Merge pull request #286273 from KendalBond007/FHIReditsBatch3_Sep24

prmerger-automator[bot] · web-flow · commit e10647e54028 · 2024-09-06T16:30:56.000Z
FHIReditsBatch3_Sep24
diff --git a/articles/healthcare-apis/fhir/configure-export-data.md b/articles/healthcare-apis/fhir/configure-export-data.md
@@ -12,21 +12,21 @@ ms.author: kesheth
 
 # Configure export settings and set up a storage account
 
-The FHIR service supports the `$export` operation [specified by HL7](https://www.hl7.org/fhir/uv/bulkdata/) for exporting FHIR data from a FHIR server. In the FHIR service implementation, calling the `$export` endpoint causes the FHIR service to export data into a pre-configured Azure storage account.
+The FHIR&reg; service supports the `$export` operation [specified by HL7](https://www.hl7.org/fhir/uv/bulkdata/) for exporting FHIR data from a FHIR server. In the FHIR service implementation, calling the `$export` endpoint causes the FHIR service to export data into a pre-configured Azure storage account.
 
-Ensure you are granted with application role - 'FHIR Data exporter role' prior to configuring export. To understand more on application roles, see [Authentication and Authorization for FHIR service](../../healthcare-apis/authentication-authorization.md).
+Ensure you are granted the application role 'FHIR Data exporter role' prior to configuring export. To understand more on application roles, see [Authentication and Authorization for FHIR service](../../healthcare-apis/authentication-authorization.md).
 
-Three steps in setting up the `$export` operation for the FHIR service-
+There are three steps in setting up the `$export` operation for the FHIR service-
 
 - Enable a managed identity for the FHIR service.
 - Configure a new or existing Azure Data Lake Storage Gen2 (ADLS Gen2) account and give permission for the FHIR service to access the account.
 - Set the ADLS Gen2 account as the export destination for the FHIR service.
 
 ## Enable managed identity for the FHIR service
 
-The first step in configuring your environment for FHIR data export is to enable a system-wide managed identity for the FHIR service. This managed identity is used to authenticate the FHIR service to allow access to the ADLS Gen2 account during an `$export` operation. For more information about managed identities in Azure, see [About managed identities for Azure resources](../../active-directory/managed-identities-azure-resources/overview.md).
+The first step in configuring your environment for FHIR data export is to enable a system-wide managed identity for the FHIR service. This managed identity is used to authenticate the FHIR service, allowing access to the ADLS Gen2 account during an `$export` operation. For more information about managed identities in Azure, see [About managed identities for Azure resources](../../active-directory/managed-identities-azure-resources/overview.md).
 
-In this step, browse to your FHIR service in the Azure portal and select the **Identity** blade. Set the **Status** option to **On**, and then click **Save**. When the **Yes** and **No** buttons display, select **Yes** to enable the managed identity for the FHIR service. Once the system identity has been enabled, you'll see an **Object (principal) ID** value for your FHIR service. 
+In this step, browse to your FHIR service in the Azure portal and select **Identity**. Set the **Status** option to **On**, and then click **Save**. When the **Yes** and **No** buttons display, select **Yes** to enable the managed identity for the FHIR service. Once the system identity has been enabled, you'll see an **Object (principal) ID** value for your FHIR service. 
 
 [![Enable Managed Identity](media/export-data/fhir-mi-enabled.png)](media/export-data/fhir-mi-enabled.png#lightbox)
 
@@ -48,7 +48,7 @@ In this step, browse to your FHIR service in the Azure portal and select the **I
 
 6. Select your Azure subscription.
 
-7. Select **System-assigned managed identity**, and then select the managed identity that you enabled earlier for your FHIR service.
+7. Select **System-assigned managed identity**, and then select the managed identity that you previously enabled for your FHIR service.
 
 8. On the **Review + assign** tab, click **Review + assign** to assign the **Storage Blob Data Contributor** role to your FHIR service.
 
@@ -58,36 +58,35 @@ Now you're ready to configure the FHIR service by setting the ADLS Gen2 account
 
 ## Specify the storage account for FHIR service export
 
-The final step is to specify the ADLS Gen2 account that the FHIR service uses when exporting data.
+The final step is to specify the ADLS Gen2 account the FHIR service uses when exporting data.
 
 > [!NOTE]
 > In the storage account, if you haven't assigned the **Storage Blob Data Contributor** role to the FHIR service, the `$export` operation will fail.
 
 1. Go to your FHIR service settings.
 
-2. Select the **Export** blade.
+2. Select **Export**.
 
 3. Select the name of the storage account from the list. If you need to search for your storage account, use the **Name**, **Resource group**, or **Region** filters. 
 
 [![Screen shot showing user interface of FHIR Export Storage.](media/export-data/fhir-export-storage.png)](media/export-data/fhir-export-storage.png#lightbox)
 
-After you've completed this final configuration step, you're ready to export data from the FHIR service. See [How to export FHIR data](./export-data.md) for details on performing `$export` operations with the FHIR service.
+After you've completed this configuration step, you're ready to export data from the FHIR service. See [How to export FHIR data](./export-data.md) for details on performing `$export` operations with the FHIR service.
 
 > [!NOTE]
 > Only storage accounts in the same subscription as the FHIR service are allowed to be registered as the destination for `$export` operations.
 
 ## Securing the FHIR service `$export` operation
 
-For securely exporting from the FHIR service to an ADLS Gen2 account, there are two main options:
+For securely exporting from the FHIR service to an ADLS Gen2 account, there are two options:
 
 * Allowing the FHIR service to access the storage account as a Microsoft Trusted Service.
 
-* Allowing specific IP addresses associated with the FHIR service to access the storage account. 
-This option permits two different configurations depending on whether or not the storage account is in the same Azure region as the FHIR service.
+* Allowing specific IP addresses associated with the FHIR service to access the storage account. This option permits two different configurations depending on whether or not the storage account is in the same Azure region as the FHIR service.
 
 ### Allowing FHIR service as a Microsoft Trusted Service
 
-Go to your ADLS Gen2 account in the Azure portal and select the **Networking** blade. Select **Enabled from selected virtual networks and IP addresses** under the **Firewalls and virtual networks** tab.
+Go to your ADLS Gen2 account in the Azure portal and select **Networking**. Select **Enabled from selected virtual networks and IP addresses** under the **Firewalls and virtual networks** tab.
 
   :::image type="content" source="media/export-data/storage-networking-1.png" alt-text="Screenshot of Azure Storage Networking Settings." lightbox="media/export-data/storage-networking-1.png":::
   
@@ -97,13 +96,13 @@ Under the **Exceptions** section, select the box **Allow Azure services on the t
 
 :::image type="content" source="media/export-data/exceptions.png" alt-text="Allow trusted Microsoft services to access this storage account.":::
 
-Next, run the following PowerShell command to install the `Az.Storage` PowerShell module in your local environment. This allows you to configure your Azure storage account(s) using PowerShell.
+Next, run the following PowerShell command to install the `Az.Storage` PowerShell module in your local environment. This allows you to configure your Azure storage accounts using PowerShell.
 
 ```PowerShell
 Install-Module Az.Storage -Repository PsGallery -AllowClobber -Force 
 ``` 
 
-Now, use the PowerShell command below to set the selected FHIR service instance as a trusted resource for the storage account. Make sure that all listed parameters are defined in your PowerShell environment. 
+Now, use the following PowerShell command to set the selected FHIR service instance as a trusted resource for the storage account. Make sure that all listed parameters are defined in your PowerShell environment. 
 
 You'll need to run the `Add-AzStorageAccountNetworkRule` command as an administrator in your local environment. For more information, see [Configure Azure Storage firewalls and virtual networks](../../storage/common/storage-network-security.md).
 
@@ -131,9 +130,9 @@ The storage account is on selected networks and isn't publicly accessible. To se
 
 ## Next steps
 
-In this article, you learned about the three steps in configuring your environment to allow export of data from your FHIR service to an Azure storage account. For more information about Bulk Export capabilities in the FHIR service, see 
+In this article, you learned about the three steps in configuring your environment to allow export of data from your FHIR service to an Azure storage account. For more information about Bulk Export capabilities in the FHIR service, see the following.
 
 >[!div class="nextstepaction"]
 >[How to export FHIR data](export-data.md)
 
-FHIR&#174; is a registered trademark of [HL7](https://hl7.org/fhir/) and is used with the permission of HL7.
+[!INCLUDE [FHIR trademark statement](../includes/healthcare-apis-fhir-trademark.md)]
diff --git a/articles/healthcare-apis/fhir/configure-identity-providers.md b/articles/healthcare-apis/fhir/configure-identity-providers.md
@@ -13,7 +13,7 @@ ms.author: namalu
 
 # Configure multiple service identity providers
 
-In addition to [Microsoft Entra ID](/entra/fundamentals/whatis), you can configure up to two additional identity providers for a FHIR service, whether the service already exists or is newly created. 
+In addition to [Microsoft Entra ID](/entra/fundamentals/whatis), you can configure up to two additional identity providers for a FHIR&reg; service, whether the service already exists or is newly created. 
 
 ## Identity providers prerequisite
 Identity providers must support OpenID Connect (OIDC), and must be able to issue JSON Web Tokens (JWT) with a `fhirUser` claim, a `azp` or `appid` claim, and an `scp` claim with [SMART on FHIR v1 Scopes](https://www.hl7.org/fhir/smart-app-launch/1.0.0/scopes-and-launch-context/index.html#scopes-for-requesting-clinical-data).
@@ -58,7 +58,7 @@ Add the `smartIdentityProviders` element to the FHIR service `authenticationConf
 
 #### Configure the `smartIdentityProviders` array
 
-If you don't need any identity providers besides Microsoft Entra ID, set the `smartIdentityProviders` array to null, or omit it from the provisioning request. Otherwise, include at least one valid identity provider configuration object in the array. You can configure up to two additional identity providers.
+If you don't need any identity providers beside Microsoft Entra ID, set the `smartIdentityProviders` array to null, or omit it from the provisioning request. Otherwise, include at least one valid identity provider configuration object in the array. You can configure up to two additional identity providers.
 
 #### Specify the `authority`
 
@@ -74,19 +74,19 @@ https://yourIdentityProvider.com/authority/v2.0/.well-known/openid-configuration
 
 #### Configure the `applications` array
 
-You must include at least one application configuration and can add upto 25 applications in the `applications` array. Each application configuration has values that validate access token claims and an array that defines the permissions for the application to access FHIR resources.
+You must include at least one application configuration and can add up to 25 applications in the `applications` array. Each application configuration has values that validate access token claims, and an array that defines the permissions for the application to access FHIR resources.
 
 #### Identify the application with the `clientId` string
 
-The identity provider defines the application with a unique identifier called the `clientId` string (or application ID). The FHIR service validates the access token by checking the `authorized party` (azp) or `application id` (appid) claim against the `clientId` string. The FHIR service rejects requests with a `401 Unauthorized` error code if the `clientId` string and the token claim don't match exactly.
+The identity provider defines the application with a unique identifier called the `clientId` string (or application ID). The FHIR service validates the access token by checking the `authorized party` (azp) or `application id` (appid) claim against the `clientId` string. If the `clientId` string and the token claim don't match exactly, the FHIR service rejects the request with a `401 Unauthorized` error code.
 
 #### Validate the access token with the `audience` string
 
-The `aud` claim in an access token identifies the intended recipient of the token. The `audience` string is the unique identifier for the recipient. The FHIR service validates the access token by checking the `audience` string against the `aud` claim. The FHIR service rejects requests with a `401 Unauthorized` error code if the `audience` string and the `aud` claim don't match exactly.
+The `aud` claim in an access token identifies the intended recipient of the token. The `audience` string is the unique identifier for the recipient. The FHIR service validates the access token by checking the `audience` string against the `aud` claim. If the `audience` string and the `aud` claim don't match exactly, the FHIR service rejects requests with a `401 Unauthorized` error code.
 
 #### Specify the permissions with the `allowedDataActions` array
 
-Include at least one permission string in the `allowedDataActions` array. You can include any valid permission strings, but avoid duplicates.
+Include at least one permission string in the `allowedDataActions` array. You can include any valid permission strings. Avoid duplicates.
 
 | **Valid permission string** | **Description** |
 |---|---|
diff --git a/articles/healthcare-apis/fhir/configure-import-data.md b/articles/healthcare-apis/fhir/configure-import-data.md
@@ -11,10 +11,10 @@ ms.author: kesheth
 
 # Configure FHIR import settings
 
-This article walks you through the steps to configure settings on the FHIR service for `import` operations. To configure settings, you need to:
+This article walks you through the steps to configure settings on the FHIR&reg; service for `import` operations. To configure settings, you need to:
 
 1. Enable a managed identity on the FHIR service.
-1. Create an Azure storage account or use an existing storage account, and then grant permissions to the FHIR service to access it.
+1. Create an Azure storage account or use an existing storage account, and grant permissions for the FHIR service to access it.
 1. Set the import configuration of the FHIR service.
 1. Use one of the options to securely import FHIR data into the FHIR service from an Azure Data Lake Storage Gen2 account.
 
@@ -35,7 +35,7 @@ After you enable the managed identity, a system-assigned GUID value appears.
 
 ## Step 2: Assign permissions to the FHIR service
 
-Use the following steps to assign permissions to access the storage account:
+Use the following steps to assign permissions to access the storage account.
 
 1. In the storage account, browse to **Access Control (IAM)**.
 2. Select **Add role assignment**. If the option for adding a role assignment is unavailable, ask your Azure administrator to assign you permission to perform this step.
@@ -53,14 +53,13 @@ Now you're ready to select the storage account for import.
 > [!NOTE]
 > If you haven't assigned storage access permissions to the FHIR service, the `import` operation will fail.
 
-For this step, you need to get the request URL and JSON body:
+For this step, you need to get the request URL and JSON body.
 
 1. In the Azure portal, browse to your FHIR service.
 2. Select **Overview**.
 3. Select **JSON View**.
 4. Select the API version as **2022-06-01** or later.
 
-
 To specify the Azure storage account in JSON view which is in **READ** mode, you need to use the [REST API](/rest/api/healthcareapis/services/create-or-update) to update the FHIR service.
 
 [![Screenshot of selections for opening the JSON view.](media/bulk-import/fhir-json-view.png)](media/bulk-import/fhir-json-view.png#lightbox)
@@ -69,7 +68,7 @@ The following steps walk you through setting configurations for initial and incr
 
 ### Set the import configuration for initial import mode
 
-Make the following changes to JSON:
+Make the following changes to JSON.
 
 1. In `importConfiguration`, set `enabled` to `true`.
 2. Update `integrationDataStore` with the target storage account name.
@@ -82,7 +81,7 @@ You're now ready to perform initial-mode import by using `import`.
 
 ### Set the import configuration for incremental import mode
 
-Make the following changes to JSON:
+Make the following changes to JSON.
 
 1. In `importConfiguration`, set `enabled` to `true`.
 2. Update `integrationDataStore` with the target storage account name.
@@ -105,7 +104,7 @@ To securely import FHIR data into the FHIR service from an Azure Data Lake Stora
 
 ### Enable the FHIR service as a trusted Microsoft service
 
-1. In the Azure portal, go to your Data Lake Storage Gen2 account in the Azure portal.
+1. In the Azure portal, go to your Data Lake Storage Gen2 account.
 
 1. On the left menu, select **Networking**.
 
@@ -153,9 +152,9 @@ You're now ready to securely import FHIR data from the storage account. The stor
 
 ## Next steps
 
-In this article, you learned how the FHIR service supports the `import` operation and how you can import data into the FHIR service from a storage account. You also learned about the steps for configuring import settings in the FHIR service. For more information about converting data to FHIR, exporting settings to set up a storage account, and moving data to Azure Synapse Analytics, see:
+In this article, you learned how the FHIR service supports the `import` operation, and how you can import data into the FHIR service from a storage account. You also learned about the steps for configuring import settings in the FHIR service. For more information about converting data to FHIR, exporting settings to set up a storage account, and moving data to Azure Synapse Analytics, see:
 
 >[!div class="nextstepaction"]
 >[Import FHIR data](import-data.md)
 
-FHIR&#174; is a registered trademark of [HL7](https://hl7.org/fhir/) and is used with the permission of HL7.
+[!INCLUDE [FHIR trademark statement](../includes/healthcare-apis-fhir-trademark.md)]
diff --git a/articles/healthcare-apis/fhir/convert-data-azure-data-factory.md b/articles/healthcare-apis/fhir/convert-data-azure-data-factory.md
