Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents

...

  1. This WS is designed to create approval on entity, which aggregate other entities (episode_of_care, diagnostic_report, care_plan), OR forbidden group OR diagnoses group, OR on service_request including it’s permitted_resources OR on cancel for encounter, specimen and procedure.

  2. Approvals are processed in the async way

  3. Only authenticated and authorized employees with appropriate scope can create approval.

Specification

  1. API Create Approval

Authorize

  1. Verify the validity of access token

    1. in case of error - return 401 (“Invalid access token”) in case of validation fails

  2. Verify that token is not expired

    1. in case of error - return 401 (“Invalid access token”)

  3. Check user scopes in order to perform this action (scope = 'approval:create ')

    1. return 403 (“Your scope does not allow to access this resource. Missing allowances: approval:create ”) in case of invalid scope(s)

...

  1. if episode_of_care is presented in request as the code of resource

    1. Check episode_of_care in the request exists and is in active or closed status in DB

      1. in case of error return - 422 (Episode is canceled)

    2. Check if resource from granted_to = 'employee':

      1. in case of error return - 422 ("$.resource. value is not allowed in enum")

  2. if diagnostic_report is presented in request as the code of resource

    1. Check diagnostic_report block in the request exists and is in final status in DB

      1. in case of error return - 422 (Diagnostic report in \"entered_in_error\" status can not be referenced or Diagnostic report with such id is not found)

    2. Check if resource from granted_to = 'employee':

      1. in case of error return - 422 ("$.resource. value is not allowed in enum")

  3. if care_plan is presented in request as the code of resource

    1. Check care_plan in the request exists in DB

      1. in case of error return - 422 (Care plan with such id is not found)

    2. Check there no other objects in request

      1. in case of error return - 422 (Approval for care plan can not contain other entities)

    3. Check if resource from granted_to = 'employee':

      1. in case of error return - 422 ("$.resource. value is not allowed in enum")

    4. If access_level = 'write':

      1. Check if care_plans.managing_organization = granted_to.employees.legal_entity_id:

        1. in case of error return - 422 ('User is not allowed to write care plan from another legal_entity')

  4. if encounter  is presented in request as the code of resource

    1. Check encounter in the request exists in DB and is not in “entered_in_error” status in DB

      1. (Encounter in \"entered_in_error\" status can not be referenced or Encounter with such id is not found)

    2. Check if resource from granted_to = 'employee':

      1. in case of error return - 422 ("$.resource. value is not allowed in enum")

  5. if procedure is presented in request as the code of resource

    1. Check procedure in the request exists in DB and is not in “entered_in_error” status in DB

      1. in case of error return - 422 (Procedure in \"entered_in_error\" status can not be referenced)

    2. Check if resource from granted_to = 'employee':

      1. in case of error return - 422 ("$.resource. value is not allowed in enum")

  6. if specimen is presented in request as the code of resource

    1. Check specimen in the request exists in DB and is notin “entered_in_error” status in DB

      1. in case of error return - 422 (Specimen  in \"entered_in_error\" status can not be referenced(Invalid specimen status)

    2. Check if resource from granted_to = 'employee':

      1. in case of error return - 422 ("$.resource. value is not allowed in enum")

Validate service_request

  1. If service_request block is presented in request

    1. Get Service_request details (only in active status)

    2. use Response.permitted_resources as resources for approval(could be episode or diagnostic_report).

  2. If resource from granted_to = 'legal_entity':

    1. Check if status of legal_entity in (ACTIVE, SUSPENDED, REORGANIZED):

      1. in case of error return - 422 (Legal entity should be active)

...

  1. Validate that access_level correspond to granted_resources:

    1. In case error return 422 ("Resource types [\"$.granted_resources[].code\"] not allowed to use write access_level")

  2. If employee_type of granted_to.identifier.value employee == ASSISTANT:

    1. Check that access_level == ‘read’:

      1. In case error return 422 ("Role ASSISTANT is not allowed to use write access_level for approval")

block

granted_resources

context

access_level

access to

reason

resources

episode_of_care

read

Reading all the data of specified in approval episode

null or child_resource

diagnostic_report

read

Reading all the data of specified in approval diagnostic report

diagnostic_report

write

Canceling diagnostic report package

care_plan

read

Reading all the data of specified in approval care plan

care_plan

write

Creating activities for care plan, cancelling medication requests or recalling/cancelling service requests based on care plan

encounter

write

Canceling encounter data package

procedure

write

Canceling procedure

specimen

write

Canceling specimen

child_resources

diagnostic_report

episode_of_care

read

Reading all the data of specified in context for diagnostic_report

null

encounter

episode_of_care

Reading all the data of specified in context for encounter

null

condition

episode_of_care

Reading all the data of specified in context for condition

null

observation

episode_of_care

diagnostic_report

Reading all the data of specified in context for observation

null

activity

care_plan

Reading all the data of specified in context for activity

null

clinical_impression

episode_of_care

Reading all the data of specified in context for clinical_impression

null

allergy_intolerance

episode_of_care

Reading all the data of specified in context for allergy_intolerance

null

immunization

episode_of_care

Reading all the data of specified in context for immunization

null

device

episode_of_care

Reading all the data of specified in context for device

null

risk_assessment

episode_of_care

Reading all the data of specified in context for risk_assessment

null

procedure

episode_of_care

Reading all the data of specified in context for procedure

null

service_request

episode_of_care

read

Reading data from granted_resources in approval service request

service_request

diagnostic_report

read

forbidden_group

forbidden_group

read

Reading all the medical events with items (codes/services/service_groups) of specified in approval forbidden groups 

null

diagnoses_group

diagnoses_group

read

Reading short data of episodes with current_diagnoses.codes that specified in approval diagnoses group 

null

services_group

diagnostic_reports and procedures array

read

Reading all data of diagnostic reports and procedures with code.identifier.value that specified in approval service group

null

patient_id

patient_id

read

Reading all the data of specified patient

null

...

granted_to

block

granted_resources

Sms

items with FG

w\o items with FG

employee

resources

episode_of_care

Код <code> для доступу до даних про <forbidden_groups.short_name> <forbidden_groups.sms_url>

If there are codes from more than 1 group:

Код <code> для доступу до даних про ВІЛ,РПП https://bit.ly/nszu1677f

Код авторизації дій в системі eHealth: <code>

diagnostic_report

care_plan

encounter

procedure

specimen

child_resources

diagnostic_report

encounter

condition

observation

activity

clinical_impression

allergy_intolerance

immunization

device

risk_assessment

procedure

service_request

episode_of_care

diagnostic_report

forbidden_group

forbidden_group

-(only with FG)

diagnoses_group

diagnoses_group

ICD10: Код <code>: доступ на групу діагнозів {diagnoses_group_code} http://bit.ly/nszu1677b

ICPC2: Код <code>: доступ на групу діагнозів {diagnoses_group_code} http://bit.ly/nszu1677e

services_group

diagnostic_reports and procedures array

Код ****: доступ на групу сервісів {service_group_code}   http://bit.ly/nszu1677e

patient_id

patient_id

Код авторизації дій в системі eHealth: <code>

granted_to

block

granted_resources

Sms

items with FG

w\o items with FG

legal_entity

service_request

episode_of_care

-(only w/o FG)

Код <code>: згода на обробку персональних даних https://bit.ly/nszu1677i)

diagnostic_report

...