CARIN App Registration
Revision as of 13:28, 6 June 2021 by Tom
This is a review of the CARIN Alliance - App Registration Implementation Guide dated 2021-06-01
- The CARIN Alliance is a consortium of health information exchange organizations operated by Leavit Partners.
- The published the draft App Registration Implementation Guide on 2021-06-01'
- The primary scope of the Guide concerns the app registration and patient authorization experiences.
- The guide is focused on the adpotion of best practices and not on compliance.
- The guide only accresses health data provided to the patient in FHIR format from an Electronic Health Record (EHR) from a HIPAA covered entity.
- Under the final rule for the 21st Century Cures act, payers can only deny access to an application or developer to open APIs, including the patient acmes APIs, if these connections pose an unreasonable security risk to protected health information in their own systems.
- It is unclear why the word "payor" appears in the above sentence as it should apply to all EHRs.
- The guide focuses on registration for Developers and their Applications.
- CARIN makes thee assumption that most applicants will be approved.
- As is make clear in the Patient Choice wiki, most health apps today do not protect the data in the patients domain.
- That makes clear that the CARIN guide is only focused on the organizations and not on patient empowerment.