Welcome to Smile CDR
- Table of Contents 1.0
- Smile CDR Maturity Model 1.1
- Smile CDR Premium Solutions 1.2
- List of Features by Maturity 1.3
- Changelog (2023 Releases) 1.4
- Changelog (2022 Releases) 1.5
- Changelog (2021 Releases) 1.6
- Changelog (2020 Releases) 1.7
- Changelog (2019 Releases) 1.8
- Changelog (2018 Releases) 1.9
- Changelog (2017 Releases) 1.10
Getting Started
Installation
- Installing Smile CDR 3.0
- Docker Container Installation 3.1
- Unix Service Installation 3.2
- Tuning your Installation 3.3
- Message Brokers 3.4
- Message Broker Failure Management 3.5
- Message Broker: Kafka 3.6
- Message Broker: ActiveMQ 3.7
- Pre-Seeding Configuration and Data 3.8
- Upgrading Smile CDR 3.9
- Production Checklist 3.10
- Module Licensing 3.11
Tutorial and Tour
The FHIR Standard
- FHIR Introduction 5.0
- FHIR CRUD Operations 5.1
- FHIR Searching Basics 5.2
- FHIR Search: References and Includes 5.3
- FHIR Search: Custom Search Parameters 5.4
- FHIR Transactions and Batches 5.5
- FHIRPath Expressions 5.6
FHIR Storage
- Concepts in Smile CDR 6.0
- FHIR Storage Modules 6.1
- FHIR Endpoint Module 6.2
- FHIRWeb Console 6.3
- OpenAPI / Swagger Support 6.4
- FHIR Endpoint Customization 6.5
- Resource IDs 6.6
- Search Parameters 6.7
- Search Parameter Features 6.8
- Phonetic Search Parameters 6.9
- Search Parameter Tuning 6.10
- Search Parameter Reindexing 6.11
- Searching for Data 6.12
- Creating Data 6.13
- Reading Data 6.14
- Updating Data 6.15
- Deleting Data 6.16
- Binary Data 6.17
- Request Tracing and Provenance 6.18
- FHIR Versions 6.19
- Resource Versions and Versioned References 6.20
- Tags, Profiles, and Security Labels 6.21
- Clinical Quality Language (CQL) 6.22
- Partitioning and Multitenancy 6.23
- Custom Resource Types 6.24
- Batch and Scheduled Jobs 6.25
FHIR Storage (Relational)
- FHIR Storage (Relational) Module 7.0
- Resource Storage Mode 7.1
- Performance Tuning 7.2
- Lucene Indexing 7.3
- Performance and Caching 7.4
- Chained Searching and Sorting 7.5
- MegaScale 7.6
FHIR Storage (MongoDB)
Validation and Conformance
- Introduction 9.0
- Validation Support Repository 9.1
- Validation Support Repository Options 9.2
- Conformance Data 9.3
- Repository Validation 9.4
- Repository Validation: Java 9.5
- Repository Validation: Javascript 9.6
- Repository Validation: Validation Bean 9.7
- Endpoint Validation 9.8
- Packages and Implementation Guides 9.9
- Package Registry Endpoint Module 9.10
- Remote Terminology Services 9.11
- Suppressing Messages 9.12
- Validation Performance 9.13
- Automatic Provenance Injection 9.14
Terminology
- Terminology Introduction 10.0
- Uploading Codes 10.1
- Terminology and Lucene Indexing 10.2
- ValueSet Expansion 10.3
- FHIR Response Terminology Mapping 10.4
Subscription
- Introduction 11.0
- Architecture 11.1
- Channel Types 11.2
- Delivery Options 11.3
- Manual Triggering 11.4
- Topic Subscriptions 11.5
Interceptors
- Interceptors 12.0
- Pointcuts 12.1
- Starter Project 12.2
- Examples: FHIR Endpoints 12.3
- Examples: HL7v2 Endpoints 12.4
- Examples: FHIR Storage 12.5
- Examples: FHIR Gateway 12.6
- Examples: FHIR Client 12.7
- Examples: MDM 12.8
- Examples: Subscription 12.9
- Examples: Channel Import 12.10
- Examples: Cluster Manager 12.11
Channel Import
Realtime Export
- Realtime Export Overview 14.0
- Realtime Export Rules Definition 14.1
- Using FHIRPath 14.2
- Debezium 14.3
Security
- Security in Smile CDR 15.0
- Authentication Protocols 15.1
- Authorization and Consent 15.2
- Inbound Security Module 15.3
- Local Inbound Security Module 15.4
- LDAP Inbound Security Module 15.5
- Scripted Inbound Security Module 15.6
- SAML Inbound Security Module 15.7
- Trusted Client Mode 15.8
- Roles and Permissions 15.9
- Callback Scripts 15.10
- Anonymous Access 15.11
- Consent Service 15.12
- Consent Service: JavaScript API 15.13
- Consent Service: Java API 15.14
- Security Recipes 15.15
- Two Factor Authentication 15.16
- Troubleshooting Security 15.17
SMART on FHIR
- SMART on FHIR: Introduction 16.0
- SMART: Scopes 16.1
- SMART: Auth Flows 16.2
- SMART: Endpoints 16.3
- Client Management 16.4
- OIDC Keystores 16.5
- SMART: Smile CDR Support 16.6
- SMART Outbound Security: Module 16.7
- SMART Outbound Security: Skinning 16.8
- SMART Outbound Security: Context Selection 16.9
- SMART Outbound Security: SAML Bridging 16.10
- SMART: Federated OAuth2/OIDC Login 16.11
- SMART: Application Approval/Consent 16.12
- SMART Inbound Security Module 16.13
- SMART: Session Management 16.14
- SMART: Assigning Permissions 16.15
- SMART: Access Tokens 16.16
- SMART: User Profile Information 16.17
- FHIR Client Authentication 16.18
appSphere
- Introduction 17.0
- Getting Started 17.1
- Associated Module Configurations 17.2
- Client Creation and Configuration 17.3
- Other Configurations 17.4
- Developer Portal 17.5
- App Management Console 17.6
- App Gallery 17.7
- Appendix 17.8
FHIR Gateway
FHIR Hybrid Providers
LiveBundle
- LiveBundle Overview 20.0
- LiveBundle API 20.1
- LiveBundle Rule Definition 20.2
- LiveBundle Keepers 20.3
CDS Hooks
Master Data Management
- MDM 22.0
- MDM Quickstart Guide 22.1
- MDM Rule Definition 22.2
- Using EIDs in MDM Rule Definition 22.3
- MDM Survivorship Rules 22.4
- Upgrading from the EMPI module 22.5
- MDM UI 22.6
- MDM Blocklist Definition 22.7
Clinical Reasoning
- Overview 23.0
- CQL 23.1
- Care Gaps 23.2
- Measures 23.3
- QPP Report Builder 23.4
- PlanDefinitions 23.5
- Questionnaires 23.6
IG Support
Clustering
Logging
- Overview 26.0
- Audit Log 26.1
- Transaction Log 26.2
- System Logging 26.3
- Troubleshooting Logs 26.4
- Custom Logging 26.5
HL7 v2.x Support
- Introduction 27.0
- Inbound Messaging 27.1
- FHIR-Based Terminology Translation 27.2
- Outbound Messaging 27.3
- Outbound: Default Resource Conversion 27.4
- Outbound: Custom Resource Conversion 27.5
- Outbound: Verbatim Messaging 27.6
- Outbound: Transport 27.7
- Transactions 27.8
- Structure Definitions 27.9
- Segment Definitions 27.10
- Table Definitions 27.11
- Naming System Mapping 27.12
- Processing Results Feeds 27.13
- Protocol 27.14
CDA Exchange Module
- Introduction 28.0
- JavaScript Templates 28.1
- Rest API Operations 28.2
- Available Document and Section Types for CDA Export 28.3
- Available Document and Section Types for CDA Import 28.4
- JavaScript Hooks on CDA Import / Export 28.5
- Further Reading 28.6
CDA Exchange Module v2
- Introduction 29.0
- JavaScript Templates 29.1
- Rest API Operations 29.2
- Available Document and Section Types for CDA Export 29.3
- Available Document and Section Types for CDA Import 29.4
- JavaScript Hooks on CDA Import / Export 29.5
- FHIR-Based Terminology Translation 29.6
- Further Reading 29.7
Bulk Operations
Additional Features
Monitoring
Product Administration
JSON Admin Endpoints
- JSON Admin API 34.0
- Audit Log Endpoint 34.1
- Batch Job Endpoint 34.2
- Bulk Import Endpoint 34.3
- CDA Exchange Endpoint 34.4
- Metrics Endpoint 34.5
- Module Config Endpoint 34.6
- OpenID Connect Clients Endpoint 34.7
- OpenID Connect Servers Endpoint 34.8
- OpenID Connect Sessions Endpoint 34.9
- Runtime Status Endpoint 34.10
- System Config Endpoint 34.11
- Transaction Log Endpoint 34.12
- User Management Endpoint 34.13
HFQL: Direct SQL Access
- HFQL/SQL Overview 35.0
- SQL Syntax 35.1
- SQL Syntax: Select 35.2
- SQL Syntax: Where 35.3
- SQL Syntax: Limitations 35.4
- SQL Syntax: Examples 35.5
Product Configuration
Java Execution Environment
JavaScript Execution Environment
- Introduction 38.0
- Specifying JavaScript in Configuration File 38.1
- Remote Debugging 38.2
- ECMA Modules (import) 38.3
- Converter API 38.4
- Environment API 38.5
- Exceptions API 38.6
- OAuth2 Exceptions API 38.7
- FHIR REST API 38.8
- FHIR Model API 38.9
- HL7 v2.x Mapping API 38.10
- HTTP API 38.11
- LDAP API 38.12
- Log API 38.13
- Composition Resource API 38.14
- Composition Section API 38.15
- TransactionBuilder API 38.16
- Util API 38.17
- UUID API 38.18
- XML API 38.19
- Callback Models 38.20
Database Administration
- Database Design 39.0
- Database Connection Pool 39.1
- Setting Up PostgreSQL 39.2
- Troubleshooting PostgreSQL 39.3
- Setting Up MySQL 39.4
- Setting Up MariaDB 39.5
- Setting Up Oracle 39.6
- Setting Up SQL Server (MSSQL) 39.7
- AWS IAM Authentication 39.8
Localization
Smile CDR CLI (smileutil)
- Introduction 41.0
- Bulk Import 41.1
- Create FHIR Package 41.2
- Execute Script Function 41.3
- Export ConceptMap to CSV 41.4
- HL7 v2.x Analyze Flat File 41.5
- HL7 v2.x Transmit Flat File 41.6
- Import CSV to ConceptMap 41.7
- Map and Upload CSV Bulk Import File 41.8
- Migrate Database 41.9
- Clear Database Migration Lock 41.10
- Module Config Properties Export 41.11
- Reindex Terminology 41.12
- Synchronize FHIR Servers 41.13
- Upgrade H2 Database File 41.14
- Upload Bundle Files 41.15
- Upload CSV Bulk Import File 41.16
- Upload Sample Dataset 41.17
- Upload Terminology 41.18
- Generate Realtime Export Schema 41.19
- Validate FHIR Resources 41.20
Apache Camel Integration
Modules
- JSON Admin API 43.0
- Web Admin Console 43.1
- CDA Exchange 43.2
- Channel Import 43.3
- Cluster Manager 43.4
- CQL 43.5
- Audit Log Persistence 43.6
- Transaction Log Persistence 43.7
- Digital Quality Measures (DQM) 43.8
- Documentation Templates and Rules (DTR) 43.9
- Enterprise Master Patient Index 43.10
- CDS Hooks Endpoint 43.11
- FHIR Gateway Endpoint 43.12
- FHIR REST Endpoint (All Versions) 43.13
- FHIR REST Endpoint (DSTU2 - Deprecated) 43.14
- FHIR REST Endpoint (DSTU3 - Deprecated) 43.15
- FHIR REST Endpoint (R4 - Deprecated) 43.16
- FHIRWeb Console 43.17
- HL7 v2.x Listening Endpoint 43.18
- HL7 v2.x Listening Endpoint (Deprecated) 43.19
- HL7 v2.x Sending Endpoint 43.20
- Hybrid Providers Endpoint 43.21
- Package Registry Endpoint 43.22
- Subscription Websocket Endpoint 43.23
- ETL Importer 43.24
- MDM 43.25
- MDM UI 43.26
- Prior Auth CRD 43.27
- Prior Auth Support 43.28
- Narrative Generator 43.29
- FHIR Storage (DSTU2 RDBMS) 43.30
- FHIR Storage (R3 RDBMS) 43.31
- FHIR Storage (R4 RDBMS) 43.32
- FHIR Storage (R5 RDBMS) 43.33
- FHIR Storage (Mongo) 43.34
- Realtime Export 43.35
- LDAP Inbound Security 43.36
- Local Inbound Security 43.37
- SAML Inbound Security 43.38
- Scripted Inbound Security 43.39
- SMART Inbound Security 43.40
- SMART Outbound Security 43.41
- Subscription Matcher (All FHIR Versions) 43.42
- Subscription Matcher (DSTU2 - Deprecated) 43.43
- Subscription Matcher (DSTU3 - Deprecated) 43.44
- Subscription Matcher (R4 - Deprecated) 43.45
- appSphere 43.46
- Payer to Payer 43.47
- System to System Data Exchange 43.48
- Amazon HealthLake Outbound REST Connector 43.49
- License 43.50
- Camel 43.51
Configuration Categories
- Web Admin Console Settings 44.0
- appSphere 44.1
- Payer Config 44.2
- Initial appSphere Seeding 44.3
- Authentication Callback Scripts 44.4
- Auth: General for APIs 44.5
- User Authentication 44.6
- Auth: HTTP Basic 44.7
- Auth: OpenID Connect 44.8
- Browser Syntax Highlighting 44.9
- Camel 44.10
- Capability Statement (metadata) 44.11
- Care Gaps 44.12
- CDA Generation 44.13
- CDA Import 44.14
- CDA Interceptors 44.15
- CDA JavaScript Execution Scripts 44.16
- CDA Terminology 44.17
- CDS Hooks Definitions 44.18
- CDS Hooks On FHIR 44.19
- Channel Import 44.20
- Channel Retry 44.21
- Kafka 44.22
- Cluster Manager Maintenance 44.23
- Message Broker 44.24
- Cluster Level Security 44.25
- CQL 44.26
- Credentials 44.27
- Cross-Origin Resource Sharing (CORS) 44.28
- Database 44.29
- Da Vinci Health Record Exchange 44.30
- DQM 44.31
- DTR 44.32
- Email Configuration 44.33
- Encounter Start CDS hook configuration 44.34
- MDM UI 44.35
- ETL Import: CSV Properties 44.36
- ETL Import: Source 44.37
- FHIR Binary Storage 44.38
- FHIR Bulk Operations 44.39
- Capability Statement 44.40
- FHIR Configuration 44.41
- Consent Service 44.42
- FHIR Endpoint Conversion 44.43
- FHIR Endpoint HFQL Support 44.44
- FHIR Endpoint Partitioning 44.45
- Resource Providers 44.46
- FHIR Endpoint Security 44.47
- Endpoint Terminology 44.48
- FHIR Gateway Configuration 44.49
- FHIR Interceptors 44.50
- LiveBundle Service 44.51
- FHIR MDM Server 44.52
- FHIR Performance 44.53
- FHIR Performance Tracing 44.54
- FHIR Realtime Export 44.55
- Repository Validation 44.56
- FHIR Resource Types 44.57
- FHIR REST Endpoint 44.58
- FHIR Search 44.59
- Custom Resource Types 44.60
- IG Support 44.61
- MegaScale 44.62
- FHIR Storage Module Conditional Updates 44.63
- FHIR Storage Module Scheduled Tasks 44.64
- FHIR Validation Services 44.65
- FHIR Storage Package Registry 44.66
- FHIR Storage Partitioning 44.67
- Versioned References 44.68
- FHIR Subscription Delivery 44.69
- FHIR Subscription Persistence 44.70
- Amazon HealthLake REST Endpoint 44.71
- HL7 v2.x Mapper - Contained Resource 44.72
- HL7 v2.x Mapper - DG1 44.73
- HL7 v2.x Mapper - Forced Namespace Mode 44.74
- HL7 v2.x Mapper - General 44.75
- HL7 v2.x Mapper - Medications 44.76
- HL7 v2.x Mapper - OBR 44.77
- HL7 v2.x to FHIR Mapper - OBSERVATION Group 44.78
- HL7 v2.x to FHIR Mapper - ORDER_OBSERVATION Group 44.79
- HL7 v2.x Mapper - PID 44.80
- HL7 v2.x Mapper - PV1 44.81
- Listener Interceptors 44.82
- HL7 v2.x Listener Script 44.83
- HL7 v2.x Listening Endpoint 44.84
- HL7 v2.x MLLP Listener 44.85
- HL7 v2.x MLLP Sender 44.86
- FHIR to HL7 v2.x Mapper Script 44.87
- HL7 v2.x Outbound Mapping 44.88
- Da Vinci Health Record Exchange (HRex) 44.89
- HTTP Access Log 44.90
- HTTP Listener 44.91
- HTTP Request Pool 44.92
- HTTP Security 44.93
- Hybrid Providers Definitions 44.94
- Initial User Seeding 44.95
- JavaScript Execution Environment 44.96
- JSON Web KeySet (JWKS) 44.97
- LDAP Authentication 44.98
- Smile CDR License 44.99
- Lucene FullText Indexing 44.100
- MDM 44.101
- System to System Data Exchange 44.102
- Narrative Generator 44.103
- OpenID Connect Token Validation 44.104
- OpenID Connect (OIDC) 44.105
- Order Sign CDS hook configuration 44.106
- Payer to Payer 44.107
- Prior Authorization Coverage Requirement Discovery 44.108
- Prior Authorization Support 44.109
- Privacy Security Notice 44.110
- Provenance Injection 44.111
- Quality Payment Program (QPP) 44.112
- Realtime Export 44.113
- Endpoint Validation: Request Validating 44.114
- Scheduler Configuration 44.115
- Search Parameter Seeding 44.116
- SAML Provider 44.117
- Security Inbound Script 44.118
- Inbound SMART on FHIR Authentication 44.119
- Inbound SMART on FHIR Endpoints 44.120
- OAuth2/OIDC Federation 44.121
- SMART Callback Script 44.122
- Cross-Organizational Data Access Profile 44.123
- SMART Login Skin 44.124
- SMART Login Terms of Service 44.125
- SMART Authorization 44.126
- SMART Definitions Seeding 44.127
- Sessions 44.128
- Two Factor Authentication 44.129
- TLS / SSL (Encryption) 44.130
- Transaction Log 44.131
- Trusted Client 44.132
- User Self Registration 44.133
Product Reference
Amazon HealthLake Outbound REST Connector
Appendix
Table of Contents
Audit Log
26.1.1Audit Log
The Smile CDR audit log is responsible for creating a record of user access to the system, including:
- Accesses (both read and write) to the FHIR Endpoints
- Accesses (both read and write) to the Web Admin Console and JSON Admin API
- User authentication against security endpoints
- Configuration changes
The responsibility of the audit log is to bind these events to a specific user account. Note that user accounts marked as a Service Account will not generate audit log entries.
The audit log is a part of the Smile CDR Cluster Manager module, and runs on every node in a cluster. Configuration for the cluster manager is stored in the Node Configuration Properties File.
26.1.2Audit Log Configuration
The following properties may be used to control the Audit Log.
- audit_log.db.enabled – Controls whether the audit log will be written to the database. The default value is true. If set to false, no new entries will be written to the database (existing entries are not deleted simply by modifying this setting).
- audit_log.broker.enabled – Controls whether the audit log will be written to a message broker queue named
smilecdr-audit. The default value is false. If set to true, all audit log entries will be written to the queue. If the Smile CDR Message Broker is Kafka, then the audit messages are written to a topic calledsmilecdr.audit. - audit_log.request_headers_to_store – Controls which request headers Smile CDR will extract and store along with the audit event. If left empty, no headers will be stored.
26.1.3Disabling the Audit Log
The following snippet may be added to your configuration properties file to completely disable the audit log.
module.clustermgr.config.audit_log.db.enabled=false
module.clustermgr.config.audit_log.broker.enabled=false
26.1.4Broker Audit Log
Audit log messages written to the queue or topic have a format similar to the following example:
{
"endpointModuleId" : "fhir_endpoint",
"endpointNodeId" : "unit_test_node",
"remoteAddress" : "127.0.0.1",
"targetModules" : [ ],
"targetResources" : [ {
"persistenceModuleModuleId" : "persistence",
"persistenceModuleNodeId" : "unit_test_node",
"resourceId" : "Patient/1",
"resourceVersion" : 1
} ],
"targetUsers" : [ ],
"timestamp" : "2019-11-18T11:08:36.479-05:00",
"typeCode" : "FHIR_VREAD",
"typeDisplay" : "FHIR Resource Instance Read (Version-specific)",
"typeSystem" : "https://smilecdr.com/ns/CodeSystem/CdrAuditEvents",
"username" : "ADMIN",
"userModuleId" : "local_security",
"userNodeId" : "unit_test_node",
"authenticatedUserType" : "USER"
}
26.1.5Audit Module
It is recommended to split the audit log away from your primary Cluster Manager database. This is possible by creating a module of type AUDIT_LOG_PERSISTENCE. Creating such a module will permit you to define a database separate from your Cluster Manager database. One reason for doing this is to reduce traffic on your primary Cluster Manager database, but there are potential security and retention reasons as well. Below is a diagram showing the relationship between the Cluster Manager and the Audit Log Persistence module, and how audit logs are propagated throughout the system.
The following example has a Cluster Manager module, along with two Audit Log Persistence modules. The Web Admin module is there to show that it is possible to have multiple Audit Log Persistence modules, and that the Web Admin module can query any of them.
Note that there are a few minor differences between this separate module's audit logs, and the Cluster Manager's audit logs.
- The
Audit Log Persistencemodule does not contain database constraints on the client PID or user PID fields of the Audit Logs. These fields are later populated with cluster manager data upon viewing. - The
Audit Log Persistencemodule does not support sending messages to a broker. We plan to provide a newAUDIT_LOG_BROKERmodule type in the future to support this.
26.1.5.1Cluster Manager in conjunction with Audit Modules
If any Audit modules are defined, the cluster manager will stop writing audit logs to its own database, favouring instead writing to each available Audit module. This behaviour can be changed by enabling the audit_log.db.always_write_to_clustermgr property on the Cluster Manager. If this is enabled, the Cluster Manager will continue to write audit logs to its own database, in addition to any Audit modules that are defined.
26.1.5.2Viewing Audit Logs on alternate modules.
When viewing the Web Admin console's Audit Log page, you must now select an audit module to view.