HL7_IG_DS4P_R1_CH1_CONTENT

cda Privacy Markings Section

[Section: templateId 2.16.840.1.113883.3.3251.1.5]

This CDA template is intended to specify how a document, section, or entry may
          be  constrained to specify privacy and security markings. This section is intended
          to provide  a visual indicator to the end-user of the CDA document of security
          label values that are  required to be displayed including confidentiality codes,
          sensitivity of information  disclosed to authorized users, integrity status,
          purpose of use limitations, obligations,  e.g., restricting access and disclosure
          to the minimum necessary, and refrain policies  such as the 42 CFR Part 2 and
          Title 38 Section 7332 prohibition on redisclosures of the  content of the
          document, section, or entry to which this template is applied without  patient
          consent.

  1. SHALL contain exactly one [1..1] templateId ( CONF-DS4P-5 ) such that it
    1. SHALL contain exactly one [1..1] @root="2.16.840.1.113883.3.3251.1.5"
  2. SHALL contain exactly one [1..1] code (CONF:16835)/@code="57017-6" Privacy Policy (CodeSystem: 2.16.840.1.113883.6.1 LOINC) (CONF:16836)
    • The section code is specified using LOINC to indicate that the section is
                  intended.  This section should appear first in a document that is intended to
                  contain protected  information subject to re-disclosure restrictions according
                  to privacy policies. The code indicates that the section reflects the privacy policies
                  of the sending organization.

  3. SHALL contain exactly one [1..1] text (CONF:9059)
    • In C-CDA, this section is optional but is mandatory to any document
                  containing  information protected by specific privacy policies. For example, 42
                  CFR Part 2 requires  that covered patient information is accompanied by an
                  explicit notice to the provider  receiving the disclosed information. Other
                  privacy policies may include a similar recommended text or "redisclosure
                  notice" to the end-users viewing protected information.

  4. If section/@nullFlavor is not present, MAY contain [0..*] entry (CONF:16802)
    • This entry may specify zero or more PrivacyMarkingEntries that are required to be
                  rendered in human readable text such as confidentiality, sensitivity, compartment,
                  privacy law, purpose of use obligation, refrain policy, or integrity codes or associated
                  policy statements conveying restrictions associated with the use and disclosure of the
                  information contained in the C-CDA document.

    1. Contains exactly one [1..1] cda Privacy Markings Entry (templateId: 2.16.840.1.113883.3.3251.1.9)

cda Privacy Markings Section example

    
    <!-- 
        ********************************************************
        Privacy and Security Markings Section
        ********************************************************
    -->
    <section>
        <!-- Privacy Markings section template -->
        <templateId root="2.16.840.1.113883.3.3251.1.5"
            assigningAuthorityName="HL7 Security"/>
        <code code="57017-6 " codeSystem="2.16.840.1.113883.6.1" codeSystemName="LOINC"
            displayName="Privacy policy Organization"/>
        <title>Security and Privacy Prohibitions</title>
        <text> PROHIBITION ON REDISCLOSURE OF CONFIDENTIAL INFORMATION <br/> This notice
            accompanies a disclosure of information concerning a client in alcohol/drug
            treatment, made to you with the consent of such client. This information has
            been disclosed to you from records protected by federal confidentiality
            rules (42 C.F.R. Part 2). The federal rules prohibit you from making any
            further disclosure of this information unless further disclosure is
            expressly permitted by the written consent of the person to whom it pertains
            or as otherwise permitted by 42 C.F.R. Part 2. A general authorization for
            the release of medical or other information is NOT sufficient for this
            purpose. The federal rules restrict any use of the information to criminally
            investigate or prosecute any alcohol or drug abuse patient. </text>
        <confidentialityCode code="N" codeSystem="2.16.840.1.113883.5.25"
            codeSystemName="HL7 Confidentiality"/>
        <author>
            <templateId root="2.16.840.1.113883.3.3251.1.6"
                assigningAuthorityName="HL7 Security"/>
            <!--  DateTimeCreated (timezone added -0500)-->
            <time value="20131021120500-0500"/>
            <assignedAuthor>
                <!-- Mandatory Assigned Author -->
                <templateId root="2.16.840.1.113883.3.3251.1.7"/>
                <!-- auhorId -->
                <id root="4d0c8e77-ea1d-4f41-9858-88806852e774"/>
                <addr>
                    <!--  AuthorAddressLine,  AuthorCity,  AuthorState,  AuthorZipCode -->
                    <streetAddressLine>Example Address Line</streetAddressLine>
                    <city>ExampleCity</city>
                    <state>NH</state>
                    <postalCode>99999</postalCode>
                </addr>
                <!--  AuthorTelephone preceded by "tel:" with @use="WP"-->
                <telecom value="tel:+1-301-555-1212" use="WP"/>
                <assignedPerson>
                    <!--  AuthorProviderName -->
                    <name>
                        <prefix>Dr.</prefix>
                        <family>Hippocrates</family>
                        <given>Harold</given>
                    </name>
                </assignedPerson>
                <representedOrganization>
                    <!--  AuthorOrganizationName -->
                    <name>Example Organization</name>
                    <!--  AuthorTelephone preceded by "tel:" with @use="WP"-->
                    <telecom value="tel:+1-301-555-1212" use="WP"/>
                    <addr>
                        <!--  AuthorAddressLine,  AuthorCity,  AuthorZipCode -->
                        <streetAddressLine>Example Organization Address Line</streetAddressLine>
                        <city>ExampleCity</city>
                        <state>NH</state>
                        <postalCode>99999</postalCode>
                    </addr>
                </representedOrganization>
            </assignedAuthor>
        </author>
        <entry typeCode="COMP">
            <!-- Privacy Marking Entry to indicate the precise/computable security obligations and refrains -->
            <templateId root="2.16.840.1.113883.3.3251.1.9"
                assigningAuthorityName="HL7 Security"/>
            <organizer classCode="CLUSTER" moodCode="EVN">
                <!-- Privacy Annotations are organized using template "2.16.840.1.113883.3.3251.1.4" -->
                <templateId root="2.16.840.1.113883.3.3251.1.4"
                    assigningAuthorityName="HL7 Security"/>
                <statusCode code="active"/>
                <component typeCode="COMP">
                  
                </component>
                <component typeCode="COMP">
                    <observation classCode="OBS" moodCode="EVN">
                        <!-- Security Observation -->
                        <templateId root="2.16.840.1.113883.3.445.21"
                            assigningAuthorityName="HL7 CBCC"/>
                        <!--  Obligation Policy Code template -->
                        <templateId root="2.16.840.1.113883.3.445.14"
                            assigningAuthorityName="HL7 CBCC"/>
                        <code code="SECCONOBS" codeSystem="2.16.840.1.113883.1.11.20457"
                            displayName="Security Classification"
                            codeSystemName="HL7 SecurityObservationTypeCodeSystem"/>
                        <!-- Value set constraint "2.16.840.1.113883.1.11.20445" -->
                        <value xsi:type="CE" code="ENCRYPT"
                            codeSystem="2.16.840.1.113883.5.1063"
                            codeSystemName="SecurityObservationValueCodeSystem"
                            displayName="Encrypt information">
                            <originalText>Information must be encrypted</originalText>
                        </value>
                    </observation>
                </component>
                <component typeCode="COMP">
                    <observation classCode="OBS" moodCode="EVN">
                        <!-- Security Observation -->
                        <templateId root="2.16.840.1.113883.3.445.21"
                            assigningAuthorityName="HL7 CBCC"/>
                        <!--  Refrain Policy Code template -->
                        <templateId root="2.16.840.1.113883.3.445.23"
                            assigningAuthorityName="HL7 CBCC"/>
                        <code code="SECCONOBS" codeSystem="2.16.840.1.113883.1.11.20457"
                            displayName="Security Classification"
                            codeSystemName="HL7 SecurityObservationTypeCodeSystem"/>
                        <!-- Value set constraint "2.16.840.1.113883.1.11.20446" -->
                        <value xsi:type="CE" code="NORDSLCD"
                            codeSystem="2.16.840.1.113883.5.1063"
                            codeSystemName="SecurityObservationValueCodeSystem"
                            displayName="Prohibition on redisclosure without patient consent directive">
                            <originalText>Prohibition on redisclosure without patient
                                consent directive</originalText>
                        </value>
                    </observation>
                </component>
                <component typeCode="COMP">
                    <observation classCode="OBS" moodCode="EVN">
                        <!-- Security Observation -->
                        <templateId root="2.16.840.1.113883.3.445.21"
                            assigningAuthorityName="HL7 CBCC"/>
                        <!--  Purpose Of Use Code template -->
                        <templateId root="2.16.840.1.113883.3.445.22"
                            assigningAuthorityName="HL7 CBCC"/>
                        <code code="SECCONOBS" codeSystem="2.16.840.1.113883.1.11.20457"
                            displayName="Security Classification"
                            codeSystemName="HL7 SecurityObservationTypeCodeSystem"/>
                        <!-- Value set constraint "2.16.840.1.113883.1.11.20448" -->
                        <value xsi:type="CE" code="TREAT"
                            codeSystem="2.16.840.1.113883.5.1063"
                            codeSystemName="SecurityObservationValueCodeSystem"
                            displayName="Treatment">
                            <originalText>Information intended for
                                treatment</originalText>
                        </value>
                    </observation>
                </component>
            </organizer>
        </entry>
    </section>