NAV
Ruby Shell

Patient Consent v1

The HealtheIntent Patient Consent API enables a provider to access patient data provided the proper consent is given, or in case of emergency.

This API allows tenants to set configurations.

URL: https://cernerdemo.api.us-1.healtheintent.com/patient-consent/v1

Configurations

Operations about Configurations

Example Request:




require 'httparty' # Using HTTParty 0.16.2
require 'json'

headers = {
  'Authorization' => '<auth_header>',
  'Content-Type' => 'application/json',
  'Accept' => 'application/json'
} 

result = HTTParty.post('https://cernerdemo.api.us-1.healtheintent.com/patient-consent/v1/consent-configurations', headers: headers, body: {"tenantId":"07649edf-f34f-46bb-b760-e3d9169c2964","emergencyConsentReasons":["Patient Unresponsive."],"policyRules":["CONSENT_TYPE_SWEDEN_PDL_COHERENT_JOURNALING_QUAL"]}.to_json )

print JSON.pretty_generate(result)




# You can also use wget
curl -X POST https://cernerdemo.api.us-1.healtheintent.com/patient-consent/v1/consent-configurations \
-H 'Authorization: {auth_header}' \
-H 'Content-Type: application/json' \ \
-H 'Accept: application/json' \
-d {"tenantId":"07649edf-f34f-46bb-b760-e3d9169c2964","emergencyConsentReasons":["Patient Unresponsive."],"policyRules":["CONSENT_TYPE_SWEDEN_PDL_COHERENT_JOURNALING_QUAL"]}

POST /consent-configurations

Creates a configuration.

Parameters

Parameter In Type Required Default Description Accepted Values
body body postConsentConfigurations true N/A No description -

Response Statuses

Status Meaning Description Schema
201 Created A configuration object PatientConsentPublicApi_Entities_V1_Configuration_ConsentConfiguration
400 Bad Request Bad Request Error
401 Unauthorized Unauthorized Error
403 Forbidden Forbidden Error
404 Not Found Not Found Error

Example Request:


require 'httparty' # Using HTTParty 0.16.2
require 'json'

headers = {
  'Authorization' => '<auth_header>',
  'Accept' => 'application/json'
} 

result = HTTParty.get('https://cernerdemo.api.us-1.healtheintent.com/patient-consent/v1/consent-configurations', headers: headers)

print JSON.pretty_generate(result)


# You can also use wget
curl -X GET https://cernerdemo.api.us-1.healtheintent.com/patient-consent/v1/consent-configurations \
-H 'Authorization: {auth_header}' \
-H 'Accept: application/json'

GET /consent-configurations

Retrieves a list of configurations.

Parameters

Parameter In Type Required Default Description Accepted Values
page[nextLink] query string false “” The nextLink is the cursor which identifies the first record in the following page. It is made up of the UUID followed by an underscore, followed by the recorded_date_time. -
page[limit] query integer(int32) false 20 The limit sets the number of records to be returned on the page. Value must be between 1-100 -

Response Statuses

Status Meaning Description Schema
200 OK Successful operation. ConsentConfigurations
400 Bad Request Bad Request Error
401 Unauthorized Unauthorized Error
403 Forbidden Forbidden Error
404 Not Found Not Found Error

Consents

Operations about Consents

Get all consents for a population.

Example Request:


require 'httparty' # Using HTTParty 0.16.2
require 'json'

headers = {
  'Authorization' => '<auth_header>',
  'Accept' => 'application/json'
} 

result = HTTParty.get('https://cernerdemo.api.us-1.healtheintent.com/patient-consent/v1/populations/f66b0897-48fa-4965-8525-46d6ab5d05b4', headers: headers)

print JSON.pretty_generate(result)


# You can also use wget
curl -X GET https://cernerdemo.api.us-1.healtheintent.com/patient-consent/v1/populations/f66b0897-48fa-4965-8525-46d6ab5d05b4 \
-H 'Authorization: {auth_header}' \
-H 'Accept: application/json'

GET /populations/{populationId}

Retrieves a list of consents by population.

Parameters

Parameter In Type Required Default Description Accepted Values
populationId path string true N/A The population ID is a unique identifier for a population -
page[nextLink] query string false “” The nextLink is the cursor which identifies the first record in the following page. It is made up of the UUID followed by an underscore, followed by the recorded_date_time. -
page[limit] query integer(int32) false 20 The limit sets the number of records to be returned on the page. Value must be between 1-100 -

Response Statuses

Status Meaning Description Schema
200 OK Successful operation Consents
400 Bad Request Bad Request Error
401 Unauthorized Unauthorized Error
403 Forbidden Forbidden Error
404 Not Found Not Found Error

Example Request:


require 'httparty' # Using HTTParty 0.16.2
require 'json'

headers = {
  'Authorization' => '<auth_header>',
  'Accept' => 'application/json'
} 

result = HTTParty.get('https://cernerdemo.api.us-1.healtheintent.com/patient-consent/v1/populations/f66b0897-48fa-4965-8525-46d6ab5d05b4/patients/79b1cd0f-b14c-42ad-8eb7-53616235f5d2/patient-consents/47308251-5337-4221-a0c1-05b348d963ca', headers: headers)

print JSON.pretty_generate(result)


# You can also use wget
curl -X GET https://cernerdemo.api.us-1.healtheintent.com/patient-consent/v1/populations/f66b0897-48fa-4965-8525-46d6ab5d05b4/patients/79b1cd0f-b14c-42ad-8eb7-53616235f5d2/patient-consents/47308251-5337-4221-a0c1-05b348d963ca \
-H 'Authorization: {auth_header}' \
-H 'Accept: application/json'

GET /populations/{populationId}/patients/{patientId}/patient-consents/{consentId}

Get a specific consent record.

Parameters

Parameter In Type Required Default Description Accepted Values
consentId path string true N/A The consent ID is a unique identifier for a consent record. -
patientId path string true N/A The patient ID is a unique identifier for a patient. -
populationId path string true N/A The population ID is a unique identifier for a population. -

Response Statuses

Status Meaning Description Schema
200 OK Successful operation. PatientConsentPublicApi_Entities_V1_Consents_Consent
400 Bad Request Bad Request Error
401 Unauthorized Unauthorized Error
403 Forbidden Forbidden Error
404 Not Found Not Found Error

Example Request:




require 'httparty' # Using HTTParty 0.16.2
require 'json'

headers = {
  'Authorization' => '<auth_header>',
  'Content-Type' => 'application/json',
  'Accept' => 'application/json'
} 

result = HTTParty.patch('https://cernerdemo.api.us-1.healtheintent.com/patient-consent/v1/populations/f66b0897-48fa-4965-8525-46d6ab5d05b4/patients/79b1cd0f-b14c-42ad-8eb7-53616235f5d2/patient-consents/47308251-5337-4221-a0c1-05b348d963ca', headers: headers, body: {"aliases":[{"system":"SWEDEN-NS","value":"28c291c7-a2e1-4bec-956a-5ab09a5268c0"}],"tags":[{"key":"record_type","value":"consent"}]}.to_json )

print JSON.pretty_generate(result)




# You can also use wget
curl -X PATCH https://cernerdemo.api.us-1.healtheintent.com/patient-consent/v1/populations/f66b0897-48fa-4965-8525-46d6ab5d05b4/patients/79b1cd0f-b14c-42ad-8eb7-53616235f5d2/patient-consents/47308251-5337-4221-a0c1-05b348d963ca \
-H 'Authorization: {auth_header}' \
-H 'Content-Type: application/json' \ \
-H 'Accept: application/json' \
-d {"aliases":[{"system":"SWEDEN-NS","value":"28c291c7-a2e1-4bec-956a-5ab09a5268c0"}],"tags":[{"key":"record_type","value":"consent"}]}

PATCH /populations/{populationId}/patients/{patientId}/patient-consents/{consentId}

Update a single consent record with new attributes. Use case is decided by the consumer.

Parameters

Parameter In Type Required Default Description Accepted Values
consentId path string true N/A The consent ID is a unique identifier for a consent record. -
patientId path string true N/A The patient ID is a unique identifier for a patient. -
populationId path string true N/A The population ID is a unique identifier for a population. -
body body patchPopulationsPopulationidPatientsPatientidPatientConsents true N/A No description -

Response Statuses

Status Meaning Description Schema
200 OK Successful operation. PatientConsentPublicApi_Entities_V1_Consents_Consent
400 Bad Request Bad Request Error
401 Unauthorized Unauthorized Error
403 Forbidden Forbidden Error
404 Not Found Not Found Error

Example Request:


require 'httparty' # Using HTTParty 0.16.2
require 'json'

headers = {
  'Authorization' => '<auth_header>',
  'Accept' => 'application/json'
} 

result = HTTParty.delete('https://cernerdemo.api.us-1.healtheintent.com/patient-consent/v1/populations/f66b0897-48fa-4965-8525-46d6ab5d05b4/patients/79b1cd0f-b14c-42ad-8eb7-53616235f5d2/patient-consents/47308251-5337-4221-a0c1-05b348d963ca', headers: headers)

print JSON.pretty_generate(result)


# You can also use wget
curl -X DELETE https://cernerdemo.api.us-1.healtheintent.com/patient-consent/v1/populations/f66b0897-48fa-4965-8525-46d6ab5d05b4/patients/79b1cd0f-b14c-42ad-8eb7-53616235f5d2/patient-consents/47308251-5337-4221-a0c1-05b348d963ca \
-H 'Authorization: {auth_header}' \
-H 'Accept: application/json'

DELETE /populations/{populationId}/patients/{patientId}/patient-consents/{consentId}

Delete a single consent record.

Parameters

Parameter In Type Required Default Description Accepted Values
consentId path string true N/A The consent ID is a unique identifier for a consent record. -
patientId path string true N/A The patient ID is a unique identifier for a patient. -
populationId path string true N/A The population ID is a unique identifier for a population. -

Response Statuses

Status Meaning Description Schema
204 No Content Successful operation. PatientConsentPublicApi_Entities_V1_Consents_Consent
400 Bad Request Bad Request Error
401 Unauthorized Unauthorized Error
403 Forbidden Forbidden Error
404 Not Found Not Found Error

Example Request:




require 'httparty' # Using HTTParty 0.16.2
require 'json'

headers = {
  'Authorization' => '<auth_header>',
  'Content-Type' => 'application/json',
  'Accept' => 'application/json'
} 

result = HTTParty.post('https://cernerdemo.api.us-1.healtheintent.com/patient-consent/v1/populations/f66b0897-48fa-4965-8525-46d6ab5d05b4/patients/79b1cd0f-b14c-42ad-8eb7-53616235f5d2/patient-consents', headers: headers, body: {"createdBy":"12345","category":"PATIENT_CONSENT_OBSTYPE","effectivePeriod":{"start":"2021-01-01T00:00:00Z","end":"2021-01-08T00:00:00Z"},"provisionScope":{"organization":{"id":"7582d101-c0bd-45a8-829c-a63f1587ea05"},"organizationGroup":{"id":"f2467686-1bc8-4bcf-a768-2cb3541e437e"},"personnel":{"id":"f181b922-f5fd-401f-abaf-90475eb15f15"}},"emergencyConsentReason":"Patient Unresponsive.","policyRule":"CONSENT_TYPE_SWEDEN_PDL_COHERENT_JOURNALING_QUAL","consentReasonType":"PATIENT_GRANTED","provisionType":"PERMIT","aliases":[{"system":"SWEDEN-NS","value":"28c291c7-a2e1-4bec-956a-5ab09a5268c0"}],"tags":[{"key":"record_type","value":"consent"}]}.to_json )

print JSON.pretty_generate(result)




# You can also use wget
curl -X POST https://cernerdemo.api.us-1.healtheintent.com/patient-consent/v1/populations/f66b0897-48fa-4965-8525-46d6ab5d05b4/patients/79b1cd0f-b14c-42ad-8eb7-53616235f5d2/patient-consents \
-H 'Authorization: {auth_header}' \
-H 'Content-Type: application/json' \ \
-H 'Accept: application/json' \
-d {"createdBy":"12345","category":"PATIENT_CONSENT_OBSTYPE","effectivePeriod":{"start":"2021-01-01T00:00:00Z","end":"2021-01-08T00:00:00Z"},"provisionScope":{"organization":{"id":"7582d101-c0bd-45a8-829c-a63f1587ea05"},"organizationGroup":{"id":"f2467686-1bc8-4bcf-a768-2cb3541e437e"},"personnel":{"id":"f181b922-f5fd-401f-abaf-90475eb15f15"}},"emergencyConsentReason":"Patient Unresponsive.","policyRule":"CONSENT_TYPE_SWEDEN_PDL_COHERENT_JOURNALING_QUAL","consentReasonType":"PATIENT_GRANTED","provisionType":"PERMIT","aliases":[{"system":"SWEDEN-NS","value":"28c291c7-a2e1-4bec-956a-5ab09a5268c0"}],"tags":[{"key":"record_type","value":"consent"}]}

POST /populations/{populationId}/patients/{patientId}/patient-consents

Create a new consent.

Parameters

Parameter In Type Required Default Description Accepted Values
patientId path string true N/A The patient ID is a unique identifier for a patient. -
populationId path string true N/A The population ID is a unique identifier for a population. -
body body postPopulationsPopulationidPatientsPatientidPatientConsents true N/A No description -

Response Statuses

Status Meaning Description Schema
201 Created A consent object PatientConsentPublicApi_Entities_V1_Consents_Consent
400 Bad Request Bad Request Error
401 Unauthorized Unauthorized Error
403 Forbidden Forbidden Error
404 Not Found Not Found Error

Retrieve a List of Consents.

Example Request:


require 'httparty' # Using HTTParty 0.16.2
require 'json'

headers = {
  'Authorization' => '<auth_header>',
  'Accept' => 'application/json'
} 

result = HTTParty.get('https://cernerdemo.api.us-1.healtheintent.com/patient-consent/v1/populations/f66b0897-48fa-4965-8525-46d6ab5d05b4/patients/79b1cd0f-b14c-42ad-8eb7-53616235f5d2/patient-consents', headers: headers)

print JSON.pretty_generate(result)


# You can also use wget
curl -X GET https://cernerdemo.api.us-1.healtheintent.com/patient-consent/v1/populations/f66b0897-48fa-4965-8525-46d6ab5d05b4/patients/79b1cd0f-b14c-42ad-8eb7-53616235f5d2/patient-consents \
-H 'Authorization: {auth_header}' \
-H 'Accept: application/json'

GET /populations/{populationId}/patients/{patientId}/patient-consents

Retrieves a list of consents for a patient. A consent represents a record of a healthcare consumer’s choices or choices made on their behalf by a third party, which permits or denies identified recipient(s) or recipient role(s) to perform one or more actions in a given policy context, for specific purposes and periods of time.

Parameters

Parameter In Type Required Default Description Accepted Values
patientId path string true N/A The patient ID is a unique identifier for a patient. -
populationId path string true N/A The population ID is a unique identifier for a population. -
page[nextLink] query string false “” The nextLink is the cursor which identifies the first record in the following page. It is made up of the UUID followed by an underscore, followed by the recorded_date_time. -
page[limit] query integer(int32) false 20 The limit sets the number of records to be returned on the page. Value must be between 1-100 -

Response Statuses

Status Meaning Description Schema
200 OK A collection of consent objects. Consents
400 Bad Request Bad Request Error
401 Unauthorized Unauthorized Error
403 Forbidden Forbidden Error
404 Not Found Not Found Error

Schema Definitions

postConsentConfigurations

Name Type Required Description Accepted Values
tenantId string true The tenant ID is the client which the configuration applies to. -
consentDuration integer(int32) false The consent duration is the period of validity for consent records created on behalf of the client. -
emergencyConsentDuration integer(int32) false The emergency consent duration is the period of validity for emergency consents records created on behalf of the client. -
emergencyConsentReasons string false The emergency consent reasons are justifications used to allow emergency accessto a patient’s data. -
policyRules string false The policy rules are valid consent types in HealtheIntent. -

PatientConsentPublicApi_Entities_V1_Configuration_ConsentConfiguration

Name Type Required Description Accepted Values
tenantId string false The tenant ID represents the client which the configuration applies to. -
consentDuration integer(int32) false The consent duration is the period of validity (in hours) for consent configurations created on behalf of the client. -
emergencyConsentDuration integer(int32) false The emergency consent duration is the period of validity (in hours) for emergency consent configurations created on behalf of the client. -
emergencyConsentReasons string false The emergency consent reasons are justifications used to allow emergency access to a patient’s data. -
policyRules string false The policy rules are valid consent types in HealtheIntent. -
recordedDateTime string false The consent configuration creation timestamp. -

Error

Name Type Required Description Accepted Values
code integer(int32) true The HTTP response status code that represents the error. -
message string true A human-readable description of the error. -
errorDetails [ErrorDetail] false A list of additional error details. -

ErrorDetail

Name Type Required Description Accepted Values
domain string false A subsystem or context where an error occurred. -
reason string false A codified value that represents the specific error that caused the current error status. -
message string false A human-readable description of an error. -
locationType string false The location or type of the field that caused an error. query, header, path, formData, body
location string false The name of the field that caused an error. -

ConsentConfigurations

Name Type Required Description Accepted Values
items [PatientConsentPublicApi_Entities_V1_Configuration_ConsentConfiguration] true An array containing the current page of results. -
nextLink string true A cursor referencing the first record in the following page. -

Consents

Name Type Required Description Accepted Values
items [PatientConsentPublicApi_Entities_V1_Consents_Consent] true An array containing the current page of results. -
nextLink string true A cursor referencing the first record in the following page. -

Name Type Required Description Accepted Values
createdBy string false The personnel ID of the employee who created the consent record. -
category PatientConsentPublicApi_Entities_V1_Consents_Category false The category identifies the object as a consent record in HealtheIntent. -
effectivePeriod PatientConsentPublicApi_Entities_V1_Consents_EffectivePeriod false The period of validity for a consent record. -
provisionScope PatientConsentPublicApi_Entities_V1_Consents_ProvisionScope false The provision scope ensures that the consent record for the patient’s data is accessible by the correct organization, organizational group, or personnel member. -
emergencyConsentReason string false The documented consent to allow emergency access to a patient’s data -
policyRule string false The type of the consent recorded in HealtheIntent. -
consentReasonType string false The consent reason type identifies whether the patient has given consent or whether emergency access is granted. -
provisionType string false The provision type determined whether or not the patient’s data can be viewed. -
aliases [PatientConsentPublicApi_Entities_V1_Consents_Alias] false Aliases are alternate identifiers for a consent. For example, this can be used for mappint if an equivalent consent exists in another system. -
tags [PatientConsentPublicApi_Entities_V1_Consents_Tag] false Tags are objects containing metadata for a consent. For example, tags can be used for tag-based filtering. -
consentId string false The consent ID is an alias for a universal unique identifier (UUID). It can be used as input for DELETE, PATCH, or GET requests. -
recordedDateTime string false The consent creation timestamp. -

PatientConsentPublicApi_Entities_V1_Consents_Category

Name Type Required Description Accepted Values
concept string true This concept stores the category identifier. -

PatientConsentPublicApi_Entities_V1_Consents_EffectivePeriod

Name Type Required Description Accepted Values
start string true The start timestamp records the beginning of the validity period. -
end string false The end timestamp records the end of the validity period. A blank value means that the period is indefinite. -

PatientConsentPublicApi_Entities_V1_Consents_ProvisionScope

Name Type Required Description Accepted Values
organization PatientConsentPublicApi_Entities_V1_Consents_Organization true The care unit that creates the consent record. -
organizationGroup PatientConsentPublicApi_Entities_V1_Consents_OrganizationGroup true The caregiver who creates the consent record. -
personnel PatientConsentPublicApi_Entities_V1_Consents_Personnel false The personnel who creates the consent record. -

PatientConsentPublicApi_Entities_V1_Consents_Organization

Name Type Required Description Accepted Values
id string true The ID of the care unit that creates the consent record. -

PatientConsentPublicApi_Entities_V1_Consents_OrganizationGroup

Name Type Required Description Accepted Values
id string true The caregiver who creates the consent record. -

PatientConsentPublicApi_Entities_V1_Consents_Personnel

Name Type Required Description Accepted Values
id string false The personnel who creates the consent record. -

PatientConsentPublicApi_Entities_V1_Consents_Alias

Name Type Required Description Accepted Values
system string true The identified the context which the alias applies to. For example, the authority responsible for assigning the alias value. Values are unique in each system, but not necessarily across systems. -
value string false This value contains the identifier for the consent object in the system. The format may vary depending on the system. -

PatientConsentPublicApi_Entities_V1_Consents_Tag

Name Type Required Description Accepted Values
key string true The context that the tag applies to. -
value string false The value contains the metadata attached to the consent record. -

patchPopulationsPopulationidPatientsPatientidPatientConsents

Name Type Required Description Accepted Values
aliases [object] false Aliases are alternate identifiers for a consent. For example, if an equivalent consent exists in another system, this can be used for mapping. -
» system string true The system identifies the context the alias applies to. For example, the authority responsible for assigning the alias value. Alias values are unique in each system, but not across systems. -
» value string false The identifier for the consent object within the system. The format may vary depending on the system. -
tags [object] false Tags are objects containing metadata for a consent. For example, tags can be used for tag-based filtering. -
» key string true The context which the tag applies to. -
» value string false The value contains the metadata attached to the consent record. -

postPopulationsPopulationidPatientsPatientidPatientConsents

Name Type Required Description Accepted Values
createdBy string true The personnel ID of the employee creating the consent record. -
category string true The category identifies the object as a consent in HealtheIntent. -
effectivePeriod object true The effective period determines the period of validity for a consent record. -
» start string true The start timestamp is beginning of the validity period. -
» end string false The end timestamp is the end of the validity period. A blank value means the period is indefinite. -
provisionScope object true The provenance of the consent record identified to ensure that the patient’s data is accessible by the correct organization, organizational group, or personnel member. -
» organization string true The care unit that creates the consent record. -
» organizationGroup string true The caregiver who creates the consent record. -
» personnel string false The personnel who creates the consent record. -
emergencyConsentReason string false The justification allowing emergency access to a patient’s data -
policyRule string false The type of the consent in HealtheIntent. -
consentReasonType string false The consent reason type identifies whether the patient has given consent or whether emergency access is granted. -
provisionType string false The provision type identifies whether the patient’s data can be viewed -
aliases [object] false The alternate identifiers for a consent. For example, if an equivalent consent exists in another system, this can be used for mapping. -
» system string true The system identifies the context which the alias applies to. For example, the authority responsible for assigning the alias value. Alias values are unique in each system, but not across systems. -
» value string false The identifier for the consent object within the system. The format may vary depending on the system. -
tags [object] false Tags are objects containing metadata for a consent. For example, tags can be used for tag-based filtering. -
» key string true The context which the tag applies to. -
» value string false The value contains the metadata attached to the consent record. -