Versions Compared

Old Version 3

changes.mady.by.user Anzhela Kovalenko (SoE eHealth)

Saved on

compared with

New Version 4

changes.mady.by.user Anzhela Kovalenko (SoE eHealth)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

REST API method / Метод REST API (настанова) (remove the link block before publishing the document)

...

Properties of a REST API method document

Document type

Метод REST API

Document title

[Document status] REST API [Назва методу] [ID методу]

Guideline ID

GUI-0011

Author

@

Document version

1

Document status

DRAFT

Date of creation

ХХ.ХХ.ХХХХ (дата фінальної версії документа – RC або PROD)

Date of update

ХХ.ХХ.ХХХХ (дата зміни версії)

Method API ID

API-007-001-001-0218

Microservices (namespace)

ME

Component

Care plan

Component ID

COM-007-001

Link на API-специфікацію

https://ehealthmedicaleventsapi.docs.apiary.io/#reference/care-plan/create-care-plan/create-care-plan

Resource

{{host}}/api/patients/{{patient_id}}/care_plans

Scope

care_plan:write

Protocol type

REST

Request type

POST

Sync/Async

Async(def)/Sync

Public/Private

Public

...

  1. Only authenticated and authorized user with employee_type from the list ofCARE_PLAN_AUTHOR_EMPLOYEE_TYPES_ALLOWED
    config with appropriate speciality pointed in CARE_PLAN_<category>_SPECIALITIES_ALLOWEDconfig can create a Care plan.

  2. Care plan can be created from MSP, PRIMARY_CARE or OUTPATIENT legal entity.

  3. Care plan can be created for persons and prepersons.

  4. Care plan should be signed with DS.

  5. Care plan creates in async way as all MEs.

  6. Activities are added to a Care plan using Create Care Plan activity method. Thus, Care plan is being initially created without activities.

...

eHealth/ICD10_AM/condition_codes

PROVIDING_CONDITION

Input parameters

...

parameters

Input parameter

Mandatory

Type

Description

Example

1

patient_id

 

String

MPI identifier of the person

7075e0e2-6b57-47fd-aff7-324806efa7e5

Request structure

See on API-specification (посилання на сторінку з API-специфікацією)Description of the REST API request structure, exampleon API-specification

Expand
titleRequest example
Code Block
{
  "signed_data": "ew0KICAicGVyaW9kIjogew0KIC..."
}

...

Key

Value

Mandatory

Description

Example

1

Content-Type

application/json

M

Тип контенту

Content-Type:application/json

2

 Authorization

 Bearer {{access_token}}

 

 

 Authorization:Bearer {{access_token}}

3

API-key

{{mis_client_secret}}

API-key:{{mis_client_secret}}

...

Example

1

Content-Type

application/json

M

Тип контенту

Content-Type:application/json

2

 Authorization

 Bearer {{access_token}}

 

 

 Authorization:Bearer {{access_token}}

3

API-key

{{mis_client_secret}}

API-key:{{mis_client_secret}}

Request data validation

Authorize

  1. Verify the validity of access token

    • in case of error - return 401 (“Invalid access token”) in case of validation fails

  2. Verify that token is not expired

    • in case of error - return 401 (“Invalid access token”)

  3. Check user scopes in order to perform this action (scope = 'care_plan:write')

    • return 403 (“Your scope does not allow to access this resource. Missing allowances: care_plan:write”) in case of invalid scope(s)

  4. Request to process the request using a token in the headers

  5. If BLOCK_UNVERIFIED_PARTY_USERS is true, then check party's data match following condition: verification_status != NOT_VERIFIED or (verification_status = NOT_VERIFIED and updated_at <= current_date - UNVERIFIED_PARTY_PERIOD_DAYS_ALLOWED):

    • in case not match - return 403 ("Access denied. Party is not verified")

Validate request

  1. Validate encoded and decoded request using schema.

    1. Return 422 with the list of validation errors in case validation fails.

...

  1. Extract user_id from token. Check that author belongs to one of the user’s employee.

    1. in case of error - return 422 ('User is not allowed to create care plan for the employee')

  2. Check that author is an active and approved employee and related to the legal entity (client_id from token).

    1. in case of error - return 403 ('Access denied')

  3. Check author’s employee type:

    1. for employees with employee_type from CARE_PLAN_AUTHOR_ROLE_CHECK_EMPLOYEE_TYPESconfig:

      1. Сheck it has at least one employee role that:

        1. is active and has active status

        2. refers to healthcare service with providing_conditions=$.terms_of_service value

          1. in case of error - return 422 ('Employee does not have active role that correspond to the submitted terms of service')

    2. If DOCTOR, then no additional validations needed

  4. Check author’s speciality (speciality_officio == true) pointed in config for a corresponding care plan category.

    1. in case of error - return 409 (“Invalid employee speciality”)

...

  1. Check the value is valid reference on encounter resource

    1. Check encounter is active (status is not entered_in_error)

      1. in case of error - return 422 ('Encounter in "entered_in_error" status can not be referenced')

    2. Check encounter belongs to patient ($.subject)

      1. in case of error - return 422 ('Encounter with such id is not found')

    3. Check that encounter diagnosis is not empty in $.encounter.diagnosis

      1. in case of error - return 422 ('Encounter without diagnosis can not be referenced')

  2. Validate primary diagnosis Condition in the Encounter:

    1. Check condition codes is in allowed condition code list for the care plan’s category (chart variables in config: for employee types: SPECIALIST, DOCTOR and MED_COORDINATOR)

      1. in case of error - return 422 ('Primary diagnosis condition code and care plan category mismatch')

    2. Check the condition system/codes has strict match with the value in the Addresses field

      1. in case of error - return 422 ('Primary diagnosis condition codes do not match with codes in addresses') in case condition code in addresses is not the same as in the encounter diagnosis.

  3. Validate Episode related to the Encounter:

    1. exists

      1. in case of error - return 422 ('Encounter refers to episode that does not exist')

    2. is active

      1. in case of error - return 422 ('Encounter refers to episode that is not active')

    3. it’s managing organization matches with author’s legal entity (client_id)

      1. in case of error - return 422 ('Encounter is from another legal entity')

...

  1. Check that there is values from a dictionary PROVIDING_CONDITION.

    1. in case of error - return 422 ('value is not allowed in enum')

  2. Check submitted value:

    1. define allowed terms_of_service for employee_type using a set of chart variables CARE_PLAN_<employee_type>_TERMS_OF_SERVICE_ALLOWED

      1. in case terms_of_service not allowed for the employee_type - return 422 ('Not allowed for <employee type>')

...

  1. Check that $.period.start >= encounter.date (OR encounter.period.start)

    1. in case of error and encounter.period.start - return 422 ('Care plan start date must be greater or equal than Encounter period start')

    2. in case of error and encounter.date - return 422 ('Care plan start date must be greater or equal than Encounter start date')

  2. Check that $.period.end >= $.period.start

    1. in case of error - return 422 ('End date must be greater than or equal the start date')

...

Response structure examples

See on API-specification (посилання на сторінку з API-специфікацією)Description of the REST API response structure, example

Expand
titleExample
Code Block
{
  "data": {
    "id": "90a9e15b-b71b-4caf-8f2e-ff247e8a5600",
    "based_on": {
      "identifier": {
        "type": {
          "coding": [
            {
              "system": "eHealth/resources",
              "code": "care_plan"
            }
          ]
        },
        "value": "9183a36b-4d45-4244-9339-63d81cd08d9c"
      }
    },
    "part_of": {
      "identifier": {
        "type": {
          "coding": [
            {
              "system": "eHealth/resources",
              "code": "care_plan"
            }
          ]
        },
        "value": "9183a36b-4d45-4244-9339-63d81cd08d9c"
      }
    },
    "category": {
      "coding": [
        {
          "system": "eHealth/care_plan_categories",
          "code": "diabetics"
        }
      ]
    },
    "title": "Diabetics health plan",
    "description": "Some description of the care plan",
    "period": {
      "start": "2018-08-02T10:45:16.000Z",
      "end": "2018-08-02T11:00:00.000Z"
    },
    "supporting_info": [
      {
        "identifier": {
          "type": {
            "coding": [
              {
                "system": "eHealth/resources",
                "code": "episode_of_care"
              }
            ]
          },
          "value": "9183a36b-4d45-4244-9339-63d81cd08d9c"
        }
      }
    ],
    "note": "Some notes",
    "intent": "order",
    "encounter": {
      "identifier": {
        "type": {
          "coding": [
            {
              "system": "eHealth/resources",
              "code": "encounter"
            }
          ]
        },
        "value": "9183a36b-4d45-4244-9339-63d81cd08d9c"
      }
    },
    "addresses": [
      {
        "coding": [
          {
            "system": "eHealth/ICD10_AM/condition_codes",
            "code": "E11.9"
          }
        ]
      }
    ],
    "author": {
      "identifier": {
        "type": {
          "coding": [
            {
              "system": "eHealth/resources",
              "code": "employee"
            }
          ]
        },
        "value": "9183a36b-4d45-4244-9339-63d81cd08d9c"
      }
    },
    "contributor": [
      {
        "identifier": {
          "type": {
            "coding": [
              {
                "system": "eHealth/resources",
                "code": "employee"
              }
            ]
          },
          "value": "9183a36b-4d45-4244-9339-63d81cd08d9c"
        }
      }
    ],
    "terms_of_service": {
      "coding": [
        {
          "system": "PROVIDING_CONDITION",
          "code": "INPATIENT"
        }
      ]
    },
    "inform_with": {
      "auth_method_id": "cc949559-5dfe-420f-ac05-065e443b2cc6"
    },
    "status": "active",
    "subject": {
      "identifier": {
        "type": {
          "coding": [
            {
              "system": "eHealth/resources",
              "code": "patient"
            }
          ]
        },
        "value": "7c3da506-804d-4550-8993-bf17f9ee0403"
      }
    },
    "status_history": [
      {
        "status": "active",
        "status_reason": {
          "coding": [
            {
              "system": "eHealth/care_plan_cancel_reasons",
              "code": "some code"
            }
          ]
        },
        "inserted_at": "2018-08-02T10:45:16.000Z",
        "inserted_by": "e1453f4c-1077-4e85-8c98-c13ffca0063e"
      }
    ],
    "requisition": "0123-4567-89AB-CEIK",
    "inserted_at": "2017-04-20T19:14:13Z",
    "inserted_by": "e1453f4c-1077-4e85-8c98-c13ffca0063e",
    "updated_at": "2017-04-20T19:14:13Z",
    "updated_by": "2922a240-63db-404e-b730-09222bfeb2dd"
  },
  "meta": {
    "code": 201,
    "url": "http://example.com/resource",
    "type": "object",
    "request_id": "req-adasdoijasdojsda"
  }
}

...

11 

Response code

HTTP Status code

Message

Internal name

Description

1

Базові

2

201

Response

 

3

 202

Response payload will be returned in the job details

 

4

202

Use Get job details to get processing result.

5

401

Invalid access token

  • validation fails

  • token is expired

6

401

Unauthorized

 

Помилка підтвердження

7

403

Access denied

invalid scope(s)

87

403

Access denied. Party is not verified

98

403

Your scope does not allow to access this resource. Missing allowances: care_plan:write

10

1000

404

Composition not found

COMPOSITION_NOT_FOUND_404

Не знайдено медичний висновок

allowances: care_plan:write

9

409

client_id refers to legal entity that is not active

Validation failed

1210

409

client_id refers to legal entity with type that is not allowed to create medical events transactions

1311

409

Care plan with such id already exists

1412

409

Invalid employee speciality

1513

409

Patient is not verified

1614

409

Person is not active

1715

409

Signer DRFO doesn't match with requester tax_id

1816

422

Authentication method doesn't exist, is inactive or does not belong to this person

1917

422

Care plan with such id is not found

2018

422

Care plan start date must be greater or equal than Encounter period start

2119

422

Care plan in status "<care_plan.status>" can not be referenced

2220

422

Document must be signed by 1 signer but contains 0 signatures

2321

422

Employee does not have active role that correspond to the submitted terms of service

2422

422

Encounter without diagnosis can not be referenced

2523

422

Encounter refers to episode that does not exist

2624

422

Encounter with such id is not found

2725

422

Encounter in "entered_in_error" status can not be referenced

2826

422

End date must be greater than or equal the start date

2927

422

Encounter refers to episode that is not active

3028

422

Encounter is from another legal entity

3129

422

Invalid employee status

3230

422

list of validation errors in case validation fails

3331

422

<medical event type> with such ID is not found

3432

422

Not allowed for <employee type>

3533

422

Primary diagnosis condition codes do not match with codes in addresses

3634

422

Primary diagnosis condition code and care plan category mismatch

3735

422

type mismatch or schema validation error

3836

 

422

Value is not allowed in enum

3937

422

User is not allowed to create care plan for the employee

4038

Специфічні

41

 

422

Only for active MPI record can be created medication request!

39

 

Post-processing processes

Description of actions performed on data after processing

Technical modules where the method is used

List of pages describing technical modules where the method is used

Название

ID ТМ

Статус

/wiki/spaces/ESOZ/pages/17378181218

TM0112

/wiki/spaces/YK/pages/17837688354