Uploaded image for project: 'FHIR Specification Feedback'
  1. FHIR Specification Feedback
  2. FHIR-28407

Ability to provide security tags at the element level

    XMLWordPrintableJSON

Details

    • Icon: Change Request Change Request
    • Resolution: Not Persuasive
    • Icon: Medium Medium
    • FHIR Core (FHIR)
    • R4
    • Security
    • ValueSet
    • Terminologies - Valuesets
    • Hide

      The solution is part of the FHIR DS4P implementation guide

      http://hl7.org/fhir/uv/security-label-ds4p/

      Show
      The solution is part of the FHIR DS4P implementation guide http://hl7.org/fhir/uv/security-label-ds4p/
    • Kathleen Connor / Luis Maas: 8-0-1

    Description

      Microsoft produces outputs today where we attach security labels at the resource level (e.g. in our de-identification tool, and in our $export pipeline where de-identification options are configured).

      We'd like the ability to provide security tags at the element level because different elements can be altered in different ways during de-identification process. For example, HIPAA Safe Harbor Method recommends that certain PII fields be REDACTED and first 3 digits of certain zip codes be MASKED. Current model of adding security tags at resource level does not cover this scenario.

      We think this is a more general need, so we'd like a standard approach. We'd like to propose a new core extension that can be used to attach these security labels to any FHIR element, which would look something like

      Attachments

        Activity

          People

            Unassigned Unassigned
            ranku Ranvijay Kumar (Inactive)
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: