Minutes - Security WG 2021-05-21

From Health Level 7 Belgium Wiki
Revision as of 10:15, 21 May 2021 by KarlienErauw (talk | contribs) (Created page with "* Minutes * Hannes presents "Access control in FHIR" that was also ::* care provider has to go through id & auth and there has to be a control to assess if he has access to t...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
  • Minutes
  • Hannes presents "Access control in FHIR" that was also
  • care provider has to go through id & auth and there has to be a control to assess if he has access to the resource (access management): check patient consent, exlusions, therapeutic relationship and access matrix for care providers
  • id: solutions FAS or eID, itsme, TOTOP
  • access management: need for standardised manner to manage interactions
  • solution 1: generic : IAM connect, client communicates through middleware/component to assess access to resource before entering in the FHIR server - adaptions outside of FHIR server - more difficult for client to know why he doesn't have access
  • solution 2: more specific - using SMART on FHIR - client can talk directly to FHIR server- controls happen in step 4 - suggestion for setp 4B to connect with metahub (pip)
Retrieved from "https://wiki.hl7belgium.org/index.php?title=Minutes_-_Security_WG_2021-05-21&oldid=1107"