This page is part of the Specialty Medication Enrollment (v2.0.0: STU2) based on FHIR R4. This is the current published version. For a full list of available versions, see the Directory of published versions
In each of the exchanges described in this guide, the client SHALL provide proof of authorization. Data Source and Data Consumer systems SHOULD implement OAuth 2.0 access management in accordance with the SMART Backend Services: Authorization Guide, as the exchanges in this guide do not require user access authorization and may run autonomously.
In addition, implementers are expected to…
follow core FHIR security principles.
protect patient privacy as described in FHIR Security and Privacy Considerations.