Deprecated_RC_(CSI-2483,CR-441)_PreQualify Service Request

1 Purpose
2 Specification
3 Authorization
4 Validations
- 4.1 Validate request using JSON Schema
- 4.2 Validate legal entity
- 4.3 Validate service request
5 Service logic

Purpose

This WS is designed to prequalify Service request: check the ability of create Service request within the Medication program.

Specification

Apiary

Authorization

Verify the validity of access token
- in case of error - return 401 (“Invalid access token”) in case of validation fails
Verify that token is not expired
- in case of error - return 401 (“Invalid access token”)
Check user scopes in order to perform this action (scope = 'service_request:write')
- return 403 (“Your scope does not allow to access this resource. Missing allowances: service_request:write”) in case of invalid scope(s)

Validations

Validate request using JSON Schema

Return 422 with the list of validation errors in case validation fails

Validate legal entity

Check legal entity type: it has to be in me_allowed_transactions_le_types config parameter, has status = active
1. in case of error return 409 "Action is not allowed for the legal entity"

Validate service request

Validate that service request ID is unique
1. $.id must be unique
  1. in case of error return 409 - "Service request with such id already exists"
Requisition is a common identifier for the group of service requests and it must matches with one of the patient's episode of care number
1. $.requisition must match with patient's episode of care number
  1. in case of error return 409 - "Incorrect requisition number"
Service request category must refer to a valid dictionary
1. $.category.coding[*].system == "ehealth/SNOMED/service_request_categories"
  1. in case of error return 409 "Incorrect service request category"
2. If $.specimens attribute is set, then check the category is in SPECIMEN_SERVICE_REQUEST_CATEGORIES_ALLOWED chart parameter
  - in case of error - return 422 ("Service request category is not allowed for specimens")
3. If $.requester_employee has ASSISTANT type, then check the category in ASSISTANT_SERVICE_REQUEST_ALLOWED_CATEGORIES chart parameter
  1. in case of error - return 422 (“Service request category is not allowed for a requester_employee with type ASSISTANT“)
Procedure code must refer to a valid dictionary
1. $.code.coding[*].system == "ehealth/SNOMED/procedure_codes"
  1. in case of error return 409 "Incorrect procedure code"
Patient must be active
1. $.patient.identifier.type.coding[*].system == "eHealth/resources"
2. $.patient.identifier.type.coding[*].code == "patient"
3. $.patient.identifier.value refer to active MPI (is_active == true and status == 'active')
4. in case patients.preperson == true
  1. check PREPERSON_SERVICE_REQUEST_ALLOWED_CATEGORIES (values from dictionary: eHealth/SNOMED/service_request_categories) configuration according allowed categories for prepersons
    1. in case of error return 422 (Not allowed for prepersons)
Context must be an active encounter
1. $.context.identifier.type.coding[*].system == "eHealth/resources"
2. $.context.identifier.type.coding[*].code == "encounter"
3. $.context.identifier.value refer to existing encounter (status == 'finished')
Occurence is a valid date-time in the future
1. $.occurrenceDateTime
  1. $.occurrence_date_time - ISO date must be greater current date-time
2. $.occurrencePeriod.start
  1. $.occurrence_period.start - ISO date must be greater than current date-time
  2. $.occurrence_period.end - ISO date must be greater than current date-time and greater than $.occurrencePeriod.start
3. in case based_on passed in request
  1. if care plan activity has detail.scheduled_timing.repeat.bounds_period - validate occurence within bounds_period
  2. if care plan activity has detail.scheduled_period - validate occurence within scheduled_period
  3. else - validate occurence within care_plan.period
Authored On is a valid date-time in the past
1. $.authored_on - ISO date must be less than current date-time
Requester_employee must be active employee within current legal entity
1. $.requester_employee.identifier.type.coding[*].system == "eHealth/resources"
2. $.requester_employee.identifier.type.coding[*].code == "employee"
3. $.requester_employee.identifier.value refer to active employee within current legal entity (employee.status == approved and employee.is_active == true and employee.legal_entity_id == token.client_id)
Requester_legal_enity must be current legal enity
Performer type must refer to a valid dictionary
1. $.performer_type.coding[*].system == "ehealth/SNOMED/service_request_performer_roles"
  1. in case of error return 409 "Incorrect service request category"
Supporting info must refer to a valid medical events object (Episode of Care, Condition, Observation, Diagnostic report) within specified patient.
1. $.supporting_info.identifier.type.coding[*].system == "eHealth/resources"
  1. in case of error return 409 "Incorrect supporting info"
Reason reference must refer to a valid medical events object (Observation, Condition) within specified patient.
1. $.reason_reference.identifier.type.coding[*].system == "eHealth/resources"
2. $.reason_reference.identifier.type.coding[*].code in ("condition", "observation")
  1. in case of error return 409 "Incorrect reason reference"
Permitted resources must refer to a valid medical events object (Episode of Care, diagnostic report) within specified patient.
1. $.permitted_resources.identifier.type.coding[*].system == "eHealth/resources"
2. $.permitted_resources.identifier.type.coding[*].code == "episode_of_care"
  1. in case of error return 409 "Incorrect permitted resources"
Validate code is an existing service or service group that is allowed to be used in service_request
1. in case not found or is_active == false return 422 "Service(Service group) not found"
2. if request_allowed==false return 422 "Service request is not allowed for this service(service_group)"
3. in case based_on passed in request
  1. If service_requests.code.identifier.value is service, validate $based_on[].activity.code.identifier.value = service_requests.code.identifier.value
    1. in case error return 422, "Service in activity differs from service in service request"
  2. If service_requests.code.identifier.value is service_group, validate $based_on[].activity.code.identifier.value = service_requests.code.identifier.value
    1. in case error return 422, "Service group in care plan activity differ from service group in service request"
  3. if service_requests.code.identifier.value is service/service group, validate $based_on[].activity.code.identifier.value is service/service group
    1. in case error return 422, "Activity referes to '#{service/service group}' but service request refers to '#{service group/service}'"
Validate service category is equal to service request category in case service was defined as a code (not a service_group)
1. Select category from PRM.services where id = $.code.identifier.value
  1. if PRM.services.category!=$.category OR PRM.services.category is not NULL return 422 "Service category does not match with service request category"
For each program validate it is an existing service program (type=service)
1. in case not found or is_active==false write result in Data collection according to apiary
2. in case type!= service write result in Data collection according to apiary - "Invalid program type"
3. check if medical_programs.medical_program_settings.care_plan_required == true then the request should contain a based_on with care plan and activity that contains the same medical program
  1. in case of error return 422 with msg ("Care plan and activity with the same program should be present in request")
  2. check that program equal to $.activity[].program
    1. in case of error return 422 with msg ("Program from activity should be equal to program from request")
4. if program in SR is set check if $.activity[].program is not null
  1. in case of error return error msg (“Program should not be present in request for this activity“)
For each program validate that service(or service_group) is an active member of the program
1. Select request_allowed, is_active from PRM.program_services where service_id(or group_id) == $.signed_content.code.identifier.value and program_id=$.program.identifier.value
  1. if not found or is_active==false write result in Data collection according to apiary - "Service is not included in the program"
  2. if request_allowed==false write result in Data collection according to apiary - "Service request is not allowed for this service(service_group) in this programm"
For each program validate that doctor is allowed to create service request with the program for the current patient
1. $.requester has an active declaration with the patient OR
2. $.requester works in the same MSP with doctor that has an active declaration with the patient AND doctors employee_type== DOCTOR
  1. in case of error write result in Data collection according to apiary - "User is not allowed to create service request with the program for the patient"
Validate quantity
1. Check it is SimpleQuantity type, $.quantity.value is not empty, fractional and greater than zero
  1. in case of error return 422 schema validation error
2. Check $.quantity.system is SERVICE_UNIT dictionary and $.quantity.code belongs to it
  1. in case of error return 422 schema validation error
3. In case based_on passed in request and activity there has a quantity attribute:
  1. Validate that system and code in activity's quantity isn’t null
    1. in case of error return 422 (“A service request is not allowed to have a quantity attribute if the quantity in the related activity has no units”)
  2. Validate that system and code in activity's quantity match to the system and code in the service request's quantity.
    1. in case of error return 422 ("The quantity units must not differ from the quantity units in the activity")
Validate based_on
1. If submitted, check field has array with two values of Reference type: one is valid Care plan resource, another - Activity resource.
  1. in case of error return 422 with msg ("expected a minimum of %{min} items but got %{actual}")
2. Verify Care plan:
  1. It should belong to the same person as set in service request
    1. in case of error return 422 with msg ("Care plan with such id is not found")
  2. It should be in active status
    1. in case of error return 422 with msg ("Care plan is not active")
  3. Care plan's period end (if exist) should be greater than current date or equal.
3. Verify submitted Activity:
  1. It belongs to the Care plan.
    1. in case of error return 422 with msg ("Activity with such id is not found")
  2. It has activity.detail.kind=service_request; activity.detail.product_reference=service_request.code[].value.
    1. in case of error return 422 with msg ("Invalid activity kind")
  3. It has scheduled, in_progress status
    1. in case of error return 422 with msg ("Invalid activity status")
  4. if quantity was set, then validate remaining_quantity greater then zero:
    1. if quantity.code = PIECE:
      1. select all active service requests based on current activity and calculate previously reserved quantity as sum of SR.quantity.value.
      2. select all medical events based on not active service requests, that relates to current activity, and count their number as used quantity.
      3. calculate reserved at the moment quantity as sum of previously reserved quantity and used quantity, including quantity from current SR
      4. calculate remaining quantity by subtracting reserved at the moment quantity from activity's quantity
      5. Check remaining quantity is greater then or equal to zero
        in case of error return 422 "The number of available services according to the care plan activity has been exhausted"
    2. if quantity.code = MINUTE:
      1. select all active service requests based on current activity and calculate previously reserved quantity as sum of SR.quantity.value
      2. select all procedures based on not active service requests, that based on current activity, and calculate used quantity as sum of procedure durations (calculates from performed_period attribute)
      3. calculate reserved at the moment quantity as sum of previously reserved quantity and used quantity, including quantity from current SR
      4. calculate remaining quantity by subtracting reserved at the moment quantity from activity's quantity
      5. Check remaining quantity is greater then or equal to zero
        in case of error return 422 "The number of available services according to the care plan activity has been exhausted"
    3. if quantity.code is null:
      1. select all medical events based on service requests, that are related to current activity, and count their number as used quantity.
      2. calculate remaining quantity by subtracting used quantity from activity's quantity
      3. Check remaining quantity is greater then zero
        in case of error return 422 "The number of available services according to the care plan activity has been exhausted"
4. Verify activity period:
  1. If it has scheduled_timing:
    1. if bounds_period.end defined then check it greater than current date or equal.
  2. If it has scheduled_period:
    1. if scheduled_period.end defined then check it greater than current date or equal.
If patient is person - validate verification status:
1. If SR has based_on with valid activity, then skip this validation.
2. Else check patient's verification_status is not equal to NOT_VERIFIED.
  1. in case NOT_VERIFIED - return error 409, "Patient is not verified"
Validate specimens, if submitted:
1. Check field has array with elements of Reference type on specimen resource
  1. in case of error return 422 “not allowed in enum”
2. For each specimen check:
  1. It exists in DB and belongs to the same patient as set in the service request:
    1. in case of error return 422 "Specimen not found"
  2. It has available status
    1. in case of error return 422 "Invalid specimen status"
Validate inform_with, if submitted:
1. Check that authentication method with type = ‘THIRD_PERSON’ is submitted in $.auth_method_id for person that must be authorized by confidant person using following logic:
  1. persons age < no_self_registration_age global parameter;
  2. persons age between no_self_registration_age and person_full_legal_capacity_age global parameters and person does not have document with type from PERSON_LEGAL_CAPACITY_DOCUMENT_TYPES config parameter;
  3. persons age > person_full_legal_capacity_age global parameter and exists at least one active and approved confidant person relationship for person (using following process https://e-health-ua.atlassian.net/wiki/spaces/CSI/pages/17667883028 with person_id = person_id from request - expected :ok, :approved response)
    1. in case of error - return 422 ('Authentication method with type THIRD_PERSON must be submitted for this person')
2. Check that $.auth_method_id is a valid uuid
  1. in case error - return 422 ('string does not match pattern') with uuid regexp
3. Check that authentication method exists in MPI database, person_authentication_methods table (with is_active = true), belongs to the same patient as set in the service request request, is active (ended_at > now() or ended_at is null) and type != NA
  1. in case error - return 422 ('Authentication method doesn't exist, is inactive or does not belong to this person')
4. Get value of THIRD_PERSON_CONFIDANT_PERSON_RELATIONSHIP_CHECK config parameter, if it is set to true - for authentication method with type = ‘THIRD_PERSON’ check that person from value is an approved confidant for a patient from service request – exists active and approved confidant person relationship between person from request and person_id from authentication method value (using following logic: https://e-health-ua.atlassian.net/wiki/spaces/CSI/pages/17667883028 with person_id = person_id from request and confidant_person_id = value from auth method) - expected :ok, :approved response)
  1. in case of error - return 422 ('Authentication method doesn't exist, is inactive or does not belong to this person')

Service logic

For each program in array prepare response
If it is any or some errors from validations return “NOT VALID“ with error msg
In case if response is VALID enrich response with urgent_data:
1. if inform_with is submitted - get authetification method details and return masked number (in case if any)
2. else if inform_with is not submitted - get authetification_method by patient_id and return masked number (in case if any)