Exportar Publicação

A publicação pode ser exportada nos seguintes formatos: referência da APA (American Psychological Association), referência do IEEE (Institute of Electrical and Electronics Engineers), BibTeX e RIS.

Exportar Referência (APA)
Phuyal, S., Bhandari, M., Bista, R. & Ferreira, J. C. (2026). HL7 FHIR consent for healthcare data sharing: Challenges, opportunities and integrity implications. International Journal of Medical Informatics. 214
Exportar Referência (IEEE)
S. Phuyal et al.,  "HL7 FHIR consent for healthcare data sharing: Challenges, opportunities and integrity implications", in Int. Journal of Medical Informatics, vol. 214, 2026
Exportar BibTeX
@article{phuyal2026_1784186093250,
	author = "Phuyal, S. and Bhandari, M. and Bista, R. and Ferreira, J. C.",
	title = "HL7 FHIR consent for healthcare data sharing: Challenges, opportunities and integrity implications",
	journal = "International Journal of Medical Informatics",
	year = "2026",
	volume = "214",
	number = "",
	doi = "10.1016/j.ijmedinf.2026.106405",
	url = "https://www.sciencedirect.com/journal/international-journal-of-medical-informatics"
}
Exportar RIS
TY  - JOUR
TI  - HL7 FHIR consent for healthcare data sharing: Challenges, opportunities and integrity implications
T2  - International Journal of Medical Informatics
VL  - 214
AU  - Phuyal, S.
AU  - Bhandari, M.
AU  - Bista, R.
AU  - Ferreira, J. C.
PY  - 2026
SN  - 1386-5056
DO  - 10.1016/j.ijmedinf.2026.106405
UR  - https://www.sciencedirect.com/journal/international-journal-of-medical-informatics
AB  - Objective
To assess whether HL7 FHIR Consent, as currently specified and deployed, is sufficient to support verifiable, regulation-aligned consent governance in distributed and cross-organisational health data sharing.
Methods
We conducted a qualitative critical analysis of FHIR Consent informed by (i) peer-reviewed implementation literature, (ii) national-scale consent exchange initiatives, and (iii) accountability requirements under GDPR and the European Health Data Space (EHDS). The analysis is organized into four dimensions: semantic interpretability, consent lifecycle management, runtime enforcement, and cross-organisational trust/auditability.
Results
FHIR Consent provides an interoperable representation of authorisation intent, but large-scale deployments remain limited by (1) non-canonical semantics across implementations, (2) lack of standardized lifecycle versioning and cross-organisational revocation propagation, (3) heterogeneous translation of declarative consent into enforceable access control, and (4) limited capability for independent verification of consent provenance and historical integrity across institutional boundaries.
Conclusion
We derive an architecture pattern that separates (a) standards-based consent representation (FHIR Consent), (b) local policy interpretation/enforcement, and (c) cross-organisational integrity verification. Cryptographic integrity anchoring is discussed as a complementary mechanism for tamper-evident verification of off-chain consent artifacts and lifecycle events, without externalizing consent semantics or personal data.
ER  -