1 / 2

HIE on FHIR ( high level )

HIE on FHIR ( high level ). Patient. Out of Band: UMA Protection Flow: UMA Authz . Flow: Data Access Flow:. 3. Set Resource Authz Policy. GUI. Patient’s Authorization Server. GUI. Protection API. Authorization API. 0. CDMS. Submit CD. 7. 2.

Download Presentation

HIE on FHIR ( high level )

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. HIE on FHIR (high level) Patient Out of Band: UMA Protection Flow: UMA Authz. Flow: Data Access Flow: 3 Set Resource Authz Policy GUI Patient’s Authorization Server GUI Protection API Authorization API 0 CDMS Submit CD 7 2 Provide Claims and Acquire Authz Token Register Resources and Scopes Requesting Org Provider Org Protection client Authorization client 1 Authz API Request for Data 4 8 Authz Token + Request for Data Approve CD Resource server Resource server Redirect to Patient AS 6 End-user FHIR API FHIR API ACS/PPS Labelled/Segmented Data 10 5 ACS/PPS 9 Scheduling System (read-ahead & cache) Check Overarching Policies Verify Token Invoke Labeling Service

  2. HIE on FHIR (detail) Patient Out of Band: UMA Protection Flow: UMA Authz. Flow: Data Access Flow: 3 Set Resource Authz Policy GUI 7 2 Patient’s Authorization Server Potential Claims Flow GUI Protection API Authorization API CDMS 0 a Submit CD b AAT a c 4 AAT a Acquire Authorization Access Token (AAT) Acquire Protection Access Token (PAT) Request Requesting Party Token (RPT) b a Issue and send RPT c Claims RPT PAT Register Resources & Scopes Acquire Access Token (AT) b a Request for Data b Requesting Org. Provider Org. b Authorization client PAT Protection client Authz API Resource server AT 1 a Resource server Request for Data + Authz Token 8 Approve CD Redirect to Patient AS 6 b ACS/PPS AT RPT FHIR API End-user FHIR API Labelled/Segmented Data AT 10 ACS/PPS 9 5 Scheduling System (read-ahead & cache) Check Overarching Policies Verify Tokens OAuth Protected Invoke Labeling Service

More Related