The HEART workgroup has developed three profiles that have been stable since April. They now want these formally reviewed for comments, with the expectation that this will result in a vote for approval as "Implementers Draft" status (equivalent to IHE "Trial Implementation", and HL7 "Draft Standard for Trial Use"). The three profiles that are ready for review for comment and approval are:
These have been stable since April, so they have been available for comment for 7 months. The specific call right now is to get these closed out as Implementer Draft status in two to three weeks. So now is the time to look at them if you have not yet looked at them. If you have looked at them, then now is the time to comment.
To get involved go to the HEART home and follow the instructions: https://openid.net/wg/heart/
HEART scopes
Might be useful to have scopes that are more broad? Might be useful to have scopes that are considering DICOM WADO/QIDO?
Clearly this will enhance the scopes beyond the fixed list in the scopes profile.
Also, See my blog on FHIR Security initiatives
- HEART profile for OAuth 2.0.
- HEART profile for OpenID Connect.
- HEART profile for User-Managed Access (UMA).
These have been stable since April, so they have been available for comment for 7 months. The specific call right now is to get these closed out as Implementer Draft status in two to three weeks. So now is the time to look at them if you have not yet looked at them. If you have looked at them, then now is the time to comment.
How to Comment and get involved
Please get involved, this is an important effort to the advancement of healthcare user authentication, authorization, privacy, and security. This work is critical to success of FHIR, and usable for any HTTP (RESTful) efforts in healthcare.To get involved go to the HEART home and follow the instructions: https://openid.net/wg/heart/
HEART scopes
- HEART profile for Fast Healthcare Interoperability Resources (FHIR) OAuth 2.0 scopes.
Might be useful to have scopes that are more broad? Might be useful to have scopes that are considering DICOM WADO/QIDO?
Future HEART
There is continuing work going on in the HEART workgroup. So please don't look to these three profiles as the only work from HEART. They are actually work finished 6 months or more ago. The effort today is on defining patient managed authorizations, such as consent as controlled by the patient themselves.Clearly this will enhance the scopes beyond the fixed list in the scopes profile.
Also, See my blog on FHIR Security initiatives