Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SMART server can return Person resource to identify user if Patient or Practitioner or RelatedPerson doesn't work #148

Open
isaacvetter opened this issue Sep 5, 2017 · 7 comments
Open

SMART server can return Person resource to identify user if Patient or Practitioner or RelatedPerson doesn't work #148

isaacvetter opened this issue Sep 5, 2017 · 7 comments

Comments

@isaacvetter
Copy link
Member

@whitehatguy laid out these rules on the SMART google group to define what FHIR resource should be used to represent the current user with the profile/fhirUser claim:

  1. For practitioners, use "Practitioner" resource.
  2. If the records being shared are those of the authenticated user, use "Patient" resource.
  3. For others, use "Person" resource.

We should replace references to RelatedPerson with Person.
@isaacvetter isaacvetter mentioned this issue Sep 5, 2017
Open
@jmandel
Copy link
Member

jmandel commented Sep 5, 2017

We should discuss the merits of saying "Always use Person when it's not a Patient or Practitioner" vs saying "Use RelatedPerson if possible and Person if not". The key point is that RelatedPerson captures the specific details/relation, and superficially at least it makes sense to use/keep this when possible (rather than prohibiting it).

@isaacvetter
Copy link
Member Author

Hey @jmandel ,

Why not always used RelatedPerson, but sometimes have an empty RelatedPerson.relationship ?

@michelemottini
Copy link

In our server we have pretty much to use Person: you log-in as a user - that does not really have any corresponding FHIR resource beside person,. and a user can be a patient or a practitioner or neither.

We have also RelatedPerson in our database, but as a completely separate concept from users - so not really usable in connection with the authorization process

@isaacvetter
Copy link
Member Author

Hey @michelemottini - Practitioner essentially maps to "user" in non-patient facing apps. The Person FHIR resource seems to be intentionally abstract and primarily intended for complex identity mapping.

In your system, do your Person resources contain a link reference to Practitioner, Patient or RelatedPerson?

@isaacvetter isaacvetter changed the title replace RelatedPerson with Person for SMART server identifying user SMART server can return Person resource to identify user if Patient or Practitioner or RelatedPerson doesn't work Sep 5, 2017
@michelemottini
Copy link

I our system Person (user) can link to a Practitioner or to a Patient or neither. Never to a RelatedPerson

@daliboz
Copy link
Contributor

daliboz commented Sep 5, 2017

RelatedPerson (as a singular) doesn't work if I'm logging is as mom with access to my dependents or spouses. Essentially, any "patient" login where I have user/* scopes.

@jmandel
Copy link
Member

jmandel commented Sep 5, 2017

Agreed @daliboz! And thanks for the context @michelemottini. I think the decision we'll want to make is: which subset of {Patient, Practitioner, RelatedPerson, Person} we want to support at the level of the specification.

We've heard use cases for all four, on my view -- though that doesn't mean we need to support all four.

@jmandel jmandel mentioned this issue Dec 21, 2017
Closed
isaacvetter added a commit to cds-hooks/docs that referenced this issue Dec 21, 2018
@isaacvetter
Fix to prefretch example, for userId
2848a9e 
Fixes #410 

The `context.userId` field is (somewhat recently) defined to contains the FHIR resource name and identifier. For example, this field should contain: `Practitioner/123`. This was done to explicitly support scenarios other than provider-facing, for example, the user could be `Patient/456' or `Person/789` (following the [user-to-FHIR mapping](smart-on-fhir/smart-on-fhir.github.io#148)) that SMART negotiated.

Because of this change, the prefetch example of `Practitioner/{{context.userId}}` would translate into `Practitioner/Practitioner/123` as issue #410 points out. 

This PR simply removes the "Practitioner/" string from the example, in lieu of the alternative, breaking changes suggested in #410.
@isaacvetter isaacvetter mentioned this issue Dec 21, 2018
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@isaacvetter @jmandel @michelemottini @daliboz