ЕСОЗ - публічна документація
RC (CSI-2508) Cancel Encounter Package
Purpose
This web service allows to cancel encounter and other components of Data Package such as conditions, observations, allergy_intolerances and immunizations in case they were entered in error.
Note : You have only one attempt to cancel each package via API. In case you signed and cancelled package partly and now you need to cancel more entities from this package - appeal to eHealth administrator.
Note: Current diagnoses on the episode will be replaced automatically with the last accurate diagnoses in case encounter was cancelled.
Specification
Link | |
Resource | /api/patients/{{id}}/encounter_package |
Scope | encounter:write |
Components | Episode of Care |
Microservices | API paragraph not found |
Protocol type | REST |
Request type | PATCH |
Sync/Async | Async |
Public/Private/Internal | Public |
Logic
This web service allows to cancel encounter and other components of Data Package they were entered in case in error.
Request structure
See on Apiary
Example:
Authorize
Request to process the request using a token in the headers
Verify the validity of access token
return 401 (“Invalid access token”) in case validation fails
Verify token is not expired
in case of error - return 401 (“Invalid access token”)
Check user scopes in order to perform this action (scope = 'encounter:cancel')
Return 403 in case invalid scope(s)
If BLOCK_UNVERIFIED_PARTY_USERS is true, then check party's data match following condition: verification_status != NOT_VERIFIED or (verification_status = NOT_VERIFIED and updated_at <= current_date - UNVERIFIED_PARTY_PERIOD_DAYS_ALLOWED):
in case not match - return 403 ("Access denied. Party is not verified")
Headers
Наприклад:
Content-Type:application/json
Authorization:Bearer {{access_token}}
API-key:{{secret}}
Request data validation
Validate digital signature
ds.drfo == PRM.parties.tax_id where PRM.parties.id==PRM.employees.party_id where:
PRM.employees.id==$.encounter.performer.identifier.value)
OR PRM.employees.id==$.approval.granted_to.identifier.value ($.approvals.granted_resources.identifier.value==$.encounter_id AND $.approvals.access_level='write')
OR PRM.employees.employee_type==MED_ADMIN
Compare signed_content to previously created content
select encounter, select * from observations, conditions, immunizations, allergy_intolerances where context.identifier.value=encounter_id and compare to signed_content (do not include statuses to comparation, cancellation_reason and explanatory_letter )
in case of inconsistencies return "Submitted signed content does not correspond to previously created content"
Validate diagnoses still valid
if ($.encounter.status!="entered_in_error") validate ($.conditions[?(@.verification_status=="entered_in_error")].id is not IN $.encounter.diagnoses[*].condition.identifier.value)
in case of error "The condition can not be canceled while encounter is not canceled"
Validate cancellation_reason
$.cancellation_reason.coding[*].system == "eHealth/cancellation_reasons"
Validate entities are not canceled yet (status!= "entered_in_error")
in case of error "Invalid transition"
Validate at least one entity in the request marked as "entered_in_error"
in case of error "At least one entity should have status "entered_in_error""
Validate user performs action with an episode that belong to his legal entity
ME.patient{patinet_id}.episodes{episode_id}.managing_organization==token.client_id
in case of error return 422 "Managing_organization in the episode does not correspond to user`s legal_entity"
Validate reasons (eHealth/ICPC2/reasons dictionary)
is case is_active = false return error 422 "value is not allowed in enum"
Validate legal entity
Validate episode belongs to the legal entity where the current user works
ME.episode.managing_organization==token.client_id
in case of error return 409 "User is not allowed to perform actions with an episode that belongs to another legal entity"
Validate patient
Validate patient is active
ME.patient.status=="active"
in case of error return "Patient is not active"
Validate User
Extract user_id from token
Get list of APPROVED employees with this user_id in current Legal Entity
Check that for user one of the conditions is TRUE:
user has an employee that specified as author of the encounter ($.encounter .recorded_by.identifier.value is in the list of APPROVED employees)
OR check that user has an employee which has approval granted by the patient with access_level:write for this encounter resource ($.approvals.granted_resources.identifier.value==$.encounter_id AND $.approvals.granted_to.identifier.value==PRM.employees.id AND $.approvals.access_level='write')
OR user has an employee has MED_ADMIN employee type
otherwise, return error 409 "Employee is not performer of encounter, don't has approval or required employee type"
Processing
Save signed_content to Media Storage
Set status `entered_in_error` for objects, submitted with status `entered_in_error`
Set cancellation_reason
Set explanatory_letter
Deactivate corresponding diagnoses in the episode in case encounter was entered_in_error
Find episode where id == encouners{encounter_id}.context.identifier.value
Find record in episodes{episode_id}.diagnoses_hstr.evidence.identifier.value==encounter_id
Set is_active = false for this record
Replace current diagnoses
Set in episodes.current_diagnoses the last record from diagnoses_history where is_active==true
Response structure
See on Apiary
Example:
Post-processing processes
API paragraph not found
HTTP status codes
HTTP status code | Message | What caused the error |
---|---|---|
202 |
|
|
401 |
| Access token validation failed |
403 |
| Invalid scope |
404 | not found |
|
ЕСОЗ - публічна документація