Can't require that users have access rights they don't have. - DTR #32

XMLWordPrintableJSON

    • Type: Change Request
    • Resolution: Persuasive with Modification
    • Priority: Medium
    • US Da Vinci DTR (FHIR)
    • STU3
    • Clinical Decision Support
    • (profiles) [deprecated]
    • Execution of CQL
    • Hide

      Should note in IG that just because data is not returned it does not mean it does not exist.

      Add Text:

      The execution engine determines which FHIR resources to retrieve by analyzing the CQL. The SMART on FHIR application SHALL be provided with a token that allows it to access relevant information for the patient in question. Depending on user permissions the app may not have all data. The app dev should consider the possibility that access to some data may be restricted or prohibited(and access restrictions my happen silently i(ie indistinguishable absent data).

      Show
      Should note in IG that just because data is not returned it does not mean it does not exist. Add Text: The execution engine determines which FHIR resources to retrieve by analyzing the CQL. The SMART on FHIR application SHALL be provided with a token that allows it to access relevant information for the patient in question. Depending on user permissions the app may not have all data. The app dev should consider the possibility that access to some data may be restricted or prohibited(and access restrictions my happen silently i(ie indistinguishable absent data).
    • Bob Dieterle / Rachael Foerster: 7-0-1
    • Clarification
    • Non-substantive

      Existing Wording: The execution engine determines which FHIR resources to retrieve by analyzing the CQL. The SMART on FHIR application MUST be provided with a token that allows it to access all relevant information for the patient in question.

      Comment:

      You can't guarantee this; it depends on what access rights the person opening the SMART app has.

      Summary:

      Can't require that users have access rights they don't have.

            Assignee:
            Unassigned
            Reporter:
            Kensaku Kawamoto
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: