This page is part of the FHIR Data Segmentation for Privacy (v0.3.0: STU 1 Ballot 3) based on FHIR R4. . For a full list of available versions, see the Directory of published versions

Security and Privacy Considerations

This IG covers Security Label tagging, which supports, but is not sufficient to assure all aspects of FHIR security and privacy and the label or the labeled information in a policy-specific profile of this IG. Typically, the information in scope for this IG is patient sensitive, however, his IG could be profiled for use with non-patient information such as population health or business information.

Since the purpose of security labels is typically to convey a policy safeguarding the confidentiality of labeled information, in most situations, the security label itself is sensitive, and must be protected from unauthorized access. For example, if the label indicates that the information requires confidentiality protection, and that the labeled information is deemed sensitive under a privacy-protective policy, disclosing the label can reveal why the information is labeled. For this reason, the meta.security portion of a Resource should have the same protection as the labeled information (e.g., encryption in motion and at rest).

This IG SHOULD be used in combination with a Privacy and Security Framework and risk assessment based on the FHIR Security Module which provides guidance on Communications, Authentication, Authorization, Privacy Consent, Audit Logging, Provenance, etc.

This IG is policy-agnostic, but any policy-specific profile of this IG should include policy compliance statements relevant to applicable policies and laws.