Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: updated from https://e-health-ua.atlassian.net/wiki/spaces/EH/pages/2124972044/8.21.0+PreProd+initial+release+change+log

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

Rule base typeDescriptionBased on declarationDoctor with an active declaration can access all the patient's medical data.Based on managing organizationUser can read entities, created in his MSPBased on context episodeUser can read medical data, that was collected during an episode of care, that user has access to.Based on diagnostic reportUser can read medical data, that was collected as a part of a diagnostic report, managed by the user's legal entity.Based on origin episodeDoctor can read medical data, that was collected as a part of a diagnostic report or episode of care, that user has access to.
Episode of care, that contains this service request,  is considered as an origin episode in that case. RuleBaseResourceRoutesContextLogicSource of context

@rule_0

@episode @encounter @observation @condition @service_request @diagnostic_report @procedures

Scenario: Patient can read it's own data

Given Patient has access_token given by Cabinet

When I require read access

Then I can read

Based on patient token

by id

patient_idThere is an active token given by Cabinet to a patientby search params

@rule_1

@read @episode @encounter @observation @condition @service_request @diagnostic_report @procedures

Scenario: Doctor with active declaration can read all patient data

Given Active declaration with patient

And declaration from the same MSP

When I require read access

Then I can read

Based on  declaration
episodeby idpatient_id
There is an active declaration between the patient and the doctor in OPS
patient_id from URL
by search paramsencounter
by idby search paramsby id in episode contextby search params in episode contextobservation
by idby search paramsby id in episode contextby search params in episode contextconditionby idby search paramsby id in episode contextby search params in episode contextservice_requestby idby search paramsdiagnostic_reportby idby search paramsproceduresby search params

@rule_2

@read @episode @service_request @diagnostic_report @procedures

Scenario: Doctor can read entity created in the doctors MSPGiven Entity has been created on my MSPWhen I require read accessThen I can readBased on managing organization
episodeby idepisode


Rule base type

Description

Based on declaration

Doctor with an active declaration can access all the patient's medical data.

Based on managing organization

User can read entities, created in his MSP

Based on context episode

User can read medical data, that was collected during an episode of care, that user has access to.

Based on diagnostic report

User can read medical data, that was collected as a part of a diagnostic report, managed by the user's legal entity.

Based on origin episode

Doctor can read medical data, that was collected as a part of a diagnostic report or episode of care, that user has access to.
Episode of care, that contains this service request,  is considered as an origin episode in that case. 

Based on care plan

User with active approval on the care plan can read or write the data based on this care plan

Rule

Base

Resource

Routes

Context

Logic

Source of context

@rule_-1

@read @allergy_intolerance @immunization @risk_assessment @device @medication_statement

Scenario: Employee can read insensitive patient’s data

Given User access token with client_type not equal to cabinet

When I require read access

Then I can read

Based on user token


by id


There is an active token


by search params


There is an active token


@rule_0

@read @episode @encounter @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement @service_request @diagnostic_report @procedure@medication_administration @care_plan @activity

Scenario: Patient can read it's own data 

Given Patient has access_token given by Cabinet

When I require read access

Then I can read

Based on patient token


by id

patient_id

There is an active token given by Cabinet to a patient


by search params

@rule_1

@read @episode @encounter @observation @condition @service_request @diagnostic_report @procedure @medication_administration @care_plan @activity @approval

Scenario: Doctor with active declaration can read all patient data

Given Active declaration with patient

And declaration from the same MSP

When I require read access

Then I can read


Based on  declaration

episode

by id

patient_id

There is an active declaration between the patient and the doctor in OPS

patient_id from URL

by search params

encounter

by id

by search params

by id in episode context

by search params in episode context

observation

by id

by search params

by id in episode context

by search params in episode context

condition

by id

by search params

by id in episode context

by search params in episode context

service_request

by id

by search params

diagnostic_report

by id

by search params

care_plan

by id

by search params

activity

by id

by search params

approval

by id

by search params

@rule_2

@read @episode @service_request @diagnostic_report @procedures

Scenario: Doctor can read entity created in the doctors MSP

Given Entity has been created on my MSP

When I require read access

Then I can read

Based on managing organization

episode

by id

episode

managing_organization==token.client_id

DB.episode.managing_organization

by search params

search param {managing_organization} from URL

service_request

by id

service request

DB.service_request.managing_organization

by search params

search param {requester_legal_entity} from URL

diagnostic_report

by id

diagnostic_report

DB.diagnostic_report.managing_organization

by search params

search param {managing_organization} from URL

procedures

by search params

managing_organization

search param {managing_organization} from URL

@rule_3

@read @encounter @observation @condition @service_request @diagnostic_report @device @medication_statement @immunization @risk_assessment @medication_administration @procedure @allergy_intolerance

Scenario: Doctor can read all the data of episodes created in the doctors MSP

Given Episode context has been created on my MSP

When I require read access

Then I can read

Based on context episode

encounter

by id

episode

episode.managing_organization==token.client_id

DB.encounter.episode

by search params

search param {episode_id} from URL

by id in episode context

episode_id from URL (path)

by search params in episode context

observation

by id

DB.observation.episode

by search params

search param {episode_id} from URL

by id in episode context

episode_id from URL (path)

by search params in episode context

condition

by id

DB.condition.episode

by search params

search param {episode_id} from URL

by is in episode context


episode_id from URL (path)

by search params in episode context

service_request

by id

DB.service_request.encounter.episode.managing_organization

by search params

search param {episode_id} from URL

by id in episode context

episode_id from URL (path)

diagnostic_report

by id

DB.diagnostic_report.encounter.episode.managing_organization

by search params

context_episode_id from URL (path)

medication_statement

by id

IF context is encounter THEN:
DB.medication_statements.context.episode.managing_organization

by search params

search param {episode_id} from URL

immunization

by id

IF context is encounter THEN:
DB.immunizations.context.episode.managing_organization

by search params

search param {episode_id} from URL

by id in episode context

episode_id from URL (path)

by search params in episode context

device

by id

IF context is encounter THEN:
DB.devices.context.episode.managing_organization

by search params

search param {episode_id} from URL

risk_assessment

by id

IF context is encounter THEN:
DB.risk_assessments.context.episode.managing_organization

by search params

search param {episode_id} from URL

medication_administration

by id

IF context is encounter THEN:
DB.medication_administrations.context.episode.managing_organization

by search params

search param {episode_id} from URL

procedure

by id

DB.procedures.encounter.episode.managing_organization

by search params

search param {episode_id} from URL

allergy_intolerance

by id

IF context is encounter THEN:
DB.allergy_intolerances.context.episode.managing_organization

by search params

search param {episode_id} from URL

by id in episode context

episode_id from URL (path)

by search params in episode context


@rule_4

@read @episode @encounter @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement @service_request @diagnostic_report @medication_administration

Scenario: Doctor with active approval can read all the data of specified in approval patient

Given Active approval on patient

When I require read access

Then I can read

not implemented yet






@rule_5

@read @episode @encounter @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement@service_request @diagnostic_report @procedure @medication_administration

Scenario: Doctor with active approval can read all the data of specified in approval episodes

Given Active approval on episode

When I require read access

Then I can read

Based on context episode

episode

by id

episode

There is an active approval on the episode granted to the employee (one of user's employee) in MongoDB

DB.episode.id

encounter

by id

DB.encounter.episode

by search params

search param {episode_id} from URL

by id in episode context

episode_id from URL (path)

by search params in episode context

observation

by id

DB.observation.episode

by search params

search param {episode_id} from URL

by id in episode context

episode_id from URL (path)

by search params in episode context

condition

by id

DB.condition.episode

by search params

search param {episode_id} from URL

by id in episode context

episode_id from URL (path)

by search params in episode context

service request

by id

DB.service_requset.encounter.episode

by search params

search param {episode_id} from URL

by id in episode context

episode_id from URL (path)

diagnostic report

by id

DB.diagnostic_report.encounter.episode

by search params

search param {episode_id} from URL

procedure

by id

DB.procedures.encounter.episode

by search params

search param {episode_id} from URL

@rule_6

@read @diagnostic_report @encounter @procedure

Scenario: Doctor can read entity originated by episode created in the doctors MSP

Given Entity has been originated by mine MSP episode

When I require read access

Then I can read

Based on origin episode

encounter

by id

origin_episode

origin_episode.managing_organization==token.client_id

DB.encounter.origin_episode

by search params

Search param {origin_episode

.managing_organization

_id} from URL

diagnostic repost

by id

DB.diagnostic_report.origin_episode

by search params

search param {managing_organization

Search param {origin_episode_id} from URL

service_request

procedures

by

idservice request

search params

DB.

service

diagnostic_

request.managing_organizationby search paramssearch param {requester_legal_entity} from URLdiagnostic_report

report.origin_episode

@rule_7

@read @observation

Scenario: Doctor can read all the data of diagnostic report originated by episode created in the doctors MSP

Given Diagnostic report context has been originated by mine MSP episode

When I require read access

Then I can read

Based on origin episode

observation

by id

diagnostic_report

origin_episode.managing_organization==token.client_id

DB.observation.diagnostic_report.

managing

origin_

organization

episode

by search params

search param {managing_organization

Search param {diagnostic_report_id} from URL

proceduresby search paramsmanaging_organizationsearch param {managing_organization} from URL@rule_3 @read @encounter @observation @condition @service_request @diagnostic_reportScenario: Doctor

@rule_8

@read @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement @service_request @diagnostic_report @procedure @medication_administration

Scenario: Doctor can read all the data of

episodes

encounter originated by episode created in the doctors MSP

Given Episode

Given Encounter context has been

created on my MSPWhen I

originated by mine MSP episode

When I require read access

Then I

Then I can read

Based on origin episode

observation

by id

encounter

origin_episode.managing_organization==token.client_id

DB.observation.context.origin_episode

by search params

Search param {encounter_id} from URL

condition

by id

DB.condition.context.origin_episode

by search params

Search param {encounter_id} from URL

service request

by id

episode
episode

DB.

managing_organization==token.client_id
DB.encounter.

service_request.encounter.origin_episode

by search params

search param

Search param {

episode

encounter_id} from URL

diagnostic_report

by id

in episode contextepisode_id from URL (path)by search params in episode contextobservation

DB.diagnostic_report.encounter.origin_episode

by search params

Search param {encounter_id} from URL

procedure

by id

DB.

observation

procedure.origin_episode

by

search paramssearch param {episode

search params

Search param {encounter_id} from URL

by id in episode contextepisode_id from URL (path)by search params in episode contextconditionby idDB.condition.episodeby search paramssearch param {episode_id} from URLby is in episode contextepisode_id from URL (path)by search params in episode contextservice_requestby idDB.service_request.encounter.episode.managing_organizationby search paramssearch param {episode_id} from URLby id in episode contextepisode_id from URL (path)diagnostic_reportby idDB.diagnostic_report.encounter.episode.

@rule_9 

@read  @encounter @observation @condition @service_request @diagnostic_report

Scenario: Doctor with active approval can read data, originated by the episode

Given Active approval on episode

When I require read access

Then I can read

not implemented yet






@rule_10 

@read @observation

Scenario: Doctor can read all the data of diagnostic report created in the doctors MSP

Given Diagnostic report context has been originated by mine MSP

When I require read access

Then I can read

Based on diagnostic report

observation

by id

diagnostic_report

diagnostic_report.managing_organization==token.client_id

DB.observation.diagnostic_report.managing_organization

by search params

context_episode_id from URL (path)@rule_4 @read @episode @encounter @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement @service_request @diagnostic_reportScenario: Doctor

Search param {diagnostic_report_id} from URL

@rule_11 

@read @observation

Scenario: Doctor with active approval can read all the data of specified in approval

patientGiven Active approval on patientWhen I require read accessThen I can readnot implemented yet@rule_5 @read @episode @encounter @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement @service_request @diagnostic_report @procedureScenario: Doctor

diagnostic report

Given Active approval on diagnostic report

When I require read access

Then I can read

Based on diagnostic report

observation

by id

diagnostic_report

There is an active approval on the diagnostic report granted to the employee (one of user's employee) in MongoDB

DB.observation.diagnostic_report

by search params

Search param {diagnostic_report_id} from URL

@rule_12 

@read @care_plan @activity @medication_request @medication_request_request

Scenario: Doctor with active approval can read

all

the data

of specified in approval episodesGiven Active approval on episodeWhen I

associated with the care plan.

Given Active approval on care_plan

When I require read access

Then I

Then I can read

Based on

context episode
episode

care plan

care_plan

by id

episode

care_plan

There is an active

approval on the episode granted to the employee (one of user's employee) in MongoDB
DB.episode.idencounter
by idDB.encounter.episodeby search paramssearch param {episode_id} from URLby id in episode contextepisode_id from URL (path)by search params in episode contextobservation
by idDB.observation.episodeby search paramssearch param {episode_id} from URLby id in episode contextepisodeDB.condition.episode

approval (access_level=read) on the care_plan granted to the employee (one of user's employee) in MongoDB

DB.care_plan.id=approvals.granted_resources[].value

activity

by id

care_plan_id from URL (path)

by search params in episode contextcondition
by id

DB.activities.care_plan[].id=approvals.granted_resources[].value

by search params

search param {episode_id} from URLby id in episode contextepisode

medication_request_requests

by search params

care_plan_id from URL (path)

by search params in episode contextservice request
by idDB.service_requset.encounter.episode

DB.medication_request_requests.based_on.care_plan[].id=approvals.granted_resources[].value

medication_requests

by search params

search param {episode_id} from URLby id in episode contextepisode

care_plan_id from URL (path)

diagnostic report

by id

DB.

diagnostic

medication_

report

requests.

encounter.episodeby search paramssearch param {episode_id} from URLprocedureby idDB.procedures.encounter.episodeby search paramssearch param {episode_id} from URL@rule_6 @read @diagnostic_report @encounter @procedureScenario: Doctor can read entity originated by episode created in the doctors MSPGiven Entity has been originated by mine MSP episodeWhen I require read accessThen I can readBased on origin episode
encounterby idorigin_episode
origin_episode.managing_organization==token.client_id
DB.encounter.origin_episodeby search paramsSearch param {origin_episode_id} from URLdiagnostic repostby idDB.diagnostic_report.origin_episodeby search paramsSearch param {origin_episode_id} from URLproceduresby search paramsDB.diagnostic_report.origin_episode@rule_7 @read @observationScenario: Doctor can read all the data of diagnostic report originated by episode created in the doctors MSPGiven Diagnostic report context has been originated by mine MSP episodeWhen I require read accessThen I can readBased on origin episodeobservationby iddiagnostic_reportorigin_episode.managing_organization==token.client_idDB.observation.diagnostic_report.origin_episodeby search paramsSearch param {diagnostic_report_id} from URL@rule_8 @read @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement @service_request @diagnostic_report @procedureScenario: Doctor can read all the data of encounter originated by episode created in the doctors MSPGiven Encounter context has been originated by mine MSP episodeWhen I require read accessThen I can readBased on origin episodeobservationby idencounter
origin_episode.managing_organization==token.client_id
DB.observation.context.origin_episodeby search paramsSearch param {encounter_id} from URLconditionby idDB.condition.context.origin_episodeby search paramsSearch param {encounter_id} from URLservice requestby idDB.service_request.encounter.origin_episodeby search paramsSearch param {encounter_id} from URL

based_on.care_plan[].id=approvals.granted_resources[].value

@rule_13 

@write @care_plan @activity @medication_request @medication_request_request

Scenario: Doctor with active approval can write the data associated with the care plan.

Given Active approval on care_plan

When I require write access

Then I can write

Based on care plan

care_plan

by id

care_plan

There is an active approval (access_level=write) on the care_plan granted to the employee (one of user's employee) in MongoDB

DB.care_plan.id=approvals.granted_resources[].value

complete

cancel

activity

by id

care_plan_id from URL (path)

DB.activities.care_plan[].id=approvals.granted_resources[].value

by search params

create

complete

cancel

medication_request_requests

by search params

care_plan_id from URL (path)

DB.medication_request_requests.based_on.care_plan[].id=approvals.granted_resources[].value

medication_requests

by search params

care_plan_id from URL (path)

DB.medication_requests.based_on.care_plan[].id=approvals.granted_resources[].value

@rule_14 

@read @service_request @encounter @diagnostic_report @procedure

Scenario: User with active approval on the care plan can read the data based on this care plan.

Given Entity based on care_plan

And Active approval on care_plan

When I require read access

Then I can read

Based on care plan

service_request

by id

care_plan

There is an active approval (access_level=read/write) on the care_plan granted to the employee (one of user's employee) in MongoDB

DB.service_request.based_on.care_plan[].id=approvals.granted_resources[].value

by search params

DB.service_request.based_on.care_plan[].id=approvals.granted_resources[].value

encounter

by id

DB.encounters.incoming_referral.[].service_requests.based_on.care_plan[].id=approvals.granted_resources[].value

diagnostic_report

by id

DB.diagnostic_reports.based_

report

on.

encounter

[].

origin_episodeby search paramsSearch param {encounter_id} from URLprocedureby idDB.procedure.origin_episodeby search paramsSearch param {encounter_id} from URL@rule_9 @read  @encounter @observation @condition @service_request @diagnostic_reportScenario: Doctor with active approval can read data, originated by the episodeGiven Active approval on episodeWhen I require read accessThen I can readBased on origin episode

service_requests.based_on.care_plan[].id=approvals.granted_resources[].value

procedure

by id

DB.procedures.based_on.[].service_requests.based_on.care_plan[].id=approvals.granted_resources[].value