Launch context bindings don't match examples and probably incorrect type

XMLWordPrintableJSON

    • Type: Change Request
    • Resolution: Persuasive with Modification
    • Priority: High
    • Structured Data Capture (SDC) (FHIR)
    • STU3
    • FHIR Infrastructure
    • (profiles) [deprecated]
    • Hide

      Correct binding to be 'fixed' instead of 'example' (and add a new tracker item to get the tooling to treat the use of a non-fixed binding with a 'code' data type in an extension as prohibited)

      We will make explicit that the content pointed to by the launchContext will be made available to Expression instances (FHIRPath, CQL and Queries) within the form as %name variables where the name is the name of the launch context.

      We will add a security & privacy considerations section to the IG. We will indicate that there is no requirement to seek permission to populate forms from information either passed as context or queried. However, we will note two concerns:
      - systems must always give users a chance to review all answers prior to submission and allow the user to know where the data is being submitted
      - systems need to be very cautious about submitting forms that contain 'hidden' questions that can be auto-populated because they can allow disclosure of information without human review. These can be inoccuous (e.g. what version of the software was the data loaded from) but could also be used in an attack to extract data serrepticiously. Manual review by a technical expert (prior to approval of use of the Questionnaire) of Questionnaire versions that contain hidden auto-populated questions may be needed. Similarly, manual review of submission destinations might also be appropriate if they are not already 'trusted' destinations.

      The description sub-property will be removed

      Show
      Correct binding to be 'fixed' instead of 'example' (and add a new tracker item to get the tooling to treat the use of a non-fixed binding with a 'code' data type in an extension as prohibited) We will make explicit that the content pointed to by the launchContext will be made available to Expression instances (FHIRPath, CQL and Queries) within the form as %name variables where the name is the name of the launch context. We will add a security & privacy considerations section to the IG. We will indicate that there is no requirement to seek permission to populate forms from information either passed as context or queried. However, we will note two concerns: - systems must always give users a chance to review all answers prior to submission and allow the user to know where the data is being submitted - systems need to be very cautious about submitting forms that contain 'hidden' questions that can be auto-populated because they can allow disclosure of information without human review. These can be inoccuous (e.g. what version of the software was the data loaded from) but could also be used in an attack to extract data serrepticiously. Manual review by a technical expert (prior to approval of use of the Questionnaire) of Questionnaire versions that contain hidden auto-populated questions may be needed. Similarly, manual review of submission destinations might also be appropriate if they are not already 'trusted' destinations. The description sub-property will be removed
    • Brian Postlethwaite/Paul Lynch: 6-0-0
    • Correction
    • Non-compatible

      The Launch context extension has a binding type of example, and a type of code, so you can't indicate which system values come from, and the example set provided as some non FHIR types.

      Should this be changed to type Coding, or be a require binding, and bind to the FHIR resource types?

      (The example at the bottom of the page appears to be showing these as FHIR types, however the example user in the list doesn't fit into this set, and can't split the difference)

      Would also be good to understand how this will map into the FHIR App Launch context variables, or is that what is intended to be used here?

      Also clarification for what the description is to be used for, is that a designer note, or something that would be expected to be displayed to a user (maybe on a permissions screen somewhere?).

      There is no description or example on how to embed fhirpath in the queries (quote from the spec at section 10.3.3):

      "Prior to executing, FHIRPaths embedded in the queries (referring to elements from the questionnaire-launchContext variables) SHALL be resolved."

      This query capacity should also be available to the fhirpath engine also, however there is no note on the variable name for the query bundle to use

            Assignee:
            Lloyd McKenzie
            Reporter:
            Brian Postlethwaite
            Brian Postlethwaite
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: