ISO/TS 21298:2008 defines a model for expressing functional and structural roles and populates it with a basic set of roles for international use in health applications. Roles are generally assigned to entities that are actors. This will focus on roles of persons (e.g. the roles of health professionals) and their roles in the context of the provision of care (e.g. subject of care).
Roles addressed in ISO/TS 21298:2008 are not restricted to privilege management purposes, though privilege management and access control is one of the applications of this Technical Specification. ISO/TS 21298:2008 does not address specifications related to permissions. This Technical Specification treats the role and the permission as separate constructs. Further details regarding the relationship with permissions, policy and access control are provided in ISO/TS 22600-1.