FHIR Chat · docs / Issue #251 May 2018 Ballot Comment 45 · cds hooks/github

Stream: cds hooks/github

Topic: docs / Issue #251 May 2018 Ballot Comment 45

view this post on Zulip Github Notifications (May 16 2018 at 22:58):

cds-hooks-bot milestoned Issue #251

view this post on Zulip Github Notifications (May 16 2018 at 22:58):

cds-hooks-bot labeled Issue #251

view this post on Zulip Github Notifications (May 16 2018 at 22:58):

cds-hooks-bot edited Issue #251

## May 2018 Ballot Comment 45

Submitted by @bvdh from Philips Healthcare

Chapter: CDS Services
Section: FHIR Resource Access
Type: NEG :exclamation:
In Person Requested? Yes :bust_in_silhouette:

Existing Wording:

As such, the access token SHALL BE scoped to:
• The CDS Service being invoked
• The current user

Comment:
Again, this is wise but why is it a mandatory requirement. It could be that the CDS Service MUST make this assumption?

## Triage Information

Triage Notes:
Reviewed with Bas

Proposed Disposition: Not Persuasive
Proposed Disposition Comment:
That would leave authorization soley at the discrection of the CDS Service, which poses security risks.

_This issue was imported by @cds-hooks-bot from the consolidated CDS Hooks May 2018 ballot spreadsheet._

view this post on Zulip Github Notifications (May 16 2018 at 22:58):

cds-hooks-bot opened Issue #251

## May 2018 Ballot Comment 45

Submitted by @bvdh from Philips Healthcare

Chapter: CDS Services
Section: FHIR Resource Access
Type: NEG :exclamation:
In Person Requested? Yes :bust_in_silhouette:

Existing Wording:

As such, the access token SHALL BE scoped to:
• The CDS Service being invoked
• The current user

Comment:
Again, this is wise but why is it a mandatory requirement. It could be that the CDS Service MUST make this assumption?

## Triage Information

Triage Notes:
Reviewed with Bas

Proposed Disposition: Not Persuasive
Proposed Disposition Comment:
That would leave authorization soley at the discrection of the CDS Service, which poses security risks.

_This issue was imported by @cds-hooks-bot from the consolidated CDS Hooks May 2018 ballot spreadsheet._

view this post on Zulip Github Notifications (May 18 2018 at 09:22):

cds-hooks-bot commented on Issue #251

Proposed Disposition: Not Persuasive
Proposed Disposition Comment:
That would leave authorization soley at the discrection of the CDS Service, which poses security risks.

view this post on Zulip Github Notifications (May 18 2018 at 09:43):

cds-hooks-bot labeled Issue #251

view this post on Zulip Github Notifications (May 30 2018 at 22:20):

cds-hooks-bot commented on Issue #251

## :telephone_receiver: CDS Working Group Block Vote (5-30-2018)

Meeting notes: http://wiki.hl7.org/index.php?title=File:2018-05-30_CDS_WG_Call_Minutes.docx

Julia Skapik moved the following disposition, seconded by @brynrhodes.

Disposition: Not Persuasive
Disposition Comment:
That would leave authorization soley at the discrection of the CDS Service, which poses security risks.

:+1: For: 12
:expressionless: Abstain: 0
:-1: Against: 0

:tada: The motion passed! :tada:

view this post on Zulip Github Notifications (Jun 06 2018 at 15:35):

brettmarquard commented on Issue #251

Resolved.

view this post on Zulip Github Notifications (Jun 06 2018 at 15:35):

brettmarquard closed Issue #251

view this post on Zulip Github Notifications (Jun 14 2018 at 13:38):

cds-hooks-bot assigned Issue #251

Last updated: Apr 12 2022 at 19:14 UTC


An HL7 Website -