TEST: OHIE-CR-04-FHIR
Patient Identity Feed - Blocks Inappropriate Assigner
Last updated
Was this helpful?
Patient Identity Feed - Blocks Inappropriate Assigner
Last updated
Was this helpful?
This test ensures that an assigner cannot inappropriately attempt to assign an authoritative (official) identity for a domain which it does not have appropriate authority to do so.
In a jurisdictional MPI environment, it is important that a centralized client-registry or MPI govern the issuance and trust of identity for certain domains. For example, a national health identifier registration submitted by the NHID authority / software may be indicated as an "authoritative" source whereas a new NID submitted by an EMR might be "informative".
SanteMPI provides mechanisms for two types of identity domains:
Open Identity Domains - Whereby any caller from any source can freely assign new identifiers in that domain (for example: in use cases where the DLN authority is not directly integrated to the MPI you can allow any EMR to assign / register a DLN)
Protected Identity Domains - Whereby only the registered source for identities in that domain can assign new identifiers and be authoritative. For example, only the national health insurance provider may notify the MPI/CR about new health insurance numbers, or only Hospital A can notify the CR about official identifiers form Hospital A.
When protected identity domains are used, other sources may provide identifiers in protected domains, however they are treated as informative rather than "official" authoritative sources. This information can be taken into consideration when weighing a candidate match. Additionally, non-authoritative sources can link their own records with existing identifiers in a protected identity domain.
Create an AssigningAuthority domain which has the following attributes:
URL of http://ohie.org/test/test_a
OID of 1.3.6.1.4.1.52820.3.72.5.9.2
Device TEST-HARNESS-A with authoritative source for identifiers
Create an AssigningAuthority domain which has the following attributes:
URL of http://ohie.org/test/test_b
OID of 1.3.6.1.4.1.52820.3.72.5.9.3
Device TEST-HARNESS-B with authoritative source for identifiers
The test harness authenticates against the SanteMPI IdP using a client_credentials grant for the test-harness-a account.
The test harness sends an authenticated request to create a new patient with a new identifier in TEST_A domain. Patient details:
Identifier FHRA-040 in http://ohie.org/test/test_a with use official
Name: JENNIFER JONES
Gender: Female
DOB: 1984-01-25
Requirement
Option
Description
MUST
PMIR Only
Return MessageHeader with response.code = ok
MUST
Return HTTP code of 201 Created
SHOULD
PMIR Only
Include an OperationOutcome entry in the response
SHOULD
Include a Patient entry in response containing created patient
SHOULD
Include a link to the master identity with code refer
The test harness executes a query against the receiver to ensure the record was created domain
Requirement
Option
Description
MUST
Accept the message with HTTP 200 OK
MUST
Include a bundle with exactly 1 patient result
MUST
Contain a patient for Jennifer Jones
MUST
Have an identifier for FHRA-040 in system http://ohie.org/test/test_a
SHOULD
Contain one or more link entries with type seealso pointing to local records
The test harness authenticates against the SanteMPI IdP using a client_credentials grant for the test-harness-b account.
The test harness sends a registration message to the receiver, attempting to incorrectly register a new official identifier in the TEST_A domain (an identity domain for which it does not have authority to assign new identities).
Identifier FHRB-041 in http://ohie.org/test/test_b with use offical
Name: JENNIFER DOE
Gender: Female
DOB: 1989-01-25
If the receiver is behaving in a strict mode (i.e. emulating the behavior from HL7v2), then.
Requirement
Option
Description
MUST
PMIR Only
Return MessageHeader with response.code = fatal-error
MUST
Return HTTP code in the 400 series
MUST
Include an OperationOutcome entry in the response indicating sender
does not have authority to issue new identities in the TEST_A domain.
If the receiver is operating in a mode that is lenient for identity domains, it should process the message and flag the identifier as informative.
Requirement
Option
Description
MUST
PMIR Only
Return MessageHeader with response.code = ok
MUST
Return HTTP code in the 201 Created
SHOULD
PMIR Only
Include an OperationOutcome entry in the response indicating sender
does not have authority to issue new identities in the TEST_A domain and code official was changed to usual/secondary.
SHOULD
Return the created patient with the identifier FHRB-041 with use
set to usual/secondary and/or an extension indicating the identifier
is informative.
The test harness sends a registration for a new patient in its own identity domain where the patient has an existing identity in another protected domain.
Identifier FHRB-042 in http://ohie.org/test/test_b with use official
Identifier FHRA-040 in http://ohie.org/test/test_a with use usual
Name: JENNIFER JONES
Gender: Female
DOB: 1984-01-25
Requirement
Option
Description
MUST
PMIR Only
Return MessageHeader with response.code = ok
MUST
Return HTTP code of 201 Created
SHOULD
PMIR Only
Include an OperationOutcome entry in the response
SHOULD
Include a Patient entry in response containing created patient
SHOULD
Include a link to the master identity with code refer
The test harness executes a query against the receiver to ensure the record was created domain
Requirement
Option
Description
MUST
Accept the message with HTTP 200 OK
MUST
Include a bundle with exactly 1 patient result
MUST
Contain a patient for Jennifer Jones
MUST
Have an identifier for FHRB-042 in system http://ohie.org/test/test_b
MUST
Have identifier for FHRA-040 in system http://ohie.org/test/test_a
SHOULD
Contain a link entry with type seealso pointing to local records from TEST HARNESS A
SHOULD
Contain a link entry with type seealso pointing to local record from TEST HARNESS B