My team is currently modeling FHIR resources to make Patient and Practitioner relationships, so that only related practitioners is able to view/edit the specific patient, to avoid VIP patients (e.g. politicians, famous actors) won’t be exposed to all practitioners in the hospital.
The Patient.generalPractitioner attribute seems like a match, but is there more appropriate attribute?
It would be great if you share us any hints / tips.
You might want to look at CareTeam. Patient.generalPractitioner identifies the “primary” care provider of different types (GP, psychologist, preferred pharmacy) but doesn’t identify everyone who’s providing care. CareTeams will cover a wider set of folks - and you can have multiple CareTeam instances - one for each ‘type’ of care being delivered. Note that I wouldn’t necessarily prohibit access from those who aren’t included in the CareTeam - that might interfere with legitimate care or even put the patient at risk. However, access by someone outside the CareTeam would presumably be a trigger for more intense audit.
CareTeam looks promising.
Thank you for quick and detailed reply!
In addition to @lloyd’s suggestion you may want to also look into the fact that each FHIR resource has a ‘meta’ element that can hold security-labels (inclusive of privacy labels) .
Such tags could then be used in an Access Control engine to inform the decision of whether a practitioner has access to the resource or not.
blessed_tabvirwa1 thank you for another tips! Seems like the tagging is more flexible approach.
We will check GCP FHIR Storage have such Access Control feature.