Uploaded image for project: 'FHIR Specification Feedback'
  1. FHIR Specification Feedback
  2. FHIR-28720

Document expectations for clinician visibility into workflow

    XMLWordPrintableJSON

Details

    • Icon: Change Request Change Request
    • Resolution: Persuasive with Modification
    • Icon: Highest Highest
    • CDS Hooks (FHIR)
    • 1.0 [deprecated]
    • Clinical Decision Support
    • (NA)
    • Hide

      More than mere insight, a provider organization is necessarily and ultimately responsible  for determining which CDS services should be called when and what data should be (1) pre-fetched and (2) made available to the service via FHIR API calls. 

      We try to generically describe this here: https://cds-hooks.hl7.org/1.0/#trusting-cds-services

      Propose adding language to the Safety and Security section to discuss this aspect:

      As with any access to protected patient information, systems should ensure that they have appropriate authorization and audit mechanisms in place to support transparency of use of the data. For more information, refer to [Security Best Practices](https://cds-hooks.org/best-practices/#security).

      And add to the best practices language about audits and specifically the ability of stakeholders to request information audits. Audit can be performed by monitoring calls that make use of the authorization token provided to the CDS Service in the CDS Hooks request.

      Show
      More than mere insight, a provider organization is necessarily and ultimately responsible  for determining which CDS services should be called when and what data should be (1) pre-fetched and (2) made available to the service via FHIR API calls.  We try to generically describe this here:  https://cds-hooks.hl7.org/1.0/#trusting-cds-services Propose adding language to the Safety and Security section to discuss this aspect: As with any access to protected patient information, systems should ensure that they have appropriate authorization and audit mechanisms in place to support transparency of use of the data. For more information, refer to  [Security Best Practices] ( https://cds-hooks.org/best-practices/#security). And add to the best practices language about audits and specifically the ability of stakeholders to request information audits. Audit can be performed by monitoring calls that make use of the authorization token provided to the CDS Service in the CDS Hooks request.
    • Celine Lefebvre/Juliet Rubini: 23-0-0
    • Clarification
    • Non-substantive

    Description

      Clinicians should have complete insight into when hooks occur in workflow – at least at the system level before implementation. What triggers the hook, and what data will be prefetched?

      Attachments

        Activity

          People

            Unassigned Unassigned
            celine_lefebvre Celine Lefebvre
            Celine Lefebvre
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: