SHIFT SLS Reference Implementation Guide
0.1.0 - ci-build International flag

SHIFT SLS Reference Implementation Guide, published by SHIFT-Task-Force. This guide is not an authorized publication; it is the continuous build for version 0.1.0 built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/SHIFT-Task-Force/sls-ri-ig/ and changes regularly. See the Directory of published versions

CapabilityStatement: SLS FHIR Server Capability Statement (Experimental)

Official URL: http://SHIFT-Task-Force.github.io/sls-ri/CapabilityStatement/fhir-sls-server Version: 0.1.0
Draft as of 2026-02-05 Computable Name: FHIRSecurityLabelingServiceCapabilityStatement

Capability Statement describing the FHIR Security Labeling Service (SLS) reference implementation. This service analyzes FHIR resources for sensitive information and applies appropriate security labels based on ValueSet-defined rules.

Raw OpenAPI-Swagger Definition file | Download

FHIR Security Labeling Service - Server Capability Statement

  • Implementation Guide Version: 0.1.0
  • FHIR Version: 4.0.1
  • Supported Formats: application/fhir+json, json
  • Published on: 2026-02-05
  • Published by: SHIFT-Task-Force

Note to Implementers: FHIR Capabilities

Any FHIR capability may be 'allowed' by the system unless explicitly marked as 'SHALL NOT'. A few items are marked as MAY in the Implementation Guide to highlight their potential relevance to the use case.

FHIR RESTful Capabilities

Mode: server

FHIR Security Labeling Service providing operations to process ValueSets defining sensitive topics and to analyze resources for security labeling.

Security
Enable CORS: yes
Security services supported:

This is a reference implementation with CORS enabled. Production deployments should implement appropriate authentication and authorization.

Summary of System-wide Operations
ConformanceOperationDocumentation
SHALL$sls-load-valuesets

Processes a Bundle containing ValueSet resources to establish security labeling rules. Supports ValueSets with multiple topic codes via topic[] or useContext[].focus. If a ValueSet lacks an expansion, it will be expanded using tx.fhir.org.

SHALL$sls-tag

Analyzes a Bundle of clinical resources and applies security labels based on loaded ValueSets. Supports two modes: 'batch' (modified resources only) and 'full' (all resources, preserving Bundle structure). Applies confidentiality code 'R' and topic-specific labels to matching resources.