Uploaded image for project: 'FHIR Specification Feedback'
  1. FHIR Specification Feedback
  2. FHIR-30819

Unclear how this imposes "excessive" P&S risks? Please explain.

    XMLWordPrintableJSON

Details

    • Icon: Change Request Change Request
    • Resolution: Persuasive with Modification
    • Icon: Highest Highest
    • US Da Vinci CDex (FHIR)
    • current
    • Patient Care
    • Specification [deprecated]
    • 8.3.4.2
    • Hide

      change guidance to say:

      "The Provider publishes notifications when there are changes to the Task instance. Typically, the notification does not expose the data itself. The subscriber would then fetch the data using a FHIR RESTful query.

      clarify bullet point  in notes to say:

      "The publisher can not guarantee who has access to the nominated subscription endpoint.  By omitting the payload, the client is forced to authenticate before accessing the data which mitigates privacy and security risks on the publisher"

      Show
      change guidance to say: "The Provider publishes notifications when there are changes to the Task instance. Typically , the notification does not expose the data itself. The subscriber would then fetch the data using a FHIR RESTful query. clarify bullet point  in notes to say: "The publisher can not guarantee who has access to the nominated subscription endpoint.  By omitting the payload, the client is forced to authenticate before accessing the data which mitigates privacy and security risks on the publisher"
    • Eric Haas/Jay Lyle: 5-0-8
    • Clarification
    • Non-substantive

    Description

      Unclear how this imposes "excessive" P&S risks? Please explain. Wouldn’t it be the same issue with polling? The payer polls until there is a change; is there a step where there is then a query to actually GET the data?

      Existing Wording:

      The subscription notification could contain the Task and associated data in the response but this approach imposes excessive privacy and security risks on the sender.

      (Comment 9 - imported by: Jean Duteau)

      Attachments

        Activity

          People

            Unassigned Unassigned
            celine_lefebvre Celine Lefebvre
            Celine Lefebvre
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: