Home > Implementation Guidance > Consumer Responsibility

Consumer Responsibility

Privacy and Security

Prior to implementing this guide, an organization shall complete security and privacy risk assessments and address the recommendations of those assessments. Care should be taken to ensure the confidentiality and integrity of Personal Health Information in transit and at rest can be maintained at an appropriate level .

The information which adopters receive when submitting/receiving OLIS data is considered Personal Information (PI) and Personal Health Information (PHI). As a result, access to the health patient information must be restricted as specified in data-sharing agreements and corresponding legislation.

System Responsibility for User Authorization, Authentication

A “system” level integration is when a Point of Service (PoS) system representing many users, registers for access to the OLIS repository, instead of registering individual users. In this case, access to the OLIS repository is granted to the PoS System and all access to OLIS by the PoS are treated equally.In this case, the responsibility to Authenticate and Authorize individual access is delegated from the OLIS repository to the PoS. The PoS must ensure individual users access the OLIS repository as required.

The PoS System is responsible for ensuring the accuracy of the identity of the individual requester specified in the message. User identities must be tied to authenticated user accounts

User Credentials

In order to meet the privacy obligations, the audit records maintained at the service level need to know the details of the consumer application and the user making the request. To support privacy inquiries into the disclosure of patient PHI, the individual’s username, mnemonic or Unique identifier SHALL be included in the message to identify the individual user that initiated OLIS view request. The consumer shall satisfy this requirement through implementation of OAuth2 token defined in the request message header. The sending application is expected to create a JSON Web Token with the relevant information and embed within the FHIR® request as http header.

NOTE: if OLIS exchange is between systems where no PHI is disclosed to an individual, this does not apply. Refer to the Connectivity section for further details.

Auditing

Both the PoS System and OLIS Repository MUST audit all activity performed via the Application Programming Interface (API). The only exception to this is that PHI in any brokers/intermediaries must be cleared shortly after use.

With a “system” level integration the PoS must audit the user initiating each Search/Retrieve call (this information is invisible to the OLIS repository).

Logging

Both the PoS System and OLIS Repository MUST log all activity performed via the Application Programming Interface (API) for a support purpose. PHI MUST NOT be stored in application log files.

With a “system” level integration, the client system must log activities of the user initiating each Search/Retrieve call (this information is invisible to the OLIS repository).

Conformance

An OLIS FHIR request submitted to Ontario Health SHALL be well-formed and conform to this specification.