Loading...

XML

Word

Printable

JSON

Details

Type: Change Request
Resolution: Persuasive with Modification
Priority: Highest

Specification:

SMART on FHIR (FHIR)
Raised in Version:

2.0.0
Work Group:

FHIR Infrastructure
Outstanding Negatives:
STU
Related Page(s):

App Launch: Scopes and Launch Context
Related Section(s):
2.2.8
Grouping:
- Discuss
Resolution Description:

Hide

(Today the FHIR clinical safety checklist says "My system ensures checks for patient links (and/or merges) and handles data that is linked to patients accordingly". There's not a lot of specific direction.)

Update the spec to say: if a FHIR server supports replacing one Patient record with another via Patient.link, the server documentation SHALL describe its authorization behavior.

(Note from FHIR-I discussion: we identified several possibilities but didn't feel comfortable adding them to the spec, for lack of experience. For example, a server might grant access to Patients whenever a "replaced-by" or "replaces" link is present; or a server might automatically re-interpret queries about a "replaced-by" patient to treat them as queries about the "replaces" patient; or a server might require that a client re-authorize with user-level scopes.)

Show
(Today the FHIR clinical safety checklist says "My system ensures checks for patient links (and/or merges) and handles data that is linked to patients accordingly". There's not a lot of specific direction.) Update the spec to say: if a FHIR server supports replacing one Patient record with another via Patient.link, the server documentation SHALL describe its authorization behavior. (Note from FHIR-I discussion: we identified several possibilities but didn't feel comfortable adding them to the spec, for lack of experience. For example, a server might grant access to Patients whenever a "replaced-by" or "replaces" link is present; or a server might automatically re-interpret queries about a "replaced-by" patient to treat them as queries about the "replaces" patient; or a server might require that a client re-authorize with user-level scopes.)
Resolution Vote:
Alexander Zautke / Dan Gottlieb: 8-0-0
Change Category:
Clarification
Change Impact:
Non-substantive

Description

How do we deal with linked patients? Where another patient resource is marked as being the same as the current one? Is this accessible or not?

If not, does this require user scopes? That might be a little to much.

Attachments

Issue Links

is voted on by

BALLOT-17346 Negative - Bas van den Heuvel : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU

Closed

BALLOT-17699 Negative - Ana Kostadinovska : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU

Closed

BALLOT-17761 Negative - Ricardo Quintano : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU

Closed

BALLOT-17805 Negative - Timon Grob : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU

Closed

BALLOT-17845 Negative - Chris Melo : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU

Closed

BALLOT-17904 Negative - Javier Espina : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU

Closed

(1 is voted on by)

Activity

People

Assignee:: Carl Anderson (Inactive)

Reporter:: Bas van den Heuvel

Request in-person:: Bas van den Heuvel

Watchers:: 3 Start watching this issue

Dates

Created:: 2021-05-12 09:22

Updated:: 2021-11-29 01:38

Resolved:: 2021-07-19 09:05

Vote Date:: 2021-08-02