PREFIX ov:
PREFIX owl:
PREFIX skos:
PREFIX rdfs:
PREFIX dbr:
PREFIX xsd:
PREFIX sh:
PREFIX rdf:
PREFIX vann:
PREFIX dc:
PREFIX dct:
PREFIX hito:
hito:EhrSfmEntityAuthorization a hito:FeatureClassified;
hito:fClaFrom hito:EhrSfmFeatureCatalogue;
hito:internalId "TI.1.2";
hito:subFeatureOf hito:EhrSfmSecurity;
rdfs:comment "Manage set(s) of EHR-S access control permissions."@en;
rdfs:label "Entity Authorization"@en;
skos:definition "Entities are authorized to use components of an EHR-S in accordance with their scope of practice within local policy or legal jurisdiction. Authorization rules provide a proper framework for establishing access permissions and privileges for the use of an EHR system, based on user, role or context. A combination of these authorization categories may be applied to control access to EHRS resources (i.e., functions or data), including at the operating system level.- User based authorization refers to the permissions granted to access EHR-S resources based on the identity of an entity (e.g., user or software component). - Role based authorization refers to the permissions granted to access EHR-S resources based on the role of an entity. Examples of roles include: an application or device (tele-monitor or robotic); or a nurse, dietician, administrator, legal guardian, and auditor. - Context-based Authorization refers to the permissions granted to access EHR-S resources within a context, such as when a request occurs, explicit time, location, route of access, quality of authentication, work assignment, patient consents and authorization. See ISO 10181-3 Technical Framework for Access Control Standard. For example, an EHR-S might only allow supervising providers’ context authorization to attest to entries proposed by residents under their supervision."@en.