top of page
Fast Healthcare Interoperability Resources

Fast Healthcare Interoperability Resources

FHIR® – Fast Healthcare Interoperability Resources (hl7.org/fhir) – is a next generation standards framework created by HL7. FHIR combines the best features of HL7's v2 icon, HL7 v3 icon and CDA icon product lines while leveraging the latest web standards and applying a tight focus on implementability.

FHIR solutions are built from a set of modular components called "Resources". These resources can easily be assembled into working systems that solve real-world clinical and administrative problems at a fraction of the price of existing alternatives. FHIR is suitable for use in a wide variety of contexts – mobile phone apps, cloud communications, EHR-based data sharing, server communication in large institutional healthcare providers, and much more.

2.1.20.1 Why FHIR is better
FHIR offers many improvements over existing standards:

A strong focus on implementation: fast and easy to implement (multiple developers have had simple interfaces working in a single day)
Multiple implementation libraries, many examples available to kick-start development
Specification is free for use with no restrictions
Interoperability out-of-the-box: base resources can be used as is, but can also be adapted as needed - which happens a lot - for local requirements using Profiles, Extensions, Terminologies and more
Evolutionary development path from HL7 Version 2 and CDA: standards can co-exist and leverage each other
Strong foundation in Web standards: XML, JSON, HTTP, OAuth, etc.
Support for RESTful architectures, seamless exchange of information using messages or documents, and service-based architectures
Concise and easily understood specifications
A human-readable serialization format for ease of use by developers
Ontology-based analysis with formal mapping for correctness (under development)

Value set

for

Address use

from

FHIR

Definition: The use of an address.
This value set is the designated 'entire code system' value set for AddressUse.

Code Display Definition
home Home A communication address at a home.
work Work An office address. First choice for business related contacts during business hours.
temp Temporary A temporary address. The period can provide more detailed information.
old Old / Incorrect This address is no longer in use (or was never correct, but retained for records).

If a flag appears next to this message, click on it to see others' comments about this definition

Value set

for

Alert category

from

HL7

Allows a flag to be divided into different categories like clinical, administrative etc. Intended to be used as a means of filtering which flags are displayed to particular user or in a given context.

Enumerations
diet Flags related to the subject's dietary needs.
drug Flags related to the subject's medications.
lab Flags related to performing laboratory tests and related processes (e.g. phlebotomy).
admin Flags related to administrative and financial processes.
contact Flags related to coming into contact with the patient.
clinical Flags related to the subject's clinical data.
behavioral Flags related to behavior.
research Flags related to research.
advance-directive Flags related to subject's advance directives.
safety Flags related to safety precautions.

If a flag appears next to this message, click on it to see others' comments about this definition

Value set

for

Allergy intolerance type

from

Fast Healthcare Interoperability Resources

Identification of the underlying physiological mechanism for a Reaction Risk.

Enumerations:

allergy: A propensity for hypersensitive reaction(s) to a substance. These reactions are most typically type I hypersensitivity, plus other "allergy-like" reactions, including pseudoallergy.

intolerance: A propensity for adverse reactions to a substance that is judged to be not allergic or "allergy-like". These reactions are typically (but not necessarily) non-immune. They are to some degree idiosyncratic and/or patient-specific (i.e. are not a reaction that is expected to occur with most or all patients given similar circumstances).

If a flag appears next to this message, click on it to see others' comments about this definition

Value set

for

Confidentiality

from

HL7 (parent company of the Fast Healthcare Interoperability Resources)

A set of codes specifying the security classification of acts and roles in accordance with the definition for concept domain “Confidentiality”.

Enumerations

L Low level of protection
Privacy metadata indicating that a low level of protection is required to safeguard personal and healthcare information, which has been altered in such a way as to minimize the need for confidentiality protections with some residual risks associated with re-linking. The risk of harm to an individual's reputation and sense of privacy if disclosed without authorization is considered negligible, and mitigations are in place to address reidentification risk. *Usage Note:* The level of protection afforded anonymized and pseudonymized, and non-personally identifiable information (e.g., a limited data set) is dictated by privacy policies and data use agreements intended to engender trust that health information can be used and disclosed with little or no risk of re-identification. **Example:** Personal and healthcare information, which excludes 16 designated categories of direct identifiers in a HIPAA Limited Data Set. This information may be disclosed by HIPAA Covered Entities without patient authorization for a research, public health, and operations purposes if conditions are met, which includes obtaining a signed data use agreement from the recipient. See 45 CFR Section 164.514. This metadata indicates that the receiver may have an obligation to comply with a data use agreement with the discloser. The discloser may have obligations to comply with policies dictating the methods for de-identification. Confidentiality code total order hierarchy: Low (L) is less protective than *V, R, N,* and *M*, and subsumes *U*.

M Moderately confidential information
Privacy metadata indicating the level of protection required to safeguard personal and healthcare information, which if disclosed without authorization, would present a moderate risk of harm to an individual's reputation and sense of privacy. *Usage Note:* The level of protection afforded moderately confidential information is dictated by privacy policies intended to engender trust in a service provider. May include publicly available information in jurisdictions that restrict uses of that information without the consent of the data subject. Privacy policies mandating moderate levels of protection, which preempt less protective privacy policies. "Moderate" confidentiality policies differ from and would be preempted by the prevailing privacy policies mandating the normative level of protection for information used in the delivery and management of healthcare. Confidentiality code total order hierarchy: Moderate (M) is less protective than *V, R, and N*, and subsumes all other protection levels (i.e., *L* and *U*). **Examples:** Includes personal and health information that an individual authorizes to be collected, accessed, used or disclosed to a bank for a health credit card or savings account; to health oversight authorities; to a hospital patient directory; to worker compensation, disability, property and casualty or life insurers; and to personal health record systems, consumer-controlled devices, social media accounts and online Apps; or for marketing purposes

N Normatively confidential information
Privacy metadata indicating the level of protection required to safeguard personal and healthcare information, which if disclosed without authorization, would present a considerable risk of harm to an individual's reputation and sense of privacy. *Usage Note:* The level of protection afforded normatively confidential information is dictated by the prevailing normative privacy policies, which are intended to engender patient trust in their healthcare providers. Privacy policies mandating normative levels of protection, which preempt less protective privacy policies when the information is used in the delivery and management of healthcare. May be pre-empted by jurisdictional law (e.g., for public health reporting or emergency treatment). Confidentiality code total order hierarchy: Normal (N) is less protective than *V* and *R*, and subsumes all other protection levels (i.e., *M, L, and U*). **Map:**Partial Map to ISO 13606-4 Sensitivity Level (3) Clinical Care when purpose of use is treatment: Default for normal clinical care access (i.e., most clinical staff directly caring for the patient should be able to access nearly all of the EHR). Maps to normal confidentiality for treatment information but not to ancillary care, payment and operations. **Examples:** n the US, this includes what HIPAA identifies as protected health information (PHI) under 45 CFR Section 160.103.

R Restricted confidential information
Privacy metadata indicating the level of protection required to safeguard potentially stigmatizing information, which if disclosed without authorization, would present a high risk of harm to an individual's reputation and sense of privacy. *Usage Note:* The level of protection afforded restricted confidential information is dictated by specially protective organizational or jurisdictional privacy policies, including at an authorized individual's request, intended to engender patient trust in providers of sensitive services. Privacy policies mandating additional levels of protection by restricting information access preempt less protective privacy policies when the information is used in the delivery and management of healthcare. May be pre-empted by jurisdictional law (e.g., for public health reporting or emergency treatment). Confidentiality code total order hierarchy: Restricted (R) is less protective than *V*, and subsumes all other protection levels (i.e., *N, M, L, and U*). **Examples:** Includes information that is additionally protected such as sensitive conditions mental health, HIV, substance abuse, domestic violence, child abuse, genetic disease, and reproductive health; or sensitive demographic information such as a patient's standing as an employee or a celebrity. May be used to indicate proprietary or classified information that is not related to an individual (e.g., secret ingredients in a therapeutic substance; or the name of a manufacturer).

U Unrestricted information
Privacy metadata indicating that no level of protection is required to safeguard personal and healthcare information that has been disclosed by an authorized individual without restrictions on its use. **Examples:** Includes publicly available information e.g., business name, phone, email and physical address. *Usage Note:* The authorization to collect, access, use, and disclose this information may be stipulated in a contract of adhesion by a data user (e.g., via terms of service or data user privacy policies) in exchange for the data subject's use of a service. This metadata indicates that the receiver has no obligation to consider privacy policies other than its own when making access control decisions. Confidentiality code total order hierarchy: Unrestricted (U) is less protective than *V, R, N, M,* and *L*, and is the lowest protection levels.

V Very restricted confidential information
Privacy metadata indicating the level of protection required under atypical cicumstances to safeguard potentially damaging or harmful information, which if disclosed without authorization, would (1) present an extremely high risk of harm to an individual's reputation, sense of privacy, and possibly safety; or (2) impact an individual's or organization's legal matters. *Usage Note:* The level of protection afforded very restricted confidential information is dictated by specially protective privacy or legal policies intended to ensure that under atypical circumstances additional protections limit access to only those with a high 'need to know' and the information is kept in highest confidence.. Privacy and legal policies mandating the highest level of protection by stringently restricting information access, preempt less protective privacy policies when the information is used in the delivery and management of healthcare including legal proceedings related to healthcare. May be pre-empted by jurisdictional law (e.g., for public health reporting or emergency treatment but only under limited circumstances). Confidentiality code total order hierarchy: Very Restricted (V) is the highest protection level and subsumes all other protection levels s (i.e., *R, N, M, L, and UI*). **Examples:** Includes information about a victim of abuse, patient requested information sensitivity, and taboo subjects relating to health status that must be discussed with the patient by an attending provider before sharing with the patient. May also include information held under a legal hold or attorney-client privilege.

If a flag appears next to this message, click on it to see others' comments about this definition

Value set

for

Event status

from

Fast Healthcare Interoperability Resources

Enumerations
preparation The core event has not started yet, but some staging activities have begun (e.g. surgical suite preparation). Preparation stages may be tracked for billing purposes.

in-progress The event is currently occurring.

not-done The event was terminated prior to any activity beyond preparation. I.e. The 'main' activity has not yet begun. The boundary between preparatory and the 'main' activity is context-specific.

on-hold The event has been temporarily stopped but is expected to resume in the future.

stopped The event was terminated prior to the full completion of the intended activity but after at least some of the 'main' activity (beyond preparation) has occurred.

completed The event has now concluded.

entered-in-error This electronic record should never have existed, though it is possible that real-world decisions were based on it. (If real-world activity has occurred, the status should be "stopped" rather than "entered-in-error".).

unknown The authoring/source system does not know which of the status values currently applies for this event. Note: This concept is not to be used for "other" - one of the listed statuses is presumed to apply, but the authoring/source system does not know which.

If a flag appears next to this message, click on it to see others' comments about this definition

Value set

for

Medium

from

HL7

Enumerations
PHYSICAL Participation by direct action where subject and actor are in the same location. (The participation involves more than communication.)
REMOTE Participation by direct action where subject and actor are in separate locations, and the actions of the actor are transmitted by electronic or mechanical means. (The participation involves more than communication.)
VERBAL Participation by voice communication
DICTATE Participation by pre-recorded voice. Communication is limited to one direction (from the recorder to recipient).
FACE Participation by voice communication where parties speak to each other directly.
PHONE Participation by voice communication where the voices of the communicating parties are transported over an electronic medium
VIDEOCONF Participation by voice and visual communication where the voices and images of the communicating parties are transported over an electronic medium
WRITTEN Participation by human language recorded on a physical material
FAXWRIT Participation by text or diagrams printed on paper that have been transmitted over a fax device
HANDWRIT Participation by text or diagrams printed on paper or other recording medium
MAILWRIT Participation by text or diagrams printed on paper transmitted physically (e.g. by courier service, postal service).
ONLINEWRIT Participation by text or diagrams submitted by computer network, e.g. online survey.
EMAILWRIT Participation by text or diagrams transmitted over an electronic mail system.
TYPEWRIT Participation by text or diagrams printed on paper or other recording medium where the recording was performed using a typewriter, typesetter, computer or similar mechanism.
MSGWRIT Participation by messaging typically from a mobile phone or mobile device through a cellular network or Internet. Includes secured or unsecured messaging transmission and includes online chat. Also includes submission of photos or other images.
SMSWRIT Participation by text or diagrams transmitted by an SMS message.
MMSWRIT Participation by text or diagrams transmitted by an MMS message.
APPWRIT Participation by text or diagrams transmitted over an online app, e.g. Facebook Messenger, WhatsApp, or similar web app.
ELECTRONIC Participation by non-human-languaged based electronic signal

If a flag appears next to this message, click on it to see others' comments about this definition

Value set

for

Priority

from

Fast Healthcare Interoperability Resources

Enumerations
routine The request has normal priority.
urgent The request should be actioned promptly - higher priority than routine.
asap The request should be actioned as soon as possible - higher priority than urgent.
stat The request should be actioned immediately - highest possible priority. E.g. an emergency.

If a flag appears next to this message, click on it to see others' comments about this definition

bottom of page