Health NZ | Te Whatu Ora FHIR Screening Implementation Guide
1.0.2 - normative+trial-use
Health NZ | Te Whatu Ora FHIR Screening Implementation Guide
1.0.2 - normative+trial-use
Health NZ | Te Whatu Ora FHIR Screening Implementation Guide - Local Development build (v1.0.2) built by the FHIR (HL7® FHIR® Standard) Build Tools. See the Directory of published versions
| Official URL: https://fhir-ig.digital.health.nz/screening/CapabilityStatement/FHIRScreeningCapabilityStatement | Version: 1.0.2 | |||
| Draft as of 2024-05-03 | Computable Name: FHIRScreeningCapabilityStatement | |||
National Screening FHIR API
Raw OpenAPI-Swagger Definition file | Download
Generated Narrative: CapabilityStatement FHIRScreeningCapabilityStatement
jsonNote to Implementers: FHIR Capabilities
Any FHIR capability may be 'allowed' by the system unless explicitly marked as 'SHALL NOT'. A few items are marked as MAY in the Implementation Guide to highlight their potential relevance to the use case.
serverSMART-on-FHIRsearch-systeminteraction described as follows:All screening FHIR API requests must include the HNZ request context custom header supplying identifiers for the health user and organisation behind the API request.
This context is supplied using the 'Request-Context' custom header in the form of a base64-encoded JSON object.
| Context property | Value |
|---|---|
userIdentifier |
The userid of the user as authenticated by the PMS/health application (REQUIRED) |
purposeOfUse |
Set to "SCREENING" (REQUIRED) |
userFullName |
Full name of the user of the PMS/health application. (REQUIRED) |
hpiPractitioner |
The Common Person Number (aka HPI Practitioner identifier) of the practitioner using the application (REQUIRED) |
hpiOrganisation or hpiFacility |
HPI identifier for the organisation or facility where the user is located -- at least one is REQUIRED |
A schema definition and examples for Request-Context can be found here
| Code | Meaning | Description |
|---|---|---|
| 200 | OK | The request was successful, and the response body contains the representation requested |
| 302 | FOUND | A common redirect response; you can GET the representation at the URI in the Location response header |
| 304 | NOT MODIFIED | Your client's cached version of the representation is still up to date |
| 400 | BAD REQUEST | Missing or bad Security-Context custom header; FHIR request payload does not validate against Implementation Guide |
| 401 | UNAUTHORIZED | The supplied credentials, if any, are not sufficient to access the resource |
| 403 | FORBIDDEN | Insufficient privilege to access the requested FHIR resource/operation |
| 404 | NOT FOUND | The requested representation was not found. Retrying this request is unlikely to be successful |
| 429 | TOO MANY REQUESTS | Your application is sending too many simultaneous requests |
| 500 | SERVER ERROR | An internal server error prevented return of the representation response |
| 503 | SERVICE UNAVAILABLE | We are temporarily unable to return the representation. Please wait and try again later |
| Code | Meaning | OperationOutcome in response? | Description |
|---|---|---|---|
| 200 | OK | Yes, when there are additional messages about a match result | The request was successful, and the response body contains the representation requested |
| 302 | FOUND | No | A common redirect response; you can GET the representation at the URI in the Location response header |
| 400 | BAD REQUEST | Missing or bad Security-Context custom header; FHIR request payload does not validate against Implementation Guide |
|
| 401 | UNAUTHORIZED | The supplied credentials, if any, are not sufficient to access the resource | |
| 403 | FORBIDDEN | Insufficient privilege to access the requested FHIR resource/operation | |
| 429 | TOO MANY REQUESTS | No | Your application is sending too many simultaneous requests |
| 500 | SERVER ERROR | No | An internal server error prevented return of the representation response |
| 503 | SERVICE UNAVAILABLE | No | The server is temporarily unable to return the representation. Please wait and try again later |
| Code | Meaning | Description |
|---|---|---|
| 200 | OK | The request was successful, and the resource was updated. The response body contains the updated representation |
| 201 | CREATED | The request was successful, a new resource was created, and the response body contains the representation |
| 204 | OK - NO CONTENT | The request was successful, but no content is returned in the response. In reality this is seldom used for REST APIs and more typically for process APIs. Should include a Location header indicating the location of an associated relevant resource |
| 207 | MULTI STATUS | The HTTP 207 Multi-Status response code indicates that there might be a mixture of responses. |
| 400 | BAD REQUEST | Missing or bad Security-Context custom header; FHIR request payload does not validate against Implementation Guide |
| 401 | UNAUTHORIZED | The supplied credentials, if any, are not sufficient to access the resource |
| 403 | FORBIDDEN | Insufficient privilege to access the requested FHIR resource/operation |
| 404 | NOT FOUND | The endpoint that the API Consumer is attempting to create or update does not exist. Retrying this request is unlikely to be successful |
| 405 | METHOD NOT ALLOWED | You can't POST or PUT to the resource |
| 422 | UNPROCESSABLE CONTENT | The server understands the requests content and syntax however it is unable to process the instruction. Retrying this request will not succeed - the request must be modified |
| 429 | TOO MANY REQUESTS | Your application is sending too many simultaneous requests |
| 500 | SERVER ERROR | We couldn't create or update the resource. Please try again later |
| Code | Meaning | Description |
|---|---|---|
| 204 | OK | The request was successful; the resource was deleted |
| 400 | BAD REQUEST | Missing or bad Security-Context custom header; FHIR request payload does not validate against Implementation Guide |
| 401 | UNAUTHORIZED | The supplied credentials, if any, are not sufficient to access the resource |
| 403 | FORBIDDEN | Insufficient privilege to access the requested FHIR resource/operation |
| 404 | NOT FOUND | |
| 405 | METHOD NOT ALLOWED | You can't DELETE the resource |
| 429 | TOO MANY REQUESTS | Your application is sending too many simultaneous requests |
| 500 | SERVER ERROR | We couldn't delete the resource. Please try again later |
When a consumer attempts to call a non-existent API end point, respond with a 501 Not Implemented status code.
The summary table lists the resources that are part of this configuration, and for each resource it lists:
_include_revinclude| Resource Type | Profile | R | S | U | C | Searches | _include | _revinclude | Operations |
|---|---|---|---|---|---|---|---|---|---|
| DocumentReference | https://fhir-ig.digital.health.nz/screening/StructureDefinition/nz-screening-summary | y | subject, category, contenttype, _include | DocumentReference:subject | not-supported |
search-type.Provides a document rendition of screening summary information
| Conformance | Parameter | Type | Documentation |
|---|---|---|---|
| SHALL | subject | reference | NHI of the person who is the subject of the screening summary document.
|
| SHALL | category | token | Filters screening summaries by selecting the type of screening programme |
| SHALL | contenttype | token | Optional parameter that allows a PDF rendition (#application/pdf) of the screening summary content to be requested instead of the default HTML. |
| SHALL | _include | token | The optional parameter _include is used to follow links 'forward'. For example, to include relevant Patient resources for requested Encounter matches, based on the Encounter.subject element, using either the subject or patient search parameters.. |