...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
Table of Contents | ||
---|---|---|
|
Rule: @rule_-2 | Action: @read | (GraphQL only)@read
...
| ||||||||||||
Scenario: | Base | Resource | Routes | Context | Source of context | Logic | ||||||
NHS employee can read patient’s data if he has Justification for monitoring
Given Justification on monitoring patient's data given by the user (works only from Admin panel, graphql api) | Based on user token | episode | JustificationFilter schema | patient_id | person_id from JustificationFilter schema | There is an active token & an active justification | ||||||
encounter | ||||||||||||
observation | ||||||||||||
condition | ||||||||||||
allergy_intolerance | ||||||||||||
immunization | ||||||||||||
risk_assessment | ||||||||||||
device | ||||||||||||
medication_statement | ||||||||||||
medication_request | ||||||||||||
medication_dispense | ||||||||||||
service_request | ||||||||||||
diagnostic_report | ||||||||||||
procedure | ||||||||||||
medication_administration | ||||||||||||
care_plan | ||||||||||||
activity |
Rule: @rule_-1 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context | Source of context | Logic |
Employee can read insensitive patient’s data When I require read access Then I can read | Based on user token | allergy_intolerance | by id |
|
| There is an active token for client_type.name != CABINET |
immunization | ||||||
risk_assessment | ||||||
device | ||||||
medication_statement |
Rule: @rule_0 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context | Source of context | Logic |
Patient can read it's own data When I require read access Then I can read | Based on patient token | episode | by id | patient_id | patient_id from URL | There is an active token given by Cabinet to a patient |
encounter | ||||||
observation | ||||||
condition | ||||||
allergy_intolerance | ||||||
immunization | ||||||
risk_assessment | ||||||
device | ||||||
medication_statement | ||||||
service_request | ||||||
diagnostic_report | ||||||
procedure | ||||||
medication_administration | ||||||
care_plan | ||||||
activity | ||||||
clinical_impression |
Rule: @rule_1 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context | Source of context | Logic |
Employee with active declaration can read all patient data When I require read access Then I can read | Based on declaration and user token | episode | by id | person_id | person_id from URL | There is an active declaration between the patient and the employee in OPS from the same MSP from token |
by search params | ||||||
encounter | by id | |||||
by search params | ||||||
by id in episode context | ||||||
by search params in episode context | ||||||
observation | by id | |||||
by search params | ||||||
by id in episode context | ||||||
by search params in episode context | ||||||
condition | by id | |||||
by search params | ||||||
by id in episode context | ||||||
by search params in episode context | ||||||
service_request | by id | |||||
by search params | ||||||
diagnostic_report | by id | |||||
by search params | ||||||
procedure | by id | |||||
by search params | ||||||
medication_administration | by id | |||||
by search params | ||||||
care_plan | by id | |||||
by search params | ||||||
activity | by id | |||||
by search params | ||||||
approval | by id | |||||
by search params | ||||||
clinical_impression | by id | |||||
by search params | ||||||
medication_request_request & medication_request & | by id | |||||
by search params | ||||||
device_requests | ||||||
Rule: @rule_2 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context | Source of context | Logic |
Employee can read entity created in the employee's MSP When I require read access Then I can read | Based on managing organization | service_request | by id | requester_legal_entity | DB.service_request.managing_organization | managing_organization==id |
by search param | search param {managing_organization} from URL | managing_organization (requester_legal_entity, )==token.client_id | ||||
episode | by id | managing_organisation + patient_id | DB.episode.managing_organization OR DB.diagnostic_report.managing_organization | managing_organization==id | ||
by search param | search param {requester_legal_entity} from URL | managing_organization (requester_legal_entity, )==token.client_id | ||||
care_plan | managing_organisation | DB.care_plan.managing_organization | managing_organization ==token.client_id | |||
activity | managing_organisation | DB.care_plan.managing_organization | managing_organization ==token.client_id | |||
search param {managing_organization_id} from URL | ||||||
medication_request_request & medication_request & | by id | legal_entity + patient_id | search param {legal_entity_id} from URL | legal_entity_id==id | ||
by search param | legal_entity_id==token.client_id | |||||
device_requests | requester_legal_entity | search param {requester_legal_entity} from URL | requester_legal_entity==token.client_id | |||
|
| DB.device_requests.requester_legal_entity | requester_legal_entity==token.client_id |
Rule: @rule_3 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context* | Source of context | Logic |
Employee can read all the data of episodes created in the employee's MSP Given Episode context has been created on my MSP When I require read access Then I can read | Based on context episode | encounter | by id | episode | DB.encounter.episode | episode.managing_organization==token.client_id |
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
observation | by id | episode | DB.observation.episode | |||
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
condition | by id | episode | DB.condition.episode | |||
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
service_request | by id | episode | DB.service_request.encounter.episode | |||
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
diagnostic_report | by id | episode | DB.diagnostic_report.encounter.episode | |||
by search params | context_episode_id from URL (path) | |||||
procedure | by id | episode | DB.procedures.encounter.episode | |||
by search params | search param {episode_id} from URL | |||||
medication_administration | by id | episode | IF context is encounter THEN: | |||
by search params | search param {episode_id} from URL | |||||
device | by id | episode | IF context is encounter THEN: | |||
by search params | search param {episode_id} from URL | |||||
risk_assessment | by id | episode | IF context is encounter THEN: | |||
by search params | search param {episode_id} from URL | |||||
medication_statement | by id | episode | IF context is encounter THEN: | |||
by search params | search param {episode_id} from URL | |||||
immunization | by id | episode | IF context is encounter THEN: | |||
by search params | search param {episode_id} from URL | |||||
allergy_intolerance | by id | episode | IF context is encounter THEN: | |||
by search params | search param {episode_id} from URL | |||||
medication_request | by id | episode | DB.medication_request.context_episode_id | |||
by search params | search param {episode_id} from URL | |||||
medication_dispense | by id | episode | DB.medication_request.context_episode_id | |||
by search params | search param {episode_id} from URL | |||||
medication_request_request | by id | episode | DB.medication_request_request.context_episode_id | |||
by search params | search param {episode_id} from URL | |||||
clinical_impression | by id | episode | DB.clinical_impression.context_episode_id | |||
by search params | search param {episode_id} from URL | |||||
device_requests | episode | search param {context_episode_id} from URL | episode.managing_organization==token.client_id | |||
DB.device_requests.context_episode_id | device_requests.context_episode_id.managing_organization==token.client_id |
Rule: @rule_4 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context | Source of context | Logic |
Employee with active approval can read all the data of specified in approval patient Given Active approval on patient When I require read access Then I can read | Based on patient_id
| episode | patient_id
| patient_id from URL
| There is an active approval on patient’s data granted to the to the employee (one of user's employee) in MongoDB
| |
encounter | ||||||
observation | ||||||
condition | ||||||
service_request | ||||||
procedure | ||||||
diagnostic_report | ||||||
care_plan | ||||||
activity | ||||||
clinical_impression | by id | |||||
by search params | ||||||
medication_request_request | by id | |||||
by search params | ||||||
medication_request | by id | |||||
by search params | ||||||
medication_dispense | by id (details in person context) | |||||
by search params (by medication request id) | ||||||
device_requests | ||||||
Rule: @rule_5 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context* | Source of context | Logic |
Employee with active approval or employees from legal_entity with active approval can read all the data of specified in approval episodes Given Active approval on episode When I require read access Then I can read | Based on context episode | episode | by id |
| There is an active approval on the episode granted to the employee (one of user's employee) OR to the legal_entity (one of legal_entity's employee) in MongoDB | |
encounter | by id | episode | DB.encounter.episode | |||
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
observation | by id | episode | DB.observation.episode | |||
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
condition | by id | episode | DB.condition.episode | |||
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
service request | by id | episode | DB.service_requset.encounter.episode | |||
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
diagnostic_report | by id | episode | DB.diagnostic_report.encounter.episode | |||
by search params | search param {episode_id} from URL | |||||
medication_administration | by id | episode | IF context is encounter THEN: | |||
by search params | search param {episode_id} from URL | |||||
procedure | by id | episode | DB.procedures.encounter.episode | |||
by search params | search param {episode_id} from URL | |||||
medication_request & medication_dispense | by id | episode | DB.medication_request.context_episode_id | |||
by search params | search param {episode_id} from URL (can be used with {encounter_id} search param for sort by encounter) | |||||
medication_request_request | by id | episode | DB.medication_request_request.context_episode_id | |||
by search params | search param {episode_id} from URL (can be used with {encounter_id} search param for sort by encounter) | |||||
clinical_impression | by id | episode | DB.clinical_impression.context_episode_id | |||
by search params | search param {episode_id} from URL (can be used with {encounter_id} search param for sort by encounter) | |||||
device_requests | episode | search param {context_episode_id} from URL | ||||
DB.device_requests.context_episode_id |
Rule: @rule_6 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context* | Source of context | Logic |
Employee can read entity originated by episode created in the employee's MSP Given Entity has been originated by mine MSP episode When I require read access Then I can read | Based on origin episode | encounter | by id | origin_episode | DB.encounter.origin_episode | origin_episode.managing_organization==token.client_id |
by search params | Search param {origin_episode_id} from URL | |||||
diagnostic repost | by id | origin_episode | DB.diagnostic_report.origin_episode | |||
by search params | Search param {origin_episode_id} from URL | |||||
procedures | by id | origin_episode | DB.procedures.encounter.episode | |||
by search params | search param {episode_id} from URL |
Rule: @rule_7 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context* | Source of context | Logic |
Employee can read all the data of diagnostic report originated by episode created in the employee's MSP Given Diagnostic report context has been originated by mine MSP episode When I require read access Then I can read | Based on origin episode | observation | by id | diagnostic_report | DB.observation.diagnostic_report.origin_episode | origin_episode.managing_organization==token.client_id |
by search params | Search param {diagnostic_report_id} from URL |
Rule: @rule_8 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context* | Source of context | Logic |
Employee can read all the data of encounter originated by episode created in the employee's MSP Given Encounter context has been originated by mine MSP episode When I require read access Then I can read | Based on origin episode | observation | by id | encounter | DB.observation.context.origin_episode | origin_episode.managing_organization==token.client_id |
by search params | Search param {encounter_id} from URL | |||||
condition | by id | encounter | DB.condition.context.origin_episode | |||
by search params | Search param {encounter_id} from URL | |||||
diagnostic_report | by id | encounter | DB.diagnostic_report.encounter.origin_episode | |||
by search params | Search param {encounter_id} from URL | |||||
medication_administration | by id | encounter | IF context is encounter THEN: | |||
by search params | search param {encounter_id} from URL | |||||
procedure | by id | encounter | DB.procedures.encounter.episode | |||
by search params | search param {encounter_id} from URL | |||||
|
|
|
| |||
|
| |||||
|
|
|
| |||
|
|
Rule: @rule_9| Action: @read | NOT IMPLEMENTED YET | ||||||
Scenario: | Base | Resource | Routes | Context | Source of context | Logic |
Employee with active approval can read data, originated by the episode Given Active approval on patient When I require read access Then I can read |
| encounter |
|
|
|
|
| observation |
|
|
|
| |
| condition |
|
|
|
| |
| service_request |
|
|
|
| |
| diagnostic_report |
|
|
|
|
Rule: @rule_10 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context* | Source of context | Logic |
Employee can read all the data of diagnostic report created in the employee's MSP Given Diagnostic report context has been originated by mine MSP When I require read access Then I can read | Based on diagnostic report | observation | by id | diagnostic_report | DB.observation.diagnostic_report.managing_organization | diagnostic_report.managing_organization==token.client_id |
by search params | Search param {diagnostic_report_id} from URL |
Rule: @rule_11 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context* | Source of context | Logic |
Employee with active approval or employees from legal_entity with active approval can read all the data of specified in approval diagnostic report Given Active approval on diagnostic report When I require read access Then I can read | Based on diagnostic report | observation | by id | diagnostic_report | DB.observation.diagnostic_report.managing_organization | There is an active approval on the diagnostic report granted to the employee (one of user's employee) OR to the legal_entity (one of legal_entity's employee) in MongoDB |
by search params | Search param {diagnostic_report_id} from URL |
Rule: @rule_12 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context | Source of context | Logic |
Employee with active approval can read the data associated with the care plan Given Active approval on care_plan When I require read access Then I can read | Based on care plan | care_plan | by id | care_plan + patient_id | DB.care_plan.id=approvals.granted_resources[].value | There is an active approval (access_level=read) on the care_plan granted to the employee by the patient (one of user's employee) in MongoDB |
activity | by id | care_plan + patient_id | care_plan_id & patient_id from URL (path) | |||
by search params | ||||||
medication_request_request | by id | care_plan + patient_id | care_plan_id & patient_id from URL (path) | |||
by search params | ||||||
medication_request | by id | care_plan + patient_id | care_plan_id & patient_id from URL (path) | |||
by search params | ||||||
medication_dispense | by id | care_plan + patient_id | care_plan_id & patient_id from URL (path) | |||
by search params |
| ||||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| ||||
| ||||||
|
|
| ||||
| ||||||
|
|
| ||||
| ||||||
|
|
| ||||
| ||||||
|
|
| ||||
|
|
Rule: @rule_14 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context | Source of context | Logic |
Employee with active approval on the care plan can read the data based on this care plan Given Entity based on care_plan When I require read access Then I can read | Based on care plan | service_request | by id | care_plan (based_on) + patient_id | DB.service_request.based_on.care_plan[].id=approvals.granted_resources[].value | There is an active approval (access_level=read |
by search params | care_plan + patient_id | care_plan_id from URL (search param) & patient_id from path | ||||
encounter | by id | patient_id ->. care_plan (based_on service_request) | DB.encounter.based_on.service_request.based_on.care_plan[].id=approvals.granted_resources[].value OR DB.diagnostic_report.based_on.service_request.based_on.care_plan[].id=approvals.granted_resources[].value OR DB.procedure.based_on.service_request.based_on.care_plan[].id=approvals.granted_resources[].value | |||
diagnostic_report | by id | |||||
procedure | by id | |||||
| device_dispense | care_plan (based_on device_request) | DB.device_dispense.based_on.device_request.based_on.care_plan[].id=approvals.granted_resources[].value |
|
Rule: @rule_15 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context* | Source of context | Logic |
Employee with verified unexpired approval on procedure can read all the data of this procedure Given Active approval on procedure When I require read access Then I can read | Based on procedure | procedure | by id | procedure | DB.procedures._id | There is a verified unexpired approval on procedure granted to the employee (one of user's employee) in MongoDB |
Rule: @rule_16 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context* | Source of context | Logic |
Rule: @rule_17 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context* | Source of context | Logic |
Employee can read all the data associated with the care plan created in the employee's MSP Given Care plan has been created on my MSP When I require read access Then I can read
| Based on care plan | activity | care_plan+ patient_id | DB.activities.care_plan[].id | care_plan.managing_organization.id==token.client_id | |
care_plan_id from URL (search param) & patient_id from path | ||||||
medication_request_request |
| DB.medication_request_request.based_on.care_plan[].id | ||||
care_plan_id from URL (search param) & patient_id from path | ||||||
care_plan_id & person_id from URL (search param) | ||||||
medication_request | DB.medication_request.based_on.care_plan[].id | |||||
care_plan_id from URL (search param) & patient_id from path | ||||||
care_plan_id & person_id from URL (search param) | ||||||
service_request | DB.service_request.based_on.care_plan[].id | |||||
care_plan_id from URL (search param) & patient_id from path | ||||||
device_request | DB.device_request.based_on.care_plan[].id | |||||
care_plan_id from URL ('based_on' search param) & patient_id from path | ||||||
encounter | care_plan (based_on service_request)+ patient_id | DB.encounter.based_on.service_request.based_on.care_plan[].id | ||||
diagnostic_report | DB.diagnostic_report.based_on.service_request.based_on.care_plan[].id | |||||
procedure | DB.procedure.based_on.service_request.based_on.care_plan[].id | |||||
medication_dispense | care_plan (based_on medication_request)+ patient_id | DB.medication_dispense.based_on.medication_request.based_on_care_plan_id | ||||
device_dispense | care_plan (based_on device_request)+ patient_id | DB.device_dispense.based_on.device_request.based_on.care_plan[].id |
- all routes need to have patient_id in context as an additional parameter