Consent on FHIR

Back to Security Work Group Main Page FHIR server with the capability to enforce patient consent via a third-party authorization server (UMA) as well as enforcing overarching organizational Security Labeling Service (SLS)/Privacy Protective Service (PPS) services. The server modifies and labels the outgoing bundles on a dynamic per-request basis based on applicable patient consents as well as the overarching SLS and PPS rules (including the high-watermark label on the bundle).

• Security WG FHIR STU3 Server http://mhs.edmondsci.com:8080/fhir-uma-client-demo/
• VA ONC Patient Choice Pilot FHIR Consent UMA Connectathon

[[Image:http://wiki.hl7.org/index.php?title=File:Comparison_of_Smart_on_FHIR_and_UMA_OAuth_2.0.jpg |right|220px|Comparison of Smart on FHIR and UMA OAuth 2.0]]