Versions Compared

Old Version 7

changes.mady.by.user Tom Pilgård

Saved on

compared with

New Version 8

changes.mady.by.user Erik Nielsen

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Each resource type (see IG Profiles) has certain restrictions to what context is required in order to allow data retrieval or data manipulation. 

...

PlanDefinition/ActivityDefinition

These resources are not patient related. Read and Search operations do not require any security context apart from the privilege. 

PlandefinitionPlanDefinition/ActivityDefinition

User Type

FHIR Operation

Organization Context

Property updated → role needed

Practitioner

create/update

required:

must match modifierRole.reference

PlanDefinition/ActivityDefinition creation or modifierRole changed → owner

All other updates → owner or co-author

System

-

-

-


Plandefinition$applyPlanDefinition$apply

User Type

EpisodeOfCare Context

CareTeam Context

Practitioner

required:

Must match EpisodeOfCare.id

required:

Must match EpisodeOfCare.team

System

-

-

...

Provenance.search

User Type

EpisodeOfCare Context

CareTeam Context


Practitioner

required:

must match EpisodeOfCare search parameter (provenance.target)

-


Patient

required:

must match EpisodeOfCare search parameter (provenance.target)

-

System

-

-



Consent.create/read/patch

User Type

EpisodeOfCare Context

CareTeam Context

Practitioner

Required

Must match data.reference

-

Patient

Required

Must match data.reference

-

System

-

-

...

Consent.search

User Type

EpisodeOfCare Context

CareTeam Context

Practitioner

required:

must match EpisodeOfCare search parameter (consent.data.reference)

-

Patient

required:

must match EpisodeOfCare search parameter (consent.data.reference)

-

System

-

-

CarePlan/ServiceRequest

ServiceRequests are ServiceRequest is considered a part of a CarePlan and do does not have separate privileges.

CarePlans CarePlan cannot be created directly. They are It is created and assigned to a patient Patient by calling PlanDefinition$apply 

...

CarePlan Search

User Type

EpisodeOfCare Context

Patient Context

CareTeam Context

Practitioner

optional but when present:

must match searchparam episodeOfCare

optional but when present:

must match searchparam theSubject

Only checked if EpisodeOfCare Context is not set.

required:

Must match search parameter CarePlan.careteam or CarePlan.episodeOfCare.team. (Only a single search parameter is allowed for this element)

Patient

optional but when present:

must match searchparam episodeOfCare

Always present and must match searchparam theSubject

Only checked if EpisodeOfCare Context is not set.

-

System

-

-

-

Goal

Goals are Goal is considered as part of a CarePlan and do does not have separate privileges.

...

It is recommended to search based on either a userID or a Careteam. It is technically possible to combine these two search parameters, but the results may be confusing.

Observation/QuestionnaireResponse/Media/Communication (ehealth-communication)

Observation and Media cannot be created directly. They can be created , Media, and QuestionnaireResponse (with status completed) is created by calling $submit-measurement. QuestionnaireResponse drafts A draft QuestionnaireResponse (with status in-progress) can be created directly, while a completed QuestionnaireResponse is created by calling $submit-measurementand updated directly.

Communication read

User Type

EpisodeOfCare Context

Patient Context

CareTeam Context


Practitioner

optional but when present:

must match communication.episodeOfCare

required if EpisodeOfCare context not present:

must match communication.subject

Only checked if EpisodeOfCare Context is not present.

A match must be found either through the Careteam or the UserID

  • Careteam: must match either communication.senderCareTeam or communication.recipientCareTeam

  • UserID: must match communication.sender or communication.recipient


Patient

-

required:

must match communication.recipient or communication.sender

-


System

-

-

-


...

QuestionnaireResponse search

User Type

EpisodeOfCare Context

Patient Context

CareTeam Context

Practitioner

required:

search param must match the context

--

required:

If the CareTeam is assigned on the EpisodeOfCare:

  • basedOn search parameter is not mandatory

If the Careteam is assigned on the CarePlan:

  • basedOn search parameter is mandatory and must  must match the context

Patient

optional but when present:

search param must match the context

required when EOC context not present:

search param must match the context

--

System

--

--

--

QuestionnaireResponse drafts (status in-progress) create/update

User Type

EpisodeOfCare Context

CareTeam Context

Practitioner

required:

must match questionnaireResponse.episodeOfCare

required:

If the CareTeam is assigned on the EpisodeOfCare:

  • The user is granted access with no further checks when the EpisodeOfCare.team of the EpisodeOfCare Context contains the CareTeam in the CareTeam Context

If the Careteam is assigned on the CarePlan:

  • QuestionnaireResponse.basedOn must be a ServiceRequest which is referenced in CarePlan.activity.reference where the CarePlan.careTeam contains the CareTeam in the CareTeam Context

Patient

required

must match questionnaireResponse.episodeOfCare

--

System

--

--

...