National Healthcare Directory Exchange
1.0.0-ballot - ballot United States of America flag

National Healthcare Directory Exchange, published by HL7 Patient Administration Working Group. This is not an authorized publication; it is the continuous build for version 1.0.0-ballot). This version is based on the current content of https://github.com/HL7/fhir-directory-exchange/ and changes regularly. See the Directory of published versions

Security

The following are the security considerations that implementers should follow:

  • All implementers of FHIR servers and clients should pay attention to FHIR Security considerations.
  • In addition to the FHIR Security considerations, the VhDir requests need to contain specific information about National Healthcare Directory client identity and organization information.
  • Providing this information using FHIR Search APIs is very cumbersome and is not necessary. This kind of information can be collected by the VhDir Authorization Server during application registration and avoid repeating the information on each request.
  • These mechanisms are outlined in detail in the SMART Backend Services Authorization Guide.

The following are security conformance requirements for VhDir actors:

  • National Healthcare Directory actors SHALL use the SMART Backend Services Authorization Guide to collect the necessary requestor information appropriate for making the VhDir data request.
  • National Healthcare Directory actors SHALL reference a single time source to establish a common time base for security auditing across the system.
  • National Healthcare Directory actors SHALL use the AuditEvent resource to capture audit logs of the various transactions. VhDir actors SHOULD capture as many AuditEvent resource data elements as appropriate based on requirements of FHIR Audit Logging and local policies.
  • National Healthcare Directory transactions SHALL use TLS version 1.2 or higher to secure the transmission channel unless the transmission is taking place over a more secure network.(Using TLS even within a secured network environment is still encouraged to provide defense in depth.) US Federal systems implementing VhDir actors SHOULD conform with FIPS PUB 140-2.
  • National Healthcare Directory actors SHALL conform to FHIR Communications requirements.
  • National Healthcare Directory actors SHOULD retain Provenance information using the FHIR Provenance resource.

The following are security conformance requirements for the overall program/system:

  • National Healthcare Directory implementers SHOULD establish a risk analysis and management regime that conforms with HIPAA security regulatory requirements. In addition, implementers in the US Federal systems SHOULD conform with the risk management and mitigation requirements defined in NIST 800 series documents. This SHOULD include security category assignment in accordance with NIST 800-60 vol. 2 Appendix D.14. The coordination of risk management and the related security and privacy controls – policies, administrative practices, and technical controls – SHOULD be defined in the Business Associate Agreements.

  • The time service used for auditing SHOULD be documented in the Business Associate Agreements.