[Openid-specs-heart] Draft HEART meeting notes 2015-06-01

Justin Richer jricher at mit.edu
Tue Jun 2 12:56:01 UTC 2015


An important discussion point missed in the notes below:

If Alice wants to move information between her PHR and PCP in either 
direction, this just changes the roles that each party plays. The PHR 
can be a client of the PCP's protected resource, or the PCP can be a 
client of the PHR's protected resource, or both. It's important that the 
protocols we're working on be able to work in either or both directions 
like this.

  -- Justin

On 6/1/2015 11:19 PM, Sarah Squire wrote:
>
> Attendees:
>
>
> Debbie Bucci
>
> Dustin Gage
>
> Edmund Jay
>
> Greg K
>
> Jim Kragh
>
> Justin Richer
>
> Rachel Houseman
>
> Mark Russell
>
> Sarah Squire
>
> Thompson Boyd
>
> Tom Sullivan
>
> William Kinsley
>
> Nat Sakimura
>
> Adrian Gropper
>
>
>
> The patient should be given a FHIR API endpoint whether they ask for 
> it or not. They can choose to authorize various things to use the API, 
> but they shouldn’t have to ask for it.
>
> The opt-in/opt-out choice comes when Alice chooses whether or not to 
> authorize a client.
>
>
> Alice can move information between her PHR and PCP portal, or request 
> that information be synced automatically as it is added. The details 
> of how that two-way sync could be accomplished has yet to be fleshed out.
>
>
> Alice’s authorization servers will have white lists, black lists, and 
> gray lists, which will determine the policy by which the authorization 
> server agrees to register a client. Trust frameworks can provide a 
> default policy. Alice can express her own policy preferences at run-time.
>
>
> Alice’s FHIR identifier within all systems would be a unique URI. 
> Ideally, this would be discovered automatically, but Alice should be 
> able to paste it in manually in the case where discovery fails.
>
>
> Alice can choose whether to do a one-time import of her information at 
> registration, or to authorize an ongoing sync that allows new 
> information to be imported every time it is added. The information 
> that is imported into a client  may or may not be used to update 
> existing information. The client can also give Alice the option to 
> refresh the cache that is being used by the client.
>
>
>
>
> _______________________________________________
> Openid-specs-heart mailing list
> Openid-specs-heart at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-heart

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-heart/attachments/20150602/3efb5996/attachment.html>


More information about the Openid-specs-heart mailing list