Uploaded image for project: 'FHIR Specification Feedback'
  1. FHIR Specification Feedback
  2. FHIR-26216

Follow FAST security guidelines

    XMLWordPrintableJSON

    Details

    • Type: Change Request
    • Status: Deferred (View Workflow)
    • Priority: Highest
    • Resolution: Considered for Future Use
    • Specification:
      US Da Vinci Alerts (FHIR)
    • Raised in Version:
      0.2.0
    • Work Group:
      Infrastructure & Messaging
    • Related Page(s):
      (many)
    • Related Section(s):
      7.1
    • Grouping:
    • Resolution Description:
      Hide

      Agree that when guidelines are published and reviewed, it would be good to reference a specific set of recommendations.

      Show
      Agree that when guidelines are published and reviewed, it would be good to reference a specific set of recommendations.
    • Resolution Vote:
      Craig Newman/Paul Knapp: 3-0-1

      Description

      I recommend we follow whichever guidelines FAST publishes. Their Security tiger team has expertise in this area.

      Existing Wording:

      Note To Balloters
      The DaVinci project is actively seeking input on security approaches and expectations for authentication and authorization between Senders and Receivers of sensitive patient data (e.g., will TLS, mutual-TLS, OAuth, etc. be required to interoperate?). There are several implementation guides and ongoing initiatives to address these issues including:
      •FHIR Data Segmentation for Privacy project
      •SMART Application Launch Framework Implementation Guide Release 1.0.0
      •FHIR Bulk Data Access (Flat FHIR) (specifically: SMART Backend Services: Authorization Guide)
      •FHIR at Scale Taskforce (FAST)
      •Dynamic Registration for SMART Apps

      Once an approach has been agreed upon, it will be documented in the the Da Vinci Health Record Exchange (HRex) Implementation Guide.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              nradov Nick Radov
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Vote Date: