{
  "package" : "hl7.fhir.r4.examples@4.0.1",
  "definition" : "Authorisation policies are essentially security policies related to access-control and specify what activities a subject is permitted or forbidden to do, to a set of target objects. They are designed to protect target objects so are interpreted by access control agents or the run-time systems at the target system.\\r\\n\\n                        A positive authorisation policy defines the actions that a subject is permitted to perform on a target. A negative authorisation policy specifies the actions that a subject is forbidden to perform on a target. Positive authorisation policies may also include filters to transform the parameters associated with their actions.  (Based on PONDERS)",
  "system" : "http://terminology.hl7.org/CodeSystem/v3-ActCode",
  "property" : [ {
    "_uri" : "http://hl7.org/fhir/concept-properties#child",
    "code" : "child",
    "_implicit" : true,
    "valueCode" : "ACCESSCONSCHEME"
  }, {
    "_uri" : "http://hl7.org/fhir/concept-properties#parent",
    "code" : "parent",
    "_implicit" : true,
    "valueCode" : "SecurityPolicy"
  } ],
  "codesystem" : "6064fe67-dfa9-5c7f-9737-99a0909e44de",
  "concept_id" : "44eef56a-32cd-5ca2-8759-2774b68a3407",
  "ancestors" : {
    "AUTHPOL" : 0,
    "SecurityPolicy" : 1,
    "_ActPolicyType" : 2
  },
  "id" : "3625a1fb-5650-4e19-9a46-e12ca1516efe",
  "code" : "AUTHPOL",
  "display" : "authorization policy",
  "version" : "2018-08-12"
}