Loading...

XML

Word

Printable

JSON

Details

Type: Change Request
Resolution: Persuasive
Priority: Highest

Specification:

US Da Vinci PAS (FHIR)
Raised in Version:

1.2.0-ballot [deprecated]
Work Group:

Financial Mgmt
Outstanding Negatives:
Withdrawn
Related URL:
https://build.fhir.org/ig/HL7/davinci-pas/specification.html#privacy--security-considerations
Related Page(s):

Formal Specification
Related Section(s):
5.3
Grouping:
- Block-Vote-10
Resolution Description:

Hide

Will reference the HRex Privacy and Security section regarding exchange security:

http://build.fhir.org/ig/HL7/davinci-ehrx/security.html#exchange-security

Show
Will reference the HRex Privacy and Security section regarding exchange security: http://build.fhir.org/ig/HL7/davinci-ehrx/security.html#exchange-security
Resolution Vote:
Bob Dieterle / Celine Lefebvre: 12-0-0
Change Category:
Clarification
Change Impact:
Compatible, substantive

Description

Does this sentence "PAS Servers SHOULD support server-server OAuth and MAY support mutually authenticated TLS"

conflict with the DV P&S principles which state:

When the identity of the requesting or receiving party is important, implementations SHOULD use one or more of the following as defined in the specific Da Vinci IG:
the SMART on FHIR Framework ,
mutually authenticated TLS ,
the ONC FHIR At Scale Taskforce (FAST) security tiger team recommended solutions, or
the OAuth Server to Server Authentication as defined in the Bulk Data exchange IG.

Attachments

Issue Links

is voted on by

BALLOT-32623 Negative - Celine Lefebvre : 2022-May-FHIR IG PAS R2 STU

Retracted

mentioned in: Page Loading...

Activity

People

Assignee:: Unassigned

Reporter:: Celine Lefebvre

Request in-person:: Celine Lefebvre

Watchers:: 2 Start watching this issue

Dates

Created:: 2022-03-23 11:23

Updated:: 2023-11-21 06:58

Resolved:: 2022-09-26 10:34

Vote Date:: 2022-10-11