We're on Medica 2023, come say "hi" and connect in Hall 12, Booth E53-03!

Back to blog

An Extensive Guide to FHIR (Fast Healthcare Interoperability Resources)

post illustration

Table of Contents:

  1. Introduction to FHIR
    1. What is FHIR?
    2. Why was FHIR Developed?
    3. Key Concepts
  2. FHIR Resources
    1. Resource Types
    2. Resource Elements
    3. Resource Interactions
    4. Search and Query
    5. Security Considerations
  3. FHIR Data Types
    1. Simple Data Types
    2. Complex Data Types
    3. Key Concepts
  4. FHIR Implementation
    1. FHIR Profiles
    2. FHIR Implementation Guides
    3. Custom Resource Definitions
  5. FHIR Workflow
    1. Patient Management
    2. Clinical Document Exchange
    3. Device Integration
  6. FHIR and Interoperability
    1. HL7 and FHIR
    2. FHIR and EHR Systems
    3. FHIR and Health Information Exchange
  7. FHIR and Standards
    1. FHIR and DICOM
    2. FHIR and LOINC
    3. FHIR and CDA
  8. FHIR Extensions
    1. What are Extensions?
    2. Creating and Using Extensions
  9. FHIR Conformance and Testing
    1. Conformance Statements
    2. FHIR Testing Framework
  10. FHIR and Privacy/Security
    1. FHIR Security Model
    2. Authorization and Authentication
  11. FHIR Resources and Further Reading

1. Introduction to FHIR

What is FHIR?

FHIR (Fast Healthcare Interoperability Resources) is a standard for exchanging healthcare information electronically. It was developed by HL7 International, a non-profit organization focused on creating healthcare standards. FHIR aims to simplify the exchange and management of healthcare data between different systems, providers, and organizations.

Why was FHIR Developed?

FHIR was developed to address the challenges of healthcare interoperability. Traditional standards were often complex and slow to implement. FHIR aims to provide a more modern, easy-to-implement, and flexible approach to healthcare data exchange, making it more accessible for developers and organizations.

Key Concepts

  • Resources: They are the fundamental building blocks of FHIR. Each resource represents a discrete piece of healthcare information, such as a patient’s demographics, a medication order, or a diagnostic report.
  • RESTful API: FHIR uses a RESTful API, which allows systems to interact using standard HTTP methods (GET, POST, PUT, DELETE) and the principles of Representational State Transfer (REST).
  • Data Types: FHIR defines various data types that can be used within resources. These include simple data types like strings and numbers, as well as complex data types like addresses and dates.
  • Interoperability: FHIR emphasizes interoperability by providing a common framework for data exchange. This allows different healthcare systems to understand and process data consistently.

2. FHIR Resources

Resource Types

Within the FHIR framework, a diverse array of healthcare concepts is encapsulated in resource types. These resource types serve as the foundational building blocks for representing different facets of healthcare information. Some of the commonly used resource types include:


The “Patient” resource captures essential information about individuals receiving healthcare services. It encompasses data like their name, gender, date of birth, and other demographic details.


The “Observation” resource is instrumental in recording various clinical observations, such as vital signs, laboratory test results, and other measurements essential for monitoring a patient’s health.


The “Medication” resource provides comprehensive details about medications prescribed to patients, including their names, dosages, routes of administration, and instructions for use.


The “Condition” resource records a patient’s medical conditions, illnesses, or diagnoses, allowing healthcare providers to maintain a comprehensive medical history.


The “Appointment” resource facilitates the management of patient appointments, offering insights into scheduling, location, and associated healthcare providers.


The “Encounter” resource documents patient interactions with healthcare systems, encompassing details about admission, discharge, and various healthcare events.


The “Practitioner” resource contains information about healthcare professionals, such as doctors, nurses, and therapists, including their names, specialties, and contact details.

Resource Elements

Resources themselves are composed of individual elements, representing discrete pieces of data within a resource.

For instance, a “Patient” resource may include elements such as:

  • Name’s element: Could be used for patient’s name and surname.
  • Gender: The patient’s gender identity.
  • Birthdate: The date of the patient’s birth.
  • and many more…

These elements allow for granular representation and retrieval of specific information within a resource, enabling precise data management and querying.

Resource Interactions

FHIR resources support various interactions that correspond to different operations on these resources. These interactions include:


The “Create” interaction involves adding a new instance of a resource to the system, for instance, adding a new patient’s record to a healthcare database.


The “Read” interaction pertains to retrieving a specific instance of a resource from the system, such as accessing the medical history of a particular patient.


The “Update” interaction allows for the modification of an existing instance of a resource, ensuring that data remains accurate and up-to-date.


The “Delete” interaction entails removing an instance of a resource from the system, such as when a patient’s record is no longer relevant.

Search and Query

FHIR’s capabilities extend beyond basic CRUD operations, offering robust search and query functionalities. These capabilities are harnessed through a variety of parameters, including:


The “_id” parameter facilitates the retrieval of a specific resource instance based on its unique identifier. For example, healthcare providers can use this parameter to fetch a particular patient’s record by specifying the patient’s ID.


The “_lastUpdated” parameter allows users to query for resources based on their modification timestamp. This is invaluable for tracking changes and staying updated on the latest healthcare information.

Custom Search Parameters

FHIR’s extensible nature permits the definition of custom search parameters for each resource type. This empowers organizations to tailor their queries to specific needs. For instance, a research institution might create custom search parameters to identify patients meeting certain criteria for clinical trials.

Security Considerations

FHIR implementations must prioritize security to safeguard the confidentiality, integrity, and availability of sensitive healthcare data.

Key security considerations include:


Robust authentication mechanisms must be in place to verify the identities of users and systems accessing FHIR resources. This ensures that only authorized individuals can view or modify healthcare data.


Authorization controls define the level of access granted to authenticated users. Role-based access control (RBAC) or attribute-based access control (ABAC) policies can be implemented to restrict access to specific resources based on user roles or attributes.


Data encryption, both in transit and at rest, is imperative to protect healthcare data from unauthorized access. Transport Layer Security (TLS) is commonly employed to secure data transmission, while encryption algorithms safeguard data stored on servers or in databases. However, FHIR, unlike iCure Data Model, doesn’t consider encryption a part of its data model. That means it cannot allow for selective sharing of information through encryption.

Audit Trails

Comprehensive audit trails should be maintained to track all interactions with healthcare data. These audit logs provide a record of who accessed the data, what actions were performed, and when they occurred, aiding in compliance and security investigations.

Compliance with Regulatory Standards

FHIR implementations must adhere to relevant healthcare data privacy and security regulations, such as the General Data Protection Regulation (GDPR) in Europe or the Health Insurance Portability and Accountability Act (HIPAA) in the United States.

Compliance ensures that patient rights and privacy are upheld.

In conclusion, the FHIR RESTful API empowers healthcare organizations with the ability to perform CRUD operations, powerful search and query functionalities, and robust security measures.

By embracing these capabilities, healthcare providers and stakeholders can securely exchange, access, and manage healthcare data while adhering to strict regulatory standards and ensuring the highest level of patient data protection.

3. FHIR Data Types

Simple Data Types

FHIR encompasses a spectrum of data types, starting with simple data types, including:

  • String
  • Boolean
  • Integer
  • Decimal
  • Date/Time

Complex Data Types

In addition to simple data types, FHIR also defines complex data types, including:

  • Address
  • HumanName
  • ContactPoint
  • Quantity

Extension Mechanism

Extensions are a fundamental feature of the FHIR standard that empowers healthcare organizations and developers to extend the capabilities of FHIR resources without modifying the core standard. These extensions are invaluable in accommodating diverse and specialized use cases within the healthcare ecosystem. They allow the addition of custom fields or data elements to existing FHIR resources, making it possible to capture contextually relevant information that might not be covered by the standard.

Extensions are defined using the Extension data type within FHIR, which provides a structured way to create custom data elements. This definition includes details such as the name of the extension, the data type it uses (e.g., string, boolean, code), and any constraints or rules that govern its usage.

There are many use cases for FHIR extensions. Healthcare organizations may employ extensions to capture specialized clinical data, such as additional patient-specific information, research data, or study-specific metadata. Researchers can utilize extensions to record study-specific data points within patient records, ensuring that clinical research and data collection remain standardized and efficient. Moreover, extensions are indispensable in cross-system communication, allowing organizations to share custom data elements while still adhering to the overarching FHIR framework.

All in all, FHIR Extensions are a powerful tool that allows for the customization and enrichment of FHIR resources to meet the unique data requirements and use cases within the healthcare domain. They play vital role in facilitating innovation, research, and seamless data exchange in the ever-evolving field of healthcare, but, on the other hand, can impact interoperability to some extent.

4. FHIR Implementation

FHIR Profiles

FHIR profiles play a pivotal role in tailoring the FHIR standard to meet specific healthcare contexts or use cases. These profiles act as blueprints for defining constraints on FHIR resources, allowing organizations to customize and adapt the standard to their unique requirements.

Here’s how FHIR profiles contribute to the success of FHIR implementations:

1. Ensuring Consistency.

FHIR profiles provide a structured framework for defining how resources should be used within a particular context. This consistency ensures that healthcare data is represented uniformly, reducing the risk of data discrepancies and errors.

2. Enhancing Interoperability.

By creating profiles that precisely define the data elements and their constraints, FHIR implementations can seamlessly exchange information with other systems and organizations. This interoperability is crucial for enabling collaborative healthcare, as it allows different entities to understand and use data consistently

3. Meeting Regulatory Requirements.

Healthcare regulations often require specific data standards and formats. FHIR profiles enable organizations to align with these regulatory mandates while still benefiting from the flexibility and adaptability of the FHIR standard.

4. Use Case Specificity.

FHIR profiles can be tailored to address the unique needs of various healthcare scenarios. For example, a profile for radiology reports may include specialized elements and constraints relevant to radiology data, ensuring that the standard remains versatile across diverse medical specialties.

FHIR Implementation Guides

FHIR Implementation Guides are comprehensive documents that provide detailed instructions and best practices for using FHIR in specific healthcare contexts. These guides are invaluable resources for developers, healthcare organizations, and other stakeholders looking to implement FHIR effectively.

Here’s how Implementation Guides support successful FHIR implementations:

1. Standardized Guidance.

Implementation Guides offer standardized guidance on how to structure FHIR resources, create profiles, and handle specific use cases. This consistency aids developers in building compliant FHIR systems.

2. Reduced Development Time.

By following the recommendations and templates outlined in the Implementation Guides, development teams can accelerate the implementation process. These guides serve as blueprints, reducing the need for extensive trial-and-error development.

3. Interoperability Assurance.

Implementation Guides ensure that FHIR-based systems conform to agreed-upon standards, fostering interoperability. When different organizations follow the same guide, they can confidently exchange data without compatibility concerns.

4. Compliance and Certification.

In some cases, regulatory bodies or industry organizations endorse specific Implementation Guides for certification purposes. Adhering to these guides can facilitate compliance with regulatory requirements and industry standards.

Custom Resource Definitions

FHIR’s flexibility extends to the creation of custom resources when the existing resource types do not adequately cover specific healthcare needs. Custom resources are designed to adhere to FHIR guidelines, ensuring that they align with the FHIR standard and maintain interoperability. Here’s how custom resource definitions contribute to FHIR implementations:

1. Addressing Unique Requirements.

Custom resources allow healthcare organizations to represent and manage data that may be unique to their specialty or workflow. This flexibility empowers organizations to adapt FHIR to their specific needs.

2. Maintaining Interoperability.

While custom resources provide room for customization, they are designed to follow FHIR’s core principles, ensuring that they can still interact and exchange data seamlessly with other FHIR-compliant systems.

3. Extending FHIR’s Applicability.

Custom resources expand the range of healthcare scenarios that can benefit from FHIR. They support innovation and the development of specialized applications while maintaining the overall integrity of the FHIR ecosystem.

FHIR implementation involves the use of profiles to customize resource constraints, reliance on Implementation Guides for standardized guidance, and the creation of custom resources to address unique healthcare requirements. These components collectively contribute to the successful adoption of FHIR, ensuring that it remains adaptable, interoperable, and well-suited to the diverse needs of the healthcare industry.

5. FHIR Workflow

Patient Management

FHIR plays a pivotal role in modernizing and streamlining patient management within healthcare systems.

Here’s how FHIR supports effective patient management:

1. Demographics and Medical History.

FHIR allows for the structured representation of patient demographics, including name, gender, date of birth, and contact information. Additionally, it accommodates comprehensive medical histories, documenting conditions, medications, allergies, and procedures. This kind of patient information ensures that healthcare providers have a holistic view of each patient’s health status.

2. Appointments and Scheduling.

FHIR facilitates the management of patient appointments and scheduling. Healthcare systems can use FHIR resources to create, update, and query appointment data, ensuring that patients receive timely and coordinated care. This feature is particularly crucial for optimizing clinic operations and reducing patient wait times.

3. Care Coordination.

By offering standardized formats for patient data, FHIR promotes effective care coordination. Healthcare professionals can easily share patient information across different departments, specialties, and organizations, enhancing collaboration and ensuring that patients receive the right care at the right time.

4. Patient Engagement.

FHIR supports patient engagement initiatives by enabling patients to access and interact with their own healthcare data. This empowers individuals to take an active role in their health management, review their medical records, and participate in shared decision-making with healthcare providers.

Clinical Document Exchange

FHIR simplifies the exchange of clinical documents among healthcare systems, promoting seamless information sharing. Here’s how FHIR facilitates clinical document exchange:

1. Diagnostic Reports.

FHIR allows healthcare organizations to exchange diagnostic reports efficiently. This includes reports from radiology, pathology, and other diagnostic imaging services, ensuring that critical findings are accessible to relevant healthcare providers in a timely manner.

2. Discharge Summaries.

When a patient is discharged from a hospital or healthcare facility, FHIR can be used to transmit comprehensive discharge summaries. These summaries include details about the patient’s condition, treatment received, medications prescribed, and follow-up care instructions.

3. Referrals.

Healthcare providers can exchange referral documents using FHIR. This streamlines the process of referring patients to specialists or other healthcare facilities, reducing administrative overhead and improving the continuity of care.

4. Consent Management.

FHIR also supports consent management for document sharing. Patients can specify who has access to their clinical documents, ensuring that privacy and confidentiality are upheld while still facilitating necessary data sharing for care coordination.

Device Integration

FHIR extends its capabilities to integrate data from various medical devices, wearables, and sensors, ushering in the era of real-time healthcare insights:

1. Continuous Monitoring.

Medical devices and wearables equipped with FHIR integration can transmit real-time data on vital signs, blood glucose levels, activity, and more. This continuous monitoring allows healthcare providers to track patients’ health remotely and respond promptly to any concerning trends or anomalies.

2. Alerts and Notifications.

FHIR-enabled devices can trigger alerts and notifications when critical thresholds are reached or when specific health parameters require immediate attention. This feature enhances patient safety by facilitating rapid intervention in emergencies.

3. Data Analytics.

The integration of device data into the FHIR ecosystem supports data analytics and population health management. Healthcare organizations can leverage this data to identify trends, predict disease outbreaks, and optimize resource allocation.

4. Telemedicine.

Device integration through FHIR enables telemedicine and virtual care. Patients can participate in remote consultations, with healthcare providers accessing real-time device data to make informed decisions during virtual visits.

FHIR’s role in workflow optimization spans patient management, clinical document exchange, and device integration. By providing standardized methods for data representation and exchange, FHIR fosters efficient care coordination, promotes information sharing, and enables the integration of emerging technologies, ultimately improving patient care and healthcare outcomes.

6. FHIR and Interoperability

HL7 and FHIR

FHIR, as a modern healthcare standard, is the result of HL7 International’s extensive experience and expertise in developing healthcare interoperability standards. Here’s how FHIR builds upon HL7’s legacy:

1. Evolution from Previous Standards.

FHIR represents the evolution of HL7’s previous healthcare standards, including HL7 v2 and HL7 v3. While these standards served the industry well, they were often complex and challenging to implement. FHIR, in contrast, has been designed with simplicity, flexibility, and developer-friendliness in mind, making it a natural progression from earlier HL7 standards.

2. Leveraging HL7’s Industry Knowledge.

HL7 International has been at the forefront of healthcare interoperability for decades. FHIR benefits from the organization’s deep understanding of healthcare data, clinical workflows, and the diverse needs of healthcare stakeholders. This knowledge is invaluable in shaping FHIR’s design and functionality.

3. FHIR’s Global Adoption.

HL7’s international reach and reputation have significantly contributed to FHIR’s global adoption. FHIR is widely recognized and implemented across various regions, fostering a harmonized approach to healthcare data exchange on a global scale.

FHIR and EHR Systems

FHIR plays a pivotal role in enhancing interoperability among Electronic Health Record (EHR) systems, benefiting both healthcare providers and patients:

1. Seamless Data Exchange.

FHIR serves as a lingua franca for EHR systems, allowing them to communicate seamlessly with each other. This interoperability means that patient data can be shared across different providers, healthcare facilities, and even regions, ensuring that medical information is readily accessible when and where it’s needed.

2. Patient-Centered Care.

With FHIR, patient data becomes more portable and accessible. Patients are no longer tied to a single EHR system, and they can receive care from various providers while maintaining a comprehensive and up-to-date medical history. This patient-centric approach enhances care coordination and supports informed decision-making.

3. Reduced Data Silos.

FHIR breaks down data silos that can hinder healthcare delivery. Health information becomes fluid, empowering healthcare organizations to access a more complete picture of a patient’s health, regardless of where previous care was received.

FHIR and Health Information Exchange

FHIR plays a pivotal role in enabling Health Information Exchange (HIE), ensuring that patient information can flow seamlessly across disparate systems:

1. Standardized Data Format.

FHIR provides a standardized format for representing patient data. This common language ensures that information shared through HIE is consistent and can be understood by receiving systems, even if they come from different vendors or healthcare organizations.

2. Enhanced Care Coordination.

HIE powered by FHIR supports enhanced care coordination by enabling timely access to patient data. In emergency situations or when patients seek care in different locations, healthcare providers can retrieve essential medical information, improving the accuracy and effectiveness of treatment.

3. Efficiency and Cost Savings.

Efficient data exchange through FHIR reduces administrative burdens associated with manual data entry and record reconciliation. This leads to cost savings and more streamlined healthcare processes.

4. Support for Public Health Initiatives.

FHIR’s role in HIE extends beyond clinical care. It supports public health initiatives by facilitating the exchange of data related to disease surveillance, epidemiology, and health reporting, which is crucial for monitoring and responding to health crises and disease outbreaks.

In summary, FHIR stands as a pivotal force in healthcare interoperability, aligning with HL7’s rich heritage in standards development.

It fosters seamless communication among EHR systems, breaks down data silos, supports patient-centered care, and enables efficient Health Information Exchange. FHIR’s impact on the healthcare industry is profound, driving forward the vision of connected and patient-centric healthcare systems.

7. FHIR and Standards


FHIR and the DICOM standard (Digital Imaging and Communications in Medicine) complement each other seamlessly, facilitating the integration of medical imaging data with other critical healthcare information. Here’s how they work together:

1. Comprehensive Healthcare Data.

DICOM is a well-established standard for managing and exchanging medical images such as X-rays, MRIs, and CT scans. While DICOM excels at handling image data, FHIR provides a framework for managing a broader spectrum of healthcare data, including patient records, clinical observations, and administrative information.

2. Interoperability.

FHIR and DICOM bridge the gap between textual and imaging data. They enable healthcare systems to associate imaging studies with patient records, ensuring that healthcare providers have a complete view of a patient’s medical history, which can be essential for diagnosis and treatment planning.

3. Cross-Domain Integration.

The synergy between FHIR and DICOM supports cross-domain integration. For example, when a radiology report is generated, FHIR can link it to relevant patient demographics and clinical observations, making it easier for healthcare providers to interpret the results in the context of the patient’s overall health.


FHIR integrates seamlessly with LOINC (Logical Observation Identifiers Names and Codes), a standard designed to standardize the representation of laboratory and clinical observations.

Here’s how they collaborate:

1. Standardized Observation Representation.

LOINC provides a standardized and globally accepted set of codes for identifying laboratory and clinical observations. These codes help ensure consistency and semantic interoperability when describing test results, measurements, and observations.

2. Interoperable Data Exchange.

By incorporating LOINC codes within FHIR resources, healthcare organizations can exchange observation data in a standardized format. This interoperability ensures that the meaning and context of observations are preserved during data exchange, reducing the risk of misinterpretation.

3. Enhanced Data Aggregation.

FHIR’s ability to incorporate LOINC codes enables comprehensive data aggregation and analysis. Healthcare providers and researchers can collate and analyze data from various sources, facilitating epidemiological studies, clinical research, and population health management.


FHIR and Clinical Document Architecture (CDA) can be used in tandem to exchange structured clinical documents, ensuring compatibility with existing healthcare systems:

1. Structured Document Exchange.

CDA, a widely adopted standard, defines the structure and semantics of clinical documents, such as progress notes, discharge summaries, and operative reports. FHIR complements CDA by offering a flexible and efficient way to exchange these structured documents digitally.

2. Migration to Modern Standards.

FHIR provides a bridge between legacy CDA-based systems and more modern healthcare interoperability standards. Organizations can gradually transition from CDA to FHIR while maintaining the ability to share clinical documents with systems that rely on CDA.

3. Dynamic Data Retrieval.

Unlike traditional CDA documents, FHIR resources can be dynamically queried, allowing healthcare providers to access specific information within a document without having to parse the entire document. This improves data retrieval efficiency and supports more targeted information access.

In summary, FHIR’s relationships with DICOM, LOINC, and CDA showcase its versatility and commitment to interoperability within the healthcare domain. These collaborations enable the integration of medical imaging data, standardize laboratory and clinical observations, and facilitate the exchange of structured clinical documents, ultimately enhancing the quality of patient care and the efficiency of healthcare systems.

8. FHIR Extensions

What are Extensions?

FHIR extensions are a powerful feature within the FHIR standard that enables healthcare organizations and developers to add custom fields or data to existing FHIR resources without altering the core standard.

Extensions essentially act as a mechanism for extending the predefined FHIR resource structures with additional data elements.

They allow for the representation of information that might not be part of the standard FHIR resource yet is crucial for specific clinical, research, or administrative purposes. In essence, extensions provide a means to enrich FHIR resources with contextually relevant information without compromising interoperability.

Creating and Using Extensions

Extensions in FHIR are created and utilized through the Extension data type, a fundamental component of the FHIR specification.

Here’s a closer look at how extensions are implemented within the FHIR ecosystem:

1. Defining Custom Extensions.

To create a custom extension, healthcare organizations or developers define the structure of the extension using FHIR’s Extension data type. This definition outlines the name of the extension, its data type (e.g., string, boolean, code), and any constraints or rules associated with the extension’s usage. The definition of the extension is typically documented in a FHIR Implementation Guide to ensure consistent usage.

2. Adding Extensions to Resources.

Once defined, extensions can be added to FHIR resources as needed. Extensions are typically included within the “extension” element of a FHIR resource. They are associated with a specific context, such as a patient’s medication record or a laboratory observation, to provide additional context or data beyond what the core FHIR resource offers.

3. Interoperability.

Extensions are designed to maintain interoperability. While they allow for customization, they do so within the framework of the FHIR standard. This ensures that FHIR-compliant systems can understand and process extensions consistently, even if they encounter custom extensions they haven’t encountered before.

4. Extension URLs.

Each extension is identified by a unique URL that serves as a namespace for the extension. This URL should lead to a well-documented definition of the extension, clarifying its purpose, structure, and usage guidelines.

5. Use Cases.

Extensions can serve a multitude of use cases.

For example, a healthcare organization might use an extension to capture additional social determinants of health data not covered by the standard FHIR resource. Researchers might use extensions to record study-specific information within patient records. Extensions can also be employed for cross-system communication when unique data elements need to be shared among different healthcare stakeholders.

By creating well-defined extensions and adhering to interoperability principles, FHIR ensures that healthcare data remains both flexible and standardized, supporting innovation while maintaining consistent data exchange and interpretation across the healthcare ecosystem.

9. FHIR Conformance and Testing

Conformance Statements

Conformance statements play a critical role in ensuring that FHIR implementations adhere to the standard and can interact effectively within the healthcare ecosystem. These statements are provided by FHIR servers and describe various aspects of the server’s capabilities and behavior.

Those conformance statements include:

  • Server Capabilities
  • Supported Resource Types
  • Interactions and Operations
  • Search and Query Capabilities
  • Data Validation and Profiles

FHIR Testing Framework

FHIR offers a comprehensive testing framework that equips implementers with the tools and resources needed to ensure compliance with the FHIR standard. This framework guarantees that FHIR-based systems function correctly and exchange data accurately.

Here’s an overview of the FHIR testing framework:

1. Resource Validation.

FHIR provides tools for validating the correctness and integrity of FHIR resources. Implementers can use these tools to check that resources conform to the specified profiles, ensuring that data consistency and quality are maintained.

2. Testing Servers.

FHIR includes testing servers that allow implementers to validate their client applications. These servers simulate FHIR interactions, enabling developers to test their client applications’ ability to communicate effectively with FHIR servers.

3. Conformance Testing.

FHIR’s conformance testing tools examine server capabilities, resource handling, and interoperability.

4. Profile Validation.

FHIR profiles define the structure and constraints of resources. Implementers can use profile validation tools to ensure that their resources adhere to these profiles, promoting consistency and standardization.

5. Scalability Testing.

FHIR testing encompasses scalability testing to assess how well implementations perform under various loads and usage scenarios. This helps organizations prepare for real-world deployment and usage.

6. Interoperability Testing.

Interoperability testing tools are provided to ensure that FHIR-based systems can effectively communicate and exchange data with other FHIR-compliant systems.

FHIR conformance statements and the FHIR testing framework are integral components of the FHIR ecosystem. Conformance statements provide clarity on server capabilities and resource support, guiding clients in their interactions with FHIR servers. The testing framework equips implementers with the tools and resources to validate their implementations, ensuring adherence to FHIR standards and promoting interoperability within the healthcare domain.

10. FHIR and Privacy/Security

FHIR Security Model

FHIR places a strong emphasis on security and privacy, recognizing the critical importance of safeguarding sensitive healthcare information.

FHIR security model includes:

  • Authentication
  • Authorization
  • Audit Trails
  • Transport Security
  • Data Encryption

Authorization and Authentication

Authentication and authorization are fundamental components of FHIR’s security architecture, ensuring that patient data is accessed and manipulated only by authorized entities. Here’s a deeper dive into these critical aspects:

1. Authentication

User Authentication: FHIR systems often require users to provide valid credentials (e.g., username and password) to establish their identity. Multi-factor authentication (MFA) may be employed for an added layer of security.

Application Authentication: Applications accessing FHIR resources are authenticated using mechanisms like OAuth 2.0 for third-party applications to interact with FHIR systems on behalf of users.

2. Authorization

Role-Based Access Control (RBAC): In RBAC, users are assigned specific roles (e.g., clinician, nurse, administrator), and access permissions are associated with these roles. FHIR systems use RBAC to determine which resources and actions users can access based on their assigned roles.

Attribute-Based Access Control (ABAC): ABAC takes a more granular approach, considering various attributes (e.g., user attributes, resource attributes, context) to make access decisions. FHIR systems may employ ABAC for fine-grained control over access policies.

3. Privacy Considerations

FHIR systems need to adhere to data privacy regulations such as the Health Insurance Portability and Accountability Act (HIPAA) or the General Data Protection Regulation (GDPR), depending on the region. These regulations impose strict requirements for protecting patient privacy and data security.

4. Consent Management

FHIR systems may incorporate consent management features, allowing patients to specify who can access their data and for what purposes. Consent preferences are integral to respecting patient autonomy and privacy rights.

5. Security Monitoring

Continuous security monitoring and intrusion detection systems are essential components of FHIR systems. They help detect and respond to security threats and incidents promptly.

FHIR’s comprehensive security model, encompassing authentication, authorization, audit trails, and encryption, ensure the confidentiality, integrity, and availability of patient data. By implementing robust security measures and adhering to privacy regulations, FHIR systems protect patient information while facilitating secure and interoperable healthcare data exchange.

11. FHIR Resources and Further Reading

Official FHIR Documentation

The official FHIR website serves as the primary source for comprehensive FHIR documentation and resources.

Here’s what you can find there:

1. Standard Documentation.

This website offers detailed documentation on FHIR standards, including the latest specifications and updates.

2. Tutorials and Guides.

FHIR’s official website often provides tutorials and guides to help developers and implementers grasp essential concepts and get started with FHIR development.

3. Reference Materials.

You can access reference materials, such as code examples, data models, and terminology services, to aid in your FHIR implementation.

FHIR Community and Forums

Engaging with the FHIR community is an excellent way to learn, share, and collaborate. Here’s how you can do that:

1. Forums and Mailing Lists.

Participate in FHIR forums and mailing lists where you can ask questions, seek guidance, and share your experiences with other FHIR enthusiasts, developers, and experts.

2. Online Discussions.

Join online discussions, webinars, and virtual meetups related to FHIR. These events often feature presentations from FHIR experts, case studies, and discussions about best practices and emerging trends.

FHIR Implementations and Tools

To facilitate FHIR development and integration, explore various implementations and tools:

1. Vendor and Open-Source Implementations.

Numerous vendors and open-source projects offer FHIR implementations and libraries. These can significantly expedite your FHIR-based system development. Some implementations are specific to EHR systems, while others cater to specialized healthcare domains.

2. FHIR Testing Tools.

Utilize FHIR testing tools designed to validate your FHIR implementations against the standard. These tools help identify and rectify any non-compliance issues, ensuring that your systems conform to FHIR specifications.

FHIR Connectathons and Events

Participating in FHIR connectathons and events offers practical experience and networking opportunities:

1. Connectathons.

FHIR connectathons are hands-on events where developers collaborate to test their FHIR implementations, share insights, and resolve interoperability challenges. These events provide a unique chance to fine-tune your FHIR skills and interact with other professionals in the field.

2. FHIR Events.

Attend FHIR-specific conferences, seminars, and workshops to stay informed about the latest advancements and best practices in FHIR implementation. These events often feature keynote speakers, panel discussions, and interactive sessions.

Books and Learning Resources

For in-depth knowledge acquisition, consider books, courses, and tutorials:

Stay Updated

Given the evolving nature of technology and healthcare standards, it’s essential to stay updated:

1. Official Announcements.

Monitor official announcements and updates from the FHIR community and standards organizations. These announcements often include important changes, enhancements, and new features in FHIR.

2. Blogs and Newsletters.

Subscribe to blogs, newsletters, and publications dedicated to FHIR and healthcare interoperability. These sources offer insights, case studies, and practical tips to keep you informed and inspired.

By leveraging official documentation, engaging with the community, exploring implementations and tools, participating in events, and continuously updating your knowledge, you can become proficient in FHIR implementation and contribute to the advancement of healthcare interoperability.


FHIR, or Fast Healthcare Interoperability Resources, represents a pivotal paradigm shift in the realm of healthcare data exchange. It champions modernity, simplicity, and adaptability, with a core focus on fostering seamless interoperability. As we draw this exploration to a close, it’s vital to underline the transformative power of FHIR in the healthcare landscape.

A Modern Approach to Healthcare Data Exchange

FHIR stands as a beacon of modernity in an industry historically characterized by complex and fragmented data exchange standards. Its approach revolves around several key principles:

1. Simplicity

FHIR brings simplicity to healthcare data exchange. Its resource-based architecture, RESTful API, and standardized data representations make it more accessible to developers, reducing the barriers to entry for healthcare innovation.

2. Flexibility

The flexibility of FHIR is its hallmark feature. It acknowledges the diversity of healthcare systems, workflows, and data requirements. FHIR achieves this by allowing extensions, custom profiles, and support for various data types, accommodating a wide array of use cases.

3. Interoperability

FHIR’s true essence lies in its commitment to interoperability. By providing a common framework and vocabulary for healthcare data exchange, it transcends the silos of traditional healthcare systems. This interoperability paves the way for enhanced care coordination, patient-centered healthcare, and data fluidity across the entire healthcare ecosystem.

Empowering Healthcare Transformation

FHIR’s impact reverberates across various facets of healthcare:

1. Better Patient Care Coordination

FHIR empowers healthcare providers to access comprehensive patient data from disparate sources, resulting in better care coordination and more informed decision-making. Patients benefit from a holistic view of their health information, leading to improved outcomes and experiences.

2. Integration of Medical Devices

The integration of data from medical devices, wearables, and sensors via FHIR opens new frontiers in healthcare. Real-time insights into patient health status, vital signs, and treatment adherence enhance patient monitoring, disease management, and preventive care.

3. Enhanced Communication

FHIR bridges communication gaps between healthcare systems, facilitating the secure exchange of clinical documents, laboratory results, and patient records. This seamless communication streamlines healthcare workflows, reduces administrative burdens, and ensures timely access to critical information.

The Role of Developers and Healthcare Organizations

Whether you’re a developer passionate about building cutting-edge healthcare applications or a healthcare organization committed to elevating data exchange, understanding and embracing FHIR is the key to unlocking the benefits of healthcare interoperability.

Healthcare organizations, in turn, can harness the power of FHIR to streamline operations, improve patient outcomes, and drive efficiency.

In conclusion, FHIR is more than a standard — it’s a catalyst for change in the healthcare landscape. It embodies the aspiration of a connected, patient-centric, and data-driven healthcare ecosystem. Embracing FHIR is not merely an option but a strategic imperative for those who seek to shape the future of healthcare, where data flows seamlessly, innovation thrives, and patient care reaches new heights of excellence.


Ready for more?

or stop by our instagram icon or linkedin icon to say hello =)

Terms of use



ICure SA is incorporated in Geneva, Switzerland, with a registered office at Rue de la Fontaine 7, 1211 Geneva, Switzerland registered in the commercial registry under CHE-270.492.477 (“iCure”).

These Terms of Use constitute a legally binding agreement made between you, whether personally or on behalf of an entity (“you”) and iCure SA (“we,” “us” or “our”), concerning your access to and use of the https://www.icure.com website as well as any other media form, media channel, mobile website or mobile application related, linked, or otherwise connected thereto (collectively, the “Website”).

When you accept, these Terms form a legally binding agreement between you and iCure. If you are entering into these Terms on behalf of an entity, such as your employer or the company you work for, you represent that you have the legal authority to bind that entity.


iCure may, in its sole discretion, elect to suspend or terminate access to, or use of the iCure to anyone who violates these Terms.

All users who are minors in the jurisdiction in which they reside (generally under the age of 18) must have the permission of, and be directly supervised by, their parent or guardian to use the Website. If you are a minor, you must have your parent or guardian read and agree to these Terms of Use prior to you using the Website.

The original language of these Terms and Use is English. In case of other translations provided by iCure, the English version shall prevail.


The Content of the documentation stated on this Website is ours. All Marks, Content that concern iCure cannot be copied, reproduced, aggregated, republished, uploaded, posted, publicly displayed, encoded, translated, transmitted, distributed, sold, licensed, or otherwise exploited for any commercial purpose whatsoever, without our express prior written permission.

Provided that you are eligible to use the Website, you are granted a limited license to access and use the Website and to download or print a copy of any portion of the Content to which you have properly gained access solely for your personal, non-commercial use. We reserve all rights not expressly granted to you in and to the Website, the Content, and the Marks.


By using the Website, you represent and warrant that:

  1. All registration information you submit will be true, accurate, current, and complete; you will maintain the accuracy of such information and promptly update such registration information as necessary.
  2. You have the legal capacity, and you agree to comply with these Terms of Use.
  3. You are not under the age of 13.
  4. Not a minor in the jurisdiction in which you reside, or if a minor, you have received parental permission to use the Website.
  5. You will not access the Website through automated or non-human means, whether through a bot, script, or otherwise.
  6. You will not use the Website for any illegal or unauthorized purpose.
  7. Your use of the Website will not violate any applicable law or regulation.


You may not access or use the Website for any purpose other than that for which we make the Website available. The Website may not be used in connection with any commercial endeavors except those that are specifically endorsed or approved between you and iCure.

As a user of the Website, you agree not to:

  1. Publishing any Website material in any other media.
  2. Selling, sublicensing, and or otherwise commercializing any Website material.
  3. Publicly performing and or showing any Website material.
  4. Using this Website in any way that is or may be damaging to this Website.
  5. Using this Website in any way that impacts user access to this Website.
  6. Using this Website contrary to applicable laws and regulations, or in any way may cause harm to the Website, or to any person or business entity.
  7. Engaging in any data mining, data harvesting, data extracting, or any other similar activity in relation to this Website.
  8. Using this Website to engage in any advertising or marketing.


This Website is provided “as is,” with all faults, and iCure expresses no representations or warranties, of any kind related to this Website or the materials contained on this Website. Also, nothing contained on this Website shall be interpreted as advising you.


In no event shall iCure, nor any of its officers, directors, and employees shall be held liable for anything arising out of or in any way connected with your use of this Website whether such liability is under this agreement. iCure, including its officers, directors, and employees shall not be held liable for any indirect, consequential, or special liability arising out of or in any way related to your use of this Website.


You hereby fully indemnify iCure from and against any and/or all liabilities, costs, demands, causes of action, damages, and expenses arising in any way related to your breach of any of the provisions of these Terms.


If any provision of these Terms is found to be invalid under any applicable law, such provisions shall be deleted without affecting the remaining provisions herein.


iCure is permitted to revise these Terms at any time as it sees fit, and by using this Website you are expected to review these Terms on a regular basis.


iCure is allowed to assign, transfer, and subcontract its rights and/or obligations under these Terms without any notification. However, you are not allowed to assign, transfer, or subcontract any of your rights and/or obligations under these Terms.


These Terms constitute the entire agreement between iCure and you in relation to your use of this Website and supersede all prior agreements and understandings.


These Terms shall be governed by and construed in accordance with the laws of Switzerland, without regard to its conflict of law provisions.

The parties shall attempt to solve the matter amicably in mutual negotiations. In case of a non-amicable settlement that has been found between the parties, the Court of Geneva will be competent.


Please refer to our Privacy Policy and Cookie Notice for the Data that we collected from the contact form and the Matomo cookie.

iCure SA

Contact: contact@icure.com

Last update: November 2nd, 2022.

Privacy Policy


iCure SA (iCure) is incorporated in Geneva, Switzerland, with a registered office at Rue de la Fontaine 7, 1204 Geneva, Switzerland registered in the commercial registry under CHE-270.492.477.

This Privacy Policy describes the information that we collect through our Website (https://www.icure.com), how we use such information, and the steps we take to protect such information. We strongly recommend that you read the Privacy Policy carefully.


The original language of this Privacy Policy is English. In the case of other translations provided by iCure, the English version shall prevail.

This Privacy Policy is incorporated into and is subject to, the iCure Terms of Use.

1. Definitions

Administrative Data: means Personal Data such as the Name, Email, and Phone in order to perform administrative tasks like Invoicing or contacting the Client (if support is needed).

Cookies: means text files placed on a computer to collect standard internet log information and visitor behavior information. When you visit a website, they may collect information from a computer automatically through cookies or similar technology (for further information please refer to our Cookies Notice, visit allaboutcookies.org.).

Data controller: means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

Data processor: means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Personal Data: means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Processing: means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Visitor: means the natural person that submits their Personal Data through our contact form; and/or sends us an email; and/or cookies have been implemented.

All other undefined terms used in this Agreement have the meaning from our Terms and Conditions and the General Data Protection Regulation of the Regulation (EU) 2016/679 of 27 April 2016 (GDPR).

2. Concerning your Personal Data

For this website, iCure collects and determines the use and the purpose of any Personal Data uploaded by the visitor, therefore iCure is defined as the Data Controller according to the GDPR.

2.1 Contact Form

iCure collects Administrative Data that the Visitor completed in our contact form available through our Website.

The Administrative Data that Visitor provides to iCure on this contact form are the First name, the last name, the working e-mail address, the name of your organization, and other Personal Data that the Visitor included in the description of its work.

iCure processes these Administrative Data on the lawful basis of the Visitor’s consent (Article 6, 1. a) of the GDPR).

iCure uses these Administrative Data to perform administrative tasks like contacting the Visitor who completed the contact form, to better understand your needs and interests, and to provide you with better service.

2.2 Email

The Visitor can contact iCure through contact@icure.com to get any information about the Company or new job positions. In this email, the Visitor includes his Name, mail address, and any other Personal Data.

iCure processes these Personal Data on the lawful basis of the Visitor’s consent (Article 6, 1. a) of the GDPR).

iCure uses these Personal Data to answer any request from the Visitor and to consider the Visitor’s job application that they sent us by email.

2.3 Newsletters

iCure offers newsletters to provide you with updates, promotional communications, and offers related to our products and services. If you wish to receive our newsletters, we will collect and process your Personal Data for this specific purpose.

iCure processes these Personal Data on the lawful basis of the Visitor’s consent (Article 6, 1. a) of the GDPR). By subscribing to our Newsletters, you explicitly consent to the use of your Personal Data for direct marketing purposes, including the sending of promotional communications and offers by email.

If you do not want your Personal Data to be further processed for direct marketing purposes, you have the right to withdraw your consent at any time, free of charge and without having to provide any justification, by contacting iCure.

3. Security

iCure has implemented appropriate technical and organizational measures to safeguard your Personal Data against any accidental or illicit destruction, loss, modification, deterioration, usage, access, divulgation, and any other unauthorized processing of your Personal Data. We make every effort to protect personal information. However, you should always be careful when you submit personal or confidential information about yourself on any website, including our website.

4. The data retention period and the conditions for deletion

iCure will not retain your Personal Data, as collected, and processed in accordance with this Privacy Policy, for a period longer than necessary to fulfill the purposes described above.

For the Administrative Data from the contact form completed by the Visitor (as described in section 2.1 of this Privacy Policy), these Data shall be stored for a maximum period of 1 month from the completion of the form.

For the Personal Data from the Email completed by the Visitor (as described in section 2.2 of this Privacy Policy), these Data shall be stored for a maximum period of 2 months from the completion of the form.

For the Personal Data from the Newsletters completed by the Visitor (as described in section 2.3 of this Privacy Policy), these Data shall be stored for a maximum period of 11 months from the date of your consent or until you withdraw it.

5. Your rights

You are entitled to access your Personal Data processed by iCure and request their modification or erasure if it is incorrect or unnecessary. To exercise your rights, you may get in touch with iCure by using the electronic contact form available on our website or send a written and signed request to iCure at the email address privacy@icure.com with a copy of your ID or other identification documents, and any document proving that you are the data subject.

In general, where applicable, you also have the right to withdraw consent to the processing at any time. This withdrawal does not affect the lawfulness of processing based on consent made prior to such withdrawal. In certain cases, you also have the right to data portability. Those rights can be exercised by following the abovementioned procedure.

You have the right to lodge a complaint with a supervisory authority, in the Member State of the European Union of your usual place of residence, your place of work, or the place where the violation occurred, if you consider that the processing of personal data relating to you infringes Data Protection Law.

Please, note that the term of processing of such request can take up to one month. Contact: privacy@icure.com

6. Modification

iCure expressly reserves the right to modify this Privacy Policy and you undertake to regularly review the Privacy Policy. By amending the Privacy Policy, iCure will consider your legitimate interests. You will receive a notification if the Privacy Policy is modified. By continuing to actively use the iCure Services after such notification, you acknowledge that you have read the modifications to the Privacy Policy.

7. Information Sharing

Our employees and/or authorized contractors are the people in charge of the Data Processing.

iCure does not sell, rent, or lease any individual’s personal information or lists of email addresses to anyone for marketing purposes, and we take commercially reasonable steps to maintain the security of this information.

However, iCure reserves the right to supply any such information to any organization into which iCure may merge in the future or to which it may make any transfer in order to enable a third party to continue part or all of its mission.

We also reserve the right to release personal information to protect our systems or business when we reasonably believe you to be in violation of our Terms of Use and Privacy Policy or if we reasonably believe you to have initiated or participated in any illegal activity.

In addition, please be aware that in certain circumstances, iCure may be obligated to release your personal information pursuant to judicial or other government subpoenas, warrants, or other orders.

8. Links to other Websites

This Website may provide links to third-party websites (Instagram and Linkedin) for the convenience of our users. If you access those links, you will leave this website. iCure does not control these third-party websites and cannot represent that their policies and practices will be consistent with this Privacy Policy. For example, other websites may collect or use personal information about you in a manner different from that described in this document. Therefore, you should use other websites with caution and do so at your own risk. We encourage you to review the privacy policy of any website before submitting personal information.

9. Cookies

To get more information on how iCure uses Matomo’s cookies, please check our Cookie Notice.

10. Contact

Please contact us with any questions or comments about this Policy, your Personal Data, and our use and disclosure practices by email at privacy@icure.com If you have any concerns or complaints about this Policy or your Personal Data, you may contact our DPO at privacy@icure.com.

Please, note that the term of processing of such request can take up to one month.

iCure SA

Contact : privacy@icure.com

Last update: July the 26th, 2023.

Information Security Policy


1. Introduction

The iCure universe is built on trust. Guaranteeing the confidentiality of the data that are entrusted to us is our highest priority.

The Information Security Policy of iCure abstracts the security concept that permeates every activity and abides by the ISO 27001:2013 requirements for Information Security, so that we ensure the security of the data that iCure and its clients manage.

Every employee, contractor, consultant, supplier and client of iCure is bound by our Information Security Policy.

2. Our Policy

iCure is committed to protecting the confidentiality, integrity and availability of the service it provides and the data it manages. iCure also considers protecting the privacy of its employees, partners, suppliers, clients and their customers as a fundamental security aspect.

iCure complies with all applicable laws and regulations regarding the protection of information assets and voluntarily commits itself to the provisions of the ISO 27001:2013.

3. Information Security Definitions

Confidentiality refers to iCure’s ability to protect information against disclosure. Attacks, such as network reconnaissance, database breaches or electronic eavesdropping or inadvertent information revealing through poor practices.

Integrity is about ensuring that information is not tampered with during or after submission. Data integrity can be compromised by accident or on purpose, by evading intrusion detection or changing file configurations to allow unwanted access.

Availability requires organizations to have up-and-running systems, networks, and applications to guarantee authorized users’ access to information without any interruption or waiting. The nature of data entrusted to us requires a higher-than-average availability.

Privacy is the right of individuals to control the collection, use, and disclosure of their personal information. Our privacy policies are based on the GDPR(https://gdpr-info.eu/) and can be augmented by added requirements of specific clients or law areas.

4. Risk Assessment

The main threats iCure is facing as a company are:

  1. Data Theft;
  2. Data Deletion;
  3. Denial of Service attacks;
  4. Malware;
  5. Blackmail and Extortion.

As providers of a solution used by developers active in Healthcare, we also have to anticipate the risks of:

  1. Attacks on our clients’ data, which could lead to major social damages and a loss of trust in our solution;
  2. Abuse of our solution by ill-intentioned clients, that could impact the quality of the service provided to the rest of our clients.

The motivation of the attackers in the latter cases can range from financial gain to political or ideological motivations.

A last risk is linked to the nature of the healthcare data we handle. We must ensure, that the data we handle are not used for purposes other than those for which they were collected:

A piece of data collected from a patient for the purpose of a medical consultation should not be available to third parties, not even a government agency.

5. Risk Management

The main principles we apply to manage the risks we face are:

  1. Confidentiality by design: All sensitive data is encrypted end-to-end before being stored in our databases. We do not have any access to the data we store. Our client’s customers are the only ones who can decrypt the data we store.
  2. Anonymization by design: Healthcare information that has to be stored unencrypted is always anonymized using end-to-end encryption scheme. This means that the link between the healthcare and administrative information must be encrypted.

Those two principles allow us to minimize the risks of data theft, blackmail, extortion, and coercion by government agency.

  1. Multiple real-time replicas, with automatic failover: We use a distributed database architecture to ensure that our data is available at all times. We use a master-master architecture, each data is replicated at least 3 times. Snapshots are taken every day to ensure that we can restore the data in case of a malevolent deletion event.
  2. Automatic password rotations: no single password can be used for more than 48 hours. Passwords are automatically rotated every 24 hours. In case of a password leak, we can limit the window of opportunity for an attack.

Those two principles allow us to minimise the risks of data deletion, denial of service attacks, and malware.

  1. Minimization of the attack surface: we deploy our systems in the most minimal way. We only expose the network services that are strictly necessary.
  2. Strict dependency management: we only use open-source software that is regularly updated and audited by the community. We favor dependency management software and providers that minimize the risk of supply chain poisoning.

Those two principles allow iCure to minimise the risks of intrusion by vulnerability exploit or supply chain attacks, two risks that could lead to data theft or data deletion.

6. Further Information

This policy is valid as of November 10th, 2022. For futher information please connect with us at privacy@icure.com


iCure SA

Rue de la Fontaine 7, 1204 Geneva, Switzerland


This website uses cookies

We use only one cookie application for internal research on how to improve our service for all users. It is called Matomo, and it stores the information in Europe, anonymized and for limited time. For more details, please refer to our and .