Try   HackMD

FHIR AuthZ Meetup: SMART, TEFCA, & Beyond

@JoshCMandel

Outline

  • Granular scopes in SMARTv2
  • Focused sharing with SMART Health Links
  • Patient rights vis-a-vis B2B sharing in TEFCA

Granular Scope Capabilities

FHIR Resource Scope Syntax

  • [level]/[Resource].[cruds]?param=value&param=value
  • Example: patient/Observation.rs?category=vital-signs

Bucketing permissions by level

  • patient/ Allow access to specific data about a single patient
  • user/ Allow access to all data that the authorizing user can access
  • system/ Allow access to all data that the client is authorized to access

Examples

  • patient/Observation.rs?category=vital-signs - Read and search all vitals for a patient
    • Allows an app to view a patient's vital signs, lab results, etc.
  • user/Immunization.rs - Read and search all observations that the user can access
    • Allows a parent to coordinate family's immunizations
  • system/Observation.c - Create observations from a backend service
    • Allows B2B integration that can submit new observations
    • Allows an app to record new vital signs, lab results, etc. for a patient

Challenges with Custom Operations

  • No standardized scopes for custom operations like
    • /Patient/$export
    • /Patient/:id/$purge
    • /Patient/$update-name
  • Difficult to standardize a scope for operations given
    • Attachment point types (/, /:type, /:type/:instance)
    • Attachment point instances (any? any visible?)
    • Input parameter restrictions?

Suggestions

TL;DR Define custom scopes for now. Start with your operation URL for transparency, e.g. https://myo.example.org/OperationDefinition/locate-patient

Looking ahead, SMART might focus on standardizing data element-level permissions (example syntax only):

  • Read Patient.name

    • patient/Patient.r{{name}}

  • Write Patient.address or Patient.photo

    • patient/Patient.u{{address | photo}}
  • Simple way for patients to share data directly with apps/individuals
  • Example: Sharing glucose measurements via a SMART Health Link
  • Patient generates a link that provides access to their glucose data
    Image Not Showing Possible Reasons
    • The image was uploaded to a note which you don't have access to
    • The note which the image was originally uploaded to has been deleted
    Learn More →
  • Can share this link with a coach, family member, or trusted app
  • Recipient can view/download the patient's glucose measurements
  • Straightforward way to grant targeted data access without complex policies

TEFCA and Network-Based Exchange

  • Organizational-level authorization decisions with broad impact
    • Example: All TEFCA participants support "treatment" PoU
    • Participants can query everywhere for treatment
  • But what if the query seems unrelated to treatment?
    • Recent issues in the tech news, perceived misuse
    • Highlights grey areas & need for transparency
  • Transparency for individuals
Last changed by 
Josh Mandel
0
319

Read more

Agenda -- live notes at https://hackmd.io/@jmandel/saner-ig-live-minutes?both

Attendance Current Work/Announcements Updated build; Keith to work with David on git workflow back to IG publisher infrastructure Value sets being developed for COVID, currently in VSAC -- MITRE developing content. Hot Topics Testing Updates Testing for connectathon: Joe at Meditch still trying to determine level of participation. [Workflow discussion]

Dec 13, 2024
SDOH Assessments in FHIR

Design goals (functional requirements) From recent discussion on Jan 2022 US Core ballot content for SDOH assessments, it's important to reach agreement on functional requirements. That is, based on ONC's objectives, we need to decide whether the following are requirements, or nice-to-haves, or out of scope entirely. Scope Questions Should every US Core system be able to represent multi-question SDOH surveys (e.g., instruments like PRAPARE)? I'll take it for granted that no specific instruments are going to be required, so this question is just about the capability to represent multi-question surveys in general. Should every US Core system be able to represent "check all that apply" SDOH questions (e.g., "In the past year, have you or any family members you live with been unable to get any of the following when it was really needed? Check all that apply.") I think the answer to both questions should be "yes". This would require a slight expansion to the US Core ballot content as part of reconciliation, since the ballot content stops shy of (1).

Feb 15, 2022
Untitled

WGM Scratchpad Change the identified text to say: If an operation has exactly one input parameter whose type is a FHIR Resource, a client MAY invoke the operation via POST with the input resource as the request body. Additional simple input parameters, if supplied, SHALL be expressed as query parameters. if it can supply its additional parameters as query parameters When invoking the operation, if there is exactly one input parameter of type Resource (irrespective of whether other possible parameters are defined), then instead of supplying a Parameters resource as the request body, the client MAY execute the operation by a POST with the input resource as the request body. Any additional parameters that can be expressed as query parameters MAY be supplied as query parameters. Discussion: Intent is that an operation with

Jan 21, 2022
Turning lab reb results (etc) into risk scores

Considerations Privacy Identity captured by input VCs --> Identity constraints on output VCs How much can be automated?

May 27, 2020
Read more from Josh Mandel
Published on HackMD