Security Tags

The following security tags are supported by the platform:

Hide data from patient 

{
   "system" : "http://terminology.hl7.org/CodeSystem/v3-ActCode",
   "code" : "PHY"
}

This security tag indicates that the resource content may not be disclosed to the account holder (yet). The resource will be stripped away from API calls done using a session initiated by the account holder. However, using the MIDATA portal the account holder is able to see that the resource exists.

Read-only data 

{
   "system" : "http://terminology.hl7.org/CodeSystem/v3-ActCode", 
   "code" : "INFOREADONLY"
}

A resource with this security tag may not be updated. The read-only tag does not prevent deletion using the portal.

Do not delete 

{
   "system" : "http://midata.coop/codesystems/security", 
   "code" : "no-delete"
}

A resource with this security tag may not be deleted. This tag does not prevent updates on the resource.

Not pseudonymisable 

{
   "system" : "http://midata.coop/codesystems/security", 
   "code" : "not-pseudonymisable"
}

A resource marked with this security tag will be excluded from any pseudonymized access like exports.

Reliable data 

{
   "system" : "http://terminology.hl7.org/CodeSystem/v3-ObservationValue", 
   "code" : "reliable"
}

A resource with this security tag may not be updated with a version that does not contain the reliable tag. Only applications which write trustworthy data will be allowed to write resources with this security tag.

Automatically generated data 

{
   "system" : "http://midata.coop/codesystems/security",
   "code" : "generated"
}

This security tag indicates that the resource has been generated by the platform.

Resources linked to some entity on the platform 

{
   "system" : "http://midata.coop/codesystems/security",
   "code" : "platform-mapped"
}

A resource with this security tag is not only a data resource but also represents some entity on the platform.

Public data 

{
   "system" : "http://midata.coop/codesystems/security", 
   "code" : "public"
}

Alternative security tag with same meaning:

{
   "system" : "http://terminology.hl7.org/CodeSystem/v3-Confidentiality", 
   "code" : "U"
}

This security tag marks a resource as non-personal, public data that is readable by anyone.

Security Tags and the Access Filter

In order to be able to use MIDATA supported security tags they must be declared in the applications access filter. Security tag use may be defined for each entry in the access filter seperatly.

The following options are available for each security tag:

  • Require for read : All resources that do not contain this security tag will be removed from query results.
  • Allow write : The application is allowed to add this security tag when writing a resource.
  • Auto-Add : The security tag is automatically added to all resources created or updated by this application.

If an existing resource is updated by the application, security tags that are already in place may remain on the resource even if the applications access filter does not allow this security tag to be written.

The public data security tag is controlled by the public setting in the access filter.