ЕСОЗ - публічна документація

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 16 Next »

Rule base typeDescription
Based on declarationDoctor with an active declaration can access all the patient's medical data.
Based on managing organizationUser can read entities, created in his MSP
Based on context episodeUser can read medical data, that was collected during an episode of care, that user has access to.
Based on diagnostic reportUser can read medical data, that was collected as a part of a diagnostic report, managed by the user's legal entity.
Based on origin episodeDoctor can read medical data, that was collected as a part of a diagnostic report or episode of care, that user has access to.
Episode of care, that contains this service request,  is considered as an origin episode in that case. 
RuleBaseResourceRoutesContextLogicSource of context








@rule_0

@episode @encounter @observation @condition @service_request @diagnostic_report @procedures




Scenario: Patient can read it's own data


Given Patient has access_token given by Cabinet


When I require read access


Then I can read

Based on patient token

by id

patient_idThere is an active token given by Cabinet to a patient
by search params

@rule_1

@read @episode @encounter @observation @condition @service_request @diagnostic_report @procedures



Scenario: Doctor with active declaration can read all patient data


Given Active declaration with patient


And declaration from the same MSP


When I require read access


Then I can read

Based on  declaration










episodeby idpatient_id










There is an active declaration between the patient and the doctor in OPS










patient_id from URL









by search params
encounter


by id
by search params
by id in episode context
by search params in episode context
observation


by id
by search params
by id in episode context
by search params in episode context
conditionby id
by search params
by id in episode context
by search params in episode context
service_requestby id
by search params
diagnostic_reportby id
by search params
proceduresby search params







@rule_2

@read @episode @service_request @diagnostic_report @procedures




Scenario: Doctor can read entity created in the doctors MSP

Given Entity has been created on my MSP

When I require read access

Then I can read







Based on managing organization




episodeby idepisodemanaging_organization==token.client_id



DB.episode.managing_organization
by search paramssearch param {managing_organization} from URL
service_request

by idservice requestDB.service_request.managing_organization
by search paramssearch param {requester_legal_entity} from URL
diagnostic_reportby iddiagnostic_reportDB.diagnostic_report.managing_organization
by search paramssearch param {managing_organization} from URL
proceduresby search paramsmanaging_organizationsearch param {managing_organization} from URL







@rule_3 @read @encounter @observation @condition @service_request @diagnostic_report

Scenario: Doctor can read all the data of episodes created in the doctors MSP

Given Episode context has been created on my MSP

When I require read access

Then I can read
Based on context episodeencounterby idepisode















episode.managing_organization==token.client_id















DB.encounter.episode
by search paramssearch param {episode_id} from URL
by id in episode contextepisode_id from URL (path)
by search params in episode context
observationby idDB.observation.episode
by search paramssearch param {episode_id} from URL
by id in episode contextepisode_id from URL (path)
by search params in episode context
conditionby idDB.condition.episode
by search paramssearch param {episode_id} from URL
by is in episode context
episode_id from URL (path)
by search params in episode context
service_requestby idDB.service_request.encounter.episode.managing_organization
by search paramssearch param {episode_id} from URL
by id in episode contextepisode_id from URL (path)
diagnostic_reportby idDB.diagnostic_report.encounter.episode.managing_organization
by search paramscontext_episode_id from URL (path)







@rule_4 @read @episode @encounter @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement @service_request @diagnostic_report

Scenario: Doctor with active approval can read all the data of specified in approval patient

Given Active approval on patient

When I require read access

Then I can read
not implemented yet











@rule_5 @read @episode @encounter @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement @service_request @diagnostic_report @procedure

Scenario: Doctor with active approval can read all the data of specified in approval episodes

Given Active approval on episode

When I require read access

Then I can read



















Based on context episode


















episodeby idepisode


















There is an active approval on the episode granted to the employee (one of user's employee) in MongoDB


















DB.episode.id
encounter


by idDB.encounter.episode
by search paramssearch param {episode_id} from URL
by id in episode contextepisode_id from URL (path)
by search params in episode context
observation


by idDB.observation.episode
by search paramssearch param {episode_id} from URL
by id in episode contextepisode_id from URL (path)
by search params in episode context
condition


by idDB.condition.episode
by search paramssearch param {episode_id} from URL
by id in episode contextepisode_id from URL (path)
by search params in episode context
service request

by idDB.service_requset.encounter.episode
by search paramssearch param {episode_id} from URL
by id in episode contextepisode_id from URL (path)
diagnostic reportby idDB.diagnostic_report.encounter.episode
by search paramssearch param {episode_id} from URL
procedureby idDB.procedures.encounter.episode
by search paramssearch param {episode_id} from URL







@rule_6 @read @diagnostic_report @encounter @procedure

Scenario: Doctor can read entity originated by episode created in the doctors MSP

Given Entity has been originated by mine MSP episode

When I require read access

Then I can read




Based on origin episode



encounterby idorigin_episode



origin_episode.managing_organization==token.client_id


DB.encounter.origin_episode
by search paramsSearch param {origin_episode_id} from URL
diagnostic repostby idDB.diagnostic_report.origin_episode
by search paramsSearch param {origin_episode_id} from URL
proceduresby search paramsDB.diagnostic_report.origin_episode







@rule_7 @read @observation

Scenario: Doctor can read all the data of diagnostic report originated by episode created in the doctors MSP

Given Diagnostic report context has been originated by mine MSP episode

When I require read access

Then I can read
Based on origin episodeobservationby iddiagnostic_reportorigin_episode.managing_organization==token.client_idDB.observation.diagnostic_report.origin_episode
by search paramsSearch param {diagnostic_report_id} from URL







@rule_8 @read @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement @service_request @diagnostic_report @procedure

Scenario: Doctor can read all the data of encounter originated by episode created in the doctors MSP

Given Encounter context has been originated by mine MSP episode

When I require read access

Then I can read
Based on origin episodeobservationby idencounter







origin_episode.managing_organization==token.client_id







DB.observation.context.origin_episode
by search paramsSearch param {encounter_id} from URL
conditionby idDB.condition.context.origin_episode
by search paramsSearch param {encounter_id} from URL
service requestby idDB.service_request.encounter.origin_episode
by search paramsSearch param {encounter_id} from URL
diagnostic_reportby idDB.diagnostic_report.encounter.origin_episode
by search paramsSearch param {encounter_id} from URL
procedureby idDB.procedure.origin_episode
by search paramsSearch param {encounter_id} from URL







@rule_9 @read  @encounter @observation @condition @service_request @diagnostic_report

Scenario: Doctor with active approval can read data, originated by the episode

Given Active approval on episode

When I require read access

Then I can read
Based on origin episode


























  • No labels