Details
-
Type:
Change Request
-
Status: Applied (View Workflow)
-
Priority:
Medium
-
Resolution: Persuasive
-
Specification:US Core (FHIR)
-
Raised in Version:3.1.1
-
Work Group:Cross-Group Projects
-
Related Page(s):Profiles and Extensions
-
Related Section(s):3.17.1.1
-
Resolution Description:
-
Resolution Vote:Eric Haas/Drew Torres: 6-0-0
-
Change Category:Clarification
-
Change Impact:Non-substantive
Description
The "Profile Specific Implementation Guidance" section says this:
- The content.url may refer to a FHIR Binary Resource (i.e. [base]/Binary/[id]), FHIR Document Bundle (i.e [base]/Bundle/[id] or other endpoint.
The last part "or other endpoint" is the only hint that a referenced document could live on an entirely different server, potentially with separate authorization requirements.
I wonder if it would be worthwhile to further specify expectations and provide guidance on what should be supported. For example, must these links – if outside of the FHIR base URL – always be accessible without additional authorization?