Health-Cards

Overview

A Health Card is a verifiable, digital artifact that represents a limited set of information about an individual, relevant to a specific health status. The card can be presented in digital and physical form. A QR code representing the card can be shared from a device or a piece of paper. Information in the health card can be used to determine the authenticity of the artifact and its issuer. The goal is to provide individuals with the choice to share limited health information in a portable and secure manner.

Health cards are designed in conformance with the emerging SMART® Health Card framework (technical specification) and HL7® FHIR® Vaccination and Testing IG.

The $health-cards-issue operation adheres to the FHIR specification and returns Health Cards as verifiableCredentials in a FHIR Parameters resource. These verifiable credentials are JSON Web Signatures with a compressed payload. Refer to the specification for details on the protocols for

The FHIR Bundle encompassed in the Health Card adheres to the Data Minimization profiles defined by HL7 FHIR Vaccination and Testing IG.

Supported Health Card Types

Description FHIR Bundle Profile Credential Types
Covid19 vaccination Vaccination Credentials (DM) https://smarthealth.cards#health-card
https://smarthealth.cards#immunization
https://smarthealth.cards#covid19
Covid19 laboratory test result Laboratory Test Result Credentials (DM) https://smarthealth.cards#health-card
https://smarthealth.cards#laboratory
https://smarthealth.cards#covid19

A supported health card type is returned if the following conditions are met:

Supported FHIR Bundle Profiles

These are the FHIR Bundle profiles for the resources returned in a health card type.

Vaccination Credentials (DM)

Represents the patient and the clinical data related to a vaccination

Contains the following resources:

Terminology Bindings

Immunization.vaccineCode
  • Description
    • Vaccine product administered.
  • Details: CVX
    System: http://hl7.org/fhir/sid/cvx

Authorization Types

The OAuth2 token must include Patient.read and Immunization.read scopes.

Laboratory Test Result Credentials (DM)

Represents the patient and the clinical data related to a laboratory test result

Contains the following resources:

Terminology Bindings

Observation.code
  • Description
    • Codes identifying names of simple observations.
  • Details: LOINC
    System: http://loinc.org

  • Details: LOINC (Covid19)
    System: http://loinc.org

Observation.valueCodeableConcept
  • Description
    • Codes for value of the observation.
  • Details: SNOMED CT
    System: http://snomed.info/sct

Authorization Types

The OAuth2 token must include Patient.read and Observation.read scopes.

$health-cards-issue

Issues Health Cards for an existing Patient that meet the supplied request:

POST /Patient/:id/$health-cards-issue

Implementation Notes

Authorization Types

Implementation Notes

Headers

Authorization: <OAuth2 Bearer Token>
Accept: application/fhir+json
Content-Type: application/fhir+json

Body Fields

Name Required Type
resourceType Yes string
  • Description
    • The type of the FHIR resource.
  • Example
    • {
        "resourceType": "Parameters"
      }
      
  • Notes
    • resourceType must be Parameters
parameter Yes List of BackboneElement
  • Description
    • Parameters defined by the operation.
credentialType Yes List of parameter BackboneElement
  • Description
    • The type of the health cards requested.
  • Example
    • {
        "parameter": [
          {
            "name": "credentialType",
            "valueUri": "https://smarthealth.cards#health-card"
          }
        ]
      }
      
  • Example
    • {
        "parameter": [
          {
            "name": "credentialType",
            "valueUri": "https://smarthealth.cards#covid19"
          },
          {
            "name": "credentialType",
            "valueUri": "https://smarthealth.cards#immunization"
          }
        ]
      }
      
  • Notes
      • The value must be in the form of valueUri
      • More than one value for the credentialType can be defined by repeating the element with a different valueUri
        • Multiple values in a request are interpreted as a request for the intersection of the requested types (logical AND)
        • It is recommended to add multiple credential types to the request to match the intended health card type most precisely. This will avoid any integration issues as support for additional health card types is added
      • See Supported Health Card Types for a list of valid credential types
_since List of parameter BackboneElement
  • Description
    • The specific point of time after which resources should be included in the health cards.
  • Example
    • {
        "parameter": [
          {
            "name": "_since",
            "valueDateTime": "2020-04-01"
          }
        ]
      }
      
  • Notes

Example

Request

POST https://fhir-myrecord.cerner.com/r4/ec2458f2-1e24-41c8-b71b-0e701af7583d/Patient/12742542/$health-cards-issue

Body

{
  "resourceType": "Parameters",
  "parameter": [
    {
      "name": "credentialType",
      "valueUri": "https://smarthealth.cards#health-card"
    },
    {
      "name": "credentialType",
      "valueUri": "https://smarthealth.cards#covid19"
    },
    {
      "name": "_since",
      "valueDateTime": "2020-04-01"
    }
  ]
}

Response

Status: 200 OK
{
  "resourceType": "Parameters",
  "parameter": [
    {
      "name": "verifiableCredential",
      "valueString": "eyJhbGciOiJFUzI1NiIsInppcCI6IkRFRiIsImtpZCI6Ik4ybWFHOHFPaElUZV96eVBxY3JDYTZMVF9tVzE4WnRGUHkwOWNHQUIyNHcifQ.3ZJPb9QwEMW_Chqu-edsdr3NjZYKKhWE6JYL2oPjTHaN7DiynRVLle_OOLtFINoeOCL54pnxz-89-wGU91DDPoTB13ne7ZVLzdGhtK7NJLoeXSatyV2Voyyr5borU4ZllVZMrtOGsyYtkBdMdHy5XrSQQN90ULNVueR8sVgtEjhIqB8gHAeE-uuvm7wRLuxR6LDPpHCtf33apHFDmOfnlDFjr36IoGz_4qC0B9WyC9gmIB222Acl9N3YfEMZoqRo9gs6Hzk1VFmRFcSL1cuxbzXGGYfejk7iZpYP50ZytgPSak20kxK6wB3JI5FHre-dpoHH83VEP26eAH8iO3Q-5icMniDCKE08eHdze3n9eUO9nTpgH1N8c3tzdU2FO9hOZK9RZP2tCJHELniRMpayFUxT8qQW9rKWmz8D9kGE0c9mzaAxYHyeg5BS9Xhl25kgbav63SzbH31Ac_5T9C57zTPrdvPXyr1qc3n4TgA5n4Sy4DBtpwSGcwCznA4d9lHb7_nRkJVydHMrmt0oc0KULC0WKVsTVtvwcTQNOmrwNV9VVBvQddaZWCN9Qgbr4jWt8oMWMeAPpEW_em_9oILQFNv2ueTK_zC58u_kqnK54uxfo6M1TT8B.ErkeyFvKawfR5UkTvPxF2MIUD058AG5yqRDE2oavtpUhYlLGUyN87gk72ljjat3cQaBNWfu9U8TWVk2T-oR9Hw"
    },
    {
      "name": "verifiableCredential",
      "valueString": "eyJhbGciOiJFUzI1NiIsInppcCI6IkRFRiIsImtpZCI6Ik4ybWFHOHFPaElUZV96eVBxY3JDYTZMVF9tVzE4WnRGUHkwOWNHQUIyNHcifQ.hZJda9swFIb_StFu_SHZTpz4bv1gFMo2mnQXK7mQ5eNEQ5aCJJuFkv--IztNC-syEAgdHT3nPe_RC5HOkYrsvN-7Kk3bnbRxd7AgjG0SAVaDTYTpUlukILJitmizmEFWxAUTi7guWR1TKCnjbTlb5A2JiK5bUrF5NivLPJ_nERkEqV6IP-yBVM_nSq7j1u-AK79LBLeN-zQd4nBAzL_zFK-N5d7Yw8U0YQbZsCXZRERYaEB7ydWqr3-B8EFQaPUHWCeNRgOKhCYUeSF63etGQcix4ExvBaxH8eR0EZ2aIcIohbRAiAgWQEXVM5J7pZ6swoTX91VAvx4-AH_nXuL74B7vYILwTirkkS_3D9d3j2u828oBdPDw88P9zR0GVmRzxPZqia3fch9IbFnSmLGYzcnxGH2ohV3W8q12YAd-6sp57vvwQ1qpucKAMM34Cnept6NUd3AeutMvwlkoI7VIjN2e08mymFEao6bNEZlvQ7DQggUdhLw3C5OgbYO1A4TG1jK4QjKa0ZgWcU7XdFGxWUVxaJT-xDoDVz3cYDFeK9yRuPf_kem06aBJpG5N6oR_E5vNaV7mlLJJ7lnjI9fbaTjT_C_SPdhOaqPM9pDsVBnsSIO-1ZiXnqE2QOMOuA6kswZtbDf63Ui3Vzx8hK9j6GpSEebu4bf_K_4u7K9uwaOJ0IRGwjoe_wA.hpRuDsGuiAAHjGGn5Obfow3TalP5sc7Z00KifXGdoQAtzo6dj0DEeBPqvRcjQTy93GaYhB0jPu4Tzou9QKWcLw"
    },
    {
      "name": "resourceLink",
      "part": [
        {
          "name": "vcIndex",
          "valueInteger": 0
        },
        {
          "name": "bundledResource",
          "valueUri": "resource:0"
        },
        {
          "name": "hostedResource",
          "valueUri": "https://fhir-myrecord.cerner.com/r4/ec2458f2-1e24-41c8-b71b-0e701af7583d/Patient/12742542"
        }
      ]
    },
    {
      "name": "resourceLink",
      "part": [
        {
          "name": "vcIndex",
          "valueInteger": 0
        },
        {
          "name": "bundledResource",
          "valueUri": "resource:1"
        },
        {
          "name": "hostedResource",
          "valueUri": "https://fhir-myrecord.cerner.com/r4/ec2458f2-1e24-41c8-b71b-0e701af7583d/Immunization/M197462828"
        }
      ]
    },
    {
      "name": "resourceLink",
      "part": [
        {
          "name": "vcIndex",
          "valueInteger": 0
        },
        {
          "name": "bundledResource",
          "valueUri": "resource:2"
        },
        {
          "name": "hostedResource",
          "valueUri": "https://fhir-myrecord.cerner.com/r4/ec2458f2-1e24-41c8-b71b-0e701af7583d/Immunization/M197462824"
        }
      ]
    },
    {
      "name": "resourceLink",
      "part": [
        {
          "name": "vcIndex",
          "valueInteger": 1
        },
        {
          "name": "bundledResource",
          "valueUri": "resource:0"
        },
        {
          "name": "hostedResource",
          "valueUri": "https://fhir-myrecord.cerner.com/r4/ec2458f2-1e24-41c8-b71b-0e701af7583d/Patient/12742542"
        }
      ]
    },
    {
      "name": "resourceLink",
      "part": [
        {
          "name": "vcIndex",
          "valueInteger": 1
        },
        {
          "name": "bundledResource",
          "valueUri": "resource:1"
        },
        {
          "name": "hostedResource",
          "valueUri": "https://fhir-myrecord.cerner.com/r4/ec2458f2-1e24-41c8-b71b-0e701af7583d/Observation/M-197287549"
        }
      ]
    }
  ]
}

Note: The examples provided here are non-normative and replaying them in the public sandbox is not guaranteed to yield the results shown on the site.

Errors

The common errors and OperationOutcomes may be returned.