Respiratory Virus Hospitalization Surveillance Network (RESP-NET) Content Implementation Guide, published by HL7 International / Public Health. This guide is not an authorized publication; it is the continuous build for version 2.0.0-ballot built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/HL7/fhir-resp-net-ig/ and changes regularly. See the Directory of published versions
Page standards status: Informative |
This section defines the specific requirements for systems wishing to conform to actors specified in this Respiratory Virus Hospitalization Surveillance Network (RESP-NET) Implementation Guide (IG). The specification highlights the requirements used to report the data to RESP-NET sites.
Before reading this formal specification, implementers should first be familiar with the Use Cases page which provides the business context and general process flow.
This IG uses RFC-2119 terminology to flag statements that have relevance for the evaluation of conformance with the guide:
Actors and Systems asserting conformance to this IG must implement the requirements outlined in the corresponding capability statements. The following definition of Must Support is to be used in the implementation of the requirements.
This specification makes significant use of FHIR profiles, search parameter definitions, and terminology artifacts to describe the content to be shared as part of RESP-NET Content IG workflows. The IG is based on FHIR R4 and profiles are listed for each interaction.
The full set of profiles defined in this IG can be found by following the links on the FHIR Artifacts page.
This IG leverages the US Core set of profiles defined by HL7 for sharing non-veterinary electronic medical record (EMR) individual health data in the U.S. Where US Core profiles exist, this IG either leverages them directly or uses them as a base for any additional constraints needed to support the research use cases. If no constraints are needed, this IG does not define any profiles.
This IG leverages the Subscriptions Backport IG defined by HL7 Infrastructure WG for automating reporting workflows using subscriptions.
This IG leverages the US Public Health Profiles Library IG defined by the Public Health WG as a collection of reusable architecture and content profiles representing common public health concepts and patterns. The USPHPL IG is intended to be a complement to US Core used to ease implementation burden of healthcare organizations, electronic health record companies, public health agencies, and others involved in the US public health endeavor.
This IG leverages the electronic Case Reporting (eCR) IG defined by the Public Health WG which specifies the appropriate FHIR resources and transactions needed for the eCR process. FHIR offers opportunities to further enable automated triggering and reporting of cases from EHRs, to ease implementation and integration, to support the acquisition of public health investigation supplemental data, and to connect public health information (e.g., guidelines) with clinical workflows.
This IG leverages the SMART App Launch IG defined by HL7 Infrastructure WG for enabling authentication and authorization between various actors involved in the workflows. This IG leverages Substitutable Medical Applications, Reusable Technologies (SMART) on FHIR Backend Services Authorization requirements.
This section outlines how the SMART on FHIR Backend Services Authorization will be used by the RESP-NET IG.
The system actors namely Data Source, Data Submitter, and the Data Receiver are required to use the SMART on FHIR Backend Services Authorization mechanisms as outlined below for the following interactions:
System actors acting as servers (i.e, Data Source and Data Receiver) SHALL advertise conformance to SMART on FHIR Backend Services by hosting Well-Known Uniform Resource Identifiers (URIs) as defined in the SMART App Launch IG Backend Services specification.
System actors acting as servers (i.e, Data Source and Data Receiver) SHALL include token_endpoint, scopes_supported, token_endpoint_auth_methods_supported and token_endpoint_auth_signing_alg_values_supported as defined in the SMART App Launch IG Backend Services specification.
When System actors act as clients (i.e, Data Submitter), they SHALL share their JSON Web Key Set (JWKS) with the server System actors (i.e, Data Source and Data Receiver) using Uniform Resource Locators (URLs) as defined in the SMART App Launch IG Backend Services specification.
System actors acting as clients SHALL obtain the access token as defined in the SMART App Launch IG Backend Services specification.
For the RESP-NET use cases, Data Sources SHALL support the system/*.read scopes.
The Data Receiver SHALL support the system/.read and system/.write scopes.
The health care organization’s existing processes along with the Data Source’s authorization server SHALL verify any organizational policy requirements (for example, registration of the Data Submitter, authorizing requested scopes, testing and verification of Data Submitter implementation in sandbox environment prior to production) before allowing the Data Submitter to access the data to be included in the RESP-NET report.
The requirements in this sub-section are only applicable if when the Data Submitter is not packaged as part of the Data Source.
The Data Source SHALL support the creation of Subscriptions for the following named events described at [US Public Health Profiles Library IG Trigger Events](http://hl7.org/fhir/us/ph-library/STU1/us-ph-valueset-triggerdefinition-namedevent.html
The Data Source SHALL support rest-hook
Subscription channel to notify the Data Submitter.
The Data Source SHALL support Notification Bundles with full resource payload
as outlined in the Backport Subscriptions IG.
For the RESP-NET IG, the Data Source SHALL include the Encounter resource which was started or closed as part of the Notification Bundle.
The Data Source SHALL support operations and APIs for Subscription, Notification Bundle, Subscription status resources as outlined in the Data Source Capability Statement.
The requirements in this sub-section are only applicable if the Data Submitter is not packaged, as part of the Data Source.
The Data Submitter SHALL be capable of creating Subscriptions for the [encounter-close and encounter-start trigger events](http://hl7.org/fhir/us/ph-library/STU1/us-ph-valueset-triggerdefinition-namedevent.html
The Data Submitter SHALL support rest-hook
Subscription channel to receive notifications from the Data Source.
The Data Submitter SHALL support a POST API /receive-notification with a payload of the Subscription Notification Bundle to receive the notifications from the Data Source.
The Data Submitter SHALL ensure no duplicate reports are submitted for the same patient and encounter occurring within a health care organization.
The Data Submitter SHALL be capable of interpreting RESP-Net PlanDefinition to process the encounter-start and encounter-close trigger events and determine if a RESP-Net report needs to be generated and submitted.
The Data Submitter SHALL be capable of processing RESP-Net Specification Bundle to determine processing criteria for RESP-Net bundle creation.
The Data Submitter SHALL create a RESP-NET report following the constraints identified in RESP-NET Content Bundle.
The Data Submitter SHALL package the RESP-NET report following the constraints identified in RESP-NET Reporting Bundle.
The Data Submitter SHALL submit the message containing the RESP-NET report to the identified endpoint using either FHIR Messaging (/$process-message) endpoint or POST a Bundle using the /Bundle endpoint.
NOTE: We are seeking feedback if this method should be retained or removed.
The Data Receiver SHALL support multiple methods to receive data from the Data Submitter as follows
The Data Receiver SHALL implement the $process-message operation on the ROOT URL of the FHIR Server to receive reports from the Data Submitter using the POST operation.
The Data Receiver SHALL implement the /Bundle endpoint to receive RESP-NET Content Bundle from a Data Submitter.
Upon receipt of the message, the Data Receiver SHALL validate the data before accepting the data for downstream processing.
When there are validation failures, the Data Receiver SHALL return an Operation Outcome response with the details of the validations as part of the POST response.