Adding Security Policy based on Occupation

In this recipe, we're going to leverage the SanteDB privacy subsystem to flag any patient whose occupation indicates they are a politician with a VIP code and a sensitive information policy. This will allow SanteMPI to hide our politician's information from those users who do not have access to view their sensitive records.


First, we create a dataset which establishes our occupation code for a politician, our security policy for "VIP Data Access Policy".

<dataset xmlns:xsi="" xmlns:xsd="" id="Demo Dataset" xmlns="">
  <update skipIfError="true" insertIfNotExists="true">
    <Concept xmlns="">
        <value>Parliamentarian of Elbonia</value>
  <update insertIfNotExists="true">
    <SecurityPolicy xmlns="">
      <name>Health Record of Politician</name>

Create a new Business Rules File

Create a new JavaScript file in the rules/ folder of your applet / plugin for SanteMPI. The basic structure of this file should be:

/// <reference path="../.ref/js/santedb-bre.js" />
/// <reference path="../.ref/js/santedb-model.js" />
/// <reference path="../.ref/js/santedb.js" />

 * Elbonia MPI / SanteMPI Rules for protecting policitician's records
 * --

Write Rule Code

Next, you'll want to write some code that flags our parliamentarian .

 * Business rule - Flag Parliamentarian
function flagParliamentarian(patient) {

        patient.policy = [{ "policy": "e347d512-5f3c-11eb-bec6-00155d640b23", "grant": 0 }];
        patient.policy.push({ "policy": "e347d512-5f3c-11eb-bec6-00155d640b23", "grant": 0 });
    return patient;

Attach the Business Rule

Finally, add the business rule to the BeforeInsert and BeforeUpdate method on an incoming patient whose occupation code matches our occupation listed above.

SanteDBBre.AddBusinessRule("", "Patient", "BeforeInsert", { "occupation" : "ff4fb688-5a91-11eb-ae93-0242ac130002" }, flagParliamentarian);
SanteDBBre.AddBusinessRule("", "Patient", "BeforeUpdate", { "occupation" : "ff4fb688-5a91-11eb-ae93-0242ac130002" }, flagParliamentarian);

Last updated