1 Purpose
2 Key points
3 Specification
4 Authorization
5 Validate legal entity
6 Validate Digital Sign
7 Validate Patient
8 Validate request
- 8.1 Validate Specimen
  - 8.1.1 1. Parent
  - 8.1.2 2. Requests
  - 8.1.3 3. Type
  - 8.1.4 4. Condition
  - 8.1.5 5. Registered by
  - 8.1.6 6. Status
  - 8.1.7 7. Id
  - 8.1.8 8. Managing organization
- 8.2 Validate Collection
  - 8.2.1 1. Collector
  - 8.2.2 2. Collected
  - 8.2.3 3. Quantity
  - 8.2.4 4. Duration
  - 8.2.5 5. Method
  - 8.2.6 6. Body site
  - 8.2.7 7. Fasting status
- 8.3 Validate Container
  - 8.3.1 1. Identifier
  - 8.3.2 2. Type
  - 8.3.3 3. Capacity
  - 8.3.4 4. Specimen quantity
  - 8.3.5 5. Additive
9 Service logic

Purpose

This WS allows to create Specimen entity by employees without submitting Encounter Data Package.

Key points

Only authenticated and authorized employee with appropriate scope can create a Specimen.
Request should be signed with DS.
The specimen is created asynchronously
The specimen can be created both for persons and for prepersons.

Specification

Apiary

Authorization

Verify the validity of access token
- in case of error - return 401 (“Invalid access token”) in case of validation fails
Verify that token is not expired
- in case of error - return 401 (“Invalid access token”)
Check user and client scopes in order to perform this action (scope = 'specimen:write')
- return 403 (“Your scope does not allow to access this resource. Missing allowances: specimen:write”) in case of invalid scope(s)
If BLOCK_UNVERIFIED_PARTY_USERS is true, then check party's data match following condition: verification_status != NOT_VERIFIED or (verification_status = NOT_VERIFIED and updated_at > current_date - UNVERIFIED_PARTY_PERIOD_DAYS_ALLOWED):
- in case not match - return 403 ("Access denied. Party is not verified")
If BLOCK_DECEASED_PARTY_USERS is true, check that party is not deceased (party_verification record does not equal to: dracs_death_verification_status = VERIFIED and dracs_death_verification_reason = MANUAL_CONFIRMED):
- in case of error - return 403 ("Access denied. Party is deceased")

Validate legal entity

Extract client_id from token
Check legal entity status (status = ACTIVE)
- In case of error - return 409 ('client_id refers to legal entity that is not active')

Validate Digital Sign

Validate request is signed
- in case of error - return 400 (“Invalid signed content”)
Check DS is valid and not expired
Validate that DS belongs to the employee who registered the Specimen ($.registered_by)
- Check that DRFO from DS and party.tax_id of the registrar matches
  - in case of error - return 422 (“Does not match the signer drfo“)

Validate Patient

Get Patient identifier from the URL
Check it exists in the DB
- Return 404 ('not found') in case of error
Validate patient is an active person or preperson
- in case of error - return 409 ('Patient is not active')
Validate person's verification_status is not equal to NOT_VERIFIED (not for preperson).
- in case NOT_VERIFIED - return error 409, "Patient is not verified"

Validate request

Validate encoded and decoded request using schema. Return 422 with the list of validation errors in case validation fails.

Validate Specimen

Validate root attributes of specimen entity:

1. Parent

Validate value in the field $.parent, array of Reference type, if submitted

Check each value is valid Reference on another Specimen resource
Validate referenced Specimen:
- Check it belongs to the same patient ($.subject)
  - in case of error - return 422 ('Specimen with such id is not found')
- Check status is available
  - in case of error - return 422 ('Invalid specimen status')

2. Requests

Validate each value in $.request, array of Reference type, if submitted

Array item has type of Reference to Service Request resource
- in case of error - return 422 ('not allowed in enum')
Service Request exists in the DB and relates to the patient ($.subject)
- in case of error - return 422 ("Service request not found")
Service Request’s status is active or program_processing_status is in_progress (any status is valid in case program_processing_status= in_progress)
1. in case of error - return 422 ("Service request is not active or in progress")
If used_by_legal_entity is set in the Service request (program_processing_status=in_progress), then check it matches the client_id from token
- in case of error - return 422 ("Service request is used by another legal entity")
Check if Service Request’s expiration date is less then or equal to current date
1. in case of error - return 422 ("Service request expiration date must be greater than or equal to current date")

3. Type

Validate value in the field $.type, CodeableConcept type, required.

Check that value is in allowed values from specimen_types dictionary.
- in case of error - return 422 ('value is not allowed in enum')

4. Condition

Validate value in the field $.condition, CodeableConcept type, optional.

Check that value is in allowed values from specimen_conditions dictionary.
- in case of error - return 422 ('value is not allowed in enum')

5. Registered by

Validate value in the field $.registered_by, Reference on employee, required

Extract user_id from token. Check that employee belongs to one of the user’s employee.
- in case of error - return 422 ('User is not allowed to register a specimen for the employee')
Check that employee is active and approved
- in case of error - return 422 ('Invalid employee status')
Check that employee is related to the legal entity (client_id) from token
- in case of error - return 422 ('Employee doesn't belong to your legal entity')

6. Status

Validate value in the field $.status, string, required

Check it is available , according to specimen_statuses dictionary
- in case of error - return 422 ('value is not allowed in enum')

7. Id

Validate value in the field $.id, uuid, required

Check there is no specimen with the same ID in the DB
- in case of error return 422 “Specimen with id <id> already exists“

8. Managing organization

Validate value in the field $.managing_organization, Reference on legal entity, required

Check legal entity id exists in DB
1. in case of error return 422 "Legal entity with such id is not found"
Check $.managing_organization.identifier.value is equal to client_id from token
- in case of error return 422 "Managing_organization does not correspond to user's legal_entity"

Validate Collection

Validate $.collection object in the specimen, required

1. Collector

Validate value in the field $.collection.collector, Reference type, required.

Check it references to employee or patient resource
- in case of error - return 422 ('value is not allowed in enum')
If collector is an employee:
- Check it exists in the DB
  - in case of error - return 422 ('Employee not found')
- Check it is active and approved
  - in case of error - return 422 ('Invalid employee status')
- Check that employee is related to the legal entity (client_id) from token
  - in case of error - return 422 ('Employee doesn't belong to your legal entity')
If collector is a patient:
- Check it is an existing patient in the DB (mongo)
  - in case of error - return 422 ('Patient not found')
- Check it is active
  - in case of error - return 422 ('Patient is not active')

2. Collected

Validate there is one of the required $.collection.collected_[x] field is set: collected_date_time or collected_period.

Return 422 ('Only one of the parameters must be present') in case more then one submitted

Validate collected_date_time:

Check value is a timestamp
- in case of error - return 422 schema validation error
Check it is greater then (current_date - SPECIMEN_MAX_DAYS_PASSED) date
- in case of error - return 422 ('Date must be greater than <current date - SPECIMEN_MAX_DAYS_PASSED>')
Check it is less then or equal to current datetime
- in case of error - return 422 ('Must be in past')

Validate collected_period:

Validate value with schema of the Period type
- in case of error - return 422 schema validation error
Check if period start is greater then (current_date - SPECIMEN_MAX_DAYS_PASSED) date
- in case of error - return 422 ('Date must be greater than <current date - SPECIMEN_MAX_DAYS_PASSED>')
Check if period start is less then or equal to current datetime
- in case of error - return 422 ('Start date must be in past')
Check end >= start
- in case of error - return 422 ('End date must be greater than or equal the start date')
Check end <= current datetime (is not in the future)
- in case of error - return 422 ('End date must be in past')

3. Quantity

Validate value in the field $collection.quantity, SimpleQuantity type, optional

Check that $.collection.quantity.system is eHealth/ucum/units dictionary, required
- in case of error - return 422 ('value is not allowed in enum')
Check that $.collection.quantity.code comply with $.collection.quantity.system, required
- in case of error - return 422 ('value is not allowed in enum')
Check $.collection.quantity.value is not empty, is float, greater than zero
- in case of error - return corresponding 422 schema validation error
Check that $.collection.quantity.value >= sum($.container.specimen_quantity.value)
- in case of error - return 422 ('Collected quantity must not be exceeded by the specimen quantity distributed among the containers')

4. Duration

Validate value in the field $collection.duration, Duration type, optional

Check that $.collection.duration.system is eHealth/ucum/units dictionary, required
- in case of error - return 422 ('value is not allowed in enum')
Check that $.collection.duration.code comply with $.collection.duration.system, required
- in case of error - return 422 ('value is not allowed in enum')
Check $.collection.duration.value is not empty, is float, greater than zero
- in case of error - return corresponding 422 schema validation error

5. Method

Validate value in the field $.collection.method , CodeableConcept type, optional.

Check that value is in allowed values from specimen_collection_methods dictionary.
- in case of error - return 422 ('value is not allowed in enum')

6. Body site

Validate value in the field $.collection.body_site, CodeableConcept type, optional.

Check that value is in allowed values from eHealth/body_sites dictionary.
- in case of error - return 422 ('value is not allowed in enum')

7. Fasting status

Validate value in the field $.collection.fasting_status_codeable_concept, CodeableConcept type, optional.

Check that value is in allowed values from fasting_statuses dictionary.
- in case of error - return 422 ('value is not allowed in enum')

Validate Container

Validate $.container array in the specimen, required. Should contain at least one item.

1. Identifier

Validate value in the field $.container.identifier, string, required.

Check it is unique within the Specimen
1. in case of error - return 422 ('Identifier already exists in the specimen')

2. Type

Validate value in the field $.container.type, CodeableConcept type, required.

Check that value is in allowed values from specimen_container_types dictionary.
- in case of error - return 422 ('value is not allowed in enum')

3. Capacity

Validate value in the field $container.capacity, SimpleQuantity type, required

Check that $.container.capacity.system is eHealth/ucum/units dictionary, required
- in case of error - return 422 ('value is not allowed in enum')
Check that $.container.capacity.code comply with $.container.capacity.system, required
- in case of error - return 422 ('value is not allowed in enum')
Check $.container.capacity.value is not empty, is float, greater than zero
- in case of error - return corresponding 422 schema validation error

4. Specimen quantity

Validate value in the field $container.specimen_quantity, SimpleQuantity type, required

Check that $.container.specimen_quantity.system is eHealth/ucum/units dictionary, required
- in case of error - return 422 ('value is not allowed in enum')
Check that $.container.specimen_quantity.code comply with $.container.specimen_quantity.system, required
- in case of error - return 422 ('value is not allowed in enum')
Check $.container.specimen_quantity.value is not empty, is float, greater than zero
- in case of error - return corresponding 422 schema validation error
Check that $.container.specimen_quantity.code matches to $.collection.quantity.code
- in case of error - return 422 (Does not match the code of the collected quantity)

5. Additive

Validate value in the field $.container.additive_codeable_concept, CodeableConcept type, optional.

Check that value is in allowed values from specimen_container_additives dictionary.
- in case of error - return 422 ('value is not allowed in enum')

Service logic

Save signed content to media storage, in the bucket pointed in MEDIA_STORAGE_SPECIMEN_BUCKET chart parameter
Generate accession_identifier number:
1. Generate requisition number (see Human readable requisition number) based on the specimen id. Note: requisition number should be unique for each specimen and should not match with number of another entities. So, if generated number match to existing in DB - it should be regenerated
2. Encode and set it into $.accession_identifier attribute
Set display_value for:
1. registered_by attribute
2. managing_organization attribute
3. collection.collector attribute, only if type is employee (not patient)
Set context, received_time, status_reason, collection.procedure to null
Set subject with hashed mpi identifier
Save data to specimens collection in DB according to https://e-health-ua.atlassian.net/wiki/spaces/SPECIMEN/pages/17548214286
Save link from media storage to the $.signed_content_links field in specimens collection
Create job and return it’s id.

E-Health

RCCreate Specimen