FHIR Chat · Extension within a contained resource · implementers

Stream: implementers

Topic: Extension within a contained resource

view this post on Zulip Kate Dech (Apr 16 2019 at 22:06):

Are there any guidelines about/for/against adding an extension to a contained resource?
Our primary resource is Coverage and we have contained Patient/Beneficiary. I would like to add an extension to the Patient Address for Address Use to denote that the address is confidential. Is the extension part of the contained patient resource or the primary coverage resource?

view this post on Zulip Grahame Grieve (Apr 16 2019 at 22:14):

should be on the address, where ever it appears

view this post on Zulip Lloyd McKenzie (Apr 16 2019 at 22:45):

There's a standard extension for address for this purpose.

view this post on Zulip Lloyd McKenzie (Apr 16 2019 at 22:46):

http://hl7.org/fhir/extension-iso21090-ad-use.html

view this post on Zulip Kate Dech (Apr 19 2019 at 21:18):

Thank you. We also have a need to denote that a phone number is considered confidential. Any standard extensions for contact point?

view this post on Zulip Grahame Grieve (Apr 19 2019 at 21:23):

no but a standard extension for this would be quite appropriate. @John Moehrke this is one case where it would appear that an element can have a confidentiality the exceeds the high water mark for the overall resource, and so that makes me wonder whether this isn't a general confidential code, but rather more specific security label like http://hl7.org/fhir/v3/ActCode/cs.html#v3-ActCode-DEMO

view this post on Zulip John Moehrke (Apr 22 2019 at 11:38):

This specific case seems more appropriate to think about putting that more sensitive data into another resource that points back at the Patient. That 'other' resource could then be easily protected at more confidential, while allowing Patient to be manipulated and viewed more normally. This method of segregating more sensitive information into their own Resource is a common REST model. It allows each resource to be then treated as one level of sensitivity. So rather than an extension, I would recommend a standalone resource. So, use Basic, and 'extend' basic to have a pointer to Patient, and an address.

view this post on Zulip Lloyd McKenzie (Apr 22 2019 at 14:08):

I'm not a huge fan of sticking sticking data like this into Basic - or even an extension. Systems should already have an ability to strip data out of a resource if recipients aren't allowed to have it. Sending "standard" data somewhere else is going to be useless except to systems that have specifically been designed to handle it.

view this post on Zulip Kate Dech (Apr 22 2019 at 15:25):

The entities receiving it have a right to view the confidential address and phone per HIPAA. The issue is that as the organization supply the information, we must denote that it is confidential (think safety sensitive situations) and even more safeguards must be put in place.

Last updated: Apr 12 2022 at 19:14 UTC


An HL7 Website -