Confidentiality Codes Refactored. Serafina Versaggi and Kathleen Connor Eversolve. Problem Statement. The current HL7 Confidentiality Code System is overloading the coded attributes of confidentiality Current Confidentiality Codes mix:
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Confidentiality Codes Refactored
Serafina Versaggi and Kathleen Connor
Current Confidentiality Codes
Relocates Sensitive Information Codes from AccessByInfoType and Confidentiality Modifiers to the ActPrivacyPolicyType value set
No impact on earlier models which will reference current Confidentiality Code System
No impact on CDA which only uses Normal, Restricted, and Very Restricted
Future models that use ActPrivacyPolicyCodes can target classes with a Comply relationship to an ActClassPolicy
Submissions due 11/06/2011, midnight Eastern
Policy and Procedural Excerpts
Harmonization Process Overview
Compares Current and Proposed Vocabulary
Provides Glossary of Terms
Current Definition of Confidentiality
New Definition of
Values that control disclosure of information.
Example: Normal, restricted, substance abuse related.
Definition: The property that information is not made available or disclosed to unauthorized individuals, entities, or processes [ISO 7498-2:1989]
Description: The codes in the Confidentiality code system are values that prevent the unauthorized use of a resource, including the prevention of use of a resource in an unauthorized manner.
The confidentiality code assigned by an information sender (per policies intended by the custodian) that convey receiver obligation to ensure that the information is not made available or redisclosed to unauthorized individuals, entities, or processes (security principals).
The receiver may only grant authorized principals access to the minimum necessary information for the purpose of use intended by the sender. The receiver must grant principals permission to perform approved operations on the information object.