Personal Health Records
1.0.0-ballot2 - STU 1 ballot
Personal Health Records
1.0.0-ballot2 - STU 1 ballot
Personal Health Records, published by HL7 International / Patient Empowerment. This guide is not an authorized publication; it is the continuous build for version 1.0.0-ballot2 built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/HL7/personal-health-record-format-ig/ and changes regularly. See the Directory of published versions
| Page standards status: Informative |
Security and trust infrastructure for personal health records involves authentication, authorization, access control, audit logging, and secure data exchange. The PHR-S Functional Model defines a comprehensive Trust Infrastructure (TI) section covering these concerns. This page maps those requirements to relevant FHIR implementation guides and specifications.
PHR systems conforming to this IG SHOULD implement the following security specifications:
| Security Concern | FHIR Implementation Guide | Usage |
|---|---|---|
| App authorization | SMART App Launch | OAuth 2.0-based authorization for apps accessing FHIR data |
| Identity verification | UDAP Security | Unified Data Access Profiles for scalable identity trust |
| Audit logging | FHIR AuditEvent | Logging access, disclosure, and modification events |
| Consent management | FHIR Consent | Patient-directed access control and consent directives |
| Data integrity | FHIR Provenance | Tracking data origin, authorship, and chain of custody |
| Transport security | FHIR Security Module | TLS, signatures, and general security guidance |
For file-based exchange using the .sphr format, see also the Data Provenance and Security section in Record Keeping, which covers signing, encryption, and trust mechanisms for PHR files.
The following table lists the Trust Infrastructure (TI) section headings from the PHR-S Functional Model. Implementors are encouraged to download the associated PDF for detailed requirements.
| Section | Header Name |
|---|---|
| TI.1 | Security |
| TI.1.1 | Entity Authentication |
| TI.1.2 | Entity Authorization |
| TI.1.3 | Entity Access Control |
| TI.1.4 | Patient Access Management |
| TI.1.5 | Non-Repudiation |
| TI.1.6 | Secure Data Exchange |
| TI.1.7 | Secure Data Routing |
| TI.1.8 | Patient Privacy and Confidentiality |
| TI.1.9 | System Operation Measurements |
| TI.1.10 | Service Availability |
| TI.1.11 | Trusted Information Exchange Environment |
| TI.2 | Audit |
| TI.2.1 | Audit Triggers |
| TI.2.2 | Audit Log Management |
| TI.2.3 | Audit Notification and Review |
| TI.3 | Registry and Directory Services |
| TI.4 | Standard Terminology and Terminology Services |
| TI.5 | Standards-Based Interoperability |
| TI.6 | Business Rules Management |
| TI.7 | Workflow Management |
| TI.8 | Database Backup and Recovery |
| TI.9 | System Management Operations and Performance |
| TI.10 | Standard or Preferred Clinical Models and Clinical Model Services |
IG © 2022+ HL7 International / Patient Empowerment.
Package hl7.fhir.uv.phr#1.0.0-ballot2 based on FHIR 4.0.1.
Generated
2026-01-30
Links: Table of Contents |
QA Report
| Version History |
|
Propose a change