Rule type | Description |
---|---|
Based on declaration | Doctor with an active declaration can access all the patient's medical data. |
Based on context episode | User can read medical data, that was collected during an episode of care, managed by the user's legal entity. |
Based on diagnostic report | User can read medical data, that was collected as a part of a diagnostic report, managed by the user's legal entity. |
Based on approval | User can read medical data, that was collected as a part of a diagnostic report or episode of care, that was allowed to read by a patients approval. |
Based on origin episode | Doctor can read medical data, that was collected as a part of a diagnostic report or episode of care, created based on doctor's service request. Episode of care, that contains this service request, is considered as an origin episode in that case. |
...
Rule |
---|
Base | Resource |
---|
Routes |
---|
Context | Implementation |
---|
Source of context | |
---|---|
|
| Based |
on declaration | episode | by id | patient |
for all:{
_id | There is an active declaration between the patient and the doctor in OPS | patient_id |
from URL | |
by search params | |
encounter | by id |
by search params | |
by id in episode context | |
by search params in episode context | |
observation | by id |
by search params | |
by id in episode context | |
by search params in episode context |
condition | by id | |||||
by search params | ||||||
by id in episode context | ||||||
by search params in episode context | ||||||
service_request | by id | |||||
by search params | ||||||
|
| |||||||||||||
Rule | Rule type | Resource | Route | Сontext | Logic | Context source | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
@rule_1 @read @episode @encounter @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement @service_request @diagnostic_report Scenario: Doctor with active declaration can read all patient data Given Active declaration with patient And declaration from the same MSP When I require read access Then I can read | Based on declaration | episode | by id | patient | for all:{patient_id} form URL | ||||||||||
by search params | |||||||||||||||
conditionencounter | by id | ||||||||||||||
by search params | |||||||||||||||
in episode context by id | |||||||||||||||
in episode context by search params | |||||||||||||||
allergy_intoleranceobservation | by id | ||||||||||||||
by search params | |||||||||||||||
in episode context by id | |||||||||||||||
in episode context by search params | |||||||||||||||
immunizationcondition | by id | ||||||||||||||
by search params | |||||||||||||||
in episode context by id | |||||||||||||||
in episode context by search params | |||||||||||||||
by search params | |||||||||||||||
service_request | by id | ||||||||||||||
by search params | |||||||||||||||
diagnostic_report | by id | ||||||||||||||
by search params | |||||||||||||||
| |||||||||||||||
@rule_5 @read @episode @encounter @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement @service_request @diagnostic_report Scenario: Doctor with active approval can read all the data of specified in approval episodes Given Active approval on episode When I require read access Then I can read | Based on approval | episode | by id | none | episode.id in approvals.permitted_resources | by id: selected from DB by search param: | |||||||||
encounter | by id | episode | |||||||||||||
by search param | |||||||||||||||
observation | by id | ||||||||||||||
by search param | |||||||||||||||
condition | by id | ||||||||||||||
by search param | |||||||||||||||
@rule_8 @read @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement @diagnostic_report Scenario: Doctor can read all the data of encounter originated by episode, created in the doctors MSP Given Encounter context has been originated by mine episode When I require read access Then I can read | Based on origin episode | observation | by id | encounter | context.origin_episode.managing_organization==token.client_id | by id: selected from DB by search param: | |||||||||
by search param | |||||||||||||||
condition | by id | ||||||||||||||
by search param | |||||||||||||||
diagnostic_report | by id | encounter.origin_episode.managing_organization==token.client_id | |||||||||||||
by search param | |||||||||||||||