Background
Foundational IHE Profiles and pan-Canadian Interoperability Specifications address critical interoperability issues such as user authorization (e.g. IUA), security node and audit records (e.g. ATNA), consistent time (e.g. CT), terminology (e.g. SVCM) and document transformation/formatting (e.g. CM-FMT) and more that are important for sharing of Patient Summaries within and across care networks.
Assumption
Vendors and jurisdictions in the ecosystem can optionally choose to play the standardized actors and transactions listed in the Foundational Profiles for the PS-CA Specification. Additional information and requirements for these Foundational Profiles can be found below. Vendors or jurisdictions may decide not to implement optional IHE profiles listed below, however it is highly recommended that areas pertaining to authentication, auditing and security are being addressed using solutions that currently exist in their respective enterprise architecture.
IHE Profiles & pan-Canadian Profiles included: IUA, ATNA, CT, SVCM, CA:FeX, CA:FMT
Legend
The following diagram is the legend for the sequence diagrams to help readers orient themselves with the diagrams.
IUA*
The IUA* (Internet User Authorization) provides support for authorization to access resources when using HTTP RESTful transports, by managing authorization tokens.
The Authorization Client must have a valid token that must be presented to resource server with every request
- Get Access Token [ITI-71] – performed when Client does not yet have a token or when token is expired
- Incorporate Access Token [ITI-72] – the client must include the token with every request
- Introspect Token [ITI-102] – the resource server must introspect token at every request
ATNA*
The Audit Trail and Node Authentication (ATNA) Profile specifies the foundational elements needed by all forms of secure systems: node authentication, user authentication, event logging (audit), and telecommunications encryption.
ATNA provides support for ensuring that that the communicating systems have a level of trust in each other through node authentication, that communications between the different system components are encrypted (via TLS), and that system activity is audited.
- ATNA* Authenticate Node [ITI-19]
Before establishing secure communication, mutual authentication is performed between two secure nodes.
A secure pipe will be established through which secure transactions will take place.
Secure Node also authenticates the identity of the user who requests access to the node.
- ATNA* Record Audit Event [ITI-20]
The Secure Node/App sends auditable events to an Audit Record Repository. The triggers for sending audit logs can vary and may be specified in other IHE profiles, local law or regulation, or local policy.
CT
CT (Consistent Time) ensures that the system clocks and time stamps of the many computers in a network are well synchronized. Synchronization with a median error less than 1 second is sufficient for most purposes.
SVCM*
SVCM (Sharing Valusets, Codes, and Maps) supports querying for value sets and code systems using the standard HL7 FHIR resources. It also supports looking up and validating codes as well as expanding a value set to list all the available codes.
Optionally concept maps can also be included to translate from one code system or value set to another (e.g. SNOMED CT to LOINC).
*Note: Please refer to the pan-Canadian Patient Summary – FHIR Implementation Guide for the Patient Summary-CA Valuesets
CA:FeX
The CA:FeX Interoperability Specifications provide support for submitting, searching and retrieving clinical documents (e.g. Patient Summaries) to and from a central Clinical Data Repository (e.g. Document Repository) using FHIR resources.
*Note: Content is in development. More information can be found in the CA:FeX Interoperability Specifications, available here.
CA:FMT
The CA:FMT Interoperability Specifications provide formatting support service. It provides support for transformation of documents between different formats (e.g., from FHIR to PDF, CDA, etc.).
*Note: Content is in development and will be added in future roadmaps. More information, including introduction, benefits and actor & transaction diagrams can be found below. This pan Canadian Interoperability Specifications has been included in the sequence diagrams of the pan-Canadian Patient Summary – Companion Guide to Reference Architecture v1 as an option for formatting support.
