This page is part of the FHIR Specification (v3.0.2: STU 3). The current version which supercedes this version is 5.0.0. For a full list of available versions, see the Directory of published versions . Page versions: R5R4BR4R3
This specification defines data elements, resources, formats, methods and APIs for
exchanging healthcare data between different participants in the healthcare process.
As such, Clinical Safety is a key concern with regard to the specification and its many and various
implementations.
STU Note: This page, and the concept of safety in an API specification, needs further development.
FHIR is as simple to implement as we know how to make it. However, due to the nature of
healthcare, and healthcare processes, and cultural concerns, there are a number of features in
FHIR that implementers are obliged to consider in order to implement safe systems.
This section is a check list to help implementers be sure that they've considered all the parts
of FHIR that impact on their system design with regard to safety.
Production exchange of patient or other sensitive data will always use some form of encryption on the wire
For each resource that my system handles, I've reviewed the Modifier elements
My system ensures that system clocks are synchronised using a protocol like NTP or SNTP, or my server is robust against clients that have the wrong clock set
My system ensures checks for patient links (and/or merges) and handles data that is linked to patients accordingly
Obviously this list is only a small part of the overall safety check list for an application, which will have checks regarding jurisdictionally mandated policies, internal integrity, etc.
In addition, server developers should check these specific additional checks for client convenience: