Make proposed wording change - 2016-09 core #163

XMLWordPrintableJSON

    • Type: Change Request
    • Resolution: Persuasive
    • Priority: Medium
    • FHIR Core (FHIR)
    • DSTU2
    • Security
    • Security
    • 6.1.0.2
    • Hide

      Persuasive (might need a new header on security.html page)

      Show
      Persuasive (might need a new header on security.html page)
    • Glen Marshal/Judy Fincher: 2-0-0
    • Clarification
    • Compatible, substantive
    • DSTU2

      Existing Wording: Chained search implementations need to observe the restrictions on a user in the chained search, and that it would be normal to simply omit resources from the search if the user is not authorized, but a server may elect to add an OperationOutcome to indicate that additional resources may be available if other access tokens are used (e.g. break the glass) (example).

      Proposed Wording: The FHIR RESTful API provides a number of ways that a client may request or create information. When designing a system to authorize access to information, all potential access methods must be considered. They include the following:

      · The basic CRUD methods on resources. A security implementation must evaluate whether a client can read, update create or delete a given resource.

      · Search

      o Chained search provides the ability to disclose information on related resources. A security implementation must consider whether a client has the permission to access the resource being searched on, as well as the chained resource(s)

      o _include and _revinclude search parameters allow client to request related resources. A security implementation must determine if the client has access to the included resources.

      · Security Labels (see section 6.1.1)

      · Several resources, including Bundle, Composition, Group and List, are designed to contain other resources. A security implementation should consider whether access to an individual resource, such as a Bundle, should permit access to all resources contained within the resource.

      · FHIR defines several operations that may be supported by a server. Security implementations must evaluate whether a client has the ability to invoke these operations and what information should be returned from them. Fetch Encounter Record, Evaluate Measure, Observation Statistics, Find patient matches using MPI based logic and Fetch Patient Record specifically provide the ability to disclose patient information.

      · Batch and transaction processing provide ways for clients to create and update information in bulk. Security implementations should consider whether a client has the ability to initiate one of these interactions and make authorization decisions on each action in the batch/transaction.

      · Security implementations must be aware of the Break the Glass protocol. See section 6.1.1.3

      Comment:

      Make proposed wording change

      Summary:

      Make proposed wording change

            Assignee:
            Unassigned
            Reporter:
            Andy Gregorowicz
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: