Difference between revisions of "201701 US Core Track"
Bamarquard (talk | contribs) |
Bamarquard (talk | contribs) |
||
Line 95: | Line 95: | ||
− | === 3. | + | === 3. Assessment and Plan of Treatment Access=== |
− | + | :Action: DAF Requestor (client) searches the Assessment and Plan of Treatment Service for patient's aAssessment and Plan of Treatment | |
+ | :Precondition: Patients with Assessment and Plan of Treatmenthave been created | ||
+ | :Success Criteria: A client is able to execute and receive a response for each of the following queries: | ||
+ | GET /CarePlan?patient=[id]&category=assess-plan | ||
+ | GET /CarePlan?patient=[id]&category=assess-plan&status=active | ||
+ | GET /CarePlan?patient=[id]&category=assess-plan&date=[date]{&date=[date]} | ||
+ | GET /CarePlan?patient=[id]&category=assess-plan&status=active&date=[date]{&date=[date]} | ||
=== 4. Device-UDI Access === | === 4. Device-UDI Access === |
Revision as of 00:19, 2 November 2016
Return to January 2017 Proposals
US-Core Track
US Core profiles support the ONC 2015 Common Clinical Data Set (CCDS) using the Argonaut provided constraints. This track is an extension of the Argonaut efforts to test and record progress against the formal US-Core profiles.
This track is based on FHIR STU3 ballot, US-Core STU2.
Coordinated with other related Connectathon tracks
Submitting WG/Project/Implementer Group
Justification
API access to the 2015 CCDS is required for EHR certification. In prior Connectathons, the DAF project team hosted a track to test the content profiles and a few basic queries.
This track will focus on testing Client and Servers coverage on the recommended queries.
US-Core Connectathon Priority Profiles:
AllergyIntolerance, Assessment and Plan of Treatment, CareTeam, Condition, Device-UDI, Goal, Immunization, Lab DiagnosticReport, Lab Observation, Observation-Smokingstatus, Observation-Vitalsigns, Patient, Practitioner, Procedure
Current draft of US-Core STU3 Profiles
US-Core formalized conformance:
- Conformance requirements for the US Requestor actor (to be updated post STU3)
- Conformance requirements for the US Responder actor (to be updated STU3)
Background on original Argonaut use cases:
Proposed Track Lead
Coordinator: Nagesth Bahsyam (Dragon), Brett Marquard, Eric Haas
Track Lead: Nagesth Bahsyam (Dragon)
Expected participants
Please sign up!
If you're working on a server, please complete the "servers" tab of the Signup Spreadsheet **This time around you'll need to update the `status` flag to indicate whether you've begun work (or completed work), so clients will know when to start testing.** You'll also share details about how a developer can obtain OAuth client credentials (`client_id` for public apps, or a `client_id` and `client_secret` for confidential apps) as well as user login credentials. You might consider simply sharing a set of fixed credentials in this spreadsheet, or else directing users to a web page where they can complete self-service registration. If absolutely necessary, you can ask developers to e-mail you directly.
If you're working on a client, please complete the "clients" tab of the Sprint 4 Spreadsheet. You'll also need to update the `status` flag to indicate whether you've begun work (or completed work).
Roles
(reproduced from Argonaut Project implementation-program Resprint)
Server/EHR
If you're working on a server, please complete the "servers" tab of the Sprints Spreadsheet (see above). You'll need to update the status flag to indicate whether you've begun work (or completed work), so clients will know when to start testing. You'll also share details about how a developer can obtain OAuth client credentials (client_id for public apps, or a client_id and client_secret for confidential apps) as well as **user login credentials. The preferred approach is to direct users to a web page where they can complete self-service registration. (If absolutely necessary, you can ask developers to e-mail you directly.) Work on your OAuth implementation
The expectation is that servers will follow Argonaut’s best-practice approach by implementing the OAuth2-based SMART on FHIR authorization specification. To make this more approachable for new implementers, you can think about handling security in four parts:
- open server. Before you get OAuth working, and even once you have an OAuth-secured server, it can be helpful to host sample data at a totally unprotected https endpoint. This facilitates testing, debugging, and exploration
- Standalone launch. Following SMART’s “standalone launch” flow means that the user (patient, or clinician) can begin by launching an app, and from there can engage in a “connect to my EHR” workflow. This approach is suitable for MU3 patient API access.
- EHR launch. Following SMART’s “EHR launch” flow means that the user (patient, or clinician) can begin from the EHR or potal, and launch an app from there, ensuring that the app learns the context about the surrounding EHR or portal environment. This approach is suitable for embedding apps in an EHR or portal.
- Single Sign-on. Using the OAuth2-based OpenID Connect framework for single sign-on, your authorization server can “vouch for” a user’s identity. This helps ensure that users don’t need to create a new account, with new credentials, for every app they use. This approach to SSO can be used with either of SMART’s launch flows.
Client
If you're working on a client, please complete the "clients" tab of the Sprints Spreadsheet (see above) . You'll also need to update the status flag to indicate whether you've begun work (or completed work).
Scenarios
Dedicated Zulip chat stream for this Track.
1. Patient search
- Action: DAF Requestor (client) searches the patient Service for patients
- Precondition: Patients with the search criteria have been created
- Success Criteria: a client is able to execute and receive a response for each of the following queries:
GET [base]/Patient/[id] GET [base]/Patient?identifier=[system]|[code] GET [base]/Patient?name=[string]&gender=[code] GET [base]/Patient?name=[string]&birthdate=[date] GET [base]/Patient?family=[string]&gender=[code] GET [base]/Patient?given=[string]&gender=[code]
2. Allergies Retrieve
- Action: DAF Requestor (client) searches the AllergyIntolerance Service for patient's allergies
- Precondition: Patients with Allergies have been created
- Success Criteria: A client is able to execute and receive a response for each of the following queries:
GET /AllergyIntolerance?patient=[id]
3. Assessment and Plan of Treatment Access
- Action: DAF Requestor (client) searches the Assessment and Plan of Treatment Service for patient's aAssessment and Plan of Treatment
- Precondition: Patients with Assessment and Plan of Treatmenthave been created
- Success Criteria: A client is able to execute and receive a response for each of the following queries:
GET /CarePlan?patient=[id]&category=assess-plan GET /CarePlan?patient=[id]&category=assess-plan&status=active GET /CarePlan?patient=[id]&category=assess-plan&date=[date]{&date=[date]} GET /CarePlan?patient=[id]&category=assess-plan&status=active&date=[date]{&date=[date]}
4. Device-UDI Access
tbd
5. Vital Signs Access
tbd
TestScript(s)
Formal test data and tools will be provided to meet the use cases above.