Interoperability Proving Ground (IPG) submissions within the ONC Tech Lab are submitted by healthcare, technology and development organizations that are invested in Health IT and Interoperability and want to share, learn and collaborate with similar stakeholders in the US, and around the world.

To view all submissions, please view the IPG link located within the ONC Techlab.

Digital Certificates to Scale Cross-Organizational use of FHIR

Description 
This project leverages trusted digital certificates to help scale the use of FHIR through reusable individual-, organizational-, or app-level credentials that can be leveraged to rapidly scale secure FHIR-based exchange. UDAP Profiles also include extensions to OAuth 2.0 and OpenID Connect.

Join the UDAP Google Group here:
https://groups.google.com/forum/#!forum/udap-discuss

or contact collaborate@udap.org for more information or if you would like to explore use of these credentials in a FHIR client application, FHIR server, or Identity Service, or to cross-test trusted endpoints as a UDAP collaborator. 

The client app registration and authentication/authorization use cases enabled through UDAP profiles are regularly tested at HL7 FHIR connectathons and in the interim between those events; see this track description for more information:

https://confluence.hl7.org/display/FHIR/2020-05+Cross+Organization+Application+Access

See the last 15 minutes of this ONC webinar for a presentation covering the project, and some screen shots of UDAP profiles in action:
https://www.youtube.com/watch?v=8wpYVQDvYJI&t=6384s
Start Date 
01/20/2018
Projected End Date 

    

  





  

    Project Tags
    
  • COVID-19
  • Digital Certificates
  • FHIR
  • HIT Vendor
  • Identity
  • Interoperability
  • OAuth
  • OIDC
  • Open API
  • PKI
  • Security
  • Trusted Exchange Framework
  • UDAP

  

  

    Project Point of Contact:
    julieremove@removeemrdirect.com  






  

    Project Results
    
UDAP is part of the following solutions:

CARIN BB IG:
https://build.fhir.org/ig/HL7/carin-bb/Authorization,_Authentication,_and_Registration.html

Da Vinci HREX:
http://build.fhir.org/ig/HL7/davinci-ehrx/Dynamic_Registration_for_SMART_Apps.html

Carequality Draft FHIR Technical WG IG:
https://docs.google.com/document/d/1iOour1orfMpYS30L2AU2wajZRXl7p6YWlk5F61TcZ1M/edit?ts=5d920fe0

ONC FHIR at Scale Task Force (FAST) Security Tiger Team Proposed Solution:
https://oncprojectracking.healthit.gov/wiki/display/TechLabSC/FAST+Security+Tiger+Team+TLC+Webinar

HL7 FHIR Security WG Approaches to Implementing Access Control:
https://build.fhir.org/security.html