Consent enforcement
live
Lab workflow
live
Referral lifecycle
live
Audit trail
Consent enforcement
Change the consent type and resource, watch the interceptor decision update live. Every change writes a FHIR AuditEvent to your session log.
provision.type
Resource requested
200 OK — Request permitted
provision.type=permit · Observation in provision.class · status=active · period valid
ConsentEnforcementInterceptor
GDPR Art.9 · DISHA §4.2
GDPR Art.9 · DISHA §4.2
GET
/fhir/Observation?patient=ePatient-8675309
200 OK
142ms
GET /fhir/Observation?patient=ePatient-8675309
Host: fhir.sandbox.ajfhir.org
Authorization: Bearer eyJhbGciOiJSUzI1NiIs…
scope: patient/Observation.rs patient/Patient.rs
← Response
FHIR Consent resource — Patient/ePatient-8675309
consent-P8675309
"resourceType": "Consent",
"id": "consent-P8675309",
"status": "active",
"provision": {
"type": "permit",
"period": { "start": "2024-01-01", "end": "2025-12-31" },
"actor": [{ "reference": { "reference": "Device/akhester-smart-client" }}],
"class": [
{ "code": "Observation" },
{ "code": "Patient" }
]
}
Lab workflow
Step through the full order-to-result chain. Click each step to see the FHIR resource that was created and the HTTP exchange that delivered it.
Step 1
Lab order
Step 2
Observations
Step 3
DiagnosticReport
Step 4
App reads results
Step 3 — Lab System POSTs DiagnosticReport to HAPI FHIR
The Lab System has completed the CBC and lipid panel. It creates a DiagnosticReport resource that links the three Observations and includes the clinical conclusion.
POST
/fhir/DiagnosticReport
201 Created
188ms
Hemoglobin
13.2
g/dL
LOINC 718-7
Normal · 12.0 – 16.0 g/dL
WBC count
7.4
×10⁹/L
LOINC 6690-2
Normal · 4.5 – 11.0
LDL Cholesterol
4.1
mmol/L
LOINC 13457-7
↑ High · ref < 3.4 mmol/L
Referral lifecycle
Step through all four stages. Click Next step to advance, or use PATCH accepted / PATCH completed to drive the Task lifecycle directly. Each step writes an AuditEvent.
Step 1 — Create referral ServiceRequest
Dr. Priya creates a referral to Central Hospital Cardiology for P. Kumar. A ServiceRequest with intent=referral is POSTed to HAPI FHIR. ConsentEnforcementInterceptor checks cross-facility consent before dispatch.
POST
/fhir/ServiceRequest
201 Created
112ms
FHIR Task resource — current state
in-progress
"resourceType": "Task",
"id": "task-referral-001",
"status": "in-progress",
"intent": "order",
"focus": { "reference": "ServiceRequest/sr-referral-001" },
"for": { "reference": "Patient/ePatient-8675309" },
"owner": { "reference": "Organization/central-hospital-cardiology" },
"note": "Referral dispatched to Central Hospital Cardiology. Awaiting acceptance."
ATNA audit trail
Every interaction across all scenarios writes a FHIR AuditEvent. Click any row to see the full resource. IHE ATNA · HIPAA §164.312 · GDPR Art.30.
ATNA Audit trail
3
IHE ATNA · HIPAA §164.312 · GDPR Art.30
auth.sandbox.ajfhir.org
fhir.sandbox.ajfhir.org
dr.smith · token expires 47m
3 events this session
AJ FHIR Platform v1.0 · SMART App Launch v2.2 · FHIR R4