Hybrid / Intermediary Exchange, published by HL7 International - FHIR Infrastructure. This is not an authorized publication; it is the continuous build for version 0.1.0). This version is based on the current content of https://github.com/HL7/fhir-exchange-routing-ig/ and changes regularly. See the Directory of published versions
Note: This section contains conformance requirements, noted with “SHALL”, “SHOULD” and “MAY”.
The Pass-Through Security approach defines the interaction between the initiator and the destination, with minimal involvement of the intermediary. As described below, it supports this implementation guide’s passive intermediary model. It may also be suitable for other models where the intermediary plays a more active role in serving or modifying the returned content.
Communication security SHALL conform with the guidelines stated in FHIR Security.
When using TLS:
In this exchange model, trust is negotiated or established solely between the originator and destination. The destination SHALL determine whether it trusts the originator or not; any intermediaries involved in the exchange SHALL play a passive, “pass through” role in the process.
Required behavior:
The FHIR IG referenced below is currently in ballot reconciliation and has not yet been published by HL7. This reference will be updated to the published version of the referenced security guide prior to this guide's publication
Implementers MAY adopt UDAP workflows for client registration, authentication and authorization as described in the HL7 / UDAP Security for Scalable Registration, Authentication, and Authorization FHIR Implementation Guide
Implementers of this guide SHOULD follow core FHIR security principles and protect patient privacy as described in the FHIR Security and Privacy Module which:
The FHIR security specification is available here.