The Privacy Consent on FHIR (PCF) Profile provides support for patient privacy consents and access control where a FHIR API is used to access Document Sharing Health Information Exchanges. This profile includes both Consent profiling and access controls profiling of oAuth access token.
The last sentence of the first paragraph is confusing me. I am not able to figure out what it is trying to say.
" For example a user that would never be allowed access, would have been denied access at the IUA level, but the identity properties provided by the IUA are input to the privacy authorization decision that is the focus of PCF."
Describe the solution you'd like
Please rephrase to be more clear.
Relevant log output
No response
Priority
{"Low"=>"Typo or other minor classification that an editor can manage. Requires no group discussion."}
JohnMoehrke
commented
1 year ago
Contact Details
slagesse@epic.com
Section Number
53
What is wrong
The last sentence of the first paragraph is confusing me. I am not able to figure out what it is trying to say.
" For example a user that would never be allowed access, would have been denied access at the IUA level, but the identity properties provided by the IUA are input to the privacy authorization decision that is the focus of PCF."
Describe the solution you'd like
Please rephrase to be more clear.
Relevant log output
No response
Priority
{"Low"=>"Typo or other minor classification that an editor can manage. Requires no group discussion."}
Code of Conduct