This page is part of the Da Vinci Unsolicited Notifications (v0.2.0: STU 1 Ballot 1) based on FHIR R4. The current version which supercedes this version is 1.0.0. For a full list of available versions, see the Directory of published versions 
Security and Privacy
In order to be responsible stewards of data, we will need to follow the data governance laws around sensitive conditions. Sensitive conditions are defined to support masking of clinical data that protects consumer’s privacy and are subject to special disclosure rules which govern the distribution of data to external parties.
The FHIR Security and Privacy Module describes how to protect a patients privacy through de-Identification, pseudonymization, anonymization. FHIR does not mandate a single technical approach to security and privacy; rather, the specification provides a set of building blocks that can be applied to create secure, private systems.
The DaVinci project is actively seeking input on security approaches and expectations for authentication and authorization between Senders and Receivers of sensitive patient data (e.g., will TLS, mutual-TLS, OAuth, etc. be required to interoperate?). There are several implementation guides and ongoing initiatives to address these issues including:
- FHIR Data Segmentation for Privacy project
- SMART Application Launch Framework Implementation Guide Release 1.0.0
- FHIR Bulk Data Access (Flat FHIR) (specifically: SMART Backend Services: Authorization Guide)
- FHIR at Scale Taskforce (FAST)
- Dynamic Registration for SMART Apps
Once an approach has been agreed upon, it will be documented in the the Da Vinci Health Record Exchange (HRex) Implementation Guide.
