FHIR Consent for Authorize Resource Workflow

--- title: FHIR Consent for Authorize Resource Workflow tags: FHIR_SkinLesionImageManagement --- FHIR Consent for Granting Resource Workflow === <div style="text-align:justify;">This chapter describes the scheme of how resource owner granting resource through FHIR Consent to another party. It is the proccess of granting access and action rights/privileges of resources by resource owner. **Examples:** Patient A has an electronic medical record in a hospital, then patient A wants to give access of her medical record to another hospital. So patient A needs to do the process of granting their medical record to the second hospital. There are two different user on document sharing workflow: - Resource owner: Person who upload documents to the document repository and index it to Portal using FHIR document reference. FHIR Document reference will contain document's URL on document repository. - Resource reader: Person who is given authorization/acces to the document by Resource owner. Resource readers can use Portal generated tokens to access resources in the repository. </div> ## Table of Contents [TOC] ## 1. Scenario Once the FHIR DocumentRefence is already stored in the Resource Management on the Portal. Furthermore, the resource owner can grant resources access and action right to other parties, such as practitioners or health enterprises. ## 2. Purpose This chapter aims to make the reader understand the scheme of consenting resource for granting resource access use. ## 3. Block management on patient portal used The scheme of granting resource access uses three patient portal managements. Some of these blocks include: ![](https://i.imgur.com/TblolRj.png) - Consent Management Providing the process of generating and storing consent for access control of resource owner resources to other party (resource reader) - Resource Management Act as resource registry, which stores document references and provides a list of document resources with access to be granted - Personnel Management (Person, Institutional & Organizational) Provide list of personnel information including person, practitioner, institutional, and organizational, which is used in setting consent grantee. ## 4. FHIR Resource used - FHIR DocumentReference= the index of documents to be authorized - FHIR Consent= to record the consent of document's authorization or restriction by the resource owner on one or more authorize parties - Personnel resources (FHIR Patient, Practitioner, PractitionerRole, Organization)= the resource owner and authorized parties ### 4.1 Resource relation ![](https://i.imgur.com/SsFkOpD.png) Image 1. The UML diagram of FHIR Consent relationship Once the FHIR Consent is created, it will contain the resource owner, the documents to be authorize and the resource reader (authorize parties).![](https://i.imgur.com/6TceTJ3.png) ## 5. Workflow ### Prerequisite 1. [Create FHIR DocumentReference to index document on Patient Portal](/rk3qR60Zo) 2. [Personel management establishment]() ### 5.1 Resource owner create consent ![](https://i.imgur.com/9IpKXnF.jpg) ### 5.1.1 Step by step: ### 5.1.2 FHIR Consent specification :::spoiler FHIR Consent specification | Name | Definition | Card. | Value | Description & Constraints | |-|-|-|-|-| | *resourceType | Resource type | 1..1 | Consent || | identifier | The identifier of the resource | 0..* | |not well defined| | *status | The current consent's state | 1..1 | [ConsentState](https://hl7.org/fhir/codesystem-consent-state-codes.html) (active) |active = the consent of granting resource access is to be followed and enforced| | *scope | The type of consent being presented | 1..1 | [Consent Scope Codes](https://hl7.org/fhir/codesystem-consent-scope.html) (patient-privacy) |patient-privacy = agreement to collect, access, use or disclose (share) information| | *category | Classification of the type of consents | 1..* |[Consent Category Valueset](https://hl7.org/fhir/valueset-consent-category.html) 1. [Consent Category Codes](https://hl7.org/fhir/codesystem-consent-category.html) (npp) 2. [v3-ActCode Code System](http://terminology.hl7.org/CodeSystem/v3-ActCode) (_ActConsentType, INFA, INFAO, INFASO) 3. [LOINC](http://loinc.org) (59284-0, 64292-6) |not well defined| | *patient | The patient who is the authorized resource | 0..1 | Patient/46179774-1a1e-4ae4-b626-9ff53fa080f4 |DocumentReference.subject| | *dateTime | The date and time the consent is created| 0..1 | 2015-02-07T13:28:17-05:00 |format: YYYY-MM-DDThh:mm:ss+zz:zz| | *performer | Resource provider (in the portal granting process, the performer is Person? (in telehealth = Patient) or PractitionerRole)| 0..* | Telehealth = Patient/46179774-1a1e-4ae4-b626-9ff53fa080f4 PractitionerRole = PractitionerRole/misac.practitionerrole01|DocumentReference.author| | *organization | The custodian of the resource| 0..* | Organization/MIPatientPortal |DocumentReference.custodian| | sourceAttachment | The original source of consent (as attachment)| 0..1 | |not well defined| | sourceReference | The original source of consent (as Consent, DocumentReference, Contract, QuestionnaireResponse) | 0..1 | |not well defined| | policy | Policies covered by this consent | 0..* | |not well defined| | policyRule | Regulation that this consents to | 0..1 | [Consent PolicyRule Codes](https://hl7.org/fhir/valueset-consent-policy.html) |not well defined| | verification | Consent Verified by patient or family | 0..* | |not well defined| | verification[0].verified | Has been verified | 1..1 | |not well defined| | verification[0].verifiedWith | Person who verified | 0..1 | |not well defined| | verification[0].verificatioDate | When consent verified | 0..1 | |not well defined| | *provision.type | Constraints to the base Consent.policyRule | 0..1 | [ConsentProvisionType](https://hl7.org/fhir/valueset-consent-provision-type.html) (permit) |permit = Consent is provided for actions meeting these rules| | provision.period | Timeframe for this rule | 0..1 | |not well defined| | *provision.actor[0].role | How the actor is involved in the consent | 1..1 | [SecurityRoleType](https://hl7.org/fhir/valueset-security-role-type.html) (GRANTEE)|GRANTEE = An entity which accepts certain rights or authority from a grantor| | *provision.actor[0].reference | Resource of author who controlled by the rule | 1..1 | Person, PractitionerRole, Device| Group is discussed later | | provision.action | Actions controlled by this rule| 0..* | [Consent Action Codes](https://hl7.org/fhir/valueset-consent-action.html) ( Access ) |Access = Retrieval without permitting collection, use or disclosure. e.g., no screen-scraping for collection, use or disclosure (view-only access)| | provision.securityLabel | Security Labels that define affected resources | 0..* | [SecurityLabels](https://hl7.org/fhir/valueset-security-labels.html) |not well defined| | provision.purpose | Context of activities covered by this rule | 0..* | [PurposeOfUse](http://terminology.hl7.org/3.1.0/ValueSet-v3-PurposeOfUse.html) |not well defined| | provision.class | e.g. Resource Type, Profile, CDA, etc | 0..* | [Consent Content Class](https://hl7.org/fhir/valueset-consent-content-class.html) (DocumentReference) |DocumentReference = content classification as document reference resource| | provision.code | e.g. LOINC or SNOMED CT code, etc. in the content | 0..* | [Consent Content Codes](https://hl7.org/fhir/valueset-consent-content-code.html) (new:skinImaging) |skinImaging = content is the imaging skin| | provision.dataPeriod | Σ | 0..1 | |not well defined| | *provision.data[0].meaning | | 1..1 | [ConsentDataMeaning](https://hl7.org/fhir/valueset-consent-data-meaning.html) (related) |related = the consent applies directly to the instance of the resource and instances it refers to.| | *provision.data[0].meaning.reference | The reference of actual data that controlled by the rule | 1..1 | DocumentReference/xxx || | provision.provision | Nested Exception Rules | 0..* | |not well defined| ::: #### Example Patient Will Smith want to shared his skin lesion image to Doctor Elon Musk from Hualien Tzu Chi Hospital. This authorization information would be stored using FHIR Consent. ##### The FHIR resource used in creating the consent: 1.1 Resource owner (FHIR Patient): :::spoiler Patient/46179774-1a1e-4ae4-b626-9ff53fa080f4 [(example)](https://203.64.84.150:58443/portaltest1/fhir/Patient/46179774-1a1e-4ae4-b626-9ff53fa080f4) ```gherkin= { "resourceType": "Patient", "id": "46179774-1a1e-4ae4-b626-9ff53fa080f4", "meta": { "versionId": "1", "lastUpdated": "2022-08-30T16:45:53.199+08:00", "source": "#2E1dW1HdBAatV1og" }, "text": { "status": "generated", "div": "<div xmlns=\"http://www.w3.org/1999/xhtml\"><div class=\"hapiHeaderText\"/><table class=\"hapiPropertyTable\"><tbody><tr><td>Identifier</td><td>111316001</td></tr></tbody></table></div>" }, "identifier": [ { "system": "username", "value": "111316001" } ], "active": true, "name": [ { "text": "Will Smith" } ], "managingOrganization": { "reference": "Organization/MIPatientPortal", "display": "MI Patient Portal" } } ``` ::: 1.2 The Document to be shared (FHIR DocumentReference): :::spoiler DocumentReference/misac.documentreference01[(example)](https://203.64.84.150:58443/portaltest1/fhir/DocumentReference/misac.documentreference01) ```gherkin= { "resourceType": "DocumentReference", "id": "misac.documentreference01", "meta": { "versionId": "1", "lastUpdated": "2022-10-05T12:27:53.267+08:00" }, "status": "current", "date": "2022-10-05T12:24:39", "author": [ { "reference": "Patient/46179774-1a1e-4ae4-b626-9ff53fa080f4", "display": "Will Smith" } ], "authenticator": { "reference": "Organization/MIPatientPortal", "display": "MI Patient Portal" }, "custodian": { "reference": "Organization/MIPatientPortal", "display": "MI Patient Portal" }, "content": [ { "attachment": { "url": "https://drive.google.com/uc?id=1l2Uxt4pXCETIlCFSuXtsq5TQwuIdWEQY&export=download", "title": "BP_1" } } ] } ``` ::: 1.3 Document Reader (FHIR PractitionerRole): :::spoiler PractitionerRole/misac.practitionerrole01[(example)](https://203.64.84.150:58443/portaltest1/fhir/PractitionerRole/misac.practitionerrole01) ```gherkin= { "resourceType": "PractitionerRole", "id": "misac.practitionerrole01", "meta": { "versionId": "1", "lastUpdated": "2022-10-05T13:55:56.806+08:00" }, "identifier": [ { "system": "PractitionerID", "value": "P0002" } ], "active": true, "practitioner": { "reference": "Practitioner/4", "display": "Elon Musk" }, "organization": { "reference": "Organization/TCHospitalHualien", "display": "Hualien Tzu Chi Hospital" }, "code": [ { "coding": [ { "system": "http://hl7.org/fhir/R4/valueset-practitioner-role.html", "code": "doctor", "display": "Doctor" } ] } ], "telecom": [ { "system": "email", "value": "elonmusk@oxfuni.com", "use": "work" } ] } ``` ::: 1.4 Authorization information (FHIR Consent): :::spoiler Consent/misac.consent01[(example)](https://203.64.84.150:58443/portaltest1/fhir/Consent/misac.consent01) ```gherkin= { "resourceType": "Consent", "id": "misac.consent01", "meta": { "versionId": "1", "lastUpdated": "2022-10-05T15:01:29.314+08:00" }, "status": "active", "scope": { "coding": [ { "system": "http://terminology.hl7.org/CodeSystem/consentscope", "code": "patient-privacy" } ] }, "category": [ { "coding": [ { "system": "http://terminology.hl7.org/CodeSystem/v3-ActCode", "code": "INFASO" } ] } ], "patient": { "reference": "Patient/46179774-1a1e-4ae4-b626-9ff53fa080f4", "display": "Will Smith" }, "dateTime": "2022-10-05", "organization": [ { "reference": "Organization/TCHospitalHualien", "display": "Hualien Tzu Chi Hospital" } ], "policyRule": { "coding": [ { "system": "http://terminology.hl7.org/CodeSystem/v3-ActCode", "code": "OPTOUT" } ] }, "provision": { "type": "permit", "actor": [ { "role": { "coding": [ { "system": "http://terminology.hl7.org/CodeSystem/v3-ParticipationType", "code": "CST" } ] }, "reference": { "reference": "Organization/TCHospitalHualien", "display": "Hualien Tzu Chi Hospital" } }, { "role": { "coding": [ { "system": "http://terminology.hl7.org/CodeSystem/v3-ParticipationType", "code": "PRCP" } ] }, "reference": { "reference": "PractitionerRole/misac.practitionerrole01", "display": "Elon Musk" } } ], "action": [ { "coding": [ { "system": "http://terminology.hl7.org/CodeSystem/consentaction", "code": "access" } ] } ], "code": [ { "coding": [ { "system": "codesystem", "code": "DermatologyImage" } ] } ], "data": [ { "meaning": "related", "reference": { "reference": "DocumentReference/misac.documentreference01" } } ] } } ``` ::: ## 5. Reference 1. [Microsoft privacy in medical system using FHIR](https://devblogs.microsoft.com/cse/2022/03/01/privacy-in-medical-systems-using-fhir/) 2. [FHIR Consent example -Template for recording a Smart on FHIR Authorization](https://build.fhir.org/consent-example-smartonfhir.html) 3. [FHIR Consent example - Patient grants access to a specified individual for read-only access](https://build.fhir.org/consent-example-grantor.html) 4. [FHIR Consent example - Share CDA documents from a specific author to a specific recipient](https://build.fhir.org/consent-example-CDA.html) 5. [R4 Consent](https://fhir.cerner.com/millennium/r4/foundation/security/consent/) 6. [FHIR Consent example - explanation](https://healthcaresecprivacy.blogspot.com/2022/05/explaining-fhir-consent-examples.html) 7. [FHIR Consent example - Github](https://github.com/microsoft/FHIR-Consent-Samples/tree/main/api/Services/FHIR) ## Question 1. Resource owner does not need to use FHIR person because it is too random and not specific, instead it needs to use FHIR Patient. 2. What is the mechanism if the patient as the resource owner is unable to carry out the granting process and needs to be carried out by the family/relatives？