Publication Build: This will be filled in by the publication tooling

Security

FHIR does not mandate a single technical approach to security and privacy; rather, the specification provides a set of building blocks that can be applied to create secure, private systems.

• Implementers are expected to follow core FHIR security principles.

• In addition, the FHIR Security and Privacy Module describes how to protect patient privacy.

Implementers may consider use of SMART Backend Services Authorization, as the exchanges in this guide do not require user access authorization and may run autonomously.