FHIR Meetup
FHIR Access Control: Real-world Challenges and Solutions
John Moehrke
John Moehrke
Co-Chair: Security WG at HL7, Standards Architect at By Light Professional IT Services
Josh Mandel
Josh Mandel
Chief Architect for Microsoft Healthcare, Chief Architect for SMART Health IT
Mohammad Jafari
Mohammad Jafari
Senior Privacy Consultant and Integration Specialist E-Health and E-Commerce
Mike Kulakov
Mike Kulakov
Product Manager at Health Samurai
Nikolai Ryzhikov
Nikolai Ryzhikov
CTO at Health Samurai
Apr 30, 2024

FHIR Access Control: Real-world Challenges and Solutions

The meetup examines ongoing challenges including patient consent, data sharing, and regulatory compliance, alongside real-world implementations demonstrating secure healthcare data exchange and best practices for granular access policies.

Speakers

  • John Moehrke – Co-Chair, HL7 Security WG

    • Topic: "Privacy Consent on FHIR" – consent foundations, OAuth-based authorization decisions, and enforcement mechanisms

  • Josh Mandel – Chief Architect, Microsoft Healthcare & SMART Health IT

    • Topic: "Authorization: Granular Scopes and Beyond" – category-based scopes, Rich Authorization Requests, and TEFCA framework

  • Mohammad Jafari – Senior Privacy Consultant

    • Topic: "Data Segmentation for Privacy and Consent" – security labeling services and authorization integration

  • Mike Kulakov – Product Manager, Health Samurai

    • Topic: "Label-based Access Control in FHIR" – Aidbox LBAC engine demonstration

  • Nikolai Ryzhikov – CTO, Health Samurai (Moderator)