Roadmap
v1.1.0 โ Consent Manager + ATNA Auditโ
Status: In active development ย ยทย Target: Q3 2026
Consent Manager (14 tasks, 5 phases)โ
| Phase | Tasks | What gets built |
|---|---|---|
| Foundation | T1โT4 | ConsentRecord JPA, ConsentService, FHIR Consent mapper, AuditService |
| Enforcement | T5โT6 | ConsentEnforcementInterceptor, SmartConsentCustomizer |
| OAuth2 screen | T7โT8 | requireAuthorizationConsent(true), Thymeleaf consent screen |
| Patient portal | T9โT11 | Dashboard, revocation flow, history + audit trail |
| API + admin | T12โT14 | FHIR REST API, org-level policy engine, integration tests |
Regulatory coverage: HIPAA, HTI-1/TEFCA, GDPR/EHDS, DISHA, My Health Record
ATNA Auditโ
- IHE ATNA-compliant FHIR AuditEvent logging
- Async
@EventListenerโ never blocks request path - Every auth event, consent decision, and FHIR access logged
- Queryable via FHIR API
v1.2.0 โ Referral Moduleโ
Status: Planned ย ยทย Target: Q4 2026
- FHIR ServiceRequest + Task workflow
- Cross-facility referral with status tracking
- Integrates with Consent Manager for access control
Versioning policyโ
We track HAPI FHIR stable releases. When HAPI releases a new minor version, we validate and publish a matching platform release within 2โ4 weeks. Security patches are released within 24 hours of a confirmed vulnerability for Enterprise and Government customers.
Version format: {hapi-major}.{hapi-minor}.{platform-patch}
Example: Platform 7.4.2 = HAPI FHIR 7.4.x, platform patch 2.
Long-term alignmentโ
| Framework | Target version | Timeline |
|---|---|---|
| SMART App Launch v3.0 (when published) | Full support | Within 90 days of HL7 publication |
| IHE MHD | v4.2 | v1.3.0 |
| SMART Backend Services | v2.0 | v1.3.0 |
| FHIR R5 | Optional overlay | v2.0.0 |