Rhapsody Health Solutions Team

How is Authentication Handled Using FHIR?

June 29, 2015

Video Thumbnail


How can you control external data access to information about specific patients? 

Answer from HL7 FHIR Governance Board Co-Chair and Corepoint Health CTO Dave Shaver:

Although the expectations in the marketplace are that FHIR is going to solve many of these issues of inter-facility communications – and we hope to eventually do exactly that – we’ve got a long way to go in terms of authentication and access profiles.

So even in today’s world, when I present as a caregiver, for example, there’s a profile that controls my access to the data that’s sitting inside. So I may not have access to particular types of lab results or to mental health data. Those same models need to apply if we’re pulling data out. Whether this is the Continuity of Care Document or whether it’s a FHIR API that allows me to access the data directly, the same problems remain of plagiarizing the data and controlling access to that data through auditing.

A parallel question is: ‘How do caregivers know they can trust the data that has been inserted into an application?’

So it’s not only, ‘Am I allowed to see it?’ But also when the data is input, ‘What is the providence of that data?’ ‘Is the data something that another user at my institution pushed into this database or was it a user at a remote location?’ Or even more interesting, of course, is, ‘What if the patient themselves pushed the data into a personal health record from their Fitbit?’

If caregivers will be augmenting the clinical record, they need to know where the data came from.



Related Blogs

Generative AI, semantic interoperability, precision medicine and other themes from HIMSS23

Evgueni Loukipoudis

Generative AI, semantic interoperability, precision medicine, and other themes from HIMSS23

Read our key takeaways from HIMSS23, including perspectives on artificial intelligence, semantic interoperability, and patient matching.

Read more

Brie Hilgers

Health equity hinges on healthy data

Access to clean, actionable data is the key to health equity initiatives. Data integration, normalization of terminology, and data enrichment enable healthcare leaders to more accurately evaluate the social, economic, and physical environments that impact a person’s health.

Read more

Rhapsody Health Solutions Team

FHIR vs. HL7: We explain the key differences

This article offers a deep dive into the differences between HL7 and FHIR to help industry insiders and newcomers understand how healthcare standards have evolved over time and what’s on the horizon.

Read more