This page is part of the Making EHR Data MOre available for Research and Public Health (MedMorph) (v1.0.0: STU1 Release 1) based on FHIR R4. This is the current published version in its permanent home (it will always be available at this URL). For a full list of available versions, see the Directory of published versions
This section defines the specific requirements for submitting reports that are created by the Health Data Exchange App (HDEA), MedMorph’s backend services app, as specified in this MedMorph Reference Architecture (RA) Implementation Guide (IG).
Reports created by the HDEA contain all the resource instances (data) necessary for sending to the Data Receiver (e.g., Public Health Authority (PHA)/Research Organization (RO)). The specific resources (data) to be contained in the report will be defined by the content IG specific to the use case. The following are specific framework requirements for report submission across all use cases.
The HDEA SHALL create reports to be sent to the Data Receiver in form of a Bundle of type ‘message’ as indicated by the profile MedMorph Reporting Bundle.
The HDEA SHALL include the MessageHeader resource as the first entry in the Bundle.
The HDEA SHALL copy the receiver address from the Knowledge Artifact’s PlanDefintion.ext-receiversAddress extension element into the MessageHeader.destination.endpoint element.
The HDEA SHALL populate the sender information as a reference to the Organization resource representing the Healthcare Organization.
The HDEA SHALL populate the sender’s FHIR endpoint in the MessageHeader.source.endpoint element.
The HDEA SHALL populate the Bundle.timestamp element with the bundle creation time.
The HDEA SHALL encrypt the bundle created based on the PlanDefinition.action requirements. All Resource entries within the Bundle except the MessageHeader resource SHALL be encrypted when specified as part of the actions required in the PlanDefinition.
The HDEA SHALL submit the bundle by invoking the [Data Receiver’s FHIR Endpoint]/$process-message operation.
When submitting the bundle via Trusted Third Party(TTP), The HDEA SHALL submit the bundle by invoking the [Trusted Third Party FHIR Endpoint]/$process-message operation.
When responses are delivered synchronously by the TTP/Data Receiver, the HDEA SHALL process the response message.
In order to receive asynchronous responses from TTP or Data Receiver, the HDEA SHALL implement the $process-message operation on the ROOT URL of the FHIR Server.
Upon receipt of either synchronous or asynchronous response messages, the HDEA SHALL decrypt the message when required.
Upon receipt of either synchronous or asynchronous response messages, the HDEA SHALL validate the message before accepting the message.
The HDEA SHALL track message submissions with the message responses.
For each message submission, The HDEA SHALL provide the ability for an administrator or the provider to view the message submissions and message responses received.
For Message Submission to Data Receiver directly:
POST [Data Receiver FHIR Endpoint]/$process-message when submitting directly to the Data Receiver.
Synchronous responses are received as part of the POST response.
For Message submission via TTP:
POST [TTP FHIR Endpoint]/$process-message when submitting via TTP FHIR endpoint.
Synchronous responses are received as part of the POST response.
POST [HDEA FHIR Endpoint]/$process-message for receiving asynchronous message responses.
The TTP SHALL implement the $process-message operation on the ROOT URL of the FHIR Server to receive reports from the HDEA using the POST operation.
TTP SHALL use the MessageHeader.destination.endpoint to route the message to the final destination.
When forwarding a message from health care organization to Data Receiver, the TTP SHALL forward the message to the final destination by invoking the [Data Receiver FHIR Endpoint]/$process-message operation.
TTP SHALL forward the message to the final destination in a synchronous manner.
When a synchronous response is received from the receiver, the TTP SHALL return the response to the sender as part of the synchronous transaction.
POST [Data Receiver FHIR Endpoint]/$process-message when forwarding a message from HDEA to the Data Receiver.
Synchronous responses get forwarded back to the healthcare organization as part of the POST response.
For Asynchronous responses, the TTP has to make a separate API call as identified below.
POST [HDEA FHIR Endpoint]/$process-message when forwarding a message from Data Receiver to the HDEA.
The Data Receiver SHALL implement the $process-message operation on the ROOT URL of the FHIR Server to receive reports from the HDEA or TTP using the POST operation.
Upon receipt of the message, the Data Receiver SHALL decrypt the message when required.
Upon receipt of the message, the Data Receiver SHALL validate the message before accepting the message.
POST [Data Receiver FHIR Endpoint]/$process-message when receiving a message from HDEA or TTP.
For synchronous responses, the data is sent back as part of the POST response.
These APIs are used for sending asynchronous responses back to the Healthcare Organization directly or via the TTP.
POST [HDEA FHIR Endpoint]/$process-message for submitting a response directly to the HDEA (Healthcare Organization)
POST [TTP FHIR Endpoint]/$process-message for submitting a response via TTP FHIR Endpoint.