This page is part of the FHIR Specification (v1.0.2:
DSTU 2). The current version which supercedes this version is 4.3.0. For a full list of available versions, see the Directory of published versions
126.96.36.199 Implementer's Safety Check List
FHIR is as simple to implement as we know how to make it. However, due to the nature of
healthcare, and healthcare processes, and cultural concerns, there are a number of features in
FHIR that implementers are obliged to consider in order to implement safe systems.
This section is a check list to help implementers be sure that they've considered all the parts
of FHIR that impact on their system design with regard to safety.
Production exchange of patient or other sensitive data will always use some form of encryption on the wire
For each resource that my system handles, I've reviewed the Modifier elements
My system checks for modifierExtension elements
My system supports elements labelled as "must-support" in the profiles that apply to my system
For each resource that my system handles, my system handles the full Life cycle (status codes, currency issues, and erroneous entry status)
My system can render narratives properly (where they are used)
My system has documented how distributed resource identification works in its relevant contexts of use, and where (and why) contained resources are used
My system manages lists of current resources correctly
My system makes the right Provenance statements and AuditEvent logs, and uses the right security labels where appropriate
My system checks that the right Patient consent has been granted (where applicable)
When other systems return http errors from the RESTful API and Operations (perhaps using Operation Outcome), my system checks for them and handles them appropriately
My system publishes a conformance statement with StructureDefinitions, ValueSets, and OperationDefinitions, etc., so other implementers know how the system functions
Obviously this list is only a small part of the overall safety check list for an application, which will have checks regarding jurisdictionally mandated policies, internal integrity, etc.