FTSnext

Appearance

Deidentificator Clinical Domain Agent Since 5.0

This document describes the configuration options available for managing deidentification settings in the deidentificator section of the project configuration file.

Configuration Example

The deidentificator section allows different implementations to be used for pseudonymizing and anonymizing patient data. At the moment there is only one implementation available out-of-the-box: deidentifhir

yaml
deidentificator:
  deidentifhir:
    trustCenterAgent:
      server:
        baseUrl: http://tc-agent:8080
        auth: [ ... ]
        ssl: [ ... ]
      domains:
        pseudonym: MII
        salt: MII
        dateShift: MII
    maxDateShift: P14D
    dateShiftPreserve: NONE
    deidentifhirConfig: /app/config/deidentifhir/CDtoTransport.profile
    scraperConfig: /app/config/deidentifhir/IDScraper.profile

Fields

deidentifhir Since 5.0

This implementation uses deidentifhir to accomplish deidentification of FHIR bundles.

trustCenterAgent.server Since 5.0

  • Description: Specifies connection settings for the Trust Center Agent (TCA) server used for deidentification operations.
  • Type: HttpClientConfig
  • Example:
    yaml
      trustCenterAgent:
    server:
      baseUrl: http://custom-tc-agent:9000
      auth: [ ... ]
      ssl: [ ... ]

trustCenterAgent.domains.pseudonym Since 5.0

  • Description: The TCA domain where pseudonyms are stored.
  • Type: String
  • Example:
    yaml
      trustCenterAgent:
    domains:
      pseudonym: MII_PSEUDONYMS
  • Important: This domain must already exist in gPAS before FTSnext can use it. FTSnext cannot create or alter domains.

trustCenterAgent.domains.salt Since 5.0

  • Description: The TCA domain where salts are stored.
  • Type: String
  • Example:
    yaml
      trustCenterAgent:
    domains:
      salt: MII_SALT
  • Important: This domain must already exist in gPAS before FTSnext can use it. FTSnext cannot create or alter domains.

trustCenterAgent.domains.dateShift Since 5.0

  • Description: The TCA domain where the seeds for generating date shift values are stored.
  • Type: String
  • Example:
    yaml
      trustCenterAgent:
    domains:
      dateShift: MII_DATE_SHIFT
  • Important: This domain must already exist in gPAS before FTSnext can use it. FTSnext cannot create or alter domains.

maxDateShift Since 5.0

  • Description: Specifies the maximum date shift, defined as an ISO-8601 duration.
  • Type: String
  • Example:
    yaml
      maxDateShift: P30D

dateShiftPreserve Since 5.2

  • Description: Specifies whether the weekday or the time of day are preserved. Possible values: NONE (default), WEEKDAY, DAYTIME
  • Type: DateShiftPreserve
  • Example:
    yaml
      dateShiftPreserve: WEEKDAY

deidentifhirConfig Since 5.0

  • Description: Path to the DeidentiFHIR configuration file. If using a Docker container, the path must be mounted into the container.
  • Type: String
  • Example:
    yaml
      deidentifhirConfig: /custom/path/CDtoTransport.profile

scraperConfig Since 5.0

  • Description: Path to the scraper configuration file used by DeidentiFHIR. If using a Docker container, the path must be mounted into the container.
  • Type: String
  • Example:
    yaml
      scraperConfig: /custom/path/IDScraper.profile

Notes

  • Ensure all domains (pseudonym, salt, and dateShift) are correctly configured in the TCA.
  • The maxDateShift must be in a valid ISO-8601 duration format. Refer to ISO-8601 documentation for more details.
  • Mount the configuration files (deidentifhirConfig and scraperConfig) into the Docker container if the agent runs in a containerized environment. Ensure the paths are accessible to the agent at runtime.