In order to access information stored in the Brusafe+ environment the user requesting the information much first be authenticated. (see Authentication)
An authenticated user cannot access all information in the Brusafe+environment. The information he or she is allowed to access is based on the patients consent and the patient - user relationship.
If the user is the patient he or she will only be allowed to see her own information. If the patient is a medical professional, he or she will only be allowed to see information about the patients when the patient - user relationship has been set up.
Setting up this relationship is done in the Brusafe+portal. (See Portal)
Besides the patient - user relationship there has to also be a patient consent registered in the BGN network. If there is no patient concent, no information will be returned, even if a patient - user relationship has been set up.
Authentication and Authorization are supplied to the Brusafe+environment using a SAML token. The SAML token is based on the XUA profile as descbribed by IHE.