This page is part of the FHIR Specification (v3.3.0: R4 Ballot 2). The current version which supercedes this version is 5.0.0. For a full list of available versions, see the Directory of published versions . Page versions: R5R4BR4R3
This specification defines data elements, resources, formats, methods and APIs for
exchanging healthcare data between different participants in the healthcare process.
As such, Clinical Safety is a key concern with regard to the specification and its many and various
implementations.
STU Note: This page, and the concept of safety in an API specification, needs further development.
FHIR is as simple to implement as we know how to make it. However, due to the nature of
healthcare, and healthcare processes, and cultural concerns, there are a number of features in
FHIR that implementers are obliged to consider in order to implement safe systems.
This section is a check list to help implementers be sure that they've considered all the parts
of FHIR that impact on their system design with regard to safety.
Production exchange of patient or other sensitive data will always use some form of encryption on the wire
For each resource that my system handles, I've reviewed the Modifier elements
My system ensures that system clocks are synchronized using a protocol like NTP or SNTP, or my server is robust against clients that have the wrong clock set
My system ensures checks for patient links (and/or merges) and handles data that is linked to patients accordingly
My system checks for timezones, and adjusts times appropriately. (note: timezones are extremely difficult to get correct - see W3C Timezone Advice , and note that some fields should be timezone corrected, and others should not be)
My system renders dates safely for changes in culture and language (the date formats D-M-Y and M-D-Y are not differentiated for many dates, and this is a well known source of confusion. Systems should use the month name, or otherwise be specific for each date when rendering, unless
there is solid confidence that such confusion cannot arise, even in the future when information/narrative from resources will be shared much more widely)
Obviously this list is only a small part of the overall safety check list for an application, which will have checks regarding jurisdictionally mandated policies, internal integrity, etc.
In addition, server developers should check these specific additional checks for client convenience:
Server: CORS (cross-origin resource sharing ) is appropriately enabled (many clients are Javascript apps running in a browser)
JSON is supported (many clients are Javascript apps running in a browser; XML is inconvenient at best)
JSON is returned correctly when errors happen (clients often don't handle HTML errors well)
The _format header is supported correctly
Errors are trapped and an OperationOutcome returned