Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Rule typeDescription
Based on declarationDoctor with an active declaration can access all the patient's medical data.
Based on context episodeUser can read medical data, that was collected during an episode of care, managed by the user's legal entity.  
Based on diagnostic reportUser can read medical data, that was collected as a part of a diagnostic report, managed by the user's legal entity.
Based on approvalUser can read medical data, that was collected as a part of a diagnostic report or episode of care, that was allowed to read by a patients approval. 
Based on origin episodeDoctor can read medical data, that was collected as a part of a diagnostic report or episode of care, created based on doctor's service request.
Episode of care, that contains this service request,  is considered as an origin episode in that case. 

...


Rule
Rule type
BaseResource
Route
Routes
Сontext
ContextImplementation
Context source
Source of context


@rule_1

@read @episode @encounter @observation @condition

@allergy_intolerance @immunization @risk_assessment @device @medication_statement

@service_request @diagnostic_report



Scenario: Doctor with active declaration can read all patient data


Given Active declaration with patient


And declaration from the same MSP


When I require read access


Then I can read









Based
on
on  declaration








episodeby idpatient

for all:{
_id








There is an active declaration between the patient and the doctor in OPS








patient_id
} form
from URL







by search params
encounter


by id
by search params
by id in episode context
by search params in episode context
observation


by id
by search params
by id in episode context
by search params in episode context
observation
conditionby id
by search params
by id in episode context
by search params in episode context
service_requestby id
by search params








@rule_2

@read @episode @service_request @diagnostic_report




Scenario: Doctor can read entity created in
episode context
the doctors MSP

Given Entity has been created on my MSP

When I require read access

Then I can read




















































RuleRule typeResourceRouteСontextLogicContext source

@rule_1

@read @episode @encounter @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement @service_request @diagnostic_report

Scenario: Doctor with active declaration can read all patient data

Given Active declaration with patient

And declaration from the same MSP

When I require read access

Then I can read









Based on declaration


episodeby idpatient






















for all:{patient_id} form URL







by search params


conditionencounterby id
by search params
in episode context by id
in episode context by search params
allergy_intoleranceobservationby id
by search params
in episode context by id
in episode context by search params
immunizationconditionby id
by search params
in episode context by id
in episode context by search params


by search params













service_requestby id
by search params
diagnostic_reportby id
by search params


@rule_2 @read @episode @service_request @diagnostic_report

Scenario: Doctor can read entity created in the doctors MSP

Given Entity has been created on my MSP

When I require read access

Then I can read











































@rule_5

@read @episode @encounter @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement @service_request @diagnostic_report

Scenario: Doctor with active approval can read all the data of specified in approval episodes

Given Active approval on episode

When I require read access

Then I can read








Based on approval





episodeby idnoneepisode.id in approvals.permitted_resources 

by id: selected from DB

by search param: {episode_id} or {context_episode_id} from URL








encounterby idepisode
by search param
observationby id
by search param
conditionby id
by search param














@rule_8 @read @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement @diagnostic_report
Scenario: Doctor can read all the data of encounter originated by episode, created in the doctors MSP
Given Encounter context has been originated by mine episode
When I require read access
Then I can read














Based on origin episode














observation by idencountercontext.origin_episode.managing_organization==token.client_id















by id: selected from DB

by search param: {encounter_id} from URL

by search param
condition by id
by search param
diagnostic_reportby idencounter.origin_episode.managing_organization==token.client_id
by search param