Security Model > Privacy and Security Considerations

Privacy and Security Considerations

Security Considerations

The following security items must be considered when integrating with IAR Visual App:

Patient Context Change

When a new patient is put in context in the Client Application, a relaunch of the IAR Visual App will take place. At this point, any existing user and patient related data (from the previous patient and user context) is removed from the IAR Visual App. This includes removal of the OAuth access and refresh tokens.

Closing the Browser Window

When browser window hosting the IAR Visual App is closed, all of the existing access tokens will be removed, and invalidated. The same access token will be able to be reused in a different context.

Token Expiration Time

Authentication and Authorization JWT expiry

Authentication and Authorization JWT contains the exp data fields (corresponding to the expiration date/time). As best practice, this has to be set-up with very short time period so that it cannot be used for extended period of time.

In addition, Client Application and IAR servers should have system clocks synchronized for correct handling of this field.

Access Token expiry

The OAuth access token that is used by the IAR Visual App to retrieve data from IAR also contains exp field. It is set up for longer period of time allowing end-user to keep interacting with IAR Visual app. If the user still communicates with IAR VIsual App after the access token expited the appropriate message wll be returned. The user have to have an ability to re-launch IAR Visual App with new JWT tokens.

Cross-Original Resource Sharing (CORS)

IAR Data API supports Cross-Origin Resource Sharing (CORS). The domain name of the Client Application should be configured in IAR to allow the cross-origin HTTP requests coming from Client Application.

Privacy Considerations

IAR Visual App will adhere to the same IAR consent model as the clinical portal.

  • IAR level consent (blocks access to all of client/patient assessments in IAR)
  • PI Level consent (access to both client/patient demographic data and all of their assessment data in IAR is restricted from view by all users).
  • HSP Level consent (Person does not have any assessments within the last two (2) years, or all assessments within the last two (2) years have HSP level consent block).

Auditing

End user access to IAR data via the Visual App will be audited. The following client application user attributes are captured:

  • HSP’s Client application’s user’s name
  • First Name
  • Last Name
  • E-mail address
  • Organization Identifier (capable of matching IAR Org ID)
  • Organization Name
  • Timestamp when the end user is denied access by the authorization server
  • Source system (Visual Application or Direct Access)
  • User Activities (E.g. Search/view Assessment data) / Audit Events

Powered by SIMPLIFIER.NET

HL7® and FHIR® are the registered trademarks of Health Level Seven International