<?xml version=“1.0” encoding=“UTF-8”?> <Consent xmlns=“hl7.org/fhir”>

<id value="consent-example-smartonfhir"/>
<meta>
  <security>
    <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
    <code value="HTEST"/>
    <display value="test health data"/>
  </security>
</meta>
<status value="active"/>
<scope>
  <coding>
    <system value="http://terminology.hl7.org/CodeSystem/consentscope"/>
    <code value="patient-privacy"/>
  </coding>
  </scope>
    <category>
  <coding>
    <system value="http://loinc.org"/>
    <code value="59284-0"/>
  </coding>
</category>
<!--   
 In this SMART on FHIR login, the user consents for data sharing 
 for their elderly parent's record
  -->
<patient>
  <reference value="Patient/xcda"/>
</patient>
<dateTime value="2016-06-23T17:02:33+10:00"/>
<performer>
  <!--   this is the patient record that matches the person
    making the decision. note: it's not always a related person
    -->
  <reference value="RelatedPerson/peter"/>
</performer>
<organization>
  <!--   The organization running the Authentication server   -->
  <reference value="Organization/f001"/>
</organization>
<!--   there's no source record for a Smart on FHIR consent   -->
<!--   now the consent details itself start   -->
<!--   smart on fhir is always the base opt-in policy   -->
<policyRule>
  <coding>
    <system value="http://terminology.hl7.org/CodeSystem/v3-ActCode"/>
    <code value="OPTIN"/>
  </coding>
</policyRule>
<!--   each scope that relates to FHIR resource access is represented as an exception   -->
<provision>
  <period>
    <start value="2016-06-23T17:02:33+10:00"/>
    <end value="2016-06-23T17:32:33+10:00"/>
  </period>
  <provision>
    <!--   this rule corresponds to MedicationRequest/read   -->
    <type value="permit"/>
    <!--   no actors here, or anything, just read/write and the resource type   -->
    <action>
      <coding>
        <system value="http://terminology.hl7.org/CodeSystem/consentaction"/>
        <code value="access"/>
      </coding>
    </action>
    <class>
      <system value="http://hl7.org/fhir/resource-types"/>
      <code value="MedicationRequest"/>
    </class>
  </provision>
</provision>

</Consent>