FHIR CI-Build
Security and PrivacyThis is the Continuous Integration Build of FHIR (will be incorrect/inconsistent at times).
See the Directory of published versions 
| Security Work Group | Maturity Level: 1 | Standards Status: Trial Use |
This specification recommends the use of W3C Digital Signatures
or JSON Digital Signatures for digital signatures.
Resources can be signed using the Provenance resource to carry a
detached digital signature .
The Signature datatype is available to support various signature types including non-repudiation purposes.
Further details on creation and validation of Signatures are defined.
for support of Long Term signatures . The XAdES-X-L specification adds the timestamp of the signing, inclusion of the signing certificate, and statement of revocation. for support of Long Term signatures.
In addition, documents may be signed using an
enveloped
signature. A specification for enveloped signature is profiled in
the IHE DSG profile .
Neither of these definitions prohibits policies that accept the use of other ways of using digital signatures or scanned wet signatures.
Note to Implementers: The use of signatures with RESTful interfaces is a poorly understood area, and we would welcome reports of implementation experience. See discussion on use of Digital Signature in FHIR
Feedback is welcome here
FHIR ®© HL7.org 2011+. FHIR R6 hl7.fhir.core#6.0.0-cibuild generated on Thu, Jun 1, 2023 02:48+0000.
Links: Search |
Version History |
Contents |
Glossary |
QA |
Compare to R5 |
|
Propose a change