Data may be “Normal” medical data or “Restricted” medical data. The distinction is for this IG focused purely on data classification for sensitive topics. The various clinical Resources in FHIR are very complex and highly variable. Although Observation is the most often used Resource, sensitive data may exist in ANY other FHIR resource including Allergies,
This is a quick article on a requirement of the MHD Document Responder that may be less obvious to some. The specific requirement is related to chained search parameters, like `patient.identifier`; `source.given` and `source.family`; and `author.given` and `author.family`. These search parameters have a `.` that indicates that one is to search deeper, aka chaining the
As with any standard, one more is clearly needed. as to the different Consent Standards.. I likely don’t know about all of them, but here are some. I am also not indicating that there should be no improvement or even new standards. I just don’t want historic lessons-learned to be lost. for use in Document
Four publications released from IHE IT-Infrastructure, three in development: Release for Public-Comment — Sharing of Valuesets, Codes, and Maps (SVCM) — This is now published in Implementation Guide format, previously in PDF supplement format. This IHE-Profile (aka Implementation Guide) provides guidance on how to implement the sharing of terminology ValueSets, CodeSystems, and ConceptMaps. It is
I was asked to explain how Break-Glass works. There is not a solitary answer, as the context is very important. Define Break-Glass A method used by authorized clinical people to gain access to information that the patient has indicated they want held more confidential, when that clinician has made a medical assessment that there is
I got a Question: Can you address a specific example of the intersection of FHIR standards and OWASP guidance? The FHIR spec allows for sensitive ids such as patient identifier to be used on the query string when searching for a patient. See the following:https://try.smilecdr.com:8000/baseR4/Patient?identifier=47However, the folks at OWASP consider this practice a vulnerability:https://owasp.org/www-community/vulnerabilities/Information_exposure_through_query_strings_in_url Information
This article summarizes a concept that came from my blog reader. This is actually published in a personal Implementation Guide at — https://johnmoehrke.github.io/RelatedPersonConsent/ . This concept has not been proposed as a formal work item, but I think it would fit nicely in IHE Basic Patient Privacy Consents for Mobile that I have proposed (more on that
IHE-Connectathon is scheduled for September 12-16, 2022. IHE-USA — https://www.iheusa.org/ihe-na-connectathon — Atlanta IHE-Europe — https://connectathon.ihe-europe.net/connectathon-2022 — Switzerland Everywhere — virtual — anywhere around the globe or space-stations Many FHIR based IHE – Profiles (Implementation Guides) will be tested, in addition to the other popular Interoperability specifications from IHE. There will even be some testing of HL7 published
IHE, especially the IT-Infrastructure domain, has been publishing specifications in HTML format and Implementation Guide format on a new web site — https://profiles.ihe.net. This web site is enabled with Google Analytics. Thus there is some data available that indicates which parts of the IT-Infrastructure specifications are of interest. Presuming they are interesting because they are used.
