The management of healthcare information relies heavily on the effective and secure handling of data. A critical aspect of FHIR data store management is the "delete" operation, which ensures the removal of outdated or erroneous records as necessary. This article will provide an overview of the deleting data in Medplum, including the differences between "soft delete" and "hard delete" methods. Understanding these distinctions is essential for making informed decisions when dealing with sensitive healthcare data.
delete operation performs a "soft" or "logical" delete. This means that data is not permanently removed from the database.
The delete interaction removes an existing resource. The interaction is performed by an HTTP DELETE command as shown:
For example, suppose a Patient resource with ID 123 is created (via an HTTP
POST /Patient) and subsequently deleted (via an HTTP
DELETE Patient/123). This will cause a second version of the Patient/123 resource to be created with version Patient/123/_history/2 that is marked as deleted.
This patient will no longer appear in search results, and attempts to read the resource (using an HTTP
GET Patient/123) will fail with an "HTTP 410 Gone" response.
However, the original content of the resource is not destroyed. It can still be found using two FHIR operations:
- Reading resource history:
- Reading a resource version:
$expunge operation performs a "hard" or "physical" delete. This means that the data is permanently removed from the database, including all resource history.
Subsequent requests for the resource will result in HTTP 404 Not Found, as if the resource never existed.
$expunge operation is only available to users with "Super Administrator" access.
Expunge Everything Option
$expunge operation supports an optional
everything flag to systematically expunge everything in the resource compartment. Currently, only the "Patient" and "Project" compartments are supported.