Managing Delegation
The MIDATA platform supports a scenario where one account holder (called “parent” in this guide) has full rights on the account of another account holder (called “child” in this guide).
- The “parent” has full read/write access to the “child”s account
- The “parent” may manage consents for the account of the “child”
- The “child” may have no email address. In that case the “child” cannot log into its account. An login email address for the “child” account may be provided by the “parent” at any time.
This “delegation” can be accomplished by creating a special consent with purpose “REPRESENTATIVE” (see examples).
Prerequisites
The delegation must be managed with an app or plugin using the FHIR API. (called “management app”)
The “management app” must have at least the following rights:
- Access to the “Patient” resource also for shared data
- Access to “Consents on MIDATA”
Example
The parent “John Doe” with email “john.doe@example.com” creates an account with delegation for its child “Emily Doe”. The mother “Jane Doe” with email “jane.doe@example.com” also needs access to Emily Does account.
Creating an account for the child where the “parent” has full rights
- John Doe registers an account for himself itself using any method. This might be done via an app, via the portal, by a 3rd party via the API or the account may already exist. Probably this will be done via a management app.
- John Doe logs into the “management app” using his account.
- An account for child Emily is created by the app with the Johns session using the API. A consent for delegation is automatically created during the process.
- John now has full access on Emily’s data.
Example API request to create account for child (without email):
POST /fhir/Patient
{
"resourceType" : "Patient",
"active" : true,
"name" : [ {
"family" : "Doe",
"given" : ["Emily"]
}],
"gender" : "female",
"birthDate" : "2018-01-31",
"address" : [{
"line" : ["Examplestreet 1"],
"city" : "Examplecity",
"postalCode" : "12345",
"country" : "CH"
}],
"communication" : [{
"language" : {
"coding" : {
"code" : "en",
"system" : "urn:ietf:bcp:47"
}
},
"preferred" : true
}]
}
Finding accounts where the parent has delegation access
To identify the accounts the app needs to search for active consents with purpose “REPRESENTATIVE”. The query can also return the corresponding “Patient” resources.
GET /fhir/Consent?purpose=http://midata.coop/codesystems/consent-type|REPRESENTATIVE&status=active&_include=Consent:patient
Adding email and password to child account later
If the child’s account was created without an email address it is not possible to directly login into the account. When the child has grown up the account may be converted to a full account.
- The parent logs into the “management app”
- The parent provides an email address for the child’s account. The app stores it in the child’s Patient resource using the API.
- The MIDATA platform will send out an email to the child. By clicking on the link inside the mail a password may be set for the account.
Read the childs “Patient” resource
GET /fhir/Patient/<id>
Update the childs Patient resource by adding a login:
PUT /fhir/Patient/<id>
{
"resourceType" : "Patient",
...
"identifier": [
{
"system": "http://midata.coop/identifier/patient-login",
"value": "emily.doe@example.com"
}
]
...
}
Creating a delegation consent for the second parent
If the second parent should also have full access to the child’s account a different workflow is required.
- The second parent (Jane Doe) registers an account using any method.
- The first parent (John Doe) with the existing delegation consent for Emily logs into the management app…
- … and creates a consent with purpose “representative” with the child as the grantor and the second parent as the grantee.
As the first parent do:
POST /fhir/Consent
{
"resourceType": "Consent",
"extension": [
{
"url": "http://midata.coop/extensions/consent-name",
"valueString": "Delegation for Jane Doe"
}
],
"status": "active",
"patient": {
"reference": "Patient/4e3fc564f2ef9665c8d617b5",
"display": "Emily Doe"
},
"policy": [
{
"uri": "http://hl7.org/fhir/ConsentPolicy/opt-in"
}
],
"provision": {
"actor": [
{
"role": {
"coding": [
{
"system": "http://hl7.org/fhir/v3/RoleCode",
"code": "GRANTEE"
}
]
},
"reference": {
"identifier": {
"system" : "http://midata.coop/identifier/patient-login",
"value" : "jane.doe@example.com"
},
"display": "Jane Doe"
}
}
],
"purpose": [
{
"system": "http://midata.coop/codesystems/consent-type",
"code": "REPRESENTATIVE"
}
]
}
}
Revoking a consent
- The consent may be revoked using the “management app”.
- The app updates the status of the consent to “rejected” using the API.
- If the child’s account has an email address and password the child can login into her account using the MIDATA portal and revoke the consent.
Creating a project participation for the child
{
"resourceType": "Consent",
"status": "active",
"category": [
{
"coding": [
{
"system": "http://midata.coop/codesystems/project-code",
"code": "O1NA-79KS",
"display": "Projects Name"
}
]
}
],
"patient": {
"reference": "Patient/4e3fc564f2ef9665c8d617b5",
"display": "Emily Doe"
},
"dateTime": "2021-06-15T12:46:43+02:00",
"policy": [
{
"uri": "http://hl7.org/fhir/ConsentPolicy/opt-in"
}
],
"provision": {
"purpose": [
{
"system": "http://midata.coop/codesystems/consent-type",
"code": "STUDYPARTICIPATION"
}
]
}
}