Loading...

Item:operations-top-level MoreItem:operations-workItem:greenhopper_issue...Item:operations-archiveItem:operations-attach...Item:operations-votesw...Item:operations-subtasksItem:devstatus-cta-listItem:operations-operat...Item:operations-deleteItem:operations-manual...
Resolved - No Change
AdminItem:operations-fieldsItem:operations-admin-...
Item:operations-restore

XML

Word

Printable

JSON

Type: Change Request
Resolution: Not Persuasive
Priority: Medium

Specification:

FHIR Core (FHIR)
Raised in Version:

DSTU1 [deprecated]
Work Group:

FHIR Infrastructure
Related URL:
http://hl7.org/fhir/2015May/http.html#history
Related Page(s):

REST (http)
Resolution Description:

Hide

see disposition on 8165

Show
see disposition on 8165
Resolution Vote:
James Agnew / Grahame Grieve: 4-0-0
Change Category:
Enhancement

Proposed Wording: Add something like: Only authorized systems/user will be allowed to review the history of changes for the server.

Comment:

This operation needs additional explicit caveats to protect unauthorized.

We need to explain precisely how the security guidance should be applied to this *specific" operation including the use of Consent and Provenance to make access control decisions. (http://hl7.org/fhir/2015May/security.html) including consent to make sure only authorized systems an users are viewing, changing, updating, or reviewing the update history of a resource.

is voted on by

BALLOT-1968 Affirmative - James Kretz : 2015-May-FHIR SDC R1

Closed

Item:com.atlassian.jira.jira-view-issue-plugin:linkingmodule/header

Panel: location:atl.jira.view.issue.left.context

Assignee:: Unassigned
Reporter:: jim_kretz
Watchers:: 2 Start watching this issue

Created:: 2015-05-09 08:18
Updated:: 2019-11-28 01:23
Resolved:: 2018-03-03 03:44
Vote Date:: 2015-07-29

Panel: location:atl.jira.view.issue.right.context

Details

Description

Attachments

Issue Links

Activity

Temp:atl.jira.view.issue.left.context

People

Dates

Temp:atl.jira.view.issue.right.context