Generated Narrative: CapabilityStatement pca-subscriber-agent

PCA Subscriber Agent Capability Statement

Implementation Guide Version: 24.2.0.1
FHIR Version: 4.0.1
Supported Formats: application/fhir+json, application/fhir+xml
Supported Patch Formats:
Published on: 2024-11-25 11:41:59+1000
Published by: Australian Digital Health Agency

Note to Implementers: FHIR Capabilities
Any FHIR capability may be 'allowed' by the system unless explicitly marked as 'SHALL NOT'. A few items are marked as MAY in the Implementation Guide to highlight their potential relevance to the use case.

FHIR RESTful Capabilities

Mode: `server`

A PCA Subscriber Agent manages the service offerings for one subscriber organisation (also referred to as a 'business partner' in the PCA portal).

The PCA service instantiates one PCA Subscriber Agent for each participating subscriber organisation. That is, each subscriber organisation interacts with a PCA Subscriber Agent located at a subscriber agent base url that is unique to that organisation.

The subscriber agent base URL for a particular organisation is available via the PCA portal on the 'Organisation Details' screen of the subscriber organisation.

A service offering is made available to a subscriber organisation when a publisher authorises publication of a resource to one or more of the subscriber organisation's partner services.

Publication process

A PCA Publisher Agent creates the Location, HealthcareService and PractitionerRole resources (that are associated with existing Organization and Practitioner resources) that represent their service offerings. These resources are made available to a subscriber organisation when a publisher authorises publication of a HealthcareService or PractitionerRole resource to one or more of the subscriber organisation's partner services.

The authority to publish is represented using Contract resources which are also implemented by the PCA Publisher Agent (see the Contract resource endpoint).

Identifier disclosure rules

The PCA service enforces certain business rules regarding the disclosure of Identifiers (including subscriber-issued identifiers) in the resources that it makes available to subscribers.

The result of these rules may be that a copy of a resource received by one subscriber may contain Identifiers that are not included in the copy of the same resource that is received by a different subscriber.

In the case of HPI-Is these identifier disclosure rules ensure that relevant legal requirements are complied with.

Other identifier disclosure rules are defined by the PCA operator.

The identifier disclosure rules are applied automatically at the time that the resource is retrieved by the target PCA Subscriber Agent.

Authorisation rules

Authorised client systems are only permitted to interact with a PCA Subscriber Agent API where the participating organisation associated with the PCA Subscriber Agent has a subscriber approval status of 'Approved'.

Resource profiles and extensions

This API specification defines the required resource profiles for each operation. The PCA Subscriber Agent will reject any request to create or update a resource that contains any extensions (including modifier extensions) not explicitly defined in that resource profile.

Security

Enable CORS: yes

Security services supported: OAuth

This server implements OAuth2
\n

Summary of System-wide Interactions

Supports the search-systeminteraction described as follows:
Definition:
\nThis operation is a RESTful search interaction (whole system interaction), across multiple resource types (as described in the FHIR specification).
\n
Behaviour:
\nThis operation is used by a client system operated by a subscriber organisation to get resources that match the specified search parameters and that have been published to the subscriber organisation's partner services.
\n
The following search parameters are supported:
\n
- \n
  _lastUpdated is used to get the resources that have been added or changed since the requesting system last synchronised their local data store with PCA Subscriber Agent. This search parameter supports the gt and lt comparison prefixes.
  \n
- \n
  _type is used to filter the resources returned by their resource type. The available types are:
  \n
  - \n
    HealthcareService (returns resources conforming to the PCA Healthcare Service profile)
    \n
  - \n
    PractitionerRole (returns resources conforming to the PCA Practitioner Role profile)
    \n
  - \n
    Organization (returns resources conforming to the PCA Organization profile)
    \n
  - \n
    Location (returns resources conforming to the PCA Location profile)
    \n
  - \n
    Practitioner (returns resources conforming to the PCA Practitioner profile)
    \n
  - \n
    Provenance (returns resources conforming to the PCA Provenance profile)
    \n
  - \n
    Contract (returns resources conforming to the PCA Publication Authorisation Record profile)
    \n
  - \n
    Task (returns resources conforming to the PCA Match Record profile)
    \n
    - Note: a Contract resource with 'status' of 'revoked' indiates that a service offering that was previously published to a partner service is no longer available to that partner service. In this case the Contract resource will reference a target Organization, Location, HealthcareService, or PractitionerRole that is not included in the Bundle (but its id will identify the resource which is no longer published to the subscriber).
    \n
  \n
- \n
  _include (and _include:iterate) are used in order that all the resources that match the _lastUpdated and _type filters will be accompanied, in the result Bundle, with all the other resources which they reference (directly or indirectly). Note that the use of _include (and _include:iterate) means that a resource may be present in the result Bundle either because it matched the other query parameters or because it was referenced (possibly indirectly) by another resource that matched the other query parameters.
  \n
- \n
  _filter is used to only get the resources that have been published to a specific PCA Partner Service of the subscriber organisation. If the _filter parameter is not present, the operation will return resources that have been published to all of the subscriber organisation's partner services. The _filter parameter supports the following query expression:
  \n
  - HealthcareService: id eq [FHIR ID of partner service]
  \n
\n
All of the following query parameters are required in order to receive the complete set of resources that have been created, changed or published to all the subscriber organisation's partner services since [last_synchronized]:
\n
_lastUpdated=[last_synchronized]
\n_type=HealthcareService,PractitionerRole,Practitioner,Organization,Location,Provenance,Contract,Task
\n_include=Location:organization
\n_include=HealthcareService:organization
\n_include=HealthcareService:location
\n_include=PractitionerRole:organization
\n_include=PractitionerRole:location
\n_include=PractitionerRole:service
\n_include=PractitionerRole:practitioner
\n_include=Provenance:target
\n_include=Contract:subject
\n_include:iterate=HealthcareService:organization
\n_include:iterate=HealthcareService:location
\n_include:iterate=PractitionerRole:organization
\n_include:iterate=PractitionerRole:location
\n_include:iterate=PractitionerRole:service
\n_include:iterate=PractitionerRole:practitioner
\n
As described above the resources returned in the Bundle exclude any Identifiers (e.g. HPI-Is) that cannot be disclosed to the subscriber.
\n
This operation supports 'paging' (see FHIR specification). If there are too many resources to return in one Bundle, the FHIR server adds a next link to the response Bundle. The contents of the result Bundle therefore comprise all instances of the requested resource types whose lastUpdated timestamp is greater than the <lastSync> in the request query expression and less than or equal to <lastInBundle> where <lastInBundle> is the greatest lastUpdated value of all resources included in the result Bundle. The Subscriber Agent FHIR server sets the next link to the filter expression that was used in the original request except that <lastSync> is replaced with <lastInBundle>. If the next link is not present in the Bundle, then there are no more service offerings available.
\n
HTTP interaction signature:
\n
- GET [subscriber agent base url]/?[parameters]
\n
Mandatory Request Headers:
\n
- Accept: application/fhir+json;charset=utf-8 or Accept: application/fhir+xml;charset=utf-8
- Authorization: Bearer [token]
\n
Request Body:
\n
- (No request body)
\n
Mandatory Response Headers:
\n
- Content-Type: application/fhir+json;charset=utf-8 or Content-Type: application/fhir+xml;charset=utf-8
\n
Response Body:
\n
- \n
  Success: Bundle that contains zero to many resources (where the resource type was included in the filter expression of the search request) that conform to the following PCA profiles:
  \n
  - \n
    HealthcareService resources conforming to the PCA Healthcare Service profile
    \n
  - \n
    PractitionerRole resources conforming to the PCA Practitioner Role profile
    \n
  - \n
    Organization resources conforming to the PCA Organization profile
    \n
  - \n
    Location resources conforming to the PCA Location profile
    \n
  - \n
    Practitioner resources conforming to the PCA Practitioner profile
    \n
  - \n
    Provenance resources conforming to the PCA Provenance profile
    \n
  - \n
    Contract resources conforming to the PCA Publication Authorisation Record profile
    \n
    - Contract resources will be returned that reference each of the HealthcareService or PractitionerRole resources that are included in the Bundle - these Contract resources have a status of “executed” if the associated PCA Partner Service is active, or a status of “cancelled” if the associated PCA Partner Service is inactive).
    - Contract resources will also be returned that reference HealthcareService or PractitionerRole resources that are not in the Bundle but for which authority to publish has been revoked - these Contract resources will have a status of “revoked”).
    \n
  - \n
    Task resources conforming to the PCA Match Record profile
    \n
  \n
- \n
  Error: OperationOutcome resource (see FHIR specification).
  \n
\n
Required OAuth 2.0 scopes:
\n
The scope string SHALL contain the following scoped role:
\n
- Organization/[id]:SS_Receiver
\n
Where [id] SHALL identify the Organization associated with the target PCA Subscriber Agent.
\n
Response Codes:
\n
- Code 200: Search successfully performed (but may return zero matching results).
- Code 400: The input query could not be parsed, or the PCA Partner Service referenced in the _filter parameter could not be found or is inactive.
- Code 403: Server refused to perform the search.
\n

Capabilities by Resource/Profile

Summary

The summary table lists the resources that are part of this configuration, and for each resource it lists:

The relevant profiles (if any)
The interactions supported by each resource (Read, Search, Update, and Create, are always shown, while VRead, Patch, Delete, History on Instance, or History on Type are only present if at least one of the resources has support for them.
The required, recommended, and some optional search parameters (if any).
The linked resources enabled for _include
The other resources enabled for _revinclude
The operations on the resource (if any)

Resource Type	Profile	R	S	U	P	C	D	Searches	`_include`
Organization	http://pca.digitalhealth.gov.au/fhir/4.0/StructureDefinition/pca-organization	y			y
Location	http://pca.digitalhealth.gov.au/fhir/4.0/StructureDefinition/pca-location	y			y
HealthcareService		y	y		y			_profile, active, organization, service-catgeory, coverage-area.location.address-postalcode
PractitionerRole	http://pca.digitalhealth.gov.au/fhir/4.0/StructureDefinition/pca-practitioner-role	y			y				`PractitionerRole:practitioner`, `PractitionerRole:healthcareService`, `PractitionerRole:organization`, `PractitionerRole:location`
Practitioner	http://pca.digitalhealth.gov.au/fhir/4.0/StructureDefinition/pca-practitioner	y
Provenance	http://pca.digitalhealth.gov.au/fhir/4.0/StructureDefinition/pca-provenance	y
Contract		y	y					_profile, subject, version
Task	Supported Profiles PCA Match Record PCA Partner Service Task	y	y	y	y	y		_profile, subject, owner
Subscription	http://hl7.org/fhir/StructureDefinition/Subscription		y			y	y

Resource Conformance: supported Organization

Base System Profile
PCA Organization

Profile Conformance
SHALL

Reference Policy

Interaction summary

Supports
read
Definition:
\n
This operation is a RESTful read interaction (as described in the FHIR specification) of an Organization resource.
\n
Behaviour:
\n
This operation retrieves an identified Organization resource that conforms to the PCA Organization profile. As described in the common behaviour section, the Organization resource excludes any Identifiers that cannot be disclosed to the subscriber.
\n
HTTP interaction signature:
\n
- GET [subscriber agent base url]/Organization/[id]
\n
Mandatory Request Headers:
\n
- Accept: application/fhir+json;charset=utf-8 or Accept: application/fhir+xml;charset=utf-8
- Authorization: Bearer [token]
\n
Request Body:
\n
- (No request body)
\n
Mandatory Response Headers:
\n
- Content-Type: application/fhir+json;charset=utf-8 or Content-Type: application/fhir+xml;charset=utf-8
- ETag: [version id] where [version id] identifies the version of the Organization resource returned.
\n
Response Body:
\n
- Success: Organization resource that conforms to the PCA Organization profile.
- Error: OperationOutcome resource (see FHIR specification).
\n
Required OAuth 2.0 scopes:
\n
The scope string SHALL contain the following scoped role:
\n
- Organization/[id]:SS_Receiver
\n
Where [id] SHALL identify the Organization associated with the target PCA Subscriber Agent.
\n
Response Codes:
\n
- Code 200: The resource was found and returned.
- Code 404: The resource was not found.
\n
patch
Definition:
\n
This operation is a RESTful patch interaction (as described in the FHIR specification) of an Organization resource.
\n
Behaviour:
\n
This operation is used to update an identified Organization resource that conforms to the PCA Organization profile via a JSON or XML patch document. This operation will only process a patch operation for adding or updating an identifier element.
\n
If any of the following data validation rules are violated, then the request is rejected and the error code 422 is returned:
\n
- The patch document SHALL only contain an operation for adding or updating an identifier element.
- Only one identifier element per identifier.system SHALL be allowed for the identified Organization resource.
- The patch operation SHALL only add or update an identifier element where identifier.system identifies a subscriber identifier system that is owned by the participating organisation associated with the target PCA Subscriber Agent.
- The patch operation SHALL only add or update an identifier element where a PCA Match Record exists within the PCA service with:\n
  - A status of 'completed', and;
  - A focus referencing the Organization resource, and;
  - An owner referencing a PCA Partner Service of the participating organisation associated with the target PCA Subscriber Agent.
  \n
\n
HTTP interaction signature:
\n
- PATCH [subscriber agent base url]/Organization/[id]
\n
Mandatory Request Headers:
\n
- Accept: application/json-patch+json;charset=utf-8 or Accept: application/xml-patch+xml;charset=utf-8
- Content-Type: application/json-patch+json;charset=utf-8 or Accept: application/xml-patch+xml;charset=utf-8
- Authorization: Bearer [token]
\n
Request Body:
\n
- A JSON Patch document that conforms to https://datatracker.ietf.org/doc/html/rfc6902 with a content type of application/json-patch+json, or;
- An XML Patch document that conforms to https://datatracker.ietf.org/doc/html/rfc5261 with a content type of application/xml-patch+xml
\n
Mandatory Response Headers:
\n
- Content-Type: application/fhir+json;charset=utf-8 or Content-Type: application/fhir+xml;charset=utf-8
- ETag: [version id] where [version id] identifies the version of the Organization resource returned.
\n
Response Body:
\n
- Success: Organization resource that conforms to the PCA Organization profile.
- Error: OperationOutcome resource (see FHIR specification).
\n
Required OAuth 2.0 scopes:
\n
The scope string SHALL contain the following scoped role:
\n
- Organization/[id]:SS_Updater
\n
Where [id] SHALL identify the Organization associated with the target PCA Subscriber Agent.
\n
Response Codes:
\n
- Code 200: The resource was found and returned.
- Code 404: The resource was not found.
- Code 422: The input patch document violated applicable FHIR profiles or server data validation rules.
\n

Documentation

This section defines the supported interactions for the PCA Organization profile of the Organization resource type.
\n

Resource Conformance: supported Location

Base System Profile
PCA Location

Profile Conformance
SHALL

Reference Policy

Interaction summary

Supports
read
Definition:
\n
This operation is a RESTful read interaction (as described in the FHIR specification) of a Location resource.
\n
Behaviour:
\n
This operation retrieves an identified Location resource that conforms to the PCA Location profile. As described in the common behaviour section, the Location resource excludes any Identifiers that cannot be disclosed to the subscriber.
\n
HTTP interaction signature:
\n
- GET [subscriber agent base url]/Location/[id]
\n
Mandatory Request Headers:
\n
- Accept: application/fhir+json;charset=utf-8 or application/fhir+xml;charset=utf-8
- Authorization: Bearer [token]
\n
Request Body:
\n
- (No request body)
\n
Mandatory Response Headers:
\n
- Content-Type: application/fhir+json;charset=utf-8 or Content-Type: application/fhir+xml;charset=utf-8
- ETag: [version id] where [version id] identifies the version of the Location resource returned.
\n
Response Body:
\n
- Success: Location resource that conforms to the PCA Location profile.
- Error: OperationOutcome resource (see FHIR specification).
\n
Required OAuth 2.0 scopes:
\n
The scope string SHALL contain the following scoped role:
\n
- Organization/[id]:SS_Receiver
\n
Where [id] SHALL identify the Organization associated with the target PCA Subscriber Agent.
\n
Response Codes:
\n
- Code 200: The resource was found and returned.
- Code 404: The resource was not found.
\n
patch
Definition:
\n
This operation is a RESTful patch interaction (as described in the FHIR specification) of a Location resource.
\n
Behaviour:
\n
This operation is used to update an identified Location resource that conforms to the PCA Location profile via a JSON or XML patch document. This operation will only process a patch operation for adding or updating an identifier element.
\n
If any of the following data validation rules are violated, then the request is rejected and the error code 422 is returned:
\n
- The patch document SHALL only contain an operation for adding or updating an identifier element.
- Only one identifier element per identifier.system SHALL be allowed for the identified Location resource.
- The patch operation SHALL only add or update an identifier element where identifier.system identifies a subscriber identifier system that is owned by the participating organisation associated with the target PCA Subscriber Agent.
- The patch operation SHALL only add or update an identifier element where a PCA Match Record exists within the PCA service with:\n
  - A status of 'completed', and;
  - A focus referencing the Location resource, and;
  - An owner referencing a PCA Partner Service of the participating organisation associated with the target PCA Subscriber Agent.
  \n
\n
HTTP interaction signature:
\n
- PATCH [subscriber agent base url]/Location/[id]
\n
Mandatory Request Headers:
\n
- Accept: application/json-patch+json;charset=utf-8 or Accept: application/xml-patch+xml;charset=utf-8
- Content-Type: application/json-patch+json;charset=utf-8 or Accept: application/xml-patch+xml;charset=utf-8
- Authorization: Bearer [token]
\n
Request Body:
\n
- A JSON Patch document that conforms to https://datatracker.ietf.org/doc/html/rfc6902 with a content type of application/json-patch+json, or;
- An XML Patch document that conforms to https://datatracker.ietf.org/doc/html/rfc5261 with a content type of application/xml-patch+xml
\n
Mandatory Response Headers:
\n
- Content-Type: application/fhir+json;charset=utf-8 or Content-Type: application/fhir+xml;charset=utf-8
- ETag: [version id] where [version id] identifies the version of the Location resource returned.
\n
Response Body:
\n
- Success: Location resource that conforms to the PCA Location profile.
- Error: OperationOutcome resource (see FHIR specification).
\n
Required OAuth 2.0 scopes:
\n
The scope string SHALL contain the following scoped role:
\n
- Organization/[id]:SS_Updater
\n
Where [id] SHALL identify the Organization associated with the target PCA Subscriber Agent.
\n
Response Codes:
\n
- Code 200: The resource was found and returned.
- Code 404: The resource was not found.
- Code 422: The input patch document violated applicable FHIR profiles or server data validation rules.
\n

Documentation

This section defines the supported interactions for the PCA Location profile of the Location resource type.
\n
A Location resource conforming to the PCA Location profile represents a location at which healthcare services are offered by a PCA publisher.
\n

Resource Conformance: supported HealthcareService

Core FHIR Resource
HealthcareService

Reference Policy

Interaction summary

Supports
read
Definition:
\n
This operation is a RESTful read interaction (as described in the FHIR specification) of a HealthcareService resource.
\n
Behaviour:
\n
This operation is used to retrieve an identified HealthcareService resource that conforms to one of the following profiles:
\n
- PCA Healthcare Service
- PCA Partner Service
\n
As described above a HealthcareService resource conforming to the PCA Healthcare Service profile excludes any Identifiers that cannot be disclosed to the subscriber.
\n
HTTP interaction signature:
\n
- GET [subscriber agent base url]/HealthcareService/[id]
\n
Mandatory Request Headers:
\n
- Accept: application/fhir+json;charset=utf-8 or Accept: application/fhir+xml;charset=utf-8
- Authorization: Bearer [token]
\n
Request Body:
\n
- (No request body)
\n
Mandatory Response Headers:
\n
- Content-Type: application/fhir+json;charset=utf-8 or Content-Type: application/fhir+xml;charset=utf-8
- ETag: [version id] where [version id] identifies the version of the HealthcareService resource returned.
\n
Response Body:
\n
- Success: HealthcareService resource that conforms to the PCA Healthcare Service profile.
- Error: OperationOutcome resource (see FHIR specification).
\n
Required OAuth 2.0 scopes:
\n
The scope string SHALL contain the following scoped role:
\n
- Organization/[id]:SS_Receiver
\n
Where [id] SHALL identify the Organization associated with the target PCA Subscriber Agent.
\n
Response Codes:
\n
- Code 200: The resource was found and returned.
- Code 404: The resource was not found.
\n
patch
Definition:
\n
This operation is a RESTful patch interaction (as described in the FHIR specification) of a HealthcareService resource.
\n
Behaviour:
\n
This operation is used to update an identified HealthcareService resource that conforms to the PCA Healthcare Service profile via a JSON or XML patch document. This operation will only process a patch operation for adding or updating an identifier element.
\n
If any of the following data validation rules are violated, then the request is rejected and the error code 422 is returned:
\n
- The patch document SHALL only contain an operation for adding or updating an identifier element.
- Only one identifier element per identifier.system SHALL be allowed for the identified HealthcareService resource.
- The patch operation SHALL only add or update an identifier element where identifier.system identifies a subscriber identifier system that is owned by the participating organisation associated with the target PCA Subscriber Agent.
- The patch operation SHALL only add or update an identifier element where a PCA Match Record exists within the PCA service with:\n
  - A status of 'completed', and;
  - A focus referencing the HealthcareService resource, and;
  - An owner referencing a PCA Partner Service of the participating organisation associated with the target PCA Subscriber Agent.
  \n
\n
HTTP interaction signature:
\n
- PATCH [subscriber agent base url]/HealthcareService/[id]
\n
Mandatory Request Headers:
\n
- Accept: application/json-patch+json;charset=utf-8 or Accept: application/xml-patch+xml;charset=utf-8
- Content-Type: application/json-patch+json;charset=utf-8 or Accept: application/xml-patch+xml;charset=utf-8
- Authorization: Bearer [token]
\n
Request Body:
\n
- A JSON Patch document that conforms to https://datatracker.ietf.org/doc/html/rfc6902 with a content type of application/json-patch+json, or;
- An XML Patch document that conforms to https://datatracker.ietf.org/doc/html/rfc5261 with a content type of application/xml-patch+xml
\n
Mandatory Response Headers:
\n
- Content-Type: application/fhir+json;charset=utf-8 or Content-Type: application/fhir+xml;charset=utf-8
- ETag: [version id] where [version id] identifies the version of the HealthcareService resource returned.
\n
Response Body:
\n
- Success: HealthcareService resource that conforms to the PCA Healthcare Service profile.
- Error: OperationOutcome resource (see FHIR specification).
\n
Required OAuth 2.0 scopes:
\n
The scope string SHALL contain the following scoped role:
\n
- Organization/[id]:SS_Updater
\n
Where [id] SHALL identify the Organization associated with the target PCA Subscriber Agent.
\n
Response Codes:
\n
- Code 200: The resource was found and returned.
- Code 404: The resource was not found.
- Code 422: The input patch document violated applicable FHIR profiles or server data validation rules.
\n
search-type
Definition:
\n
This operation is a RESTful search interaction (as described in the FHIR specification) for HealthcareService resources that conform to the PCA Partner Service profile.
\n
Behaviour:
\n
The operation is used to find HealthcareService resources that that conform to the profile PCA Partner Service profile and that match the search parameters.
\nNote that all PCA Partner Service resources in the PCA service are accessible to all authorised client systems.
\n
HTTP interaction signature:
\n
- GET [subscriber agent base url]/HealthcareService/{?[parameters]}
\n
Mandatory Request Headers:
\n
- Accept: application/fhir+json;charset=utf-8 or Accept: application/fhir+xml;charset=utf-8
- Authorization: Bearer [token]
\n
Request Body:
\n
- (No request body)
\n
Mandatory Response Headers:
\n
- Content-Type: application/fhir+json;charset=utf-8 or Content-Type: application/fhir+xml;charset=utf-8
\n
Response Body:
\n
- Success: Bundle that contains zero to many HealthcareService resources that conform to the PCA Partner Service profile.
- Error: OperationOutcome resource (see FHIR specification).
\n
Required OAuth 2.0 scopes:
\n
The scope string SHALL contain the following scoped role:
\n
- Organization/[id]:SS_Receiver
\n
Where [id] SHALL identify the Organization associated with the target PCA Subscriber Agent.
\n
Response Codes:
\n
- Code 200: Search successfully performed (but may return zero matching results).
- Code 403: Server refused to perform the search.
\n

Documentation

This section defines the supported interactions for the PCA Healthcare Service profile and the PCA Partner Service profile of the HealthcareService resource type.
\n
A HealthcareService resource conforming to the PCA Healthcare Service profile describes a healthcare service offered at a location by a PCA publisher.
\n
A HealthcareService resource conforming to the PCA Partner Service profile describes a partner service offered by a subscriber to which PCA publishers can publish their service offerings.
\n

Search Parameters

Conformance	Parameter	Type
SHALL	_profile	`uri`
SHALL	active	`token`
SHALL	organization	`reference`
SHALL	service-catgeory	`token`
SHALL	coverage-area.location.address-postalcode	`string`

Resource Conformance: supported PractitionerRole

Base System Profile
PCA Practitioner Role

Profile Conformance
SHALL

Reference Policy

Interaction summary

Supports
read
Definition:
\n
This operation is a RESTful read interaction (as described in the FHIR specification) of a PractitionerRole resource.
\n
Behaviour:
\n
This operation retrieves an identified PractitionerRole resource that conforms to the PCA Practitioner Role profile. As described in the common behaviour section, the PractitionerRole resource excludes any Identifiers that cannot be disclosed to the subscriber.
\n
HTTP interaction signature:
\n
- GET [subscriber agent base url]/PractitionerRole/[id]
\n
Mandatory Request Headers:
\n
- Accept: application/fhir+json;charset=utf-8 or Accept: application/fhir+xml;charset=utf-8
- Authorization: Bearer [token]
\n
Request Body:
\n
- (No request body)
\n
Mandatory Response Headers:
\n
- Content-Type: application/fhir+json;charset=utf-8 or Content-Type: application/fhir+xml;charset=utf-8
- ETag: [version id] where [version id] identifies the version of the PractitionerRole resource returned.
\n
Response Body:
\n
- Success: PractitionerRole resource that conforms to the PCA Practitioner Role profile.
- Error: OperationOutcome resource (see FHIR specification).
\n
Required OAuth 2.0 scopes:
\n
The scope string SHALL contain the following scoped role:
\n
- Organization/[id]:SS_Receiver
\n
Where [id] SHALL identify the Organization associated with the target PCA Subscriber Agent.
\n
Response Codes:
\n
- Code 200: The resource was found and returned.
- Code 404: The resource was not found.
\n
patch
Definition:
\n
This operation is a RESTful patch interaction (as described in the FHIR specification) of a PractitionerRole resource.
\n
Behaviour:
\n
This operation is used to update an identified PractitionerRole resource that conforms to the PCA Practitioner Role profile via a JSON or XML patch document. This operation will only process a patch operation for adding or updating an identifier element.
\n
If any of the following data validation rules are violated, then the request is rejected and the error code 422 is returned:
\n
- The patch document SHALL only contain an operation for adding or updating an identifier element.
- Only one identifier element per identifier.system SHALL be allowed for the identified PractitionerRole resource.
- The patch operation SHALL only add or update an identifier element where identifier.system identifies a subscriber identifier system that is owned by the participating organisation associated with the target PCA Subscriber Agent.
- The patch operation SHALL only add or update an identifier element where a PCA Match Record exists within the PCA service with:\n
  - A status of 'completed', and;
  - A focus referencing the PractitionerRole resource, and;
  - An owner referencing a PCA Partner Service of the participating organisation associated with the target PCA Subscriber Agent.
  \n
\n
HTTP interaction signature:
\n
- PATCH [subscriber agent base url]/PractitionerRole/[id]
\n
Mandatory Request Headers:
\n
- Accept: application/json-patch+json;charset=utf-8 or Accept: application/xml-patch+xml;charset=utf-8
- Content-Type: application/json-patch+json;charset=utf-8 or Accept: application/xml-patch+xml;charset=utf-8
- Authorization: Bearer [token]
\n
Request Body:
\n
- A JSON Patch document that conforms to https://datatracker.ietf.org/doc/html/rfc6902 with a content type of application/json-patch+json, or;
- An XML Patch document that conforms to https://datatracker.ietf.org/doc/html/rfc5261 with a content type of application/xml-patch+xml
\n
Mandatory Response Headers:
\n
- Content-Type: application/fhir+json;charset=utf-8 or Content-Type: application/fhir+xml;charset=utf-8
- ETag: [version id] where [version id] identifies the version of the PractitionerRole resource returned.
\n
Response Body:
\n
- Success: PractitionerRole resource that conforms to the PCA Practitioner Role profile.
- Error: OperationOutcome resource (see FHIR specification).
\n
Required OAuth 2.0 scopes:
\n
The scope string SHALL contain the following scoped role:
\n
- Organization/[id]:SS_Updater
\n
Where [id] SHALL identify the Organization associated with the target PCA Subscriber Agent.
\n
Response Codes:
\n
- Code 200: The resource was found and returned.
- Code 404: The resource was not found.
- Code 422: The input patch document violated applicable FHIR profiles or server data validation rules.
\n

Documentation

This section defines the supported interactions for the PCA Practitioner Role profile of the PractitionerRole resource type.
\nEach PractitionerRole resource conforming to the PCA Practitioner Role profile describes a practitioner in a role at a healthcare service.
\n

Resource Conformance: supported Practitioner

Base System Profile
PCA Practitioner

Profile Conformance
SHALL

Reference Policy

Interaction summary

Supports
read
Definition:
\n
This operation is a RESTful read interaction (as described in the FHIR specification) of a Practitioner resource.
\n
Behaviour:
\n
This operation retrieves an identified Practitioner resource that conforms to the PCA Practitioner profile. As described in the common behaviour section, the Practitioner resource excludes any Identifiers that cannot be disclosed to the subscriber.
\n
HTTP interaction signature:
\n
- GET [subscriber agent base url]/Practitioner/[id]
\n
Mandatory Request Headers:
\n
- Accept: application/fhir+json;charset=utf-8 or Accept: application/fhir+xml;charset=utf-8
- Authorization: Bearer [token]
\n
Request Body:
\n
- (No request body)
\n
Mandatory Response Headers:
\n
- Content-Type: application/fhir+json;charset=utf-8 or Content-Type: application/fhir+xml;charset=utf-8
- ETag: [version id] where [version id] identifies the version of the Practitioner resource returned.
\n
Response Body:
\n
- Success: Practitioner resource that conforms to the PCA Practitioner profile.
- Error: OperationOutcome resource (see FHIR specification).
\n
Required OAuth 2.0 scopes:
\n
The scope string SHALL contain the following scoped role:
\n
- Organization/[id]:SS_Receiver
\n
Where [id] SHALL identify the Organization associated with the target PCA Subscriber Agent.
\n
Response Codes:
\n
- Code 200: The resource was found and returned.
- Code 404: The resource was not found.
\n

Documentation

This section defines the supported interactions for the PCA Practitioner profile of the Practitioner resource type.
\n
Each Practitioner resource conforming the PCA Practitioner profile is a read-only proxy for a corresponding Practitioner resource managed by the PCA portal.
\n
Each 'proxy' has the same id and versionId as the resource within the PCA portal for which it is a proxy.
\n

Resource Conformance: supported Provenance

Base System Profile
PCA Provenance

Profile Conformance
SHALL

Reference Policy

Interaction summary

Supports
read
Definition:
\n
This operation is a RESTful read interaction (as described in the FHIR specification) of a Provenance resource.
\n
Behaviour:
\n
This operation retrieves an identified Provenance resource that conforms to the PCA Provenance profile.
\n
HTTP interaction signature:
\n
- GET [subscriber agent base url]/Provenance/[id]
\n
Mandatory Request Headers:
\n
- Accept: application/fhir+json;charset=utf-8 or Accept: application/fhir+xml;charset=utf-8
- Authorization: Bearer [token]
\n
Request Body:
\n
- (No request body)
\n
Mandatory Response Headers:
\n
- Content-Type: application/fhir+json;charset=utf-8 or Content-Type: application/fhir+xml;charset=utf-8
\n
Response Body:
\n
- Success: Provenance resource that conforms to the PCA Provenance profile.
- Error: OperationOutcome resource (see FHIR specification).
\n
Required OAuth 2.0 scopes:
\n
The scope string SHALL contain the following scoped role:
\n
- Organization/[id]:SS_Receiver
\n
Where [id] SHALL identify the Organization associated with the target PCA Subscriber Agent.
\n
Response Codes:
\n
- Code 200: The resource was found and returned.
- Code 404: The resource was not found.
\n

Documentation

This section defines the supported interactions for the PCA Provenance profile of the Provenance resource type.
\n
Each Provenance resource conforming to the PCA Provenance profile represents an activity performed by the PCA service (conditionally on behalf of a participating organisation when the target element references a PCA Organization resource) whereby specific data elements of a PCA Organization or PCA Practitioner resource have been initially retrieved, updated or verified from an external system of record.
\n

Resource Conformance: supported Contract

Core FHIR Resource
Contract

Reference Policy

Interaction summary

Supports
read
Definition:
\n
This operation is a RESTful read interaction (as described in the FHIR specification) of a Contract resource.
\n
This operation is used to retrieve an identified Contract resource that conforms to one of the following profiles:
\n
- PCA Publication Authorisation Record
- PCA Information Use Statement
\n
Different authorisation rules apply depending on the profile of the Contract resource being retrieved; see the 'Required OAuth 2.0 scopes' section
\n
HTTP interaction signature:
\n
- GET [subscriber agent base url]/Contract/[id]
\n
Mandatory Request Headers:
\n
- Accept: application/fhir+json;charset=utf-8 or Accept: application/fhir+xml;charset=utf-8
- Authorization: Bearer [token]
\n
Request Body:
\n
- (No request body)
\n
Mandatory Response Headers:
\n
- Content-Type: application/fhir+json;charset=utf-8 or Content-Type: application/fhir+xml;charset=utf-8
\n
Response Body:
\n
- Success: Contract resource that conforms to the PCA Publication Authorisation Record profile.
- Error: OperationOutcome resource (see FHIR specification).
\n
Required OAuth 2.0 scopes:
\n
The scope string SHALL contain the following scoped role:
\n
- Organization/[id]:SS_Receiver
\n
Where [id] SHALL identify the Organization associated with the target PCA Subscriber Agent.
\n
Response Codes:
\n
- Code 200: The resource was found and returned.
- Code 404: The resource was not found.
\n
search-type
Definition:
\n
This operation is a RESTful search interaction (as described in the FHIR specification) for Contract resources.
\n
Behaviour:
\n
This operation is used to find Contract resources that conform to the PCA Information Use Statement profile and that match the search parameters.
\n
Note that all PCA Information Use Statement resources in the PCA service are accessible to all authorised client systems.
\n
HTTP interaction signature:
\n
- GET [subscriber agent base url]/Contract/{?[parameters]}
\n
Mandatory Request Headers:
\n
- Accept: application/fhir+json;charset=utf-8 or Accept: application/fhir+xml;charset=utf-8
- Authorization: Bearer [token]
\n
Request Body:
\n
- (No request body)
\n
Mandatory Response Headers:
\n
- Content-Type: application/fhir+json;charset=utf-8 or Content-Type: application/fhir+xml;charset=utf-8
\n
Response Body:
\n
- Success: Bundle containing zero to many Contract resources that conform to the profile PCA Information Use Statement profile.
- Error: OperationOutcome resource (see FHIR specification).
\n
Required OAuth 2.0 scopes:
\n
The scope string SHALL contain the following scoped role:
\n
- Organization/[id]:SS_Receiver
\n
Where [id] SHALL identify the Organization associated with the target PCA Subscriber Agent.
\n
Response Codes:
\n
- Code 200: Search successfully performed (but may return zero matching results).
- Code 403: Server refused to perform the search.
\n

Documentation

This section defines the supported interactions for the PCA Publication Authorisation Record profile and the PCA Information Use Statement profile of the Contract resource type.
\n
A Contract resource conforming to the PCA Publication Authorisation Record profile records a decision regarding the publication of a specific service offering (either a HealthcareService or a PractitionerRole) to a specific partner service. The decision is either to authorise publication or to revoke a previous authority to publish.
\n
A Contract resource conforming to the PCA Information Use Statement profile represents a policy statement by a subscriber organisation's partner service that describes how they will use the information from publisher organisations that is disclosed to the partner service.
\n

Search Parameters

Conformance	Parameter	Type
SHALL	_profile	`uri`
SHALL	subject	`reference`
SHALL	version	`string`

Resource Conformance: supported Task

Core FHIR Resource
Task

Reference Policy

Interaction summary

Supports
read
Definition:
\n
This operation is a RESTful read interaction (as described in the FHIR specification) of a Task resource.
\n
Behaviour:
\n
This operation retrieves an identified Task resource that conforms to the PCA Match Record profile or the PCA Partner Service profile of the Task resource type.
\n
HTTP interaction signature:
\n
- GET [subscriber agent base url]/Task/[id]
\n
Mandatory Request Headers:
\n
- Accept: application/fhir+json;charset=utf-8 or Accept: application/fhir+xml;charset=utf-8
- Authorization: Bearer [token]
\n
Request Body:
\n
- (No request body)
\n
Mandatory Response Headers:
\n
- Content-Type: application/fhir+json;charset=utf-8 or Content-Type: application/fhir+xml;charset=utf-8
\n
Response Body:
\n
- Success: Task resource that conforms to the PCA Match Record profile or the PCA Partner Service Task profile.
- Error: OperationOutcome resource (see FHIR specification).
\n
Required OAuth 2.0 scopes:
\n
The scope string SHALL contain one of the following scoped role:
\n
- Organization/[id]:SS_Receiver
- Organization/[id]:SS_TaskManager
\n
Where [id] SHALL identify the Organization associated with the target PCA Subscriber Agent.
\nThe SS_Updater role SHALL be used for reading Taskresources conforming to the PCA Match Record profile.
\nThe SS_TaskManager role SHALL be used for reading Taskresources conforming to the PCA Partner Service Task profile.
\n
Response Codes:
\n
- Code 200: The resource was found and returned.
- Code 404: The resource was not found.
\n
create
Definition:
\n
This operation is a RESTful create interaction (as described in the FHIR specification) of a Task resource that conforms to the PCA Match Record profile or the PCA Partner Service Task profile.
\n
Behaviour:
\n
If any of the applicable data validation rules are violated in the input resource then the request is rejected and the error code 422 is returned.
\n
Common validation rules:
\n
- The resource SHALL conform to the PCA Match Record profile or the or the PCA Partner Service profile.
- id SHALL NOT be present.
- meta.versionId SHALL NOT be present.
- meta.lastUpdated SHALL NOT be present.
- focus SHALL reference a resource that has been published to one or more Partner Services associated with the target PCA Subscriber Agent.
\n
PCA Match Record validation rules:
\n
- If the resource conforms to the PCA Match Record profile:\n
  - note.text SHALL be a maximum of 200 characters.
  - owner SHALL reference a Partner Service associated with the target PCA Subscriber Agent.
  \n
\n
PCA Partner Service Task validation rules:
\n
- \n
  If the resource conforms to the PCA Partner Service Task profile:
  \n
  - for SHALL reference a Partner Service associated with the target PCA Subscriber Agent.
  \n
- \n
  If the resource conforms to the PCA Partner Service Task profile and the type is 'PartnerServiceCompleteOnlineForm':
  \n
  - focus SHALL reference either a PCA Healthcare Service or PCA Practitioner Role resource.
  - The resource SHALL contain input elements for each of the following task parameters:\n
    - type = 'dueOn', value = valueDateTime
    - type = 'reason', value = valueString
    - type = 'urlId', value = valueString
    - type = 'formName', value = valueString
    \n
  - The 'urlId' task paramater SHALL match one of the partner service website records (configured in PCA) of the Partner Service identified by owner.
  - The partner service website record identified by the 'urlId' task paramater SHALL have a context of use (e.g. Healthcare Service context or Practitioner Role context) that aligns with the resource type referenced in the focus element.
  \n
\n
\n
- If the resource conforms to the PCA Partner Service Task profile and the type is 'PartnerServiceProvideMissingInformation':\n
  - The resource SHALL contain an input element for the following task parameter:\n
    - type = 'missingDetails', value = valueString
    \n
  - If focus references a PCA Organization resource, the 'missingDetails' task parameter SHALL contain a comma-separated string containing one or more of the following property names:\n
    - Fax
    - Website
    - PostalAddress
    \n
  - If focus references a PCA Location resource, the 'missingDetails' task parameter SHALL contain a comma-separated string containing one or more of the following property names:\n
    - Phone
    - Email
    - Fax
    - Website
    - PostalAddress
    \n
  - If focus references a PCA Healthcare Service resource, the 'missingDetails' task parameter SHALL contain a comma-separated string containing one or more of the following property names:\n
    - Phone
    - Email
    - Fax
    - AfterHoursPhone
    - Website
    - PostalAddress
    \n
  - If focus references a PCA Practitioner Role resource, the 'missingDetails' task parameter SHALL contain a comma-separated string containing one or more of the following property names:\n
    - PreferredNameAtLocation
    - NumberOfDays
    - HpiiIdentifier
    - MedicareProviderNumber
    \n
  \n
\n
\n
- If the resource conforms to the PCA Partner Service Task profile and the type is 'PartnerServiceVerifyInformation':\n
  - The resource SHALL contain one input element for the following task parameter:\n
    - type = 'verifyDetails', value = valueString
    \n
  - The input element SHALL use the PCA Property Name extension to identify the property name:\n
    - If focus references a PCA Organization resource, the extension SHALL use one of the following property names:\n
      \n
      Fax
      \n
      Website
      \n
      \n
    - If focus references a PCA Location resource, the extension SHALL use one of the following property names:\n
      \n
      Phone
      \n
      Email
      \n
      Fax
      \n
      Website
      \n
      \n
    - If focus references a PCA Healthcare Service resource, the extension SHALL use one of the following property names:\n
      \n
      Phone
      \n
      Email
      \n
      Fax
      \n
      AfterHoursPhone
      \n
      Website
      \n
      \n
    - If focus references a PCA Practitioner Role resource, the extension SHALL use one of the following property names:\n
      \n
      PreferredNameAtLocation
      \n
      NumberOfDays
      \n
      \n
    \n
  - The input element SHALL use valueString to record a new suggested value of the property, if the Partner Service chooses to suggest a new value.
  \n
\n
HTTP interaction signature:
\n
- POST [subscriber agent base url]/Task
\n
Mandatory Request Headers:
\n
- Accept: application/fhir+json;charset=utf-8 or Accept: application/fhir+xml;charset=utf-8
- Content-Type: application/fhir+json;charset=utf-8 or Content-Type: application/fhir+xml;charset=utf-8
- Authorization: Bearer [token]
\n
Request Body:
\n
- Task resource that conforms to the PCA Match Record profile.
\n
Mandatory Response Headers:
\n
- Content-Type: application/fhir+json;charset=utf-8 or Content-Type: application/fhir+xml;charset=utf-8
- ETag: [version id] where [version id] identifies the version of the new Task resource.
\n
Response Body:
\n
- Success: Task resource that conforms to the PCA Match Record profile.
- Error: OperationOutcome resource (see FHIR specification).
\n
Required OAuth 2.0 scopes:
\n
The scope string SHALL contain the following scoped role:
\n
- Organization/[id]:SS_Updater
- Organization/[id]:SS_TaskManager
\n
Where [id] SHALL identify the Organization associated with the target PCA Subscriber Agent.
\nThe SS_Updater role SHALL be used for creating Task resources conforming to the PCA Match Record profile.
\nThe SS_TaskManager role SHALL be used for creating Task resources conforming to the PCA Partner Service Task profile.
\n
Response Codes:
\n
- Code 201: The resource was successfully created.
- Code 400: The input resource could not be parsed or failed basic FHIR validation rules.
- Code 404: The resource type is not supported, or not a FHIR end-point.
- Code 422: The input resource violated applicable FHIR profiles or server data validation rules.
\n
update
Definition:
\n
This operation is a RESTful update interaction (as described in the FHIR specification) of a Task resource that conforms to the PCA Match Record profile or the PCA Partner Service Task profile.
\n
Behaviour:
\n
If the 'if-match' HTTP header is not provided in the request, then the PCA Subscriber Agent will reject the request and return the error code 400.
\n
If the 'if-match' HTTP header does not match the current version, then the PCA Subscriber Agent will reject the request and return the error code 412.
\n
If any of the applicable data validation rules are violated in the input resource then the request is rejected and the error code 422 is returned.
\n
Common validation rules:
\n
- The resource SHALL conform to the PCA Match Record profile or the or the PCA Partner Service Task profile.
- id SHALL be identical to the corresponding value in the version of the Task identified in the 'if-match' HTTP header.
- meta.versionId SHALL NOT be present.
- meta.lastUpdated SHALL NOT be present.
\n
PCA Match Record validation rules:
\n
- If the resource conforms to the PCA Match Record profile:\n
  - owner SHALL reference a Partner Service associated with the target PCA Subscriber Agent.
  - Only changes to status (and optionally note.text) will be accepted; changes to any other element values will not be accepted when updating an existing Task.
  - note.text SHALL only be updated if status is being changed from 'completed' to 'failed'.
  - note.text SHALL be a maximum of 200 characters.
  \n
\n
PCA Partner Service Task validation rules:
\n
- If the resource conforms to the PCA Partner Service Task profile:\n
  - for SHALL reference a Partner Service associated with the target PCA Subscriber Agent.
  - type SHALL be 'PartnerServiceCompleteOnlineForm'.
  - Only a change to status from 'requested' to 'completed' will be accepted; changes to any other element values will not be accepted when updating an existing Task.
  \n
\n
HTTP interaction signature:
\n
- PUT [subscriber agent base url]/Task/[id]
\n
Mandatory Request Headers:
\n
- Accept: application/fhir+json;charset=utf-8 or Accept: application/fhir+xml;charset=utf-8
- Content-Type: application/fhir+json;charset=utf-8 or Content-Type: application/fhir+xml;charset=utf-8
- Authorization: Bearer [token]
- if-match [version id] where [version id] is the version of the Task being updated.
\n
Request Body:
\nTask resource that conforms to the PCA Match Record profile.
\n
Mandatory Response Headers:
\n
- Content-Type: application/fhir+json;charset=utf-8 or Content-Type: application/fhir+xml;charset=utf-8
- ETag: [version id] where [version id] identifies the version of the Task resource returned.
\n
Response Body:
\n
- Success: Task resource that conforms to the PCA Match Record profile.
- Error: OperationOutcome resource (see FHIR specification).
\n
Required OAuth 2.0 scopes:
\n
The scope string SHALL contain the following scoped role:
\n
- Organization/[id]:SS_Updater
- Organization/[id]:SS_TaskManager
\n
Where [id] SHALL identify the Organization associated with the target PCA Subscriber Agent.
\nThe SS_Updater role SHALL be used for updating Task resources conforming to the PCA Match Record profile.
\nThe SS_TaskManager role SHALL be used for updating Task resources conforming to the PCA Partner Service Task profile.
\n
Response Codes:
\n
- Code 200: The resource was found and returned.
- Code 400: Client error: request did not include the if-match HTTP header.
- Code 404: The resource was not found.
- Code 412: The version id given in the if-Match HTTP request header does not match the current version.
- Code 422: The input resource violated applicable FHIR profiles or server data validation rules.
\n
patch
Definition:
\n
This operation is a RESTful patch interaction (as described in the FHIR specification) of a Task resource.
\n
Behaviour:
\n
This operation is used to update an identified Task resource that conforms to the PCA Match Record profile via a JSON or XML patch document. This operation will only process a patch operation for adding or updating an identifier element.
\n
If any of the following data validation rules are violated, then the request is rejected and the error code 422 is returned:
\n
- The patch document SHALL only contain an operation for adding or updating an identifier element.
- Only one identifier element per identifier.system SHALL be allowed for the identified Task resource.
- The patch operation SHALL only add or update an identifier element where identifier.system identifies a subscriber identifier system that is owned by the participating organisation associated with the target PCA Subscriber Agent.
- The patch operation SHALL only add or update an identifier element where a PCA Match Record exists within the PCA service with:\n
  - A status of 'completed', and;
  - A focus referencing the Task resource, and;
  - An owner referencing a PCA Partner Service of the participating organisation associated with the target PCA Subscriber Agent.
  \n
\n
HTTP interaction signature:
\n
- PATCH [subscriber agent base url]/Task/[id]
\n
Mandatory Request Headers:
\n
- Accept: application/json-patch+json;charset=utf-8 or Accept: application/xml-patch+xml;charset=utf-8
- Content-Type: application/json-patch+json;charset=utf-8 or Accept: application/xml-patch+xml;charset=utf-8
- Authorization: Bearer [token]
\n
Request Body:
\n
- A JSON Patch document that conforms to https://datatracker.ietf.org/doc/html/rfc6902 with a content type of application/json-patch+json, or;
- An XML Patch document that conforms to https://datatracker.ietf.org/doc/html/rfc5261 with a content type of application/xml-patch+xml
\n
Mandatory Response Headers:
\n
- Content-Type: application/fhir+json;charset=utf-8 or Content-Type: application/fhir+xml;charset=utf-8
- ETag: [version id] where [version id] identifies the version of the Task resource returned.
\n
Response Body:
\n
- Success: Task resource that conforms to the PCA Match Record profile.
- Error: OperationOutcome resource (see FHIR specification).
\n
Required OAuth 2.0 scopes:
\n
The scope string SHALL contain the following scoped role:
\n
- Organization/[id]:SS_Updater
\n
Where [id] SHALL identify the Organization associated with the target PCA Subscriber Agent.
\n
Response Codes:
\n
- Code 200: The resource was found and returned.
- Code 404: The resource was not found.
- Code 422: The input patch document violated applicable FHIR profiles or server data validation rules.
\n
search-type
Definition:
\n
This operation is a RESTful search interaction (as described in the FHIR specification) for Task resources that conform to the PCA Match Record profile or the PCA Partner Service Task profile.
\n
Behaviour:
\n
The operation is used to find Task resources that that conform to the profile PCA Match Record profile or the PCA Partner Service Task profile and that match the search parameters.
\n
HTTP interaction signature:
\n
- GET [subscriber agent base url]/Task/{?[parameters]}
\n
Mandatory Request Headers:
\n
- Accept: application/fhir+json;charset=utf-8 or Accept: application/fhir+xml;charset=utf-8
- Authorization: Bearer [token]
\n
Request Body:
\n
- (No request body)
\n
Mandatory Response Headers:
\n
- Content-Type: application/fhir+json;charset=utf-8 or Content-Type: application/fhir+xml;charset=utf-8
\n
Response Body:
\n
- Success: Bundle that contains zero to many Task resources that conform to the PCA Match Record profile or the PCA Partner Service Task profile.
- Error: OperationOutcome resource (see FHIR specification).
\n
Required OAuth 2.0 scopes:
\n
The scope string SHALL contain the following scoped role:
\n
- Organization/[id]:SS_Receiver
\n
Where [id] SHALL identify the Organization associated with the target PCA Subscriber Agent.
\n
Response Codes:
\n
- Code 200: Search successfully performed (but may return zero matching results).
- Code 403: Server refused to perform the search.
\n

Supported Profiles

PCA Match Record
PCA Partner Service Task

Documentation

This section defines the supported interactions for the PCA Match Record profile or the PCA Partner Service Task profile of the Task resource type.
\n
A Task resource conforming to the PCA Match Record profile indicates the matching status of a service offering to a partner service’s local data store.
\n
A Task resource conforming to the PCA Partner Service Task profile indicates a task created by a partner service via their authorised subscribing system.
\n

Search Parameters

Conformance	Parameter	Type
SHALL	_profile	`uri`
SHALL	subject	`reference`
SHALL	owner	`reference`

Resource Conformance: supported Subscription

Base System Profile
Subscription

Profile Conformance
SHALL

Reference Policy

Interaction summary

Supports
create
Definition:
\n
This operation is a RESTful create interaction (as described in the FHIR specification) of a Subscription resource conforming to the PCA Subscription profile.
\n
Behaviour:
\n
This operation is used to register a callback to receive a notification whenever there are changes in the data set that is published to a subscriber.
\n
A notification is simply a HTTP POST without any content – the purpose is to trigger the subscriber’s client system to get the available service offerings by invoking the whole system search operation.
\n
If any of the following data validation rules are violated in the input resource, then the request is rejected and the error code 422 is returned:
\n
- status SHALL be 'requested'
- reason SHALL be 'subscriber change notifications'
- criteria SHALL be a space separated list of resource types from the list 'HealthcareService', 'PractitionerRole', 'Location', 'Organization', 'Practitioner', 'Provenance', 'Contract', 'Task'
- channel.type SHALL be 'rest-hook'
- channel.endpoint SHALL be the URL of an endpoint that is operated by (or on behalf of) the subscriber for receiving notifications. The protocol SHALL be https.
- channel.payload SHALL NOT be present – its absence indicates that the subscriber will not receive any resources via this endpoint.
- channel.header SHALL be set to 'Authorization: Bearer [secret string]' where [secret string] is the basic authentication string, set by the subscriber organisation, that is used to authenticate the PCA Subscriber Agent to the notification receiving endpoint.
\n
HTTP interaction signature:
\n
- POST [subscriber agent base url]/Subscription
\n
Mandatory Request Headers:
\n
- Accept: application/fhir+json;charset=utf-8 or Accept: application/fhir+xml;charset=utf-8
- Content-Type: application/fhir+json;charset=utf-8 or Content-Type: application/fhir+xml;charset=utf-8
- Authorization: Bearer [token]
\n
Request Body:
\n
- Subscription resource that conforms to the PCA Subscription profile.
\n
Mandatory Response Headers:
\n
- Content-Type: application/fhir+json;charset=utf-8 or Content-Type: application/fhir+xml;charset=utf-8
\n
Response Body:
\n
- Success: Subcription resource that conforms to the PCA Subscription profile.
- Error: OperationOutcome resource (see FHIR specification).
\n
Required OAuth 2.0 scopes:
\n
The scope string SHALL contain the following scoped role:
\n
- Organization/[id]:SS_Receiver
\n
Where [id] SHALL identify the Organization associated with the target PCA Subscriber Agent.
\n
Response Codes:
\n
- Code 201: The resource was successfully created.
- Code 400: The input resource could not be parsed or failed basic FHIR validation rules.
- Code 404: The resource type is not supported, or not a FHIR end-point.
- Code 422: The input resource violated applicable FHIR profiles or server data validation rules.
\n
search-type
Definition:
\n
This operation is a RESTful search interaction (as described in the FHIR specification) for a Subscription resource that is associated with the target Subscriber Agent and that conforms to the PCA Subscription profile.
\n
Behaviour:
\n
This operation is used to find a Subscription resource that is associated with the target Subscriber Agent and that conforms to the PCA Subscription profile.
\n
HTTP interaction signature:
\n
- GET [subscriber agent base url]/Subscription/
\n
Mandatory Request Headers:
\n
- Accept: application/fhir+json;charset=utf-8 or Accept: application/fhir+xml;charset=utf-8
- Authorization: Bearer [token]
\n
Request Body:
\n
- (No request body)
\n
Mandatory Response Headers:
\n
- Content-Type: application/fhir+json;charset=utf-8 or Content-Type: application/fhir+xml;charset=utf-8
\n
Response Body:
\n
- Success: Bundle that contains zero or one Subscription resource that that is associated with the target Subscriber Agent and that conforms to the PCA Subscription profile.
- Error: OperationOutcome resource (see FHIR specification).
\n
Required OAuth 2.0 scopes:
\n
The scope string SHALL contain the following scoped role:
\n
- Organization/[id]:SS_Receiver
\n
Where [id] SHALL identify the Organization associated with the target PCA Subscriber Agent.
\n
Response Codes:
\n
- Code 200: Search successfully performed (but may return zero matching results).
- Code 403: Server refused to perform the search.
\n
delete
Definition:
\n
This operation is a RESTful delete interaction (as described in the FHIR specification) of a Subscription resource.
\n
Behaviour:
\n
This operation is used to deregister an existing notification callback.
\n
HTTP interaction signature:
\n
- DELETE [subscriber agent base url]/Subscription/[id]
\n
Mandatory Request Headers:
\n
- Authorization: Bearer [token]
\n
Request Body:
\n
- (No request body)
\n
Mandatory Response Headers:
\n
- (No request body)
\n
Response Body:
\n
- (No request body)
\n
Required OAuth 2.0 scopes:
\n
The scope string SHALL contain the following scoped role:
\n
- Organization/[id]:SS_Receiver
\n
Where [id] SHALL identify the Organization associated with the target PCA Subscriber Agent.
\n
Response Codes:
\n
- Code 202: The deletion was accepted.
- Code 404: The resource was not found.
\n

Documentation

This section defines the supported interactions for the PCA Subscription profile of the Subscription resource type.
\n
The PCA Subscription profile of Subscription is used by subscribing systems to register for notifications from the PCA service when new or updated service offerings are available, or when publication of existing service offerings has been newly revoked.
\n

PCA Subscriber Agent Capability Statement

FHIR RESTful Capabilities

Mode: server

Capabilities by Resource/Profile

Summary

Resource Conformance: supported Organization

Resource Conformance: supported Location

Resource Conformance: supported HealthcareService

Resource Conformance: supported PractitionerRole

Resource Conformance: supported Practitioner

Resource Conformance: supported Provenance

Resource Conformance: supported Contract

Resource Conformance: supported Task

Resource Conformance: supported Subscription

Mode: `server`