...
- these vulns show why strong authZ tools need to be easy to use/implement
- this api authZ is also common for provider FHIR access – that should also change to properly enforce patient directed record blocking
- <diagram to summarize vuln>
Draft Diagrams:
| Widget Connector | ||
|---|---|---|
|
UMA is made to be additive to this ecosystem in order to enforce appropriate subject directed authorization of their record to the app, services, and other people they want to access their information.
...