FHIR IG analytics| Package | hl7.ehrs.us.dhfpr2 |
| Resource Type | Requirements |
| Id | Requirements-DHFPR2-TI.1.3.json |
| FHIR Version | R5 |
| Source | https://build.fhir.org/ig/HL7/dhfp-ig/Requirements-DHFPR2-TI.1.3.html |
| URL | http://hl7.org/ehrs/us/dhfpr2/Requirements/DHFPR2-TI.1.3 |
| Version | 2.0.0-ballot |
| Status | active |
| Date | 2025-12-19T08:44:27+00:00 |
| Name | TI_1_3_Entity_Access_Control |
| Title | TI.1.3 Entity Access Control (Function) |
| Realm | us |
| Authority | hl7 |
| Description | Manage access to EHR-S resources. |
| Purpose | To ensure access is controlled, an EHR-S must authenticate and check authorization of entities for appropriate operations. |
No resources found
No resources found
Note: links and images are rebased to the (stated) source
To ensure access is controlled, an EHR-S must authenticate and check authorization of entities for appropriate operations.
| TI.1.3#01 | SHALL |
The system SHALL conform to function TI.1.1 (Entity Authentication). |
| TI.1.3#02 | SHALL |
The system SHALL conform to function TI.1.2 (Entity Authorization). |
| TI.1.3#03 | SHALL dependent |
The system SHALL provide the ability to manage system and data access rules for all EHR-S resources according to scope of practice, organizational policy, and/or jurisdictional law. |
| TI.1.3#04 | SHALL |
The system SHALL manage the enforcement of authorizations to access EHR-S resources. |
| TI.1.3#05 | SHALL dependent |
The system SHALL control access to EHR-S resources after a configurable period of inactivity by terminating the session, or by initiating a session lock that remains in effect until the entity re-establishes access using appropriate identification and authentication procedures, according to organizational policy, and/or jurisdictional law. |
| TI.1.3#06 | SHOULD dependent |
The system SHOULD provide the ability to control-access to data, and/or functionality according to scope of practice, organizational policy, and/or jurisdictional law. |
| TI.1.3#07 | SHALL |
The system SHALL control-access to data, and/or functionality by using authentication mechanisms that comply with regulatory and policy guidelines (e.g.,by using a combination of Username and Password, Digital Certificates, Secure Tokens, and/or Biometrics). |
| TI.1.3#08 | MAY |
The system MAY provide the ability to determine the identity of public health agencies for healthcare purposes through the use of internal, and/or external registry services or directories. |
| TI.1.3#09 | MAY |
The system MAY provide the ability to determine the identity of healthcare resources (e.g., Meal Delivery services for home-based patients) and devices (e.g., wheelchairs) for resource management purposes through the use of internal, and/or external registry services or directories. |
FHIR
FHIRsmith{
"resourceType": "Requirements",
"id": "DHFPR2-TI.1.3",
"meta": {
"profile": [
"http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/FMFunction"
]
},
"language": "en",
"text": {
"status": "extensions",
"div": "<!-- snip (see above) -->"
},
"extension": [
{
"url": "http://hl7.org/fhir/StructureDefinition/structuredefinition-standards-status",
"valueCode": "informative"
},
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-change-info",
"valueCode": "NC"
},
{
"url": "http://hl7.org/fhir/StructureDefinition/structuredefinition-wg",
"valueCode": "ehr"
},
{
"url": "http://hl7.org/fhir/StructureDefinition/structuredefinition-fmm",
"valueInteger": 1,
"_valueInteger": {
"extension": [
{
"url": "http://hl7.org/fhir/StructureDefinition/structuredefinition-conformance-derivedFrom",
"valueCanonical": "http://hl7.org/ehrs/us/dhfpr2/ImplementationGuide/hl7.ehrs.us.dhfpr2"
}
]
}
}
],
"url": "http://hl7.org/ehrs/us/dhfpr2/Requirements/DHFPR2-TI.1.3",
"version": "2.0.0-ballot",
"name": "TI_1_3_Entity_Access_Control",
"title": "TI.1.3 Entity Access Control (Function)",
"status": "active",
"date": "2025-12-19T08:44:27+00:00",
"publisher": "HL7 International / Electronic Health Records",
"contact": [
{
"telecom": [
{
"system": "url",
"value": "http://www.hl7.org/Special/committees/ehr"
}
]
}
],
"description": "Manage access to EHR-S resources.",
"jurisdiction": [
{
"coding": [
{
"system": "urn:iso:std:iso:3166",
"code": "US"
}
]
}
],
"purpose": "To ensure access is controlled, an EHR-S must authenticate and check authorization of entities for appropriate operations.",
"derivedFrom": [
"http://hl7.org/ehrs/uv/ehrsfmr2/Requirements/EHRSFMR2-TI.1.3"
],
"statement": [
{
"extension": [
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
"valueBoolean": false
},
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-change-info",
"valueCode": "NC"
}
],
"key": "DHFPR2-TI.1.3-01",
"label": "TI.1.3#01",
"conformance": [
"SHALL"
],
"conditionality": false,
"requirement": "The system SHALL conform to function [TI.1.1](Requirements-DHFPR2-TI.1.1.html) (Entity Authentication).",
"derivedFrom": "TI.1.3#1"
},
{
"extension": [
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
"valueBoolean": false
},
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-change-info",
"valueCode": "NC"
}
],
"key": "DHFPR2-TI.1.3-02",
"label": "TI.1.3#02",
"conformance": [
"SHALL"
],
"conditionality": false,
"requirement": "The system SHALL conform to function [TI.1.2](Requirements-DHFPR2-TI.1.2.html) (Entity Authorization).",
"derivedFrom": "TI.1.3#2"
},
{
"extension": [
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
"valueBoolean": true
},
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-change-info",
"valueCode": "NC"
}
],
"key": "DHFPR2-TI.1.3-03",
"label": "TI.1.3#03",
"conformance": [
"SHALL"
],
"conditionality": false,
"requirement": "The system SHALL provide the ability to manage system and data access rules for all EHR-S resources according to scope of practice, organizational policy, and/or jurisdictional law.",
"derivedFrom": "TI.1.3#3"
},
{
"extension": [
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
"valueBoolean": false
},
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-change-info",
"valueCode": "NC"
}
],
"key": "DHFPR2-TI.1.3-04",
"label": "TI.1.3#04",
"conformance": [
"SHALL"
],
"conditionality": false,
"requirement": "The system SHALL manage the enforcement of authorizations to access EHR-S resources.",
"derivedFrom": "TI.1.3#4"
},
{
"extension": [
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
"valueBoolean": true
},
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-change-info",
"valueCode": "NC"
}
],
"key": "DHFPR2-TI.1.3-05",
"label": "TI.1.3#05",
"conformance": [
"SHALL"
],
"conditionality": false,
"requirement": "The system SHALL control access to EHR-S resources after a configurable period of inactivity by terminating the session, or by initiating a session lock that remains in effect until the entity re-establishes access using appropriate identification and authentication procedures, according to organizational policy, and/or jurisdictional law.",
"derivedFrom": "TI.1.3#5"
},
{
"extension": [
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
"valueBoolean": true
},
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-change-info",
"valueCode": "NC"
}
],
"key": "DHFPR2-TI.1.3-06",
"label": "TI.1.3#06",
"conformance": [
"SHOULD"
],
"conditionality": false,
"requirement": "The system SHOULD provide the ability to control-access to data, and/or functionality according to scope of practice, organizational policy, and/or jurisdictional law.",
"derivedFrom": "TI.1.3#6"
},
{
"extension": [
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
"valueBoolean": false
},
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-change-info",
"valueCode": "NC"
}
],
"key": "DHFPR2-TI.1.3-07",
"label": "TI.1.3#07",
"conformance": [
"SHALL"
],
"conditionality": false,
"requirement": "The system SHALL control-access to data, and/or functionality by using authentication mechanisms that comply with regulatory and policy guidelines (e.g.,by using a combination of Username and Password, Digital Certificates, Secure Tokens, and/or Biometrics).",
"derivedFrom": "TI.1.3#7"
},
{
"extension": [
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
"valueBoolean": false
},
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-change-info",
"valueCode": "NC"
}
],
"key": "DHFPR2-TI.1.3-08",
"label": "TI.1.3#08",
"conformance": [
"MAY"
],
"conditionality": false,
"requirement": "The system MAY provide the ability to determine the identity of public health agencies for healthcare purposes through the use of internal, and/or external registry services or directories.",
"derivedFrom": "TI.1.3#8"
},
{
"extension": [
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
"valueBoolean": false
},
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-change-info",
"valueCode": "NC"
}
],
"key": "DHFPR2-TI.1.3-09",
"label": "TI.1.3#09",
"conformance": [
"MAY"
],
"conditionality": false,
"requirement": "The system MAY provide the ability to determine the identity of healthcare resources (e.g., Meal Delivery services for home-based patients) and devices (e.g., wheelchairs) for resource management purposes through the use of internal, and/or external registry services or directories.",
"derivedFrom": "TI.1.3#9"
}
]
}