...

...

This web service allows to cancel encounter and other components of Data Package they were entered in case in error.

Configuration parameters

Description of the configuration parameters that are used when processing a request in the system

Dictionaries

Provides a list of links to dictionaries that are available in Confluence

Input parameters

Description of input parameters

...

Input parameter

...

Mandatory

...

Type

list of links to dictionaries that are available in Confluence

Input parameters

Request structure

See on API-specification

{
  "signed_data": "ew0KICAicGVyaW9kIjogew0KIC..."
}

Headers

Request structure

See on API-specification (посилання на сторінку з API-специфікацією)

Description of the REST API request structure, example

{
  "signed_data": "ew0KICAicGVyaW9kIjogew0KIC..."
}

Headers

...

Key

...

Value

...

Mandatory

...

Description

...

Example

...

Content-Type

...

application/json

...

M

...

Тип контенту

...

Content-Type:application/json

...

Authorization

...

Bearer {{access_token}}

...

Authorization:Bearer {{access_token}}

...

API-key

...

{{secret}}

...

API-key:{{secret}}

...

Request data validation

Authorize

Request to process the request using a token in the headers

• Verify the validity of access token

  • return 401 (“Invalid access token”) in case validation fails

• Verify token is not expired

  • in case of error - return 401 (“Invalid access token”) 

• Check user scopes in order to perform this action (scope = 'encounter:cancel')

  • Return 403 in case invalid scope(s)

• If BLOCK_UNVERIFIED_PARTY_USERS is true, then check party's data match following condition: verification_status != NOT_VERIFIED or (verification_status = NOT_VERIFIED and updated_at <= current_date - UNVERIFIED_PARTY_PERIOD_DAYS_ALLOWED):

  • in case not match - return 403 ("Access denied. Party is not verified")

1. Validate digital signature

   1. ds.drfo == PRM.parties.tax_id where PRM.parties.id==PRM.employees.party_id where:

      1. PRM.employees.id==$.encounter.performer.identifier.value)

      2. OR PRM.employees.id==$.approval.granted_to.identifier.value ($.approvals.granted_resources.identifier.value==$.encounter_id AND $.approvals.access_level='write')

      3. OR PRM.employees.employee_type==MED_ADMIN

2. Compare signed_content to previously created content

   1. select encounter, select * from observations, conditions, immunizations, allergy_intolerances where context.identifier.value=encounter_id and compare to signed_content (do not include statuses to comparation, cancellation_reason and  explanatory_letter )

      1. in case of inconsistencies return "Submitted signed content does not correspond to previously created content"

3. Validate diagnoses still valid

   1. if ($.encounter.status!="entered_in_error") validate ($.conditions[?(@.verification_status=="entered_in_error")].id is not IN $.encounter.diagnoses[*].condition.identifier.value)

      1. in case of error "The condition can not be canceled while encounter is not canceled" 

4. Validate cancellation_reason

   1. $.cancellation_reason.coding[*].system == "eHealth/cancellation_reasons"

5. Validate entities are not canceled yet (status!= "entered_in_error")

   1. in case of error "Invalid transition"

6. Validate at least one entity in the request marked as "entered_in_error"

   1. in case of error "At least one entity should have status "entered_in_error""

7. Validate user performs action with an episode that belong to his legal entity

   1. ME.patient{patinet_id}.episodes{episode_id}.managing_organization==token.client_id

      1. in case of error return 422 "Managing_organization in the episode does not correspond to user`s legal_entity"

8. Validate reasons (eHealth/ICPC2/reasons dictionary)

   1. is case is_active = false return error 422 “value is not allowed in enum“

Validate legal entity

• Validate episode belongs to the legal entity where the current user works

  • ME.episode.managing_organization==token.client_id

    • in case of error return 409 "User is not allowed to perform actions with an episode that belongs to another legal entity"

...

Response structure examples

See on API-specification (посилання на сторінку з API-специфікацією)

See on Apiary

{
  "data": {
    "status": "pending",
    "eta": "2018-08-02T10:45:16.000Z",
    "links": [
      {
        "entity": "job",
        "href": "/Jobs/NBXk9EyErUZv1RhXgyvgg"
      }
    ]
  },
  "meta": {
    "code": 202,
    "url": "http://example.com/resource",
    "type": "object",
    "request_id": "req-adasdoijasdojsda"
  }
}

...

Post-processing processes

Description of actions performed on data after processing

Technical modules where the method is used

List of pages describing technical modules where the method is used

...