Rule type | Description |
---|---|
Based on declaration | Doctor with an active declaration can access all the patient's medical data. |
Based on context episode | User can read medical data, that was collected during an episode of care, that user has access to. |
Based on diagnostic report | User can read medical data, that was collected as a part of a diagnostic report, managed by the user's legal entity. |
Based on origin episode | Doctor can read medical data, that was collected as a part of a diagnostic report or episode of care, that user has access to. Episode of care, that contains this service request, is considered as an origin episode in that case. |
Rule | Base | Resource | Routes | Context | Implementation | Source of context | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Based on declaration | episode | by id | patient_id | There is an active declaration between the patient and the doctor in OPS | patient_id from URL | |||||||||||
by search params | |||||||||||||||||
encounter | by id | ||||||||||||||||
by search params | |||||||||||||||||
by id in episode context | |||||||||||||||||
by search params in episode context | |||||||||||||||||
observation | by id | ||||||||||||||||
by search params | |||||||||||||||||
by id in episode context | |||||||||||||||||
by search params in episode context | |||||||||||||||||
condition | by id | ||||||||||||||||
by search params | |||||||||||||||||
by id in episode context | |||||||||||||||||
by search params in episode context | |||||||||||||||||
service_request | by id | ||||||||||||||||
by search params | |||||||||||||||||
diagnostic_report | by id | ||||||||||||||||
by search params | |||||||||||||||||
| Based on context episode | episode | |||||||||||||||
service_request | by id | ||||||||||||||||
by search params | |||||||||||||||||
by search paras episode context | |||||||||||||||||
diagnostic_report | by id | ||||||||||||||||
by search params | |||||||||||||||||
| Based on context episode | encounter | by id | ||||||||||||||
by search params | |||||||||||||||||
by id in episode context | |||||||||||||||||
by search params in episode context | |||||||||||||||||
observation | by id | ||||||||||||||||
by search params | |||||||||||||||||
by id in episode context | |||||||||||||||||
by search params in episode context | |||||||||||||||||
condition | by id | ||||||||||||||||
by search params | |||||||||||||||||
by is in episode context | |||||||||||||||||
by search params in episode context | |||||||||||||||||
service_request | by id | ||||||||||||||||
by search params | |||||||||||||||||
by id in episode context | |||||||||||||||||
diagnostic_report | by id | ||||||||||||||||
by search params | |||||||||||||||||
| not implemented yet | ||||||||||||||||
| Based on context episode | episode | |||||||||||||||
encounter | |||||||||||||||||
observation | |||||||||||||||||
condition | |||||||||||||||||
service request | |||||||||||||||||
diagnostic report | |||||||||||||||||
| Based on origin episode | encounter | by id | ||||||||||||||
by search params | |||||||||||||||||
diagnostic repost | by id | ||||||||||||||||
by search params | |||||||||||||||||
| Based on origin episode | observation | by id | ||||||||||||||
by search params | |||||||||||||||||
| Based on origin episode | observation | by id | ||||||||||||||
by search params | |||||||||||||||||
condition | by id | ||||||||||||||||
by search params | |||||||||||||||||
service request | by id | ||||||||||||||||
by search params | |||||||||||||||||
diagnostic_report | by id | ||||||||||||||||
by search params | |||||||||||||||||
Rule | Rule type | Resource | Route | Сontext | Logic | Context source | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
@rule_1 @read @episode @encounter @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement @service_request @diagnostic_report Scenario: Doctor with active declaration can read all patient data Given Active declaration with patient And declaration from the same MSP When I require read access Then I can read | Based on declaration | episode | by id | patient | for all:{patient_id} form URL | ||||||||||
by search params | |||||||||||||||
encounter | by id | ||||||||||||||
by search params | |||||||||||||||
in episode context by id | |||||||||||||||
in episode context by search params | |||||||||||||||
observation | by id | ||||||||||||||
by search params | |||||||||||||||
in episode context by id | |||||||||||||||
in episode context by search params | |||||||||||||||
condition | by id | ||||||||||||||
by search params | |||||||||||||||
in episode context by id | |||||||||||||||
in episode context by search params | |||||||||||||||
by search params | |||||||||||||||
service_request | by id | ||||||||||||||
by search params | |||||||||||||||
diagnostic_report | by id | ||||||||||||||
by search params | |||||||||||||||
| |||||||||||||||
@rule_5 @read @episode @encounter @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement @service_request @diagnostic_report Scenario: Doctor with active approval can read all the data of specified in approval episodes Given Active approval on episode When I require read access Then I can read | Based on approval | episode | by id | none | episode.id in approvals.permitted_resources | by id: selected from DB by search param: | |||||||||
encounter | by id | episode | |||||||||||||
by search param | |||||||||||||||
observation | by id | ||||||||||||||
by search param | |||||||||||||||
condition | by id | ||||||||||||||
by search param | |||||||||||||||
@rule_8 @read @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement @diagnostic_report Scenario: Doctor can read all the data of encounter originated by episode, created in the doctors MSP Given Encounter context has been originated by mine episode When I require read access Then I can read | Based on origin episode | observation | by id | encounter | context.origin_episode.managing_organization==token.client_id | by id: selected from DB by search param: | |||||||||
by search param | |||||||||||||||
condition | by id | ||||||||||||||
by search param | |||||||||||||||
diagnostic_report | by id | encounter.origin_episode.managing_organization==token.client_id | |||||||||||||
by search param | |||||||||||||||