Stream: smart
Topic: pass patient
Emiliano Fernandez (Jan 22 2021 at 16:16):
Hi all, Im new here!! Im having trouble understanding something about smart on fhir. I want to know how i to pass the patient or practitioner into the launch flow. Can anyone help me? Thanks a lot!
David Pyke (Jan 22 2021 at 16:34):
This page should give you what you need
Emiliano Fernandez (Jan 22 2021 at 16:37):
yes ive seen it. But I dont really understand if im currently in the EHR with a specific patient, and i start the launch process, how do the parts know that specific patient? (sorry for my english)
Lloyd McKenzie (Jan 22 2021 at 17:27):
It's the responsibility of the launching application to 'know' what patient you're looking at, what user is logged on, etc.
Jenni Syed (Jan 22 2021 at 17:51):
If you're implementing the SMART standard, you would likely have a way in the system to generate the launch code that ties to patient and encounter/other SMART launch context
Emiliano Fernandez (Jan 22 2021 at 17:55):
Thanks for the replies, so there is no "standard" to send from the EHR the current patient?
Josh Mandel (Jan 22 2021 at 18:20):
The EHR launch provides a way to communicate a patient from the EHR to the app. It is not provided as a direct parameter on the redirect to the app, because the app is not allowed to see this information until it has successfully completed an authorization. Once you complete authorization, you get an access token response from the EHR, that access token response will include the patient id, as long as you have requested the right scopes. (As Jenni points out, the only parameter that goes out over the wire to the app at lunch time is an opaque launch ID that the EHR uses to tie this whole session together.)
Emiliano Fernandez (Jan 22 2021 at 18:27):
Thank you very much!! Its clear now
Emiliano Fernandez (Jan 22 2021 at 18:45):
In my case, the oauth authentication is with an external IDP, is there another way to get the patient info if the token response from the IDP does not contain that info you mention?
Emiliano Fernandez (Jan 25 2021 at 14:12):
In my case, the oauth authentication is with an external IDP, is there another way to get the patient info if the token response from the IDP does not contain that info you mention?
Josh Mandel (Jan 25 2021 at 14:31):
In general the approval process needs to reflect the user's decision to share information; if the authorization server doesn't know about this information it cannot implement an appropriate approval process.
Michele Mottini (Jan 25 2021 at 14:31):
You'll have to customize the identity provider or add a layer on top of it to handle SMART-specific stuff like the patient selection
Emiliano Fernandez (Jan 29 2021 at 15:29):
Is it ok for example to send from de EHR a JWT token, with the patient information, in the launch parameter?? For Example:
xxxxxx/launch.html?launch={JWT_token}???
Michele Mottini (Jan 29 2021 at 15:36):
Yes
Michele Mottini (Jan 29 2021 at 15:37):
(Seems overkill though)
Last updated: Apr 12 2022 at 19:14 UTC
