This page is part of the Protocols for Clinical Registry Extraction and Data Submission (CREDS) IG (v1.0.0: STU1) based on FHIR R4. This is the current published version. For a full list of available versions, see the Directory of published versions
The logical models used for creating the submission definition will be, at most, Business Sensitive. Most should be Anonymous Read as they represent data needs, not patient data.
The submission map will have specific patient identifying information including Name and/or MRN and should be classified Patient Sensitive and all interchange should use TLS 1.2 or greater encryption following BCP 195. The final Bundle of patient resources with completed patient data is Patient Sensitive and should be treated as should be done with PHI.
In some cases, the use of this data may require user authentication for purposes unrelated to the sensitivity of the data.
Given this assessment, the main Security Considerations are focused on:
The maintenance of the data on the client or server is not specified in this implementation guide. Security considerations must be applied in systems design to assure that the data is appropriately protected from inappropriate use and modification.
Given that the use-case for this implementation guide is to support Registry reporting, the use of client context PurposeOfUse of PUBHLTH is recommended.
The use of data returned by this API should be limited to the Public Health use-case. Re-purposing the data for other uses, such as re-identification, should be considered a violation of the API intention.
The setting of the PurposeOfUse to PUBHLTH may be addressed through policy agreements and thus not communicated in the API communications.