--- tags: CDEX title: Purpose of Use --- # Purpose of Use ## Code System Code|Display|Definition ---|---|--- claims-processing|Claim Processing|Submission of data necessary to support claims for services. (source: https://www.cms.gov/Regulations-and-Guidance/Guidance/Manuals/Downloads/clm104c03.pdf) claims-audit|Claims Audit|Submission of data as part of a claims audit to determine if the services or items claimed for payment were the same as what the beneficiary received. (source: https://www.cms.gov/Medicare-Medicaid-Coordination/Fraud-Prevention/Medicaid-Integrity-Education/Downloads/ebulletins-claims-audit.pdf) prior-authorization|Prior Authorization|Submission of data as part of a prior authorization requests from EHR systems. If authorization is required and documentation is necessary to substantiate the need for the service, the specific documentation is requested. The documentation may take the form of attestations by the provider, diagnoses, results of specific diagnostic tests, prior treatment that has been tried and failed, specific studies that need to be performed and other specific documentation such as progress notes or discharge summaries. (source: http://hl7.org/fhir/us/davinci-pas/2019Sep/usecases.html) quality-reporting|Quality Reporting|Submission of data used for aggregation, calculation and analysis, and ultimately reporting of quality measures (Source: https://build.fhir.org/ig/HL7/davinci-deqm/) risk-adjustment|Risk Adjustment|Submission of data used to calculate differences in beneficiary-level risk factors that can affect quality outcomes or medical costs, regardless of the care provided. (source https://www.cms.gov/Medicare/Medicare-Fee-for-Service-Payment/PhysicianFeedbackProgram/Downloads/Risk-Adjustment-Fact-Sheet.pdf) care-coordination|Care Coordination (payer)|Submission of data used by payers to create a complete clinical record for each of their members to improve care coordination and provide optimum medical care. (source: http://hl7.org/implement/standards/fhir/us/davinci-cdex/2019Jun/CDex_Improve_Care_Coordination.html) treatment|Treatment (provider)|Submission of data for "the provision, coordination, or management of health care and related services among health care providers or by a health care provider with a third party, consultation between health care providers regarding a patient, or the referral of a patient from one health care provider to another". (source:https://www.hhs.gov/hipaa/for-professionals/privacy/guidance/disclosures-treatment-payment-health-care-operations/index.html) care-planning|Care Planning|Submission of data used by a health care provider to determine how to deliver care for a particular patient, group or community for a period of time, possibly limited to care for a specific condition or set of conditions. (source: http://build.fhir.org/careplan.html) social-risk|Social Risk Evaluation|Submission of data to assess of social risk, establishing coded health concerns/problems, creating patient driven goals, managing interventions, and measuring outcomes. (source: http://build.fhir.org/ig/HL7/fhir-sdoh-clinicalcare/sdoh_clinical_care_scope.html) operations|Operations|[Healthcare Operations as defined by HIPAA](https://www.hhs.gov/hipaa/for-professionals/privacy/guidance/disclosures-treatment-payment-health-care-operations/index.html) where there is a no more detailed Purpose of Use concept. payment|Payment|[Healthcare Payment as defined by HIPAA](https://www.hhs.gov/hipaa/for-professionals/privacy/guidance/disclosures-treatment-payment-health-care-operations/index.html) where there is a no more detailed Purpose of Use concept. ### Mapping to [All Security Labels](http://hl7.org/fhir/valueset-security-labels.html) The table below shows the mapping to the HL7 V3 [Meta.security](http://hl7.org/fhir/resource-definitions.html#Meta.security) which may be echoed back in the returned Bundle resource to the Payer. |CDEX Purpose of Use Code|FHIR Security Label Code (http://terminology.hl7.org/CodeSystem/v3-ActReasoncodes)| |---|---| |operations|[HOPERAT](http://hl7.org/fhir/v3/ActReason/cs.html#v3-ActReason-HOPERAT)| |payment|[HPAYMT](http://hl7.org/fhir/v3/ActReason/cs.html#v3-ActReason-HPAYMT)| |claims-processing|[COVERAGE](http://hl7.org/fhir/v3/ActReason/cs.html#v3-ActReason-COVERAGE)| |claims-audit|[CLMATTCH](http://hl7.org/fhir/v3/ActReason/cs.html#v3-ActReason-CLMATTCH)| |prior-authorization|[COVAUTH](http://hl7.org/fhir/v3/ActReason/cs.html#v3-ActReason-COVAUTH)| |quality-reporting|[HQUALIMP](http://hl7.org/fhir/v3/ActReason/cs.html#v3-ActReason-HQUALIMP)| |risk-adjustment|[HDM](http://hl7.org/fhir/v3/ActReason/cs.html#v3-ActReason-HDM)| |care-coordination|[COC](http://hl7.org/fhir/v3/ActReason/cs.html#v3-ActReason-COC)| |treatment|[TREAT](http://hl7.org/fhir/v3/ActReason/cs.html#v3-ActReason-TREAT)| |care-planning|[CAREMGT](http://hl7.org/fhir/v3/ActReason/cs.html#v3-ActReason-CAREMGT)?, [HDM](http://hl7.org/fhir/v3/ActReason/cs.html#v3-ActReason-HDM)?| |social-risk|NA - extend valueset with CDEX code system.| ## Example use in Task using Purpose of Use Extension Proposal is to place the Purpose of Use code in the `Task.input` as an additional name value pair. :::info Originally used `Task.meta.security` contains the Purpose of Use label and communicates it to the Provider. The Provider MAY echo this Purpose of Use back in the returned Bundle.meta.security to the Payer. See questions on Zulip [here](https://chat.fhir.org/#narrow/stream/179247-Security-and.20Privacy/topic/What.20does.20a.20purpose.20of.20use.20label.20on.20a.20request.20resource.20mean.3F) Unfortunately ,`Task.meta.security` has been interpreted at the Purpose of the Task and not purpose of use for the requested data ( the output of the task ). Even though this author believes they are one in the same. ::: ~~~yaml resourceType: Task id: cdex-example-purpose of use meta: extension: - url: 'http://hl7.org/fhir/StructureDefinition/instance-name' valueString: Task Example with Purpose of Use Extension - url: 'http://hl7.org/fhir/StructureDefinition/instance-description' valueMarkdown: Task to seek a patient HbA1c test results for purpose of use of claim processing profile: - >- http://hl7.org/fhir/us/davinci-cdex/StructureDefinition/cdex-task-data-request # ============== meta.tag work-queue hint ==================== tag: - coding: system: 'http://example.org/fhir/CodeSystem/work-queue-tags' code: medications-request # ======================================================= status: requested intent: order code: coding: - system: 'http://hl7.org/fhir/us/davinci-hrex/CodeSystem/hrex-temp' code: data-request for: reference: 'http://example.org/fhir/Patient/cdex-example-patient' authoredOn: '2020-10-27T11:05:34-07:00' lastModified: '2020-10-27T11:05:34-07:00' requester: reference: 'http://example.org/fhir/Organization/cdex-example-payer' owner: reference: 'http://example.org/fhir/Organization/cdex-example-provider' reasonReference: display: claim 123 input: - type: coding: - system: 'http://hl7.org/fhir/us/davinci-hrex/CodeSystem/hrex-temp' code: data-query valueString: 'Observation?patient=cdex-example-patient&date=gt2018-01-01&code=4548-4' # ============== Purpose of Use input name value pair ==================== - type: coding: - system: 'http://hl7.org/fhir/us/davinci-hrex/CodeSystem/hrex-temp' code: purpose-of-use valueCodeableConcept: - system: 'http://terminology.hl7.org/CodeSystem/v3-ActReasoncodes' code: COVERAGE # ======================================================================== ~~~ #### Purpose of Use for Direct Queries using Authorization Layer. [FHIR UDAP Security IG](https://build.fhir.org/ig/HL7/fhir-udap-security-ig/branches/main/b2b.html) Using a B2B Authorization Extension Object Key Name: "hl7-b2b" ~~~json {..., "extensions": [ "hl7-b2b":{ "purpose_of_use":[ "CLMATTCH" ] } ] } ~~~ [IHE IUA Supplement](https://profiles.ihe.net/ITI/IUA/index.html): ~~~json {..., "extensions" : { "ihe_iua" : { "purpose_of_use" : { "Coding": { "code:"CLMATTCH" } } } } } } ~~~ [SMART/Bulk Authorization](http://build.fhir.org/ig/HL7/smart-app-launch/app-launch.html) using a "__" prefix e.g. ~~~json {..., "__purposeOfUse":[ "CLMATTCH" ] } ~~~ > Reviewed the following questions with Security WG on 10/25/2021: > - The use purposeOfUse codes in a Task.input parameter to indicate the context of the request. - Agreed that the use of Task.input consistent with intent to convey the purpose of the request. > - Whether the The Purpose of Use Codes (system = http://terminology.hl7.org/CodeSystem/v3-PurposeOfUse) can be used to Describe the context of a request for data or are they limited to Security/Privacy considerations of a data set or about that data. For example, can CLMATTCH be used to indicate that a data request is for a claims-audit? - Confirmed that these codes can be used in the context of request. - Encouraged to submit additional POU to Security prior to submission to Vocab for addition to the CodeSystem.