://acme.org/identifier/local/eCMS","value":"Local eCMS identifier"}
status	?!Σ	1..1	code	draft | proposed | active | rejected | inactive | entered-in-error Binding: ConsentState (required): Indicates the state of the consent.
scope	?!Σ	1..1	CodeableConcept	Specific scope covered by this consent Binding: Consent Scope (required)
category	Σ	1..*	CodeableConcept	Classification of the consent statement - for indexing/retrieval Binding: Consent Category (required)
patient	Σ	1..1	Reference(ehealth-patient) {r}	Who the consent applies to
dateTime	Σ	0..1	dateTime	When this Consent was created or indexed
performer	Σ	0..*	Reference(Organization | Patient | Practitioner | RelatedPerson | PractitionerRole)	Who is agreeing to the policy and rules
organization	Σ	0..*	Reference(ehealth-organization) {r}	Custodian of the consent
Slices for source[x]	Σ	0..1		Source from which this consent is taken Slice: Unordered, Open by type:$this
sourceAttachment			Attachment
sourceReference			Reference(Consent | DocumentReference | Contract | QuestionnaireResponse)
source[x]:sourceReference	Σ	0..1	Reference(ehealth-consent | ehealth-documentreference | Contract | ehealth-questionnaireresponse)	Source from which this consent is taken
policy		0..*	BackboneElement	Policies covered by this consent
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
authority	C	0..1	uri	Enforcement source for policy
uri	C	0..1	uri	Specific policy covered by this consent Binding: Consent Policy (required)
policyRule	ΣC	0..1	CodeableConcept	Regulation that this consents to Binding: ConsentPolicyRuleCodes (extensible): Regulatory policy examples.
verification	Σ	0..*	BackboneElement	Consent Verified by patient or family
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
verified	Σ	1..1	boolean	Has been verified
verifiedWith		0..1	Reference(Patient | RelatedPerson)	Person who verified
verificationDate		0..1	dateTime	When consent verified
provision	Σ	0..1	BackboneElement	Constraints to the base Consent.policyRule
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type	Σ	0..1	code	deny | permit Binding: ConsentProvisionType (required): How a rule statement is applied, such as adding additional consent or removing consent.
period	Σ	0..1	Period	Timeframe for this rule
actor		0..*	BackboneElement	Who|what controlled by this rule (or group, by role)
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
role		1..1	CodeableConcept	How the actor is involved Binding: SecurityRoleType (extensible): How an actor is involved in the consent considerations.
reference		1..1	Reference(Device | Group | CareTeam | Organization | Patient | Practitioner | RelatedPerson | PractitionerRole)	Resource for the actor (or group, by role)
action	Σ	0..*	CodeableConcept	Actions controlled by this rule Binding: ConsentActionCodes (example): Detailed codes for the consent action.
securityLabel	Σ	0..*	Coding	Security Labels that define affected resources Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System.
purpose	Σ	0..*	Coding	Context of activities covered by this rule Binding: PurposeOfUse (extensible): What purposes of use are controlled by this exception. If more than one label is specified, operations must have all the specified labels.
class	Σ	0..*	Coding	Specific class covered by this consent Binding: Consent Provision Class (required)
code	Σ	0..*	CodeableConcept	Specific code covered by this consent Binding: Consent Provision Code (required)
dataPeriod	Σ	0..1	Period	Timeframe for data controlled by this rule
data	Σ	0..*	BackboneElement	Data controlled by this rule
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
meaning	Σ	1..1	code	instance | related | dependents | authoredby Binding: ConsentDataMeaning (required): How a resource reference is interpreted when testing consent restrictions.
reference	Σ	1..1	Reference(Resource)	The actual data reference
provision		0..*	See provision (Consent)	Nested Exception Rules
Documentation for this format

Terminology Bindings

Path	Conformance	ValueSet	URI
Consent.language	preferred	CommonLanguages http://hl7.org/fhir/ValueSet/languages From the FHIR Standard Additional Bindings Purpose AllLanguages Max Binding
Consent.status	required	ConsentState(a valid code from Consent State Codes) http://hl7.org/fhir/ValueSet/consent-state-codes|4.0.1 From the FHIR Standard
Consent.scope	required	ConsentScope http://ehealth.sundhed.dk/vs/ehealth-consent-scope From this IG
Consent.category	required	ConsentCategory(a valid code from Consent Category) http://ehealth.sundhed.dk/vs/consent-category From this IG
Consent.policy.uri	required	ConsentPolicy(a valid code from Consent policy) http://ehealth.sundhed.dk/vs/ehealth-consent-policy From this IG
Consent.policyRule	extensible	ConsentPolicyRuleCodes http://hl7.org/fhir/ValueSet/consent-policy From the FHIR Standard
Consent.provision.type	required	ConsentProvisionType http://hl7.org/fhir/ValueSet/consent-provision-type|4.0.1 From the FHIR Standard
Consent.provision.actor.role	extensible	SecurityRoleType http://hl7.org/fhir/ValueSet/security-role-type From the FHIR Standard
Consent.provision.action	example	ConsentActionCodes http://hl7.org/fhir/ValueSet/consent-action From the FHIR Standard
Consent.provision.securityLabel	extensible	All Security Labels http://hl7.org/fhir/ValueSet/security-labels From the FHIR Standard
Consent.provision.purpose	extensible	PurposeOfUse http://terminology.hl7.org/ValueSet/v3-PurposeOfUse
Consent.provision.class	required	ConsentProvisionClass http://ehealth.sundhed.dk/vs/ehealth-consent-provision-class From this IG
Consent.provision.code	required	ConsentProvisionCode http://ehealth.sundhed.dk/vs/ehealth-consent-provision-code From this IG
Consent.provision.data.meaning	required	ConsentDataMeaning http://hl7.org/fhir/ValueSet/consent-data-meaning|4.0.1 From the FHIR Standard

Constraints

Id	Grade	Path(s)	Details	Requirements
dom-2	error	Consent	If the resource is contained in another resource, it SHALL NOT contain nested Resources : contained.contained.empty()
dom-3	error	Consent	If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource : contained.where((('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(canonical) = '#').exists()).not()).trace('unmatched', id).empty()
dom-4	error	Consent	If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated : contained.meta.versionId.empty() and contained.meta.lastUpdated.empty()
dom-5	error	Consent	If a resource is contained in another resource, it SHALL NOT have a security label : contained.meta.security.empty()
dom-6	best practice	Consent	A resource should have narrative for robust management : text.`div`.exists()
ele-1	error	**ALL** elements	All FHIR elements must have a @value or children : hasValue() or (children().count() > id.count())
ext-1	error	**ALL** extensions	Must have either extensions or value[x], not both : extension.exists() != value.exists()
ppc-1	error	Consent	Either a Policy or PolicyRule : policy.exists() or policyRule.exists()
ppc-2	error	Consent	IF Scope=privacy, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='patient-privacy').exists().not()
ppc-3	error	Consent	IF Scope=research, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='research').exists().not()
ppc-4	error	Consent	IF Scope=adr, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='adr').exists().not()
ppc-5	error	Consent	IF Scope=treatment, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='treatment').exists().not()

Key Elements View

Name	Flags	Card.	Type	Description & Constraints    Filter: Bindings Constraints Obligations
Consent	C	0..*	Consent	A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time Constraints: ppc-1, ppc-2, ppc-3, ppc-4, ppc-5
implicitRules	?!Σ	0..1	uri	A set of rules under which this content was created
Slices for extension		0..*	Extension	Extension Slice: Unordered, Open by value:url
extension:affiliation		0..*	Reference(ehealth-episodeofcare | ehealth-careplan) {r}	Affiliation to EpisodeOfCare and optionally CarePlan URL: http://ehealth.sundhed.dk/fhir/StructureDefinition/ehealth-consent-affiliation
modifierExtension	?!	0..*	Extension	Extensions that cannot be ignored
status	?!Σ	1..1	code	draft | proposed | active | rejected | inactive | entered-in-error Binding: ConsentState (required): Indicates the state of the consent.
scope	?!Σ	1..1	CodeableConcept	Specific scope covered by this consent Binding: Consent Scope (required)
category	Σ	1..*	CodeableConcept	Classification of the consent statement - for indexing/retrieval Binding: Consent Category (required)
patient	Σ	1..1	Reference(ehealth-patient) {r}	Who the consent applies to
organization	Σ	0..*	Reference(ehealth-organization) {r}	Custodian of the consent
Slices for source[x]	Σ	0..1		Source from which this consent is taken Slice: Unordered, Open by type:$this
sourceAttachment			Attachment
sourceReference			Reference(Consent | DocumentReference | Contract | QuestionnaireResponse)
source[x]:sourceReference	Σ	0..1	Reference(ehealth-consent | ehealth-documentreference | Contract | ehealth-questionnaireresponse)	Source from which this consent is taken
Documentation for this format

Terminology Bindings

Path	Conformance	ValueSet	URI
Consent.status	required	ConsentState(a valid code from Consent State Codes) http://hl7.org/fhir/ValueSet/consent-state-codes|4.0.1 From the FHIR Standard
Consent.scope	required	ConsentScope http://ehealth.sundhed.dk/vs/ehealth-consent-scope From this IG
Consent.category	required	ConsentCategory(a valid code from Consent Category) http://ehealth.sundhed.dk/vs/consent-category From this IG

Constraints

Id	Grade	Path(s)	Details	Requirements
dom-2	error	Consent	If the resource is contained in another resource, it SHALL NOT contain nested Resources : contained.contained.empty()
dom-3	error	Consent	If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource : contained.where((('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(canonical) = '#').exists()).not()).trace('unmatched', id).empty()
dom-4	error	Consent	If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated : contained.meta.versionId.empty() and contained.meta.lastUpdated.empty()
dom-5	error	Consent	If a resource is contained in another resource, it SHALL NOT have a security label : contained.meta.security.empty()
dom-6	best practice	Consent	A resource should have narrative for robust management : text.`div`.exists()
ele-1	error	**ALL** elements	All FHIR elements must have a @value or children : hasValue() or (children().count() > id.count())
ext-1	error	**ALL** extensions	Must have either extensions or value[x], not both : extension.exists() != value.exists()
ppc-1	error	Consent	Either a Policy or PolicyRule : policy.exists() or policyRule.exists()
ppc-2	error	Consent	IF Scope=privacy, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='patient-privacy').exists().not()
ppc-3	error	Consent	IF Scope=research, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='research').exists().not()
ppc-4	error	Consent	IF Scope=adr, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='adr').exists().not()
ppc-5	error	Consent	IF Scope=treatment, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='treatment').exists().not()

Differential View

This structure is derived from Consent

Name	Flags	Card.	Type	Description & Constraints    Filter: Bindings Constraints Obligations
Consent		0..*	Consent	A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time
Slices for extension		0..*	Extension	Extension Slice: Unordered, Open by value:url
extension:affiliation		0..*	Reference(ehealth-episodeofcare | ehealth-careplan) {r}	Affiliation to EpisodeOfCare and optionally CarePlan URL: http://ehealth.sundhed.dk/fhir/StructureDefinition/ehealth-consent-affiliation
scope		1..1	CodeableConcept	Specific scope covered by this consent Binding: Consent Scope (required)
category		1..*	CodeableConcept	Classification of the consent statement - for indexing/retrieval Binding: Consent Category (required)
patient		1..1	Reference(ehealth-patient) {r}	Who the consent applies to
organization		0..*	Reference(ehealth-organization) {r}	Custodian of the consent
Slices for source[x]		0..1	Attachment, Reference(Consent | DocumentReference | Contract | QuestionnaireResponse)	Source from which this consent is taken Slice: Unordered, Open by type:$this
source[x]:sourceReference		0..1	Reference(ehealth-consent | ehealth-documentreference | Contract | ehealth-questionnaireresponse)	Source from which this consent is taken
policy
uri		0..1	uri	Specific policy covered by this consent Binding: Consent Policy (required)
provision
class		0..*	Coding	Specific class covered by this consent Binding: Consent Provision Class (required)
code		0..*	CodeableConcept	Specific code covered by this consent Binding: Consent Provision Code (required)
Documentation for this format

Terminology Bindings (Differential)

Path	Conformance	ValueSet	URI
Consent.scope	required	ConsentScope http://ehealth.sundhed.dk/vs/ehealth-consent-scope From this IG
Consent.category	required	ConsentCategory(a valid code from Consent Category) http://ehealth.sundhed.dk/vs/consent-category From this IG
Consent.policy.uri	required	ConsentPolicy(a valid code from Consent policy) http://ehealth.sundhed.dk/vs/ehealth-consent-policy From this IG
Consent.provision.class	required	ConsentProvisionClass http://ehealth.sundhed.dk/vs/ehealth-consent-provision-class From this IG
Consent.provision.code	required	ConsentProvisionCode http://ehealth.sundhed.dk/vs/ehealth-consent-provision-code From this IG

Snapshot View

Name	Flags	Card.	Type	Description & Constraints    Filter: Bindings Constraints Obligations
Consent	C	0..*	Consent	A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time Constraints: ppc-1, ppc-2, ppc-3, ppc-4, ppc-5
id	Σ	0..1	id	Logical id of this artifact
meta	Σ	0..1	Meta	Metadata about the resource
implicitRules	?!Σ	0..1	uri	A set of rules under which this content was created
language		0..1	code	Language of the resource content Binding: CommonLanguages (preferred): A human language. Additional Bindings Purpose AllLanguages Max Binding
text		0..1	Narrative	Text summary of the resource, for human interpretation This profile does not constrain the narrative in regard to content, language, or traceability to data elements
contained		0..*	Resource	Contained, inline Resources
Slices for extension		0..*	Extension	Extension Slice: Unordered, Open by value:url
extension:affiliation		0..*	Reference(ehealth-episodeofcare | ehealth-careplan) {r}	Affiliation to EpisodeOfCare and optionally CarePlan URL: http://ehealth.sundhed.dk/fhir/StructureDefinition/ehealth-consent-affiliation
modifierExtension	?!	0..*	Extension	Extensions that cannot be ignored
identifier	Σ	0..*	Identifier	Identifier for this record (external references) Example General: {"system":"http://acme.org/identifier/local/eCMS","value":"Local eCMS identifier"}
status	?!Σ	1..1	code	draft | proposed | active | rejected | inactive | entered-in-error Binding: ConsentState (required): Indicates the state of the consent.
scope	?!Σ	1..1	CodeableConcept	Specific scope covered by this consent Binding: Consent Scope (required)
category	Σ	1..*	CodeableConcept	Classification of the consent statement - for indexing/retrieval Binding: Consent Category (required)
patient	Σ	1..1	Reference(ehealth-patient) {r}	Who the consent applies to
dateTime	Σ	0..1	dateTime	When this Consent was created or indexed
performer	Σ	0..*	Reference(Organization | Patient | Practitioner | RelatedPerson | PractitionerRole)	Who is agreeing to the policy and rules
organization	Σ	0..*	Reference(ehealth-organization) {r}	Custodian of the consent
Slices for source[x]	Σ	0..1		Source from which this consent is taken Slice: Unordered, Open by type:$this
sourceAttachment			Attachment
sourceReference			Reference(Consent | DocumentReference | Contract | QuestionnaireResponse)
source[x]:sourceReference	Σ	0..1	Reference(ehealth-consent | ehealth-documentreference | Contract | ehealth-questionnaireresponse)	Source from which this consent is taken
policy		0..*	BackboneElement	Policies covered by this consent
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
authority	C	0..1	uri	Enforcement source for policy
uri	C	0..1	uri	Specific policy covered by this consent Binding: Consent Policy (required)
policyRule	ΣC	0..1	CodeableConcept	Regulation that this consents to Binding: ConsentPolicyRuleCodes (extensible): Regulatory policy examples.
verification	Σ	0..*	BackboneElement	Consent Verified by patient or family
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
verified	Σ	1..1	boolean	Has been verified
verifiedWith		0..1	Reference(Patient | RelatedPerson)	Person who verified
verificationDate		0..1	dateTime	When consent verified
provision	Σ	0..1	BackboneElement	Constraints to the base Consent.policyRule
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type	Σ	0..1	code	deny | permit Binding: ConsentProvisionType (required): How a rule statement is applied, such as adding additional consent or removing consent.
period	Σ	0..1	Period	Timeframe for this rule
actor		0..*	BackboneElement	Who|what controlled by this rule (or group, by role)
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
role		1..1	CodeableConcept	How the actor is involved Binding: SecurityRoleType (extensible): How an actor is involved in the consent considerations.
reference		1..1	Reference(Device | Group | CareTeam | Organization | Patient | Practitioner | RelatedPerson | PractitionerRole)	Resource for the actor (or group, by role)
action	Σ	0..*	CodeableConcept	Actions controlled by this rule Binding: ConsentActionCodes (example): Detailed codes for the consent action.
securityLabel	Σ	0..*	Coding	Security Labels that define affected resources Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System.
purpose	Σ	0..*	Coding	Context of activities covered by this rule Binding: PurposeOfUse (extensible): What purposes of use are controlled by this exception. If more than one label is specified, operations must have all the specified labels.
class	Σ	0..*	Coding	Specific class covered by this consent Binding: Consent Provision Class (required)
code	Σ	0..*	CodeableConcept	Specific code covered by this consent Binding: Consent Provision Code (required)
dataPeriod	Σ	0..1	Period	Timeframe for data controlled by this rule
data	Σ	0..*	BackboneElement	Data controlled by this rule
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
meaning	Σ	1..1	code	instance | related | dependents | authoredby Binding: ConsentDataMeaning (required): How a resource reference is interpreted when testing consent restrictions.
reference	Σ	1..1	Reference(Resource)	The actual data reference
provision		0..*	See provision (Consent)	Nested Exception Rules
Documentation for this format

Terminology Bindings

Path	Conformance	ValueSet	URI
Consent.language	preferred	CommonLanguages http://hl7.org/fhir/ValueSet/languages From the FHIR Standard Additional Bindings Purpose AllLanguages Max Binding
Consent.status	required	ConsentState(a valid code from Consent State Codes) http://hl7.org/fhir/ValueSet/consent-state-codes|4.0.1 From the FHIR Standard
Consent.scope	required	ConsentScope http://ehealth.sundhed.dk/vs/ehealth-consent-scope From this IG
Consent.category	required	ConsentCategory(a valid code from Consent Category) http://ehealth.sundhed.dk/vs/consent-category From this IG
Consent.policy.uri	required	ConsentPolicy(a valid code from Consent policy) http://ehealth.sundhed.dk/vs/ehealth-consent-policy From this IG
Consent.policyRule	extensible	ConsentPolicyRuleCodes http://hl7.org/fhir/ValueSet/consent-policy From the FHIR Standard
Consent.provision.type	required	ConsentProvisionType http://hl7.org/fhir/ValueSet/consent-provision-type|4.0.1 From the FHIR Standard
Consent.provision.actor.role	extensible	SecurityRoleType http://hl7.org/fhir/ValueSet/security-role-type From the FHIR Standard
Consent.provision.action	example	ConsentActionCodes http://hl7.org/fhir/ValueSet/consent-action From the FHIR Standard
Consent.provision.securityLabel	extensible	All Security Labels http://hl7.org/fhir/ValueSet/security-labels From the FHIR Standard
Consent.provision.purpose	extensible	PurposeOfUse http://terminology.hl7.org/ValueSet/v3-PurposeOfUse
Consent.provision.class	required	ConsentProvisionClass http://ehealth.sundhed.dk/vs/ehealth-consent-provision-class From this IG
Consent.provision.code	required	ConsentProvisionCode http://ehealth.sundhed.dk/vs/ehealth-consent-provision-code From this IG
Consent.provision.data.meaning	required	ConsentDataMeaning http://hl7.org/fhir/ValueSet/consent-data-meaning|4.0.1 From the FHIR Standard

Constraints

Id	Grade	Path(s)	Details	Requirements
dom-2	error	Consent	If the resource is contained in another resource, it SHALL NOT contain nested Resources : contained.contained.empty()
dom-3	error	Consent	If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource : contained.where((('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(canonical) = '#').exists()).not()).trace('unmatched', id).empty()
dom-4	error	Consent	If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated : contained.meta.versionId.empty() and contained.meta.lastUpdated.empty()
dom-5	error	Consent	If a resource is contained in another resource, it SHALL NOT have a security label : contained.meta.security.empty()
dom-6	best practice	Consent	A resource should have narrative for robust management : text.`div`.exists()
ele-1	error	**ALL** elements	All FHIR elements must have a @value or children : hasValue() or (children().count() > id.count())
ext-1	error	**ALL** extensions	Must have either extensions or value[x], not both : extension.exists() != value.exists()
ppc-1	error	Consent	Either a Policy or PolicyRule : policy.exists() or policyRule.exists()
ppc-2	error	Consent	IF Scope=privacy, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='patient-privacy').exists().not()
ppc-3	error	Consent	IF Scope=research, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='research').exists().not()
ppc-4	error	Consent	IF Scope=adr, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='adr').exists().not()
ppc-5	error	Consent	IF Scope=treatment, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='treatment').exists().not()

This structure is derived from Consent

Summary

Mandatory: 1 element

Structures

This structure refers to these other structures:

• ehealth-patient (http://ehealth.sundhed.dk/fhir/StructureDefinition/ehealth-patient)
• ehealth-organization (http://ehealth.sundhed.dk/fhir/StructureDefinition/ehealth-organization)
• ehealth-consent (http://ehealth.sundhed.dk/fhir/StructureDefinition/ehealth-consent)
• ehealth-documentreference (http://ehealth.sundhed.dk/fhir/StructureDefinition/ehealth-documentreference)
• ehealth-questionnaireresponse (http://ehealth.sundhed.dk/fhir/StructureDefinition/ehealth-questionnaireresponse)

Extensions

This structure refers to these extensions:

• http://ehealth.sundhed.dk/fhir/StructureDefinition/ehealth-consent-affiliation

Slices

This structure defines the following Slices:

• The element 1 is sliced based on the value of Consent.source[x]