CH EPR FHIR (R4)
4.0.1-ballot-2 - ballot Switzerland flag

CH EPR FHIR (R4), published by eHealth Suisse. This guide is not an authorized publication; it is the continuous build for version 4.0.1-ballot-2 built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/ehealthsuisse/ch-epr-fhir/ and changes regularly. See the Directory of published versions

Retrieve Document [ITI-68]

This section describes the additional requirements for the Swiss EPR of the Retrieve Document [ITI-68] transaction defined in the MHD Profile published in the IHE ITI Trial Implementation “Mobile Access to Health Documents”.

Scope

The Retrieve Document [ITI-68] transaction is used by the Document Consumer to retrieve a document from the Document Responder.

Actor Roles

Actor: Document Consumer
Role: Requests a document from the Document Responder.
Actor: Document Responder
Role: Serves the document to the Document Consumer.

Referenced Standards

  1. Mobile access to Health Documents (MHD), Rev. 4.2.2
  2. This MHD Profile is based on Release 4 of the HL7® FHIR® standard.

Messages

Interaction Diagram for [ITI-68]Document ConsumerDocument ResponderRetrieve DocumentRetrieved Document

Expected Actions

Federated Cross Community Access Option
%%{ init: { 'theme': 'neutral', 'themeVariables': { 'fontSize': '14px' } } }%% flowchart LR A[Document Consumer] -->|Retrieve| B(Document Responder Option FXCA Grouped with Document Consumer) B --> C{own community?} C -->|yes| D(Document Responder own community) C -->|no| E(Document Responder federated community)

All Document Responders except the one with the Federated Cross Community Access Option SHALL identify if the document retrieve targets another community. If this is the case, it SHALL forward the request to the target community, otherwise the request can be handled directly.

CapabilityStatement Resource

The CapabilityStatement resource for the Document Consumer is MHD Document Consumer.

The CapabilityStatement resource for the Document Responder is MHD Document Responder.

Security Consideration

The transaction SHALL be secured by Transport Layer Security (TLS) encryption and server authentication with server certificates. Transactions across communities SHALL use mTLS.

The transaction SHALL use client authentication and authorization using extended authorization token as defined in the IUA profile. The extended authorization token SHALL be conveyed as defined in the Incorporate Access Token [ITI-72] transaction.

All Document Responders except the one with the Federated Cross Community Access Option SHALL be grouped with the Authorization Decision Consumer actor of the CH:ADR profile defined in Extension 2.1 to Annex 5 of the ordinances and perform an Authorization Decision Request [CH:ADR] for every Retrieve Document [ITI-68] request.

The actors SHALL support the traceparent header handling, as defined in Appendix: Trace Context.

Security Audit Considerations

Document Consumer Audit

The Document Consumer shall record a CH Audit Event for [ITI-68] Document Consumer (example).

Document Responder Audit

The Document Responder shall record a CH Audit Event for [ITI-68] Document Responder (example).