Consumers are required to ensure an appropriate level of authentication and authorisation is applied, within their systems, when giving users access to information received via Spine services.
Healthcare Professional Access
Where the consuming system is making a request on behalf of a healthcare professional, the system MUST have authenticated the user using:
- NHS Identity
- National Smartcard Authentication
Consumers MUST apply appropriate RBAC governance to manage access to different types of pointers and retrieved information.