--- { "title": "Aidbox & Formbox 2604: Analytical Workflows Closer to the FHIR Layer", "description": "Aidbox 2604 brings HIPAA Safe Harbor de-identification in SQL-on-FHIR, Databricks Lakebase token auth, a reworked SQL Console, and Formbox SMART on FHIR integration.", "date": "2026-05-07", "author": "Health Samurai Team", "reading-time": "3 min read", "tags": [ "Aidbox", "SQL on FHIR", "Analytics", "Forms", "Infrastructure" ], "utm-campaign": "release", "utm-content": "april-release" } --- FHIR adoption solved interoperability for many healthcare teams. The harder problems usually appear later. Teams start building operational infrastructure around the FHIR platform itself: analytics exports, reporting databases, subscription processors, de-identification workflows, and forms integrated directly into EHR environments through SMART on FHIR. A lot of the April 2026 Aidbox and Formbox release focuses on making those workflows easier to run closer to the platform itself. ## De-Identification Inside SQL-on-FHIR Research access and analytics workflows often introduce another transformation layer around operational data. Aidbox 2604 adds HIPAA Safe Harbor compliant [de-identification](https://www.health-samurai.io/docs/aidbox/modules/sql-on-fhir/de-identification) directly into [SQL-on-FHIR](https://www.health-samurai.io/docs/aidbox/modules/sql-on-fhir) ViewDefinition workflows. Instead of exporting data into separate anonymization pipelines first, de-identification rules can now live closer to the query definitions themselves. The release also restores SQL-on-FHIR compliance with the test suite, including implementation of the `%rowIndex` FHIRPath function and fixes around FHIR Schema validation. ## Databricks and Lakebase Connections Aidbox 2604 also adds Databricks identity authentication support for [Lakebase](https://www.health-samurai.io/docs/aidbox/deployment-and-maintenance/deploy-aidbox/run-aidbox-on-managed-postgresql#databricks-lakebase) connections. Databricks OAuth tokens can now be used through BYOT (Bring Your Own Token) authentication in addition to standard PostgreSQL credentials. This reflects a broader shift in how analytical workloads interact with operational healthcare infrastructure. Systems that used to remain completely separated are increasingly expected to work much closer together. ## More Control Over Query Execution The SQL Console was significantly reworked in 2604. Execution settings are now configurable per tab, including transaction mode, statement timeout, fetch size limiting, and foreground or background execution. These changes become important once analytical queries start running against the same environment handling transactional workloads. Aidbox RLS also received a major update. JWT `sub` and `iss` claims can now propagate into PostgreSQL session variables through `BOX_DB_PASS_AUTH_VARS`, making them available directly inside PostgreSQL Row-Level Security policies. CRUD, Search, and `$sql` requests now execute inside a transaction so those variables apply consistently per request. ## Subscription Infrastructure and Downstream Processing A large amount of healthcare integration still depends on polling-based synchronization. Aidbox 2604 pushes more processing logic directly into subscription workflows themselves. Custom AidboxTopicDestination handlers now receive both previous and current resource versions, making diff-based payload generation possible without external comparison workers. The release also adds several operational improvements around delivery handling and tracing: * delivery logging through `enableLogging` * unique message IDs * version-aware focus references through `includeVersionIdInFocusReference` These additions simplify debugging and make it easier to reconstruct downstream payload history when needed. ## Cleanup and Deprecation Work A noticeable part of 2604 is operational cleanup. Changes in this release include: * legacy DB Console now redirects to the new SQL Console * legacy ZEN UI removed * legacy MDM implementations scheduled for removal in 2605 LTS * Entity/Attribute validation and ZEN validation moving toward deprecation in favor of FHIR Schema validation The release also normalizes canonical URL handling across Aidbox IG [packages](https://www.health-samurai.io/docs/aidbox/reference/system-resources-reference) while keeping older URL formats backward-compatible. ## Formbox Updates Formbox also received several infrastructure-focused updates in 2604. The biggest addition is [SMART on FHIR integration](https://www.health-samurai.io/docs/formbox/aidbox-ui-builder-alpha/smart-app-integration), with Formbox now able to operate as a SMART app for EHR integration workflows. The implementation currently supports read flows and has been tested with Cerner. The release also introduces a new Formbox UI, currently available in beta. A switch banner is now available directly on the main Forms page, allowing teams to move between the old and new interfaces during the transition period. These changes continue pushing Formbox toward tighter integration with operational clinical systems instead of treating forms as isolated workflows. ## Toward Operational Analytics on FHIR The operational boundary between transactional systems and analytical workflows is gradually becoming thinner. SQL-on-FHIR continues evolving. De-identification now lives closer to query definitions. Security context can propagate directly into PostgreSQL policies. Subscription handlers can work with both previous and current resource states. The upcoming SQLQuery support moves further in the same direction. Read the [full release notes](https://www.health-samurai.io/docs/aidbox/overview/release-notes#april-2026-latest-2604) or join the discussion on [Zulip](https://connect.health-samurai.io/).