Patient data access API
Safe API for Patient and their resources
Last updated
Was this helpful?
Safe API for Patient and their resources
Last updated
Was this helpful?
Patient level access control in Aidbox allows for the restriction of access to data based on the patient to which it belongs. This means that when users interact with the Patient FHIR API, they are only able to access the resources that belong to a certain patient only.
Robust API for patient data access, ensuring that access is strictly limited to data associated with a designated patient. All other patient data is inaccessible through this API.
The API for patient-related resources manages the patient's context in which the request is made and denies access to resources that belong to a different patient.
A resource type is deemed patient-related if it has a search parameter named patient
. Custom Aidbox resource type may also be patient-related.
There are two way to define patient context in a request:
Create a user session in Aidbox with a patient
field that links to a Patient resource. Aidbox will automatically populate this field during the user login process if User.fhirUser
is a link to a Patient resource.
Add X-Patient-id
header to the request
Let's create two patients and Observations for a first patient.
Let's play with a new FHIR API.