Uploaded image for project: 'FHIR Specification Feedback'
  1. FHIR Specification Feedback
  2. FHIR-24717

Has this critically important part of the spec actually been implemented? I don't see how it would work…. - DTR #63

    XMLWordPrintableJSON

Details

    • Icon: Change Request Change Request
    • Resolution: Persuasive with Modification
    • Icon: Medium Medium

    Description

      Existing Wording: Payers SHALL require the DTR application to authenticate in order to retrieve resources when PHI is exchanged. In the case that authentication is required, the following JSON structure SHALL be populated by the payer system. This JSON is based on the structure for FHIR Authorization in CDS Hooks.

      Comment:

      Perhaps I'm simply not imagining the intent of the IG author. I don't understand how the DTR app is intended to authenticate to the payer system. The DTR app is launched from a card, or an EHR launch from the EHR. Exactly when does the payer provide this json object containing an access token to its own FHIR server? Please don't let the answer be the appContext field. Note that since the first ballot, you've changed this page to be inconsistent with itself. Has this critically important flow actually been implemented?

      Summary:

      Has this critically important part of the spec actually been implemented? I don't see how it would work….

      Attachments

        Activity

          People

            ldecelles Larry Decelles
            Isaac.Vetter Isaac Vetter
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: