{
  "package" : "hl7.fhir.r4.core@4.0.1",
  "definition" : "Authorisation policies are essentially security policies related to access-control and specify what activities a subject is permitted or forbidden to do, to a set of target objects. They are designed to protect target objects so are interpreted by access control agents or the run-time systems at the target system.\\r\\n\\n                        A positive authorisation policy defines the actions that a subject is permitted to perform on a target. A negative authorisation policy specifies the actions that a subject is forbidden to perform on a target. Positive authorisation policies may also include filters to transform the parameters associated with their actions.  (Based on PONDERS)",
  "system" : "http://terminology.hl7.org/CodeSystem/v3-ActCode",
  "property" : [ {
    "_uri" : "http://hl7.org/fhir/concept-properties#child",
    "code" : "child",
    "_implicit" : true,
    "valueCode" : "ACCESSCONSCHEME"
  }, {
    "_uri" : "http://hl7.org/fhir/concept-properties#parent",
    "code" : "parent",
    "_implicit" : true,
    "valueCode" : "SecurityPolicy"
  } ],
  "codesystem" : "d73ae040-3e88-581f-8c74-bc9b7419407a",
  "concept_id" : "44eef56a-32cd-5ca2-8759-2774b68a3407",
  "ancestors" : {
    "AUTHPOL" : 0,
    "SecurityPolicy" : 1,
    "_ActPolicyType" : 2
  },
  "id" : "77f4a935-5f0a-4634-a479-1aa1ec77d74f",
  "code" : "AUTHPOL",
  "display" : "authorization policy",
  "version" : "2018-08-12"
}