A conformance statement is a set of requirements for a desired implementation or a description of how a target application fulfills those requirements in a particular implementation.

The uri that is used to identify this conformance statement when it is referenced in a specification, model, design or an instance (should be globally unique URI, and an be urn:uuid: or urn:oid:).

The identifier that is used to identify this version of the conformance statement when it is referenced in a specification, model, design or instance. This is an arbitrary value managed by the profile author manually and the value should be a timestamp.

There may be multiple different instances of a conformance statement that have the same identifier but different versions.

A free text natural language name identifying the conformance statement.

The name is not expected to be globally unique.

The name of the individual or organization that published the conformance.

Helps establish the "authority/credibility" of the conformance. May also allow for contact.

Usually an organization, but may be an individual. This item SHOULD be populated unless the information is available from context.

Contacts to assist a user in finding and communicating with the publisher.

May be a web site, an email address, a telephone number (tel:), etc.

The name of an individual to contact regarding the conformance.

If there is no named individual, the telecom is for the organization as a whole.

Contact details for individual (if a name was provided) or the publisher.

A free text natural language description of the conformance statement and its use. Typically, this is used when the profile describes a desired rather than an actual solution, for example as a formal expression of requirements as part of an RFP.

This field cmay include the purpose of this conformance statement, comments about its context etc. This does not need to be populated if the description is adequately implied by the software or implementation details.

Explains why this conformance statement is needed and why it's been constrained as it has.

This element does not describe the usage of the conformance statement (that's done in comments), rather it's for traceability of why the element is either needed or why the constraints exist as they do. This may be used to point to source materials or specifications that drove the structure of this data element.

A copyright statement relating to the conformamce statement and/or its contents. Copyright statements are generally legal restrictions on the use and publishing of the details of the system described by the conformance statement.

The status of this conformance statement.

This is not intended for use with actual conformance statements, but where conformance statements are used to describe possible or desired systems.

A flag to indicate that this conformance statement is authored for testing purposes (or education/evaluation/marketing), and is not intended to be used for genuine usage.

Allows filtering of conformance statements that are appropriate for use vs. not.

The date (and optionally time) when the conformance statement was published.

Software that is covered by this conformance statement. It is used when the profile describes the capabilities of a particular software version, independent of an installation.

Name software is known by.

The version identifier for the software covered by this statement.

If possible, version should be specified, as statements are likely to be different for different versions of software.

Date this version of the software released.

Identifies a specific implementation instance that is described by the conformance statement - i.e. a particular installation, rather than the capabilities of a software program.

Information about the specific installation that this conformance statement relates to.

A base URL for the implementation. This forms the base for REST interfaces as well as the mailbox and document interfaces.

The version of the FHIR specification on which this conformance statement is based.

A flag that indicates whether the application accepts unknown elements as part of a resource.

This is not about extensions, but about unknown elements in a resource - these can only arise as later versions of the specification are published, because this is the only place where such elements can be defined. Hence this element is about inter-version compatibility.

A list of the formats supported by this implementation.

"xml" or "json" are allowed, which describe the simple encodings described in the specification (and imply appropriate bundle support). Otherwise, mime types are legal here.

A list of profiles supported by the system. For a server, "supported by the system" means the system hosts/produces a set of resources, conformant to a particular profile, and allows its clients to search using this profile and to find appropriate data. For a client, it means the system will search by this profile and process data according to the guidance implicit in the profile.

Supported profiles are different to the profiles that apply to a particular resource in rest.resource.profile. The resource profile is a general statement of what features of the resource are supported overall by the system - the sum total of the facilities it supports. A supported profile is a deeper statement about the functionality of the data and services provided by the server (or used by the client). A typical case is a laboratory system that produces a set of different reports- this is the list of types of data that it publishes. A key aspect of declaring profiles here is the question of how the client converts knowledge that the server publishes this data into working with the data; the client can inspect individual resources to determine whether they conform to a particular profile, but how does it find the ones that does? It does so by searching using the profile parameter, so any resources listed here must be valid values for the profile resource (using the identifier in the target profile).

Typical supported profiles cross resource types to describe a network of related resources, so they are listed here rather than by resource. However they do not need to describe more than one resource.

A definition of the restful capabilities of the solution, if any.

Multiple repetitions allow definition of both client and / or server behaviors or possibly behaviors under different configuration settings (for software or requirements statements).

Identifies whether this portion of the statement is describing ability to initiate or receive restful operations.

Information about the system's restful capabilities that apply across all applications, such as security.

Information about security of implementation.

Server adds CORS headers when responding to requests - this enables javascript applications to use the server.

The easiest CORS headers to add are Access-Control-Allow-Origin: * & Access-Control-Request-Method: GET, POST, PUT, DELETE.

Types of security services are supported/required by the system.

General description of how security works.

Certificates associated with security profiles.

Mime type for certificate.

Actual certificate.

A specification of the restful capabilities of the solution for a specific resource type.

Max of one repetition per resource type.

A type of resource exposed via the restful interface.

A specification of the profile that describes the solution's support for the resource, including any constraints on cardinality, bindings, lengths or other limitations.

The profile applies to all resources of this type - i.e. it is the superset of what is supported by the system.

Identifies a restful operation supported by the solution.

Coded identifier of the operation, supported by the system resource.

Guidance specific to the implementation of this operation, such as 'delete is a logical delete' or 'updates are only allowed with version id' or 'creates permitted from pre-authorized certificates only'.

REST allows a degree of variability in the implementation of RESTful solutions that is useful for exchange partners to be aware of.

Thi field is set to true to specify that the system does not support (server) or use (client) versioning for this resource type. If this is not set to true, the server must at least correctly track and populate the versionId meta-property on resources.

If a server supports versionIds correctly, it should support vread too, but is not required to do so.

A flag for whether the server is able to return past versions as part of the vRead operation.

It is useful to support the vRead operation for current operations, even if past versions aren't available.

A flag to indicate that the server allows the client to create new identities on the server. If the update operation is used (client) or allowed (server) to a new location where a resource doesn't already exist. This means that the server allows the client to create new identities on the server.

Allowing the clients to create new identities on the server means that the system administrator needs to have confidence that the clients do not create clashing identities between them. Obviously, if there is only one client, this won't happen. While creating identities on the client means that the clients need to be managed, it's much more convenient for many scenarios.

A flag that indicates that the server supports conditional create.

Conditional Create is mainly appropriate for interface engine scripts converting from other formats, such as v2.

A flag that indicates that the server supports conditional update.

Conditional Update is mainly appropriate for interface engine scripts converting from other formats, such as v2.

A flag that indicates that the server supports conditional delete.

Conditional Delete is mainly appropriate for interface engine scripts converting from other formats, such as v2.

A list of _include values supported by the server.

If this list is empty, the server does not support includes.

Search parameters for implementations to support and/or make use of - either references to ones defined in the specification, or additional ones defined for/by the implementation.

The name of the search parameter used in the interface.

Parameter names cannot overlap with standard parameter names, and standard parameters cannot be redefined.

A formal reference to where this parameter was first defined, so that a client can be confident of the meaning of the search parameter.

This SHOULD be present, and matches SearchParameter.url.

The type of value a search parameter refers to, and how the content is interpreted.

While this can be looked up from the definition, it is included here as a convenience for systems that auto-generate a query interface based on the server conformance statement. It SHALL be the same as the type in the search parameter definition.

This allows documentation of any distinct behaviors about how the search parameter is used. For example, text matching algorithms.

Types of resource (if a resource is referenced).

This SHALL be the same as or a proper subset of the resources listed in the search parameter definition.

Chained names supported.

A specification of restful operations supported by the system.

A coded identifier of the operation, supported by the system.

Guidance specific to the implementation of this operation, such as limitations on the kind of transactions allowed, or information about system wide search is implemented.

Definition of an operation or a named query and with its parameters and their meaning and type.

The name of a query, which is used in the _query parameter when the query is called.

The name here SHOULD be the same as the name in the definition, unless there is a name clash and the name cannot be used.

Where the formal definition can be found.

This can be used to build ah HTML form to invoke the operation, for instance.

A list of profiles that this server implements for accepting documents in the mailbox. If this list is empty, then documents are not accepted. The base specification has the profile identifier "http://hl7.org/fhir/documents/mailbox". Other specifications can declare their own identifier for this purpose.

If a server accepts messages on the /Mailbox end-point, it declares this in the messaging elements.

A description of the messaging capabilities of the solution.

Multiple repetitions allow the documentation of multiple endpoints per solution.

An address to which messages and/or replies are to be sent.

For solutions that do not use network addresses for routing, it can be just an identifier.

Length if the receiver's reliable messaging cache in minutes (if a receiver) or how long the cache length on the receiver should be (if a sender).

If this value is missing then the application does not implement (receiver) or depend on (sender) reliable messaging.

Documentation about the system's messaging capabilities for this endpoint not otherwise documented by the conformance statement. For example, process for becoming an authorized messaging exchange partner.

A description of the solution's support for an event at this end point.

The same event may be listed up to two times - once as sender and once as receiver.

A coded identifier of a supported messaging event.

The impact of the content of the message.

The mode of this event declaration - whether application is sender or receiver.

A list of the messaging transport protocol(s) identifiers, supported by this endpoint.

A resource associated with the event. This is the resource that defines the event.

This SHALL be provided if the event type supports multiple different resource types.

Information about the request for this event.

Information about the response for this event.

Guidance on how this event is handled, such as internal system trigger points, business rules, etc.

A document definition.

Mode of this document declaration - whether application is producer or consumer.

A description of how the application supports or uses the specified document profile. For example, when are documents created, what action is taken with consumed documents, etc.

A constraint on a resource used in the document.

The first resource is the document resource.