Skip to main content

Binary Security Context

When managing access, the FHIR Binary resource is unique case. Access controls cannot be applied to Binary resources in the same way as other resources, so you must use the Binary.securityContext element to add access policies.

The securityContext element is a reference to another resource that acts as a proxy for the access controls of that Binary. For example, if the securityContext references a Patient, then the Binary will only be viewable by users and resources that have read access to that Patient.

Below is an example of a simiple Binary resource with a securityContext that references a Patient.

{
  "resourceType": "Binary",
  "securityContext": { "reference": "Patient/homer-simpson" }
}

For more details on how Binary resources are used in FHIR, see the Binary Data docs.