Purpose
To allow NHS Admin/Data Stuart (NHS employee with assigned appropriate scopes) to SAVE updates to personal data of a Person, based on Person’s official request to NHS, which is actually a legal authorisation for changes in his personal data.
Scheme
Design
Specification
Key points
The process is initiated by any NHS employee (only within NHS Admin Panel) with necessary scopes and involves the transfer (by graphQL mutation) of a signed_content
. It includes JSON with Person data, where are id of an existing person and no keys and parameters of the authentication methods.
It has similarities to update part of IL.Update-person-request (w/o declaration) process, but there are some main differences:
Person_request record is created in BE directly in status
SIGNED
based on obtainedsigned_content
(which is signed with digital signrature) from FE. Without interim records to DB with such statuses asNEW
,APPROVED
.During update process of Person’s personal data in
MPI.person
table, there is no need in ONLINE/OFFLINE approve from Person.There are two new parameters for controlling level of changes and avoid risks of unnecessary automatic deduplication:
PERSON_ONLINE_DEDUPLICATION_UPDATE_SCORE_NHS_ADMIN
PERSON_ONLINE_DEDUPLICATION_MATCH_SCORE_NHS_ADMIN
This parameters might be turned on/off byPERSON_ONLINE_DEDUPLICATION_UPDATE_SCORE_NHS_ACTIVE
=true
PERSON_ONLINE_DEDUPLICATION_MATCH_SCORE_NHS_ACTIVE
=true
There are additional mandatory fields in the message:
nhs_request_number nhs_request_comment
And there are other differences in fields, values and controls:
$.patient_signed
and$.process_disclosure_data_consent
should be absent in Message and thereforenull
value should be set inIL.person_requests
. And finally inMPI.persons
table those values should not be overwritten.print-form is not necessary
IL.person_requests.(new record).channel = 'NHS'
One more additional parameter is transferred from FE to BE
updatedAtForValidation
second_name
andunzr
can be set tonull
.no_tax_id
andtax_id
can be transferred in the message asnull
, if they are set both tonull
.
Process is synchronous. If all validations are successfully completed, the synchronous process of update a person starts by processing the message.
Scope and roles
Scope name | Roles | Description |
---|---|---|
New
|
| Scope for creation of |
Related articles
# | Path | Link and Article |
---|---|---|
1 | E-Health > Persons > Ідентифіковані персони > Person Requests Technical Requirements | IL.Create/Update person request (w/o declaration) |
2 | Public. Medical Service Provider Integration Layer > Person Requests |
Authorize
Verify the validity of access token
Return 401 in case validation fails
Check user scopes
person_request:write_nhs
Return 403 in case invalid scope(s)
Digital signature
Decode content that is encrypted in an electronic digital signature.
Use Digital signature WS. Method checks digital signature and returns result.
See service specification
Validate DRFO
Check that DRFO in Certificate details exists and not empty
Check that DRFO in Certificate details is equal to DRFO in Party
Get party.tax_id using employee_id in person payload
Compare DRFO in Certificate with party.tax_id
Convert DRFO and TAX_ID to uppercase
Compare DRFO and TAX_ID as Cyrillic letters
Convert DRFO to Cyrillic and compare as Cyrillic letters
In case validation fails - generate 422 error
Latin to Cyrillic mapping
%{"A" => "А", "B" => "В", "C" => "С", "E" => "Е", "H" => "Н", "I" => "І", "K" => "К", "M" => "М", "O" => "О", "P" => "Р", "T" => "Т", "X" => "Х"} |
Validation of Signed Content
Get global parameters
For futher validation, Invoke Global parameters to get following parameter:
no_self_auth_age
cURL example
curl -X GET \ {:host}/api/global_parameters
Validation | |
---|---|
1 | Validate parallel editings (new)Whether Person data were not changed by other users (MSP, NHS) of NHS system. By preliminary keeping value
|
2 | Validate Person’s status id in DB and deduplication controls
|
3 | Check “patient_signed” flag.This field should not be transferred. And therefore BE should not overwrite this field in DB |
4 | Check “process_disclosure_data_consent” flag.This field should not be transferred. And therefore BE should not overwrite this field in DB |
5 | Validate confidant person
Validate confidant person age >= prm.global_parameters.no_self_auth_age:
validate presence of a secret word:
Check that confidant person document type (in
|
6 | Validate "tax_id"
|
7 | Check "no_tax_id" flag
|
8 | Validate person documents
|
9 | Validate NHS request fields
|
JSON validation schema
What should be other for NHS Admin Panel
As a basis this JSON Schema validator (https://e-health-ua.atlassian.net/wiki/spaces/EH/pages/589266986#Update-person-request ) is used. Except:
“
patient_signed
" and "process_disclosure_data_consent
" are not required and should not be present.allow
null
value insecond_name
field of the Person object."second_name": { "type": [ "string", "null" ] }
allow null value in
unzr
field of the Person object"unzr": { "type": [ "string", "null" ], "pattern": "^[0-9]{8}-[0-9]{5}$" }
allow in message both tax_id, no_tax_id with
null
values if they are both set tonull
updatedAtForValidation
key and grouping keynhs_request_number
,nhs_request_comment
are validated with the following validation Schema:
Execution
Search pending person_requests in IL.person_requests
Search persons request in IL.person_requests to prevent inconsistent parallel updates:
WHERE IL.person_requests.person_id = :($.person.id) AND IL.person_requests.status IN ('NEW', 'APPROVED')
Cancel person_requests records in IL.person_requests
Change status of all found person requests:
SET IL.person_requests.status = 'CANCELED' WHERE IL.person_requests.id IN (:LIST of Search results)
Create new record in IL.person_requests
Insert
[new record]
toIL.person_requests
:Set
status = 'SIGNED
'.Set Person’s id,
person_id = $.person.id
Set
inserted_at= now()
(Get current date-time)Set
inserted_by
- user_id (Extract user from token)Set
channel
,IL.person_request.(newrecord).channel = 'NHS'
Set
printout_form
= null
Store signed_content
in appropriate Person_request Bucket.
Update Person in MPI.persons
Update Person’s data in
MPI.persons.(id = $.person.id)
with submitted new data$
(including two$.nhs_request_number
and$.nhs_request_comment
).Set
updated_at
- now() (Get current date-time)Set
updated_by
- user_id (Extract user from token)Create appropriate records based on submitted new data
$
(including two$.nhs_request_number
and$.nhs_request_comment
) in:MPI.person_documents
MPI.person_phones
MPI.person_addresses
Submit person on verification
Create or update existing record in person_verifications table for a person according to logic in sections below. Also, set:
updated_at = now()
updated_by = user uuid
inserted_at = now() (for new records)
inserted_by = user uuid (for new records)
Manual NHS verification
Set person verification according to logic https://e-health-ua.atlassian.net/wiki/spaces/DRACS2/pages/17858101317/UPD+Sign+person+request+v2#Manual-NHS-verification
DRFO registry verification
Set person verification according to logic https://e-health-ua.atlassian.net/wiki/spaces/DRACS2/pages/17858101317/UPD+Sign+person+request+v2#DRFO-registry-verification
DRACS death acts registry verification
Set person verification according to logic https://e-health-ua.atlassian.net/wiki/spaces/DRACS2/pages/17858101317/UPD+Sign+person+request+v2#DRACS-death-acts-registry-verification
DRACS birth acts registry verification
Set person verification according to logic https://e-health-ua.atlassian.net/wiki/spaces/DRACS2/pages/17858101317/UPD+Sign+person+request+v2#DRACS-birth-acts-registry-verification
DRACS name change acts registry verification
Set person verification according to logic: https://e-health-ua.atlassian.net/wiki/spaces/DRACS2/pages/17858101317/UPD+Sign+person+request+v2#DRACS-name-change-acts-registry-verification
Legal capacity verification
Set person verification according to logic: https://e-health-ua.atlassian.net/wiki/spaces/DRACS2/pages/17858101317/UPD+Sign+person+request+v2_EN#Legal-capacity-verification
Calculate cumulative verification status
Calculate persons cumulative verification status according to logic https://e-health-ua.atlassian.net/wiki/spaces/DRACS2/pages/17858101317/UPD+Sign+person+request+v2#Calculate-cumulative-verification-status
Update confidant person relationships
In case if person is updated (person.id
exists in person_data for person request) and at least one of submitted person document types exist in PERSON_LEGAL_CAPACITY_DOCUMENT_TYPES config parameter and legal_capacity_verification_status = VERIFIED or VERIFICATION_NOT_NEEDED according to Legal capacity verification - deactivate all existing confidant person relationships for person:
Deactivate all records in IL | confidant_person_relationship_requests table where person_id =
person.id
and status = NEW, set values:status = CANCELLED
updated_at = now()
updated_by = user_id (from token)
Deactivate all records in MPI | confidant_person_relationships table where person_id =
person.id
and is_active = true. Set:active_to = now()
updated_at = now()
updated_by = user_id (from token)
For each relationship from previous step - deactivate person authentication methods with type = THIRD_PERSON and value =
confidant_person_relationships.confidant_person_id
, set values:ended_at = now()
updated_at = now()
updated_by = user_id (from token)
In case if person has active Confidant person relationships with relationship document with type='BIRTH_CERTIFICATE' and following person fields are updated:
first_name
last_name
second_name
birth_date
Update found active Confidant person relationships as those that need online verification with DRACS birth acts registry, set values:
verification_status = “VERIFICATION_NEEDED”
verification_reason = “ONLINE_TRIGGERED”
updated_at = now()
updated_by = user_id
Check existence of verification candidates for updated confidant_person_relationship_id with status = ‘NEW’ and entity_type = ‘dracs_birth_act' in confidant_person_relationship_verification_candidates
table, if found - deactivate them, set:
status = ‘DEACTIVATED’
status_reason = ‘PERSON_UPDATED’
updated_at = now()
In case if person exists in the system as confidant person in active confidant person relationship with relationship document with type='BIRTH_CERTIFICATE' and following person fields are updated:
first_name
last_name
second_name
birth_date
tax_id
Update found active Confidant person relationships as those that need online verification with DRACS birth acts registry, set values:
verification_status = “VERIFICATION_NEEDED”
verification_reason = “ONLINE_TRIGGERED”
updated_at = now()
updated_by = user_id
Check existence of verification candidates for updated confidant_person_relationship_id with status = ‘NEW’ and entity_type = ‘dracs_birth_act' in confidant_person_relationship_verification_candidates
table, if found - deactivate them, set:
status = ‘DEACTIVATED’
status_reason = ‘CONFIDANT_PERSON_UPDATED’
updated_at = now()
Response
Updated personal data of a Person:
person: Person!
(typename: Person)