Release 4

Codesystem-object-role.xml

Security Work GroupMaturity Level: N/AStandards Status: Informative

Raw XML (canonical form + also see XML Format Specification)

Definition for Code System AuditEventEntityRole

<?xml version="1.0" encoding="UTF-8"?>

<CodeSystem xmlns="http://hl7.org/fhir">
  <id value="object-role"/> 
  <meta> 
    <lastUpdated value="2021-01-21T15:34:20.265+00:00"/> 
  </meta> 
  <text> 
    <status value="generated"/> 
    <div xmlns="http://www.w3.org/1999/xhtml">
      <h2> AuditEventEntityRole</h2> 
      <div> 
        <p> Code representing the role the entity played in the audit event.</p> 

      </div> 
      <p> This code system http://terminology.hl7.org/CodeSystem/object-role defines the following
         codes:</p> 
      <table class="codes">
        <tr> 
          <td style="white-space:nowrap">
            <b> Code</b> 
          </td> 
          <td> 
            <b> Display</b> 
          </td> 
          <td> 
            <b> Definition</b> 
          </td> 
        </tr> 
        <tr> 
          <td style="white-space:nowrap">1
            <a name="object-role-1"> </a> 
          </td> 
          <td> Patient</td> 
          <td> This object is the patient that is the subject of care related to this event.  It is identifiable
             by patient ID or equivalent.  The patient may be either human or animal.</td> 
        </tr> 
        <tr> 
          <td style="white-space:nowrap">2
            <a name="object-role-2"> </a> 
          </td> 
          <td> Location</td> 
          <td> This is a location identified as related to the event.  This is usually the location where
             the event took place.  Note that for shipping, the usual events are arrival at a location
             or departure from a location.</td> 
        </tr> 
        <tr> 
          <td style="white-space:nowrap">3
            <a name="object-role-3"> </a> 
          </td> 
          <td> Report</td> 
          <td> This object is any kind of persistent document created as a result of the event.  This
             could be a paper report, film, electronic report, DICOM Study, etc.  Issues related to
             medical records life cycle management are conveyed elsewhere.</td> 
        </tr> 
        <tr> 
          <td style="white-space:nowrap">4
            <a name="object-role-4"> </a> 
          </td> 
          <td> Domain Resource</td> 
          <td> A logical object related to a health record event.  This is any healthcare  specific resource
             (object) not restricted to FHIR defined Resources.</td> 
        </tr> 
        <tr> 
          <td style="white-space:nowrap">5
            <a name="object-role-5"> </a> 
          </td> 
          <td> Master file</td> 
          <td> This is any configurable file used to control creation of documents.  Examples include
             the objects maintained by the HL7 Master File transactions, Value Sets, etc.</td> 
        </tr> 
        <tr> 
          <td style="white-space:nowrap">6
            <a name="object-role-6"> </a> 
          </td> 
          <td> User</td> 
          <td> A human participant not otherwise identified by some other category.</td> 
        </tr> 
        <tr> 
          <td style="white-space:nowrap">7
            <a name="object-role-7"> </a> 
          </td> 
          <td> List</td> 
          <td> (deprecated).</td> 
        </tr> 
        <tr> 
          <td style="white-space:nowrap">8
            <a name="object-role-8"> </a> 
          </td> 
          <td> Doctor</td> 
          <td> Typically, a licensed person who is providing or performing care related to the event,
             generally a physician.   The key distinction between doctor and practitioner is with regards
             to their role, not the licensing.  The doctor is the human who actually performed the
             work.  The practitioner is the human or organization that is responsible for the work.</td> 
        </tr> 
        <tr> 
          <td style="white-space:nowrap">9
            <a name="object-role-9"> </a> 
          </td> 
          <td> Subscriber</td> 
          <td> A person or system that is being notified as part of the event.  This is relevant in situations
             where automated systems provide notifications to other parties when an event took place.</td> 
        </tr> 
        <tr> 
          <td style="white-space:nowrap">10
            <a name="object-role-10"> </a> 
          </td> 
          <td> Guarantor</td> 
          <td> Insurance company, or any other organization who accepts responsibility for paying for
             the healthcare event.</td> 
        </tr> 
        <tr> 
          <td style="white-space:nowrap">11
            <a name="object-role-11"> </a> 
          </td> 
          <td> Security User Entity</td> 
          <td> A person or active system object involved in the event with a security role.</td> 
        </tr> 
        <tr> 
          <td style="white-space:nowrap">12
            <a name="object-role-12"> </a> 
          </td> 
          <td> Security User Group</td> 
          <td> A person or system object involved in the event with the authority to modify security
             roles of other objects.</td> 
        </tr> 
        <tr> 
          <td style="white-space:nowrap">13
            <a name="object-role-13"> </a> 
          </td> 
          <td> Security Resource</td> 
          <td> A passive object, such as a role table, that is relevant to the event.</td> 
        </tr> 
        <tr> 
          <td style="white-space:nowrap">14
            <a name="object-role-14"> </a> 
          </td> 
          <td> Security Granularity Definition</td> 
          <td> (deprecated)  Relevant to certain RBAC security methodologies.</td> 
        </tr> 
        <tr> 
          <td style="white-space:nowrap">15
            <a name="object-role-15"> </a> 
          </td> 
          <td> Practitioner</td> 
          <td> Any person or organization responsible for providing care.  This encompasses all forms
             of care, licensed or otherwise, and all sorts of teams and care groups. Note the distinction
             between practitioner and the doctor that actually provided the care to the patient.</td> 
        </tr> 
        <tr> 
          <td style="white-space:nowrap">16
            <a name="object-role-16"> </a> 
          </td> 
          <td> Data Destination</td> 
          <td> The source or destination for data transfer, when it does not match some other role.</td> 
        </tr> 
        <tr> 
          <td style="white-space:nowrap">17
            <a name="object-role-17"> </a> 
          </td> 
          <td> Data Repository</td> 
          <td> A source or destination for data transfer that acts as an archive, database, or similar
             role.</td> 
        </tr> 
        <tr> 
          <td style="white-space:nowrap">18
            <a name="object-role-18"> </a> 
          </td> 
          <td> Schedule</td> 
          <td> An object that holds schedule information.  This could be an appointment book, availability
             information, etc.</td> 
        </tr> 
        <tr> 
          <td style="white-space:nowrap">19
            <a name="object-role-19"> </a> 
          </td> 
          <td> Customer</td> 
          <td> An organization or person that is the recipient of services.  This could be an organization
             that is buying services for a patient, or a person that is buying services for an animal.</td> 
        </tr> 
        <tr> 
          <td style="white-space:nowrap">20
            <a name="object-role-20"> </a> 
          </td> 
          <td> Job</td> 
          <td> An order, task, work item, procedure step, or other description of work to be performed;
             e.g. a particular instance of an MPPS.</td> 
        </tr> 
        <tr> 
          <td style="white-space:nowrap">21
            <a name="object-role-21"> </a> 
          </td> 
          <td> Job Stream</td> 
          <td> A list of jobs or a system that provides lists of jobs; e.g. an MWL SCP.</td> 
        </tr> 
        <tr> 
          <td style="white-space:nowrap">22
            <a name="object-role-22"> </a> 
          </td> 
          <td> Table</td> 
          <td> (Deprecated).</td> 
        </tr> 
        <tr> 
          <td style="white-space:nowrap">23
            <a name="object-role-23"> </a> 
          </td> 
          <td> Routing Criteria</td> 
          <td> An object that specifies or controls the routing or delivery of items.  For example, a
             distribution list is the routing criteria for mail.  The items delivered may be documents,
             jobs, or other objects.</td> 
        </tr> 
        <tr> 
          <td style="white-space:nowrap">24
            <a name="object-role-24"> </a> 
          </td> 
          <td> Query</td> 
          <td> The contents of a query.  This is used to capture the contents of any kind of query. 
             For security surveillance purposes knowing the queries being made is very important.</td> 
        </tr> 
      </table> 
    </div> 
  </text> 
  <extension url="http://hl7.org/fhir/StructureDefinition/structuredefinition-wg">
    <valueCode value="sec"/> 
  </extension> 
  <extension url="http://hl7.org/fhir/StructureDefinition/structuredefinition-standards-status">
    <valueCode value="trial-use"/> 
  </extension> 
  <extension url="http://hl7.org/fhir/StructureDefinition/structuredefinition-fmm">
    <valueInteger value="3"/> 
  </extension> 
  <url value="http://terminology.hl7.org/CodeSystem/object-role"/> 
  <identifier> 
    <system value="urn:ietf:rfc:3986"/> 
    <value value="urn:oid:2.16.840.1.113883.4.642.4.1135"/> 
  </identifier> 
  <version value="4.0.1"/> 
  <name value="AuditEventEntityRole"/> 
  <title value="AuditEventEntityRole"/> 
  <status value="draft"/> 
  <experimental value="false"/> 
  <date value="2021-01-21T15:34:20+00:00"/> 
  <publisher value="HL7 (FHIR Project)"/> 
  <contact> 
    <telecom> 
      <system value="url"/> 
      <value value="http://hl7.org/fhir"/> 
    </telecom> 
    <telecom> 
      <system value="email"/> 
      <value value="fhir@lists.hl7.org"/> 
    </telecom> 
  </contact> 
  <description value="Code representing the role the entity played in the audit event."/> 
  <caseSensitive value="true"/> 
  <valueSet value="http://hl7.org/fhir/ValueSet/object-role"/> 
  <content value="complete"/> 
  <concept> 
    <code value="1"/> 
    <display value="Patient"/> 
    <definition value="This object is the patient that is the subject of care related to this event.  It is identifiable
     by patient ID or equivalent.  The patient may be either human or animal."/> 
  </concept> 
  <concept> 
    <code value="2"/> 
    <display value="Location"/> 
    <definition value="This is a location identified as related to the event.  This is usually the location where
     the event took place.  Note that for shipping, the usual events are arrival at a location
     or departure from a location."/> 
  </concept> 
  <concept> 
    <code value="3"/> 
    <display value="Report"/> 
    <definition value="This object is any kind of persistent document created as a result of the event.  This
     could be a paper report, film, electronic report, DICOM Study, etc.  Issues related to
     medical records life cycle management are conveyed elsewhere."/> 
  </concept> 
  <concept> 
    <code value="4"/> 
    <display value="Domain Resource"/> 
    <definition value="A logical object related to a health record event.  This is any healthcare  specific resource
     (object) not restricted to FHIR defined Resources."/> 
  </concept> 
  <concept> 
    <code value="5"/> 
    <display value="Master file"/> 
    <definition value="This is any configurable file used to control creation of documents.  Examples include
     the objects maintained by the HL7 Master File transactions, Value Sets, etc."/> 
  </concept> 
  <concept> 
    <code value="6"/> 
    <display value="User"/> 
    <definition value="A human participant not otherwise identified by some other category."/> 
  </concept> 
  <concept> 
    <code value="7"/> 
    <display value="List"/> 
    <definition value="(deprecated)."/> 
  </concept> 
  <concept> 
    <code value="8"/> 
    <display value="Doctor"/> 
    <definition value="Typically, a licensed person who is providing or performing care related to the event,
     generally a physician.   The key distinction between doctor and practitioner is with regards
     to their role, not the licensing.  The doctor is the human who actually performed the
     work.  The practitioner is the human or organization that is responsible for the work."/> 
  </concept> 
  <concept> 
    <code value="9"/> 
    <display value="Subscriber"/> 
    <definition value="A person or system that is being notified as part of the event.  This is relevant in situations
     where automated systems provide notifications to other parties when an event took place."/> 
  </concept> 
  <concept> 
    <code value="10"/> 
    <display value="Guarantor"/> 
    <definition value="Insurance company, or any other organization who accepts responsibility for paying for
     the healthcare event."/> 
  </concept> 
  <concept> 
    <code value="11"/> 
    <display value="Security User Entity"/> 
    <definition value="A person or active system object involved in the event with a security role."/> 
  </concept> 
  <concept> 
    <code value="12"/> 
    <display value="Security User Group"/> 
    <definition value="A person or system object involved in the event with the authority to modify security
     roles of other objects."/> 
  </concept> 
  <concept> 
    <code value="13"/> 
    <display value="Security Resource"/> 
    <definition value="A passive object, such as a role table, that is relevant to the event."/> 
  </concept> 
  <concept> 
    <code value="14"/> 
    <display value="Security Granularity Definition"/> 
    <definition value="(deprecated)  Relevant to certain RBAC security methodologies."/> 
  </concept> 
  <concept> 
    <code value="15"/> 
    <display value="Practitioner"/> 
    <definition value="Any person or organization responsible for providing care.  This encompasses all forms
     of care, licensed or otherwise, and all sorts of teams and care groups. Note the distinction
     between practitioner and the doctor that actually provided the care to the patient."/> 
  </concept> 
  <concept> 
    <code value="16"/> 
    <display value="Data Destination"/> 
    <definition value="The source or destination for data transfer, when it does not match some other role."/> 
  </concept> 
  <concept> 
    <code value="17"/> 
    <display value="Data Repository"/> 
    <definition value="A source or destination for data transfer that acts as an archive, database, or similar
     role."/> 
  </concept> 
  <concept> 
    <code value="18"/> 
    <display value="Schedule"/> 
    <definition value="An object that holds schedule information.  This could be an appointment book, availability
     information, etc."/> 
  </concept> 
  <concept> 
    <code value="19"/> 
    <display value="Customer"/> 
    <definition value="An organization or person that is the recipient of services.  This could be an organization
     that is buying services for a patient, or a person that is buying services for an animal."/> 
  </concept> 
  <concept> 
    <code value="20"/> 
    <display value="Job"/> 
    <definition value="An order, task, work item, procedure step, or other description of work to be performed;
     e.g. a particular instance of an MPPS."/> 
  </concept> 
  <concept> 
    <code value="21"/> 
    <display value="Job Stream"/> 
    <definition value="A list of jobs or a system that provides lists of jobs; e.g. an MWL SCP."/> 
  </concept> 
  <concept> 
    <code value="22"/> 
    <display value="Table"/> 
    <definition value="(Deprecated)."/> 
  </concept> 
  <concept> 
    <code value="23"/> 
    <display value="Routing Criteria"/> 
    <definition value="An object that specifies or controls the routing or delivery of items.  For example, a
     distribution list is the routing criteria for mail.  The items delivered may be documents,
     jobs, or other objects."/> 
  </concept> 
  <concept> 
    <code value="24"/> 
    <display value="Query"/> 
    <definition value="The contents of a query.  This is used to capture the contents of any kind of query. 
     For security surveillance purposes knowing the queries being made is very important."/> 
  </concept> 
</CodeSystem> 

Usage note: every effort has been made to ensure that the examples are correct and useful, but they are not a normative part of the specification.