US Prescription Drug Monitoring Program (PDMP), published by HL7 International / Pharmacy. This guide is not an authorized publication; it is the continuous build for version 1.0.0 built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/HL7/fhir-pdmp/ and changes regularly. See the Directory of published versions

Security

Security Considerations for Operations and Messaging

In each of the exchanges described in this guide, the PDMP Requester SHALL provide proof of authorization. PDMP Requester and PDMP Responder systems SHOULD implement OAuth 2.0 access management in accordance with the SMART Backend Services: Authorization Guide, as the exchanges in this guide do not require user access authorization and may run autonomously.

Security Considerations for CDS Hooks and SMART on FHIR Apps

Provider Systems and REMS Administrators SHALL follow security guidance defined in…

• the CDS Hooks Security and Safety section
• the SMART App Launch Implementation Guide.

Other Security Considerations

In addition, implementers are expected to…

• follow core FHIR security principles.

• protect patient privacy as described in FHIR Security and Privacy Considerations.