Identity and Access for AI Systems

Common Mistakes

1. Hardcoding API keys in application configuration. API keys in config files, environment variables, or code are committed to version control, appear in container images, and cannot be rotated without redeployment. Always retrieve credentials at runtime from a secrets management service.

2. Over-broad FHIR scopes. system/*.read grants the AI service read access to every FHIR resource type for every patient — a significant over-privilege. Specify individual resource types and verify minimum necessity with the privacy officer.

3. No token refresh for SMART tokens. SMART access tokens expire (typically in 1 hour for backend services). An AI service that obtains a token at startup and does not implement refresh will fail after the token expires. Always implement token cache with expiry tracking and automatic refresh.

4. Not logging AI-specific FHIR access in the HIPAA audit log. EHR access logs from Epic or Cerner track user-initiated access. AI service access (which is server-to-server) may not be automatically included in the clinical audit log. The AI platform must emit its own audit log entries for every FHIR access.

Best Practices

  • Store all credentials (LLM API keys, service account secrets) in a secrets management service; never in code or config files
  • Implement 90-day credential rotation for all LLM API keys
  • Use SMART on FHIR JWT assertion (client_credentials + JWT) for EHR access; avoid shared username/password
  • Request minimum-necessary FHIR scopes; audit quarterly and remove excess
  • Assign dedicated service accounts to each AI platform component (never shared)
  • Emit AI-specific FHIR access audit log entries for HIPAA compliance

Key Takeaways

  • AI systems operate in multiple authorization domains simultaneously; each requires a different credential pattern
  • SMART on FHIR client_credentials + JWT assertion is the standard for AI backend service EHR access
  • FHIR scopes must be minimum-necessary; system/*.read is never appropriate for a production AI service
  • All credentials must be stored in secrets management services and rotated on a defined schedule
  • PHI access by AI services must be logged in the HIPAA audit trail with the service account identity and use case