| Опис |
|---|---|
Based on declaration | Лікар з активною декларацією має доступ до всіх даних пацієнта. |
Based on managing organization | Користувач може переглядати сутності, створені в даній MSP |
Based on context episode | Користувач може переглядати дані, які створені в рамках епізоду лікування, до яких користувач має доступ. |
Based on diagnostic report | Користувач може переглядати дані, які є складовою діагностичного звіту, який керується юридичною особою користувача. |
Based on origin episode | Лікар може переглядати дані, які бути створені як частина діагностичного звіту або епізоду лікування, до яких користувач має доступ. |
Based on care plan | Користувач з діючим дозволом на план лікування може переглядати та редагувати дані на основі даного плану лікування |
Правило | На чому основано | Ресурс | Посилання | Контекст | Логіка | Джерело контенту |
|---|---|---|---|---|---|---|
@rule_-2 @read @episode @encounter @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement @service_request @diagnostic_report @procedure @medication_administration @care_plan @activity Scenario: NHS employee can read patient’s data if he has Justification for monitoring Given Justification on monitoring patient's data given by the user (works only from Admin panel, graphql api) When I require read access Then I can read | На токені користувача | by id | patient_id | Це активний токен | ||
by search params | Це активний токен | |||||
@rule_-1 @read @allergy_intolerance @immunization @risk_assessment @device @medication_statement Scenario: Employee can read insensitive patient’s data Given User access token with client_type not equal to cabinet When I require read access Then I can read | На токені користувача | by id |
| Це активний токен | ||
by search params | Це активний токен | |||||
@rule_0 @read @episode @encounter @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement @service_request @diagnostic_report @procedure @medication_administration @care_plan @activity @clinical_impression Scenario: Patient can read it's own data Given Patient has access_token given by Cabinet When I require read access Then I can read | На токені користувача | by id | patient_id | Це активний токен наданий до кабінету пацієнта | ||
by search params | ||||||
@rule_1 @read @episode @encounter @observation @condition @service_request @diagnostic_report @procedure @medication_administration @care_plan @activity @approval@clinical_impression Scenario: Doctor with active declaration can read all patient data Given Active declaration with patient And declaration from the same MSP When I require read access Then I can read | На основі декларації
| episode | by id | patient_id
| Це активна декларація між пацієнтом та лікарем OPS | patient_id from URL
|
by search params | ||||||
encounter
| by id | |||||
by search params | ||||||
by id in episode context | ||||||
by search params in episode context | ||||||
observation
| by id | |||||
by search params | ||||||
by id in episode context | ||||||
by search params in episode context | ||||||
condition | by id | |||||
by search params | ||||||
by id in episode context | ||||||
by search params in episode context | ||||||
service_request | by id | |||||
by search params | ||||||
diagnostic_report | by id | |||||
by search params | ||||||
care_plan | by id | |||||
by search params | ||||||
activity | by id | |||||
by search params | ||||||
approval | by id | |||||
by search params | ||||||
clinical_impression | by id | |||||
by search params | ||||||
@rule_2 @read @episode @service_request @diagnostic_report @procedures Scenario: Doctor can read entity created in the doctors MSP Given Entity has been created on my MSP When I require read access Then I can read
| На основі керуючої організації
| episode | by id | episode | managing_organization==token.client_id
| DB.episode.managing_organization |
by search params | search param {managing_organization} from URL | |||||
service_request | by id | service request | DB.service_request.managing_organization | |||
by search params | search param {requester_legal_entity} from URL | |||||
diagnostic_report | by id | diagnostic_report | DB.diagnostic_report.managing_organization | |||
by search params | search param {managing_organization} from URL | |||||
procedures | by search params | managing_organization | search param {managing_organization} from URL | |||
@rule_3 @read @encounter @observation @condition @service_request @diagnostic_report @device @medication_statement @immunization @risk_assessment @medication_administration @procedure @allergy_intolerance@clinical_impression Scenario: Doctor can read all the data of episodes created in the doctors MSP Given Episode context has been created on my MSP When I require read access Then I can read | На основі контексту епізоду | encounter | by id | episode
| episode.managing_organization==token.client_id
| DB.encounter.episode |
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
observation | by id | DB.observation.episode | ||||
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
condition | by id | DB.condition.episode | ||||
by search params | search param {episode_id} from URL | |||||
by is in episode context |
| |||||
by search params in episode context | ||||||
service_request | by id | DB.service_request.encounter.episode.managing_organization | ||||
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
diagnostic_report | by id | DB.diagnostic_report.encounter.episode.managing_organization | ||||
by search params | context_episode_id from URL (path) | |||||
medication_statement | by id | IF context is encounter THEN: | ||||
by search params | search param {episode_id} from URL | |||||
immunization | by id | IF context is encounter THEN: | ||||
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
device | by id | IF context is encounter THEN: | ||||
by search params | search param {episode_id} from URL | |||||
risk_assessment | by id | IF context is encounter THEN: | ||||
by search params | search param {episode_id} from URL | |||||
medication_administration | by id | IF context is encounter THEN: | ||||
by search params | search param {episode_id} from URL | |||||
procedure | by id | DB.procedures.encounter.episode.managing_organization | ||||
by search params | search param {episode_id} from URL | |||||
allergy_intolerance | by id | IF context is encounter THEN: | ||||
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
clinical_impression | by id | DB.clinical_impression.episode | ||||
by search params | search param {episode_id} from URL | |||||
@rule_4 @read @episode @encounter @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement @service_request @diagnostic_report @medication_administration Scenario: Doctor with active approval can read all the data of specified in approval patient Given Active approval on patient When I require read access Then I can read | Не реілазовано | |||||
@rule_5 @read @episode @encounter @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement @service_request @diagnostic_report @procedure @medication_administration@clinical_impression Scenario: Doctor with active approval can read all the data of specified in approval episodes Given Active approval on episode When I require read access Then I can read | На основі контексту епізоду
| episode | by id | episode
| Наявний активний дозвіл на епізод виданий співробітником (одним із співробітник користувача) в MongoDB
| |
encounter
| by id | DB.encounter.episode | ||||
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
observation
| by id | DB.observation.episode | ||||
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
condition
| by id | DB.condition.episode | ||||
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
service request | by id | DB.service_requset.encounter.episode | ||||
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
diagnostic report | by id | DB.diagnostic_report.encounter.episode | ||||
by search params | search param {episode_id} from URL | |||||
procedure | by id | DB.procedures.encounter.episode | ||||
by search params | search param {episode_id} from URL | |||||
clinical_impression | by id | DB.clinical_impression.episode | ||||
by search params | search param {episode_id} from URL | |||||
@rule_6 @read @diagnostic_report @encounter @procedure Scenario: Doctor can read entity originated by episode created in the doctors MSP Given Entity has been originated by mine MSP episode When I require read access Then I can read | На основі первинного епізоду
| encounter | by id | origin_episode
| origin_episode.managing_organization==token.client_id
| DB.encounter.origin_episode |
by search params | Search param {origin_episode_id} from URL | |||||
diagnostic repost | by id | DB.diagnostic_report.origin_episode | ||||
by search params | Search param {origin_episode_id} from URL | |||||
procedures | by search params | DB.diagnostic_report.origin_episode | ||||
@rule_7 @read @observation Scenario: Doctor can read all the data of diagnostic report originated by episode created in the doctors MSP Given Diagnostic report context has been originated by mine MSP episode When I require read access Then I can read | На основі первинного епізоду | observation | by id | diagnostic_report | origin_episode.managing_organization==token.client_id | DB.observation.diagnostic_report.origin_episode |
by search params | Search param {diagnostic_report_id} from URL | |||||
@rule_8 @read @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement @service_request @diagnostic_report @procedure @medication_administration@clinical_impression Scenario: Doctor can read all the data of encounter originated by episode created in the doctors MSP Given Encounter context has been originated by mine MSP episode When I require read access Then I can read | На основі первинного епізоду | observation | by id | encounter
| origin_episode.managing_organization==token.client_id
| DB.observation.context.origin_episode |
by search params | Search param {encounter_id} from URL | |||||
condition | by id | DB.condition.context.origin_episode | ||||
by search params | Search param {encounter_id} from URL | |||||
service request | by id | DB.service_request.encounter.origin_episode | ||||
by search params | Search param {encounter_id} from URL | |||||
diagnostic_report | by id | DB.diagnostic_report.encounter.origin_episode | ||||
by search params | Search param {encounter_id} from URL | |||||
procedure | by id | DB.procedure.origin_episode | ||||
by search params | Search param {encounter_id} from URL | |||||
@rule_9 @read @encounter @observation @condition @service_request @diagnostic_report Scenario: Doctor with active approval can read data, originated by the episode Given Active approval on episode When I require read access Then I can read | Не реалізовано | |||||
@rule_10 @read @observation Scenario: Doctor can read all the data of diagnostic report created in the doctors MSP Given Diagnostic report context has been originated by mine MSP When I require read access Then I can read | На основі діагностичного звіту | observation | by id | diagnostic_report | diagnostic_report.managing_organization==token.client_id | DB.observation.diagnostic_report.managing_organization |
by search params | Search param {diagnostic_report_id} from URL | |||||
@rule_11 @read @observation Scenario: Doctor with active approval can read all the data of specified in approval diagnostic report Given Active approval on diagnostic report When I require read access Then I can read | На основі діагностичного звіту | observation | by id | diagnostic_report | Наявний активний дозвід на діагностичний звіт наданий співробітником (одним з співробітників користувача) в MongoDB | DB.observation.diagnostic_report |
by search params | Search param {diagnostic_report_id} from URL | |||||
@rule_12 @read @care_plan @activity @medication_request @medication_request_request Scenario: Doctor with active approval can read the data associated with the care plan. Given Active approval on care_plan When I require read access Then I can read | На основі плану лікування | care_plan | by id | care_plan
| Наявний активний дозвіл (access_level=read) на care_plan наданий співробітнику (одним з співробітників користувача) в MongoDB
| DB.care_plan.id=approvals.granted_resources[].value |
activity | by id | care_plan_id from URL (path) DB.activities.care_plan[].id=approvals.granted_resources[].value | ||||
by search params | ||||||
medication_request_requests | by search params | care_plan_id from URL (path) DB.medication_request_requests.based_on.care_plan[].id=approvals.granted_resources[].value | ||||
medication_requests | by search params | care_plan_id from URL (path) DB.medication_requests.based_on.care_plan[].id=approvals.granted_resources[].value | ||||
@rule_13 @write @care_plan @activity @medication_request @medication_request_request Scenario: Doctor with active approval can write the data associated with the care plan. Given Active approval on care_plan When I require write access Then I can write | На основі плану лікування | care_plan | by id | care_plan | Наявний активний дозвіл (access_level=write) на care_plan наданий співробітнику (одним з співробітників користувача) в MongoDB | DB.care_plan.id=approvals.granted_resources[].value |
complete | ||||||
cancel | ||||||
activity | by id | care_plan_id from URL (path) DB.activities.care_plan[].id=approvals.granted_resources[].value | ||||
by search params | ||||||
create | ||||||
complete | ||||||
cancel | ||||||
medication_request_requests | by search params | care_plan_id from URL (path) DB.medication_request_requests.based_on.care_plan[].id=approvals.granted_resources[].value | ||||
medication_requests | by search params | care_plan_id from URL (path) DB.medication_requests.based_on.care_plan[].id=approvals.granted_resources[].value | ||||
@rule_14 @read @service_request @encounter @diagnostic_report @procedure @medication_dispense Scenario: User with active approval on the care plan can read the data based on this care plan. Given Entity based on care_plan And Active approval on care_plan When I require read access Then I can read | На основі плану лікування | service_request | by id | care_plan | Наявний активний дозвіл (access_level=read/write) на care_plan наданий співробітнику (одним з співробітників користувача) в MongoDB
| DB.service_request.based_on.care_plan[].id=approvals.granted_resources[].value |
by search params | care_plan_id from URL (search param) DB.service_request.based_on.care_plan[].id=approvals.granted_resources[].value | |||||
encounter | by id | care_plan_id from URL (search param) DB.based_on.service_requests.based_on.care_plan[].id=approvals.granted_resources[].value | ||||
diagnostic_report | by id | |||||
procedure | by id |