Quick Summary
Readiness is not a checkbox. It is whether real SMART and FHIR flows work reliably with correct scopes, patient context, resource coverage, performance, and traceability. These ten checks catch most failures early.
The 10 checks
- OAuth flow correctness: authorization code flow works end to end, including state and nonce handling.
- Scope design: scopes match intended access and do not over grant or under grant.
- Patient context: patient launch works reliably and the patient identifier is stable.
- Resource coverage: the key resources you claim to support are present and usable (not empty shells).
- Search behavior: common search queries return correct results with consistent paging.
- Terminology consistency: codes, displays, and units are consistent across payloads.
- Provenance and timestamps: data includes capture time and source context where applicable.
- Error handling: failures are returned as valid OperationOutcome with actionable details.
- Performance: latency, rate limits, and paging performance work under real load.
- Auditability: access is logged, and you can trace which app accessed what data and when.
Why this checklist works
Most integrations fail in predictable places: scope mismatch, broken patient context, missing resources, inconsistent terminology, and performance cliffs. A readiness scan should surface these before you sign a rollout plan.
Where Aether fits
Aether can act as a read-only readiness scan layer. Hospitals and labs launch the scan, see pass and fail results, and get a gap report that translates to an implementation plan.
Sources and further reading
Information only. Not medical advice.
Next steps
- Run the checklist against your real production-like environment.
- Fix the top failures before adding more resource coverage.
- Re-test after changes and keep audit logs as evidence.