Presentation is loading. Please wait.

Presentation is loading. Please wait.

SMART on FHIR for managed authorised access to medical records

Published byDarcy Norman Modified over 6 years ago

Similar presentations

Presentation on theme: "SMART on FHIR for managed authorised access to medical records"— Presentation transcript:

1 SMART on FHIR for managed authorised access to medical records

2 SMART Substitutable Medical Apps Reusable Technologies
Started as a US research project Boston Children’s Hospital Computational Health Informatics Program and the Harvard Medical School Department for Biomedical Informatics Open Standards Aligning with FHIR® standards development Funded by US Office of the National Coordinator US Argonaut Project:12+ funding vendors; 70+ others

3 What is SMART about? Consumers want to use info in varied ways
Health record systems are many and varied

4 SMART Apps plug-and-play; substitutable Need some things:
clinical data: format and terminology authentication/authorisation: policy, decisions appropriate access: mobile, web, integrated

5

6

7

8 Clinical Data Common API to Health Record Systems
FHIR® as common format, search Terminology and vocabulary Profiles – Argonaut, HL7 Australia Apps need data and can create data

9

10

11

12 Authentication/Authorisation
Establish security context (OAuth2) Launch an application (supply FHIR server endpoint) Locate the EHR Auth Server (Conformance) Obtain security token for FHIR server access

13

14 Launch and Metadata URL launched app (iss locates FHIR server)
FHIR Server Metadata resource (locates Auth server)

15

16 Request Authorisation
Check user is authenticated Request authorised scope of use

17

18 Redirect to App Auth server redirects to App URL location
URL is registered as a well known application Supplied code parameter to obtain token

19

20 Token Exchange POST to Auth server to obtain a security token
JSON Response: access token, granted scope, patient/user context

21 FHIR API Access GET https://ehr/fhir/Patient/123
Authorization: Bearer i8hweunweunweofiwweoijewiwe

22 GET Patient (Name, DOB, Gender)
GET Observation (LOINC Height, Weight, BMI)

23 SMART on FHIR for managed authorised access to medical records

Download ppt "SMART on FHIR for managed authorised access to medical records"

Similar presentations

SAML CCOW Work Item: Task 2

SAML CCOW Work Item: Task 2
Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.

Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.
FIspace Security Components FIspace Security Components NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem.

FIspace Security Components FIspace Security Components NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem.
SMART on FHIR Apps for Health

SMART on FHIR Apps for Health
Hannes Tschofenig (IETF#79, SAAG, Beijing). Acknowledgements I would like to thank to Pasi Eronen. I am re- using some of his slides in this presentation.

Hannes Tschofenig (IETF#79, SAAG, Beijing). Acknowledgements I would like to thank to Pasi Eronen. I am re- using some of his slides in this presentation.
0 Who Are You and What Do You Want? Working with Oauth in SharePoint 2013 Eric Shupps SharePoint MVP.

0 Who Are You and What Do You Want? Working with Oauth in SharePoint 2013 Eric Shupps SharePoint MVP.
Data Access Framework (DAF) S&I Initiative Update January 27 th, 2014 1 Leadership Team Initiative Coordinator: John Feikema ONC Sponsor: Mera Choi Technical.

Data Access Framework (DAF) S&I Initiative Update January 27 th, Leadership Team Initiative Coordinator: John Feikema ONC Sponsor: Mera Choi Technical.
A SUPPLIER PERSPECTIVE IN THE LINE OF FHIR BRINGING HEALTHCARE INTEGRATION AND APPLICATION DEVELOPMENT INTO THE 21 ST CENTURY DAVID HANCOCK | 26 TH MARCH.

A SUPPLIER PERSPECTIVE IN THE LINE OF FHIR BRINGING HEALTHCARE INTEGRATION AND APPLICATION DEVELOPMENT INTO THE 21 ST CENTURY DAVID HANCOCK | 26 TH MARCH.
GRDevDay March 21, 2015 Cloud-based Identity for Applications.

GRDevDay March 21, 2015 Cloud-based Identity for Applications.
Healthcare Services Platform Sandbox. The HSPC Sandbox https://hspc.isalusconsulting.com HSPC Sandbox Architecture : Scot Post van der Burg Asthma Ally.

Healthcare Services Platform Sandbox. The HSPC Sandbox HSPC Sandbox Architecture : Scot Post van der Burg Asthma Ally.
August 12, 20151 Meaningful Use *** UDOH Informatics Brown Bag Robert T Rolfs, MD, MPH.

August 12, Meaningful Use *** UDOH Informatics Brown Bag Robert T Rolfs, MD, MPH.
Fraser Technical Solutions, LLC

Fraser Technical Solutions, LLC
Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.

Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.
AUGUST 21, 2014 STANLEY M. HUFF, MD CHIEF MEDICAL INFORMATICS OFFICER INTERMOUNTAIN HEALTHCARE HSPC Meeting Introduction.

AUGUST 21, 2014 STANLEY M. HUFF, MD CHIEF MEDICAL INFORMATICS OFFICER INTERMOUNTAIN HEALTHCARE HSPC Meeting Introduction.
SPC204 Security Problems in SharePoint 2010 Authentication and Authorization.

SPC204 Security Problems in SharePoint 2010 Authentication and Authorization.
OAuth option for mHealth Brief Profile Proposal for 2013/14 presented to the IT Infrastructure Planning Committee R Horn (Agfa Healthcare)

OAuth option for mHealth Brief Profile Proposal for 2013/14 presented to the IT Infrastructure Planning Committee R Horn (Agfa Healthcare)
Overview for IHE The MITRE Corporation. Overview hData was originally developed by The MITRE Corporation – Internal R&D – Focus on simplifying Continuity.

Overview for IHE The MITRE Corporation. Overview hData was originally developed by The MITRE Corporation – Internal R&D – Focus on simplifying Continuity.
Survey of Identity Repository Security Models JSR 351, Sep 2012.

Survey of Identity Repository Security Models JSR 351, Sep 2012.
SIP OAuth Rifaat Shekh-Yusef IETF 90, SIPCore WG, Toronto, Canada July 21, 2014 1.

SIP OAuth Rifaat Shekh-Yusef IETF 90, SIPCore WG, Toronto, Canada July 21,
Sanzi-1 CSE5 810 CSE5810: Intro to Biomedical Informatics Dynamically Generated Adaptive Credentials for Health Information Exchange Eugene Sanzi.

Sanzi-1 CSE5 810 CSE5810: Intro to Biomedical Informatics Dynamically Generated Adaptive Credentials for Health Information Exchange Eugene Sanzi.

Similar presentations

Ads by Google