FHIR Chat · data sensitivity flags · Security and Privacy

Stream: Security and Privacy

Topic: data sensitivity flags

view this post on Zulip René Spronk (Dec 14 2020 at 09:54):

Just to confirm: samhsa, omh, opwdd, and oasis flags - are these all supported as meta security (data sensitivity) flags? (These are all US specific AFAIK, so it's hard for me to determine for all of them quite what they are in FHIR terms)

view this post on Zulip René Spronk (Dec 15 2020 at 07:45):

Does the https://www.hl7.org/fhir/v3/InformationSensitivityPolicy/vs.html value set contain all concepts required to cover whatever is described by the samhsa, omh, opwdd, and oasis flags ?

view this post on Zulip John Moehrke (Dec 15 2020 at 14:23):

I don't know.. as I am not a SME on those specific domains. You might try the CBCP mailing list, but I suspect the SAMSA experts are no-longer particiapting.

view this post on Zulip David Pyke (Dec 15 2020 at 14:26):

SAMHSA has stopped all participation. That codelist was compiled quite some time ago but was complete for their use at that time. No significant changes have happened to ActCode in some years

view this post on Zulip René Spronk (Dec 16 2020 at 08:07):

Who in the FHIR community would be in the know about this? I'm pretty far removed from this US specific topic, so it would be good to find someone who's involved in these sensitivity flags. (as for the CBCP mailing list, I have no clue what that acronym stands for)

view this post on Zulip David Pyke (Dec 16 2020 at 13:53):

Community-Based Care and Privacy work group. I'm only aware that Kathleen Conner would be the best source for information

view this post on Zulip John Moehrke (Dec 16 2020 at 15:51):

@René Spronk general questions on the sensitivity vocabulary are good here. But to ask about compliance to a regulation is what I was saying is not my area of expertise. I try to stay away from perception that I am a Lawyer. I am not a Lawyer, which is required to answer questions of compliance with the law.

view this post on Zulip John Moehrke (Dec 16 2020 at 15:53):

Further... the questions you are asking are best answered by an organization that has cast the vocabulary, identities, roles, and consents into a trust-framework. It is the trust-framework that provides the answers you seek. A trust framework could make the vocabulary value "tunaSandwich" be the key code. There is nothing special, regarding regulations or trust-framework, about the codes published in the HCS, HL7, or anywhere else.

Last updated: Apr 12 2022 at 19:14 UTC


An HL7 Website -