-
Created by Unknown User (gaelle.laurent.ext@imec.be), last modified on May 17, 2019
You are viewing an old version of this page. View the current version.
Compare with Current
View Page History
« Previous
Version 15
Next »
The existence of an active ‘informed patient consent’ is one of the fundamental prerequisites for the healthcare providers to access patient’s medical data. Therefore, the eHealth platform makes available to the concerned patients and the health care actors involved in the exchange,
storage or referencing personal data a service to manage the ‘informed patient consent’ as defined by the deliberation 12/047 of the CSSSS/SCSZG1.
Technically, we identify the following attributes for an ‘informed patient consent’:
- The SSIN of the patient.
- The date of the consent registration (at the end-user side).
- The “type” of the consent If the consent is only valuable for data posterior to the signing date, it is called ‘prospective’ and ‘retrospective’ in the other case . According to the rules defined now, the only possible value for this attribute is ‘retrospective’. The attribute is present for backwards compatibility.
- The identity of the HCParty acting in the patient’s name (if applicable).
The “informed consent” can be managed and verified throughout several ways and associated components. The above scheme provides an overview of all those components.
The “eHealth Consent WS” described here is only available for the software of the authorized healthcare professionals and institutions.
KMEHR
This service is a ‘KMEHR-based’ WS. We thus strongly recommend consulting the documentation related to the KMEHR normative elements. The KMEHR site aims to offer a central point for the documentation of the KMEHR normative elements.
https://www.ehealth.fgov.be/standards/kmehr/en
The three following generic elements are, in particular, essentials to build the request and the reply of eHealth Consent WS.
- cd : This is the key element used to code information: this section is completely based on the description from the KMEHR standard, as can be found on: https://www.ehealth.fgov.be/standards/kmehr/en/page/key-elements#cd
- id: This element is used to uniquely identify key elements like request, response of the WS, patient, HCParty. It can also be used to specify any unique identifier: this section is completely based on the description from the KMEHR standard, as can be found on: https://www.ehealth.fgov.be/standards/kmehr/en/page/key-elements#id
HC Party: The hcparty element is a generic element that aims to represent any kind of healthcare party: organization, physician, medical specialty, or even IT systems: this section is entirely based on the description from the KMEHR standard, as can be found on: https://www.ehealth.fgov.be/standards/kmehr/en/page/hcparty
Flow | Specifications |
---|
| ID | AR-UC141-BF | Name | Revoke Patient Consent - Pharmacy holder | Description | Revoke Patient consent allows end-users to revoke an active consent of the concerned patient. Request Revoke consent is done by a pharmacy holder. | Actor(s) | Pharmacy holder | Requirements | - End-user is a pharmacy holder
- Informed patient consent is managed in a recognized pharmacy throughout its usual software
- Valid personal eHeatlh Certificate of the pharmacy
- Consent WS is integrated in the software of the end-user
- Identification pharmacy: NIHII, organization category
- Identification pharmacy holder: SSIN number, NIHII (if available), professional category
- Information about the consent to revoke
°Identification data of concerned patient: SSIN, Support card number, first and family name (optional) °Type of consent: retrospective °Date of revocation | Trigger | The user wants to revoke a Patient Consent | Precondition(s) | - The user has an account for the application
- The user is logged out
| Flow | - The user attempts to access the eHealth Consent WS
- The user needs to request a SAML Token by using a eHealth Certificate
- A request for a SAML Token is sent to the Secure Token Service (STS)
- The STS responds with a SAML Token
- The user has access to the eHealth WS Consent
- The user does a request for Revoke Patient Consent
- The Revoke Patient Consent Request is sent to the WS Consent
- ° The WS Consent responds with a Revoke Patient Consent Response
° The request is logged ° The revoked consent is stored in eHealth Database | Post Condition(s) | - The request is logged
- The revoked consent is stored in eHealth Database with following information
°SSIN of concerned patient °Initial signing date of the consent °Consent type °Author of the request °Revocation date | Test Data | | End point(s) | - WS Consent
- eHealth Database
| Remarks | If concerned patient is a new-born (0 < patient < 3 months) the support card number is not mandatory | Additional Information | Date of revocation of an active consent must be equal or anterior to the request date. If so, it must be also anterior to the current date. |
|
Alternative Flow
Flow | Specifications |
---|
| ID | AR-UC141-AF01 | Name | Revoke Patient Consent - Pharmacist isn't the pharmacy holder | Description | Revoke Patient consent allows end-users to revoke an active consent of the concerned patient. Request Revoke consent is done by a pharmacist who isn't the pharmacy holder. | Actor(s) | Pharmacist isn't the pharmacy holder | Requirements | - End-user is a pharmacist who isn't the pharmacy holder
- Informed patient consent is managed in a recognized pharmacy throughout its usual software
- Valid personal eHeatlh Certificate of the pharmacy
- Consent WS is integrated in the software of the end-user
- Identification pharmacy: NIHII, organization category
- Identification pharmacy holder: SSIN number, NIHII (if available), professional category
- Identification pharmacist: SSIN number, NIHII (if available), professional category
- Information about the consent to revoke
°Identification data of concerned patient: SSIN, Support card number, first and family name (optional) °Type of consent: retrospective °Date of revocation | Trigger | The user wants to revoke a Patient Consent | Precondition(s) | - The user has an account for the application
- The user is logged out
| Flow | - The user attempts to access the eHealth Consent WS
- The user needs to request a SAML Token by using his eID
- A request for a SAML Token is sent to the Secure Token Service (STS)
- The STS responds with a SAML Token
- The user has access to the eHealth WS Consent
- The user does a request for Revoke Patient Consent
- The Revoke Patient Consent Request is sent to the WS Consent
- ° The WS Consent responds with a Revoke Patient Consent Response
° The request is logged ° The revoked consent is stored in eHealth Database | Post Condition(s) | - The request is logged
- The revoked consent is stored in eHealth Database with following information
°SSIN of concerned patient °Initial signing date of the consent °Consent type °Author of the request °Revocation date | Test Data | | End point(s) | - WS Consent
- eHealth Database
| Remarks | If concerned patient is a new-born (0 < patient < 3 months) the support card number is not mandatory | Additional Information | Date of revocation of an active consent must be equal or anterior to the request date. If so, it must be also anterior to the current date. |
|
Exception Flow 1
Flow | Specifications |
---|
| ID | AR-UC141-EF01 | Name | Revoke Patient Consent - Pharmacy holder - Deceased patient | Description | Revoke Patient consent allows end-users to revoke an active consent of the concerned patient. Request Revoke consent is done by a pharmacy holder. Deceased patient | Actor(s) | Pharmacy holder | Requirements | - End-user is a pharmacy holder
- Informed patient consent is managed in a recognized pharmacy throughout its usual software
- Valid personal eHeatlh Certificate of the pharmacy
- Consent WS is integrated in the software of the end-user
- Identification pharmacy: NIHII, organization category
- Identification pharmacy holder: SSIN number, NIHII (if available), professional category
- Information about the consent to revoke
°Identification data of concerned patient: SSIN, Support card number, first and family name (optional) °Type of consent: retrospective °Date of revocation - Concerned patient is deceased
| Trigger | The user wants to revoke a Patient Consent | Precondition(s) | - The user has an account for the application
- The user is logged out
| Flow | - The user attempts to access the eHealth Consent WS
- The user needs to request a SAML Token by using a eHealth Certificate
- A request for a SAML Token is sent to the Secure Token Service (STS)
- The STS responds with a SAML Token
- The user has access to the eHealth WS Consent
- The user does a request for Revoke Patient Consent
- The Revoke Patient Consent Request is sent to the WS Consent
- The WS Consent responds with a Revoke Patient Consent Response: error message
| Post Condition(s) | Error message | Test Data | | End point(s) | - WS Consent
- eHealth Database
|
|
Exception Flow 2
Flow | Specifications |
---|
| ID | AR-UC141-EF02 | Name | Revoke Patient Consent - Pharmacy holder - The consent of the concerned patient is already revoked | Description | Revoke Patient consent allows end-users to revoke an active consent of the concerned patient. Request Revoke consent is done by a pharmacy holder. The consent of the concerned patient is already revoked | Actor(s) | Pharmacy holder | Requirements | - End-user is a pharmacy holder
- Informed patient consent is managed in a recognized pharmacy throughout its usual software
- Valid personal eHeatlh Certificate of the pharmacy
- Consent WS is integrated in the software of the end-user
- Identification pharmacy: NIHII, organization category
- Identification pharmacy holder: SSIN number, NIHII (if available), professional category
- Information about the consent to revoke
°Identification data of concerned patient: SSIN, Support card number, first and family name (optional) °Type of consent: retrospective °Date of revocation - The consent of the concerned patient is already revoked
| Trigger | The user wants to revoke a Patient Consent | Precondition(s) | - The user has an account for the application
- The user is logged out
| Flow | - The user attempts to access the eHealth Consent WS
- The user needs to request a SAML Token by using a eHealth Certificate
- A request for a SAML Token is sent to the Secure Token Service (STS)
- The STS responds with a SAML Token
- The user has access to the eHealth WS Consent
- The user does a request for Revoke Patient Consent
- The Revoke Patient Consent Request is sent to the WS Consent
- The WS Consent responds with a Revoke Patient Consent Response: error message
| Post Condition(s) | Error message | Test Data | | End point(s) | - WS Consent
- eHealth Database
|
|