1 - Goal
This use case test verifies that a Health Professional
can access a document from a Patient from the healthcare professional portal or
primary system, which has not yet registered the patient before. The document is
retrieved from the local community, while the patient Reference Community is a
third community.
The goals for the
communities involved are:
- Authenticate the
user at the Authentication Provider (IdP) from the portal or primary system;
Request the
patients XAD-PID from the PIX Manager in the local community using a CH: PDQ
Patient Demographics Query [ITI-47] transaction;
Retrieve an
authorization assertion from the X-Assertion Provider in the local community;
Retrieve the
document metadata from the local community using a Registry Stored Query
[ITI-18] transaction;
Retrieve selected
documents from the local community using the Retrieve Document Set [ITI-40]
transaction;
Request the
Authorization Decisions from the patient home community;
2 - Tested Components
The following list of actors for this test is as follows:
System | Actors | Comment |
IdP | User Authentication Provider |
|
HPP | X-Service User Patient Demographics Consumer Document Source | Connected to IdP, CCC, CCC Initiating Gateway |
CCC | X-Assertion Provider X-Service Provider Patient Demographics Supplier Initiating Gateway Document Registry Authorization Decision Consumer X-Service User | CCC Authorization Decision Consumer connected to OC Authorization Decision Provider |
OC | Authorization Decision Provider Policy Repository
| Reference Community Option
|
SS | X-Service Provider Document Repository X-Service User | 1..*, connected to CCC
|
3 - Test Data
All data needed for this test are available in test "Group_Tests_CONF"
The required test data is as follows:
| HPP | IdP | CC Reg | CC SS | OC PP | CCC Assertion Provider |
Patient |
|
|
|
| EPR_PID |
|
Health Professional | | UAP ID |
|
|
| GLN |
Policy |
|
|
|
| specific Patient Policy Set the patient and the hcp |
|
Document
AReport |
|
| Registered with Confidentiality Code normal | Document available with specific document.title, classCode and typeCode |
|
|
4 - Description
In this test
scenario the test participants shall:
- Use the portal or primary system with healthcare
professional Dr. Apgar to authenticate at the Authentication Provider
Search the Patient with demographics search criteria, get the MPI_A-PID and EPR-SPID (this may be
done in the background but you will have to show evidence that this took
place)
- Get the CH:XUA Authorization assertion to be used with
the the test transactions (again this may be done in the background but you
will have to show evidence that this took place)
The healthcare
professional queries the Document Registry of the local community for documents
for the Patient (steps 15-18) and selects and retrieves the document from the
Document Repository with the specific title (steps 19-22).
The Document
Registry and Document Repository shall request the Authorization Decisions from
the patient home community (Initiating Community) and enforce the patient
privacy policies.
5 - Evidence
The
test participant shall show evidence that the workflow performs with the steps
defined in the sequence diagram.
Therefore,
test participants shall provide the logs of the transactions,
especially:
Logs of the Patient Demographic Query [ITI-47] in the local
community;
Logs of the CH: XUA Get-X-User Assertion transaction in the local
community;
Logs of the Registry Stored Query [ITI-18] transaction in
the local community;
Logs of the Retrieve Document Set [ITI-43] transaction in
the local community;
Logs of the XADR Authorization Decision Request
transactions from the local and remote community;
6 - Evaluation
The monitor
verifies that the document is retrieved without errors and displayed in the Portal and verifies the audit trails for evidence.