jmandel

jmandel

wget -e robots=off --mirror -l 1 http://confluence.oncprojectracking.org/display/ONCCERT2015/ONC+Health+IT+Certification+Program+2015+Edition+Test+Methods+Home
grep -ri final_rule/pdfs confluence.oncprojectracking.org/ | grep -oP '(https.*?)\.pdf' > pdfs
for i in $(cat pdfs); do wget $i; done
for i in *.pdf; do  pdftotext "$i"; done
grep API *.txt

jmandel

--> POST / HTTP/1.1
--> User-Agent: Faraday v0.9.2
--> Authorization: [redacted]
--> Travis-Repo-Slug: hl7-fhir/fhir-svn
--> Content-Type: application/x-www-form-urlencoded
--> Accept-Encoding: gzip;q=1.0,deflate;q=0.6,identity;q=0.3
--> Accept: */*
--> Connection: close
--> Host: fhir.me:8999
--> Content-Length: 12261

jmandel

Setup partitions

• Use existing EFI partition
• Create a new 750MB boot partition (not encrypted)
• Create a root partition.
• Setup encryption

cryptsetup formatLuks /dev/nvme0n1p6
cryptsetup open /dev/nvme0n1p6 cryptroot

jmandel

Standards

Health IT Standards present an evolving landscape. Aspects of healthcare data exchange are working today, but clincians and patients face serious challenges on the ground. There are multiple perspectives about the best path forward.

Under the Meaningful Use Stage 2 incentive program, 2014-certified EHRs enable exchange of clinical data via the Consolidated CDA document format. Two key patterns are: exchange among clinicians

jmandel

{
  "resourceType": "StructureDefinition",
  "id": "oauth-uris",
  "url": "http://fhir-registry.smarthealthit.org/StructureDefinition/oauth-uris",
  "name": "OAuth Endpoint URIs",
  "publisher": "SMART Health IT",
  "contact": [ {
      "telecom": [ {
          "system": "other",
          "value": "http://smarthealthit.org"

jmandel

1. Launch in EHR

Got access token back:

{
  "access_token": "29141724124...",
  "patient": "123"
}

jmandel

jmandel

for rev in `git rev-list --reverse --all`;
	do
	git checkout $rev;
	COUNT=$(cat trunk/source/fhir.ini  trunk/build/source/fhir.ini  | awk '/^\s*$/{flag=0}flag && /=/;/\[resources\]/{flag=1}'   | wc -l);
	DATE=$(git log -1 --date=iso --format=%ai .);
	echo "$DATE	$COUNT" >> /tmp/fhir_counts;
	echo "$DATE	$COUNT";
done

jmandel

The Goal

Enable a common set of scopes that can be used across UMA-based authorization and "vanilla OAuth 2.0" authorization in a consistent way. In particular, support a model where apps know which permissions they'll need and can get authorized, up-front, with all of those permissions explicitly (rather than attempting a FHIR operation, engaging in an UMA flow... and then repeating this process each time the app needs to issue a new query against the patient's clinical record). Effectively it's a way to standardize the logic by which an UMA resource server knows which scopes to register when it creates