Versions Compared

Old Version 3

changes.mady.by.user Anzhela Kovalenko (SoE eHealth)

Saved on

compared with

New Version 4

changes.mady.by.user Anzhela Kovalenko (SoE eHealth)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info

REST API method / Метод REST API (настанова) (remove the link block before publishing the document)

Table of Contents

Properties of a REST API method document

GUI-0011
Page Properties
idpage_properties_method_REST API

Document type

Метод REST API

Document title

[Document status] REST API [Назва методу] [ID методу]

Guideline ID

Info

REST API method / Метод REST API (настанова) (remove the link block before publishing the document)

Table of Contents

Properties of a REST API method document

Page Properties
idpage_properties_method_REST API

Document type

Метод REST API

Document title

[Document status] REST API [Назва методу] [ID методу]

Guideline ID

GUI-0011

Author

@

Document version

1

Document status

DRAFT

Date of creation

ХХ.ХХ.ХХХХ (дата фінальної версії документа – RC або PROD)

Date of update

ХХ.ХХ.ХХХХ (дата зміни версії)

Method API ID

API-007-001-002-0225

Microservices (namespace)

ME

Component

Care plan

Component ID

COM-007-001

Link на API-специфікацію

https://ehealthmedicaleventsapi.docs.apiary.io/#reference/care-plan/create-care-plan-activity/create-care-plan-activity

Resource

{{host}}/api/patients/{{patient_id}}/care_plans/{{care_plan_id}}/activities

Scope

care_plan:write

Protocol type

REST

Request type

POST

Sync/Async

Async(def)/Sync

Public/Private

Public

...

PROVIDING_CONDITIONS_ALLOWED

INNM_DOSAGE

eHealth/activity_remaining_quantity_types

Input parameters

Description of input parameters

Input parameter

Mandatory

Type

Description

Example

1

patient_id

 

String

MPI identifier of the person.

Required

7c3da506-804d-4550-8993-bf17f9ee0402

2

care_plan_id

 

String

Unique Care Plan identifier.

Required

7c3da506-804d-4550-8993-bf17f9ee0403

Request structure

See on API-specification (посилання на сторінку з API-специфікацією)

Description of the REST API request structure, example

Expand
titleExample
Code Block
{
  "signed_data": "ew0KICAicGVyaW9kIjogew0KIC..."
}

Headers

...

Key

...

Value

...

Mandatory

...

Description

...

Example

...

Content-Type

...

application/json

...

M

...

Тип контенту

...

Content-Type:application/json

...

Authorization

...

Bearer {{access_token}}

...

Authorization:Bearer {{access_token}}

...

API-key

...

{{mis_client_secret}}

...

API-key:{{mis_client_secret}}

...

Expand
titleExample
Code Block
{
  "signed_data": "ew0KICAicGVyaW9kIjogew0KIC..."
}

Headers

Key

Value

Mandatory

Description

Example

1

Content-Type

application/json

M

Тип контенту

Content-Type:application/json

2

Authorization

Bearer {{access_token}}

Authorization:Bearer {{access_token}}

3

API-key

{{mis_client_secret}}

API-key:{{mis_client_secret}}

Request data validation

Authorize

  1. Verify the validity of access token

    • Return (401, 'Invalid access token') in case of validation fails

  2. Verify that token is not expired

    • in case of error - return (401, 'Invalid access token')

  3. Check user scopes in order to perform this action (scope = 'care_plan:write')

    • Return (403, 'Your scope does not allow to access this resource. Missing allowances: care_plan:write') in case of invalid scope(s)

  4. If BLOCK_UNVERIFIED_PARTY_USERS is true, then check party's data match following condition: verification_status != NOT_VERIFIED or (verification_status = NOT_VERIFIED and updated_at <= current_date - UNVERIFIED_PARTY_PERIOD_DAYS_ALLOWED):

    • in case not match - return 403 ("Access denied. Party is not verified")

Validate legal entity

  1. Extract client_id from token

  2. Check legal entity status is ACTIVE

    1. In case of error - return 409 ('client_id refers to legal entity that is not active')

  3. Check legal entity type in ME_ALLOWED_TRANSACTIONS_LE_TYPES config parameter

    1. in case of error - return 409 ('client_id refers to legal entity with type that is not allowed to create medical events transactions')

...

  1. Extract user_id from token.

  2. Check user has an active and approved employee from legal entity (token) that:

    1. has an active Approval granted by the Patient on write the Care plan resource (care plan id from URL)

      1. Return 403 ('Access denied') in case employee has no Approval on write

  3. Check user's employee is from the same legal entity (token) as managing_organisation from the care_plan:

    1. Return 422 ('User is not allowed to create care plan activity for this care plan') in case employee’s legal_entity do not match managing_organisation of related care_plan

Validate Digital Sign

  1. Validate request is signed

    1. in case of error - return 422 (“document must be signed by 1 signer but contains 0 signatures”)

  2. Check DS is valid and not expired

  3. Validate that DS belongs to the author of the activity

    1. Check that DRFO from DS and user's party.tax_id matches

      1. in case of error - return 409 (“Signer DRFO doesn't match with requester tax_id“)

...

  1. Check employee belongs to the user and legal entity (from token)

  2. Employee is:

    1. an employee who has active Approval on write the Care plan

    2. belongs to user

      1. in case of error - return 422 ('User is not allowed to create care plan activity for the employee')

  3. Check employee_type is value from list of employee_types in configuration: ACTIVITY_AUTHOR_EMPLOYEE_TYPES_ALLOWED

    • in case of error - return 422 ('Invalid employee type')

Validate activity detail

1. Kind

...

Validate value in the field $.detail.quantity, if submitted

  1. Check $.detail.quantity.value is not empty, is fractional, greater than zero

    1. Return 422 schema validation error

...

  1. If $.detail.kind=medication_request:

    1. Check (by schemata) the $.detail.quantity.system field’s value is MEDICATION_UNIT.

      1. Return 422 ('value is not allowed in enum')

    2. Check the $.detail.quantity.code field’s value equals to dosage.denumerator_unit of one of INNMs of a INNM_DOSAGE where innms with is_primary = true

      1. Return 422 ('Code field of quantity object should be equal to denumerator_unit of one of medication’s innms')

  2. If $.detail.kind is other than medication_request:

    1. Check the $.detail.quantity.system field is not present.

      1. Return 422 ('System field of quantity object is not allowed for kind other than medication_request')

    2. Check the $.detail.quantity.code field is not present.

      1. Return 422 ('Code field of quantity object is not allowed for kind other than medication_request')

  3. If $.detail.kind=service_request:

    1. Check that $.detail.quantity.system field’s value is SERVICE_UNIT, if submitted.

      1. Return 422 ('value is not allowed in enum')

    2. If care plan category is class_23, class_24 or class_25:

      1. Check $.detail.quantity.system and $.detail.quantity.code are set, $.detail.quantity.code = MINUTE

        1. Return 422 ('Code field of quantity object should be in MINUTE for care plan’s category <category code>')

  4. Set remaining_quantity.value = $.detail.quantity.value, and use for remaining_quantity.system, remaining_quantity.code, remaining_quantity.unit fields, which were specified in $.detail.quantity object.

...

  1. Check the value is valid reference o employee resource

  2. Check employee is active and approved

    1. Return 422 ('Invalid employee status')

10. Daily amount

  1. If submitted, check $.detail.daily_amount has the same code and system as quantity field.

    1. Return 422 ('Units of daily_amount field should be equal to units of quantity field')

  2. Validate value in the field $.detail.daily_amount, if submitted.

  3. Check activity kind is medication_request

    1. Return 422 ('Field is allowed for medication request activities only') in case kind is not medication_request

  4. Validate $.detail.daily_amount.system, $.detail.daily_amount.code fields and their values in the object $.detail.daily_amount

  5. If $.detail.kind=medication_request:

    1. Check (by schemata) the $.detail.daily_amount.system field’s value is MEDICATION_UNIT.

      1. Return 422 ('value is not allowed in enum')

    2. Check the $.detail.daily_amount.code field’s value equals to dosage.denumerator_unit of one of INNMs of a INNM_DOSAGE where innms with is_primary = true

      1. Return 422 ('Code field of daily_amount object should be equal to denumerator_unit of one of medication’s innms')

  6. If $.detail.kind is other than medication_request:

    1. Check the $.detail.daily_amount.system field is not present.

      1. Return 422 ('System field of daily_amount object is not allowed for kind other than medication_request')

    2. Check the $.detail.daily_amount.code field is not present.

      1. Return 422 ('Code field of daily_amount object is not allowed for kind other than medication_request')

11. Medical program

Validate field exists for kind = medication_request

...

  1. Save signed content to media storage

  2. Save data to care_plan_activities collection in DB according to Care plan data model

    1. for kind = medication_request

      1. add unit (and its value) field into quantity, daily_amount, objects based on system, code out of MEDICATION_UNIT or SERVICE_UNIT dictionary.

      2. add system, code, unit fields into remaining_quantity based on quantity object

  3. Save link from media storage to the $.signed_content_links field in care plan activities collection

  4. If Care plan has status = new:

    1. Set care plan status = active

    2. Check if patient has another active or/and new Care plans with such condition code in the addresses field and the same terms of service:

      1. If such Care plans found - set these Care plans statuses to TERMINATED (related activities doesn`t change their status)

  5. Set $.details.remaining_quantity_type:

    1. If $.details.kind = medication_request check $.details.quantity:

      1. if $.details.quantity = null then set $.details.remaining_quantity_type = null

      2. if $.details.quantity is not null then:

        1. set $.details.remaining_quantity_type = for_request

    2. If $.details.kind = service_request check $.details.quantity:

      1. if $.details.quantity = null then set $.details.remaining_quantity_type = null

      2. if $.details.quantity is not null then check $.details.quantity.code:

        1. if $.details.quantity.code is not null then set $.details.remaining_quantity_type = for_request

        2. if $.details.quantity.code = null then set $.details.remaining_quantity_type = for_use

  6. Create job and return it’s id.

Response structure examples

See on API-specification (посилання на сторінку з API-специфікацією)Description of the REST API response structure, example

Expand
titleResponse Example. Code: 201
Code Block
{
  "data": {
    "id": "75a5d991-0bf7-476f-b3cf-bec73f044b2e",
    "author": {
      "identifier": {
        "type": {
          "coding": [
            {
              "system": "eHealth/resources",
              "code": "employee"
            }
          ]
        },
        "value": "9183a36b-4d45-4244-9339-63d81cd08d9c"
      }
    },
    "care_plan": {
      "identifier": {
        "type": {
          "coding": [
            {
              "system": "eHealth/resources",
              "code": "care_plan"
            }
          ]
        },
        "value": "9183a36b-4d45-4244-9339-63d81cd08d9c"
      }
    },
    "detail": {
      "kind": "service_request",
      "product_reference": {
        "identifier": {
          "type": {
            "coding": [
              {
                "system": "eHealth/resources",
                "code": "service"
              }
            ],
            "text": ""
          },
          "value": "97d57238-ffbe-4335-92ea-28d4de117ea3"
        }
      },
      "reason_code": [
        {
          "coding": [
            {
              "system": "eHealth/ICD10_AM/condition_codes",
              "code": "X85"
            }
          ]
        }
      ],
      "reason_reference": [
        {
          "identifier": {
            "type": {
              "coding": [
                {
                  "system": "eHealth/resources",
                  "code": "condition"
                }
              ]
            },
            "value": "9183a36b-4d45-4244-9339-63d81cd08d9c"
          }
        }
      ],
      "goal": [
        {
          "coding": [
            {
              "system": "eHealth/care_plan_activity_goals",
              "code": "diabetes_treatment"
            }
          ]
        }
      ],
      "quantity": {
        "value": 13,
        "system": "MEDICATION_UNIT",
        "code": "MG",
        "unit": "мг"
      },
      "scheduled_timing": {
        "event": [
          "2018-08-02T10:45:16Z"
        ],
        "repeat": {
          "bounds_duration": {
            "value": 10,
            "comparator": ">",
            "unit": "доба",
            "system": "eHealth/ucum/units",
            "code": "day"
          },
          "count": 10,
          "count_max": 20,
          "duration": 15,
          "duration_max": 25,
          "duration_unit": "day",
          "frequency": 1,
          "frequency_max": 4,
          "period": 1,
          "period_max": 3,
          "period_unit": "day",
          "day_of_week": [
            "mon"
          ],
          "time_of_day": [
            "16:00:00"
          ],
          "when": [
            "WAKE"
          ],
          "offset": 20
        },
        "code": {
          "coding": [
            {
              "system": "TIMING_ABBREVIATION",
              "code": "Q4H"
            }
          ]
        }
      },
      "location": {
        "identifier": {
          "type": {
            "coding": [
              {
                "system": "eHealth/resources",
                "code": "division"
              }
            ]
          },
          "value": "9183a36b-4d45-4244-9339-63d81cd08d9c"
        }
      },
      "performer": {
        "identifier": {
          "type": {
            "coding": [
              {
                "system": "eHealth/resources",
                "code": "employee"
              }
            ]
          },
          "value": "9183a36b-4d45-4244-9339-63d81cd08d9c"
        }
      },
      "daily_amount": {
        "value": 13.5,
        "system": "MEDICATION_UNIT",
        "code": "MG",
        "unit": "мг"
      },
      "description": "Some activity description",
      "do_not_perform": false,
      "program": {
        "identifier": {
          "type": {
            "coding": [
              {
                "system": "eHealth/resources",
                "code": "medical_program"
              }
            ]
          },
          "value": "9183a36b-4d45-4244-9339-63d81cd08d9c"
        }
      },
      "status": "completed",
      "status_reason": {
        "coding": [
          {
            "system": "eHealth/care_plan_activity_cancel_reasons",
            "code": "some code"
          }
        ]
      },
      "remaining_quantity": {
        "value": 12,
        "system": "MEDICATION_UNIT",
        "code": "MG",
        "unit": "мг"
      }
    },
    "outcome_reference": [
      {
        "identifier": {
          "type": {
            "coding": [
              {
                "system": "eHealth/resources",
                "code": "encounter"
              }
            ]
          },
          "value": "9183a36b-4d45-4244-9339-63d81cd08d9c"
        }
      }
    ],
    "outcome_codeable_concept": [
      {
        "coding": [
          {
            "system": "eHealth/care_plan_activity_outcomes",
            "code": "some code"
          }
        ]
      }
    ]
  },
  "meta": {
    "code": 201,
    "url": "http://example.com/resource",
    "type": "object",
    "request_id": "req-adasdoijasdojsda"
  }
}

...

Only for active MPI record can be created medication request!

Response code

HTTP Status code

Message

Internal name

Description

1

Базові

2

201

Response

 Sync. Use payload from response

3

202

Response

 Async: default method. use Get job details to get processing result. Response payload will be returned in the job details

4

401

Invalid access token

  • validation fails

  • token is expired

5

401

Unauthorized

Помилка підтвердження

6

403

Access denied

  • invalid scope(s)

76

403

Access denied. Party is not verified

87

403

Your scope does not allow to access this resource. Missing allowances: care_plan:write

9

1000

404

Composition not found

COMPOSITION_NOT_FOUND_404

Не знайдено медичний висновок

108

404

Program not found

119

409

client_id refers to legal entity that is not active

 

1210

409

client_id refers to legal entity with type that is not allowed to create medical events transactions

1311

409

Care Plan from url does not match to Care Plan ID specified in body

1412

409

Person is not active

1513

409

Patient is not verified

1614

409

Signer DRFO doesn't match with requester tax_id

1715

422

Another activity with status ‘scheduled' or ‘in_progress' already exists i

1816

422

Activity with such id already exists

1917

422

Another activity with status ‘scheduled' or ‘in_progress' already exists in the current Care plan

2018

422

Author’s specialty doesn't allow to create activity with medical program from request

2119

422

Bounds duration must be within care plan period range

2220

422

Code field of quantity object should be equal to denumerator_unit of one of medication’s innms

2321

422

Care plan with such id is not found

2422

422

Care Plan end date is expired

2523

422

Clinical impression with patient category does not correspond to rule engine rule

2624

422

Cannot refer to service for kind = medication_request

2725

422

Clinical impression with patient category should be present in request for this medical program

2826

422

Cannot refer to medication for kind = service_request

2927

422

Care plan’s terms of service are not allowed for the medical program

3028

422

Code field of quantity object should be in MINUTE for care plan’s category <category code>

3129

422

Clinical impression with patient category exceeds validity period

3230

422

Care plan diagnosis is not allowed for the medical program

3331

422

document must be signed by 1 signer but contains 0 signatures

3432

422

Division is not active

3533

422

Event is not within care plan period range

3634

422

Forbidden to create care plan activity for this medication!

3735

422

High must be within care plan period range

3836

422

Invalid care plan status

3937

422

Invalid employee status

4038

422

Invalid employee type

4139

422

Low must be within care plan period range, less than high, have the same code as high

4240

422

<medical event type> with such ID is not found

4341

422

Medication should be active

4442

422

Medication does not exist

4543

422

Medical program must be submitted for kind = medication_request

4644

422

Medication is not included in the program

4745

422

not allowed in enum

4846

422

Only one of the parameters must be present

4947

422

Period end time must be within care plan period range, after period start date

5048

422

Period start time must be within care plan period range

5149

422

Program not found

5250

422

Service group is not included in the program

5351

422

<Service/Service group> should be active

5452

422

String does not match pattern

5553

422

Service is not included in the program

5654

422

User is not allowed to create care plan activity for the employee

5755

422

Value is not allowed in enum

5856

422

User is not allowed to create care plan activity for this care plan

5957

422

Units of daily_amount field should be equal to units of quantity field

6058

Специфічні

61

422

59

Post-processing processes

Description of actions performed on data after processing

Technical modules where the method is used

List of pages describing technical modules where the method is used

Page Properties Report
headingsID ТМ, Статус
cqllabel = "tr-mis"

...