NCPI FHIR Implementation Guide v2 - Local Development build (v0.1.0) built by the FHIR (HL7® FHIR® Standard) Build Tools. See the Directory of published versions
Resource Profile: NCPI Research Access Policy
| Official URL: https://nih-ncpi.github.io/ncpi-fhir-ig-2/StructureDefinition/ncpi-research-access-policy | Version: 0.1.0 | |||
| Draft as of 2025-03-24 | Computable Name: NcpiResearchAccessPolicy | |||
Limitations and/or requirements that define how a user may gain access to a particular set of data.
Basic Definition
Access policy communicates the limitations and/or requirements that define how a user may gain access to a particular set of data.
Access policy is limited to describing restrictions that respect the privacy and rights of the participants arising from consents, protocols, or other official documents. It should not be used to describe technical requirements for accessing data.
Access policy is defined using a standard set of codes, with one policy per set of codes that apply to a specified portion of the data. Each Access Policy element also includes a free text field that allows for further description of the policy and necessary steps for gaining access.
For Summary-only submissions, Access Policy elements should be included in order to describe the various data use limitations present in the dataset. For submissions which include data and/or participant records, Access Policy should be associated with the participants and data files to appropriately describe the applicable limitations.
Primary Profile Restrictions and Enhancements
- category must be assigned research.
- a meaningful description must be provided using the Access Policy Description extension.
- a provision.purpose must be defined for each distinct research constraint associated with this policy. These codes must be selected from the ValueSet representing the codes found in ResearchDataAccessCodes.
- For those policies that are disease specific, the code, DS, shall be used and must be accompanied by a properly defined Disease Use Limitation.
Usage:
- Refer to this Resource Profile: Access policy
- Examples for this Resource Profile: Consent/gregor-gru-consent, Consent/kf-gru-dac-consent, Consent/kf-gru-dbgap-consent, Consent/kf-gsr-allowed-access and Consent/kf-registered-allowed-access
Formal Views of Profile Content
Description of Profiles, Differentials, Snapshots and how the different presentations work.
| Name | Flags | Card. | Type | Description & Constraints |
|---|---|---|---|---|
  Consent |
C | 0..* | Consent | A healthcare consumer's choices to permit or deny recipients or roles to perform actions for specific purposes and periods of time dom-2: If the resource is contained in another resource, it SHALL NOT contain nested Resources dom-3: If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource dom-4: If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated dom-5: If a resource is contained in another resource, it SHALL NOT have a security label dom-6: A resource should have narrative for robust management ppc-1: Either a Policy or PolicyRule ppc-2: IF Scope=privacy, there must be a patient ppc-3: IF Scope=research, there must be a patient ppc-4: IF Scope=adr, there must be a patient ppc-5: IF Scope=treatment, there must be a patient completed-consent-code: If category is DS then there must be a ResearchConsentDiseaseAbbreviation |
  implicitRules |
?!Σ | 0..1 | uri | A set of rules under which this content was created ele-1: All FHIR elements must have a @value or children |
  Slices for extension |
1..* | Extension | Extension Slice: Unordered, Open by value:url ele-1: All FHIR elements must have a @value or children ext-1: Must have either extensions or value[x], not both | |
   extension:description |
0..1 | markdown | Descriptive text summarizing the policy restrictions and other details associated with this access provision. URL: https://nih-ncpi.github.io/ncpi-fhir-ig-2/StructureDefinition/access-policy-description ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource ext-1: Must have either extensions or value[x], not both | |
| extension:accessType |
1..1 | CodeableConcept | Type of access restrictions on file downloads ( open | registered | controlled ) URL: https://nih-ncpi.github.io/ncpi-fhir-ig-2/StructureDefinition/access-type Binding: Research Data Access Type Codes (required) ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource ext-1: Must have either extensions or value[x], not both | |
 extension:website |
0..1 | url | URL describing the policy restrictions in detail. URL: https://nih-ncpi.github.io/ncpi-fhir-ig-2/StructureDefinition/research-web-Link ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource ext-1: Must have either extensions or value[x], not both | |
 modifierExtension |
?! | 0..* | Extension | Extensions that cannot be ignored ele-1: All FHIR elements must have a @value or children ext-1: Must have either extensions or value[x], not both |
| status |
?!Σ | 1..1 | code | draft | proposed | active | rejected | inactive | entered-in-error Binding: ConsentState (required): Indicates the state of the consent. ele-1: All FHIR elements must have a @value or children |
 scope |
?!Σ | 1..1 | CodeableConcept | Which of the four areas this resource covers (extensible) Binding: ConsentScopeCodes (extensible): The four anticipated uses for the Consent Resource. ele-1: All FHIR elements must have a @value or children |
 category |
Σ | 1..* | CodeableConcept | Classification of the consent statement - for indexing/retrieval Binding: ConsentCategoryCodes (extensible): A classification of the type of consents found in a consent statement. ele-1: All FHIR elements must have a @value or children Required Pattern: At least the following |
  coding |
1..* | Coding | Code defined by a terminology system Fixed Value: (complex) | |
| system |
1..1 | uri | Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/consentcategorycodes | |
| code |
1..1 | code | Symbol in syntax defined by the system Fixed Value: research | |
 display |
1..1 | string | Representation defined by the system Fixed Value: Research Information Access | |
| Documentation for this format | ||||
Terminology Bindings
| Path | Conformance | ValueSet / Code | URI |
| Consent.status | required | ConsentStatehttp://hl7.org/fhir/ValueSet/consent-state-codes|4.3.0from the FHIR Standard | |
| Consent.scope | extensible | ConsentScopeCodeshttp://hl7.org/fhir/ValueSet/consent-scopefrom the FHIR Standard | |
| Consent.category | extensible | Pattern: research("Research Information Access")http://hl7.org/fhir/ValueSet/consent-categoryfrom the FHIR Standard |
Constraints
| Id | Grade | Path(s) | Details | Requirements |
| completed-consent-code | error | Consent | If category is DS then there must be a ResearchConsentDiseaseAbbreviation : provision.purpose.where(code = 'DS').empty() or provision.extension.where(url='https://nih-ncpi.github.io/ncpi-fhir-ig/StructureDefinition/research-disease-use-limitation').exists() | |
| dom-2 | error | Consent | If the resource is contained in another resource, it SHALL NOT contain nested Resources : contained.contained.empty() | |
| dom-3 | error | Consent | If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource : contained.where(((id.exists() and ('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url)))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(uri) = '#').exists()).not()).trace('unmatched', id).empty() | |
| dom-4 | error | Consent | If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated : contained.meta.versionId.empty() and contained.meta.lastUpdated.empty() | |
| dom-5 | error | Consent | If a resource is contained in another resource, it SHALL NOT have a security label : contained.meta.security.empty() | |
| dom-6 | best practice | Consent | A resource should have narrative for robust management : text.`div`.exists() | |
| ele-1 | error | **ALL** elements | All FHIR elements must have a @value or children : hasValue() or (children().count() > id.count()) | |
| ext-1 | error | **ALL** extensions | Must have either extensions or value[x], not both : extension.exists() != value.exists() | |
| ppc-1 | error | Consent | Either a Policy or PolicyRule : policy.exists() or policyRule.exists() | |
| ppc-2 | error | Consent | IF Scope=privacy, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='patient-privacy').exists().not() | |
| ppc-3 | error | Consent | IF Scope=research, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='research').exists().not() | |
| ppc-4 | error | Consent | IF Scope=adr, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='adr').exists().not() | |
| ppc-5 | error | Consent | IF Scope=treatment, there must be a patient : patient.exists() or scope.coding.where(system='something' and code='treatment').exists().not() |
Other representations of profile: CSV, Excel, Schematron
Notes:
While the standard FHIR R4 Consent is intended to be directly associated with a particular patient, given the nature of research access control policies, this profile is intended to be instantiated once and associated with a number of patients (TBD).