Permission resource holds access rules for a given data and context.

Permission
status
active | entered-in-error | draft | rejected
asserter
The person or entity that asserts the permission
date
The date that permission was asserted
validity
The period in which the permission is active
justification
The asserted justification for using the data
basis
The regulatory grounds upon which this Permission builds
evidence
Justifing rational
combining
deny-overrides | permit-overrides | ordered-deny-overrides | ordered-permit-overrides | deny-unless-permit | permit-unless-deny
rule
Constraints to the Permission
type
deny | permit
data
The selection criteria to identify data that is within scope of this provision
resource
Explicit FHIR Resource references
meaning
instance | related | dependents | authoredby
reference
The actual data reference
security
Security tag code on .meta.security
period
Timeframe encompasing data create/update
expression
Expression identifying the data
activity
A description or definition of which activities are allowed to be done on the data
actor
Authorized actor(s)
action
Actions controlled by this rule
purpose
The purpose for which the permission is given
limit
What limits apply to the use of the data