Uploaded image for project: 'FHIR Specification Feedback'
  1. FHIR Specification Feedback
  2. FHIR-28843

Add sentence.

    XMLWordPrintableJSON

Details

    • Icon: Change Request Change Request
    • Resolution: Persuasive with Modification
    • Icon: Highest Highest
    • US Da Vinci HRex (FHIR)
    • current
    • Clinical Interoperability Council
    • Approaches to Exchanging FHIR Data
    • 3.0.3.21 Push Notifications
    • Hide

      That language is covered elsewhere in the IG. It doesn't belong here where the focus is on architectural choices - and where the language is intended to be independent of Da Vinci (and even country)

      We will adjust the language in the resolution proposed in FHIR-28836 to change

      • Are there regulations that mandate or prohibit particular approaches

      to

      • Are there regulations, business policies, or privacy and/or security concerns that mandate or prohibit particular approaches?
      Show
      That language is covered elsewhere in the IG. It doesn't belong here where the focus is on architectural choices - and where the language is intended to be independent of Da Vinci (and even country) We will adjust the language in the resolution proposed in FHIR-28836 to change Are there regulations that mandate or prohibit particular approaches to Are there regulations, business policies, or privacy and/or security concerns that mandate or prohibit particular approaches?
    • Marti Velezis / Jimmy Tcheng : 6-0-1
    • Clarification
    • Non-substantive

    Description

      Add sentence: Given the potential for data misuse, implementers are strongly encouraged to coordinate permission determination with their organization’s legal and compliance office.

      Existing Wording:

      • Because the actual (and potentially sensitive data) is shared at a time when no specific user is asking for it, data source must determine the 'permission' of the data consumer to access the data without a user token and outside the bounds of the usual query mechanism.

      Proposed Wording:

      • Because the actual (and potentially sensitive data) is shared at a time when no specific user is asking for it, data source must determine the 'permission' of the data consumer to access the data without a user token and outside the bounds of the usual query mechanism. Given the potential for data misuse, implementers are strongly encouraged to coordinate permission determination with their organization’s legal and compliance office.

      Attachments

        Activity

          People

            Unassigned Unassigned
            celine_lefebvre Celine Lefebvre
            Celine Lefebvre
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: