FHIR Chat · Clinical safety of "pure" REST approach? · implementers

Stream: implementers

Topic: Clinical safety of "pure" REST approach?

view this post on Zulip Brian Diggle (Dec 10 2021 at 15:31):

Currently at the early design phase of a new major version of an API. Previous version used a custom operation to return bundles of multiple resource types in order to ensure that the response "maintained all necessary internal context".

The design principle was a bit like "its only safe to sent everything in one go".

So for example, a request to retrieve a list of immunisations, the response bundle has
1) Patient resource
2) Organization resource (patient's gp practice)
3) Practitioner (Patient's usual gp )
4) PractionerRole (Patient's usual gp role)
5) List of Immunization resources
6) List of Condition resources (Problem Header) associated with the immunization event

It seems to me that a searchset of Imms resources would be safe to consume.

view this post on Zulip Daniel Venton (Dec 10 2021 at 15:39):

What if the consumer didn't need/want the patient/Organization(s)/Practitioner(s)/PractitionerRole(s) with their list of immunizations?
What if the consumer has authorization to retrieve every immunization, does that mean their bundle includes every patient, every org, every prac, every PR as well?
What if the immunization was provided by a practitioner/org that isn't the GP (say a pharmacy)?
Wouldn't it be better for the server to just return what was asked for (Immunizations) and let the consumer dictate what they want additionally (if anything)?

view this post on Zulip Rik Smithies (Dec 10 2021 at 15:48):

somewhat related to this thread https://chat.fhir.org/#narrow/stream/179166-implementers/topic/FHIR.20-.20Using.20extensions.20or.20contained.20instead.20of.20a.20resource

view this post on Zulip Lloyd McKenzie (Dec 10 2021 at 15:50):

Maintaining context in REST is generally achieved by passing the references. If you've got a pointer to the patient and are able to retrieve it if/when you want it, then you have the context. Having the context is distinct from having all of the data.

view this post on Zulip Kevin Mayfield (Dec 10 2021 at 15:56):

removed

view this post on Zulip Kevin Mayfield (Dec 10 2021 at 15:57):

removed

view this post on Zulip Kevin Mayfield (Dec 10 2021 at 16:38):

Ahhhh.... just twigged which api you are referring to.

I don't understand why all those resources are sent in one go.
I would like to understand where that requirement has come from, I don't think it's the suppliers or consumers.

view this post on Zulip Kevin Mayfield (Dec 11 2021 at 06:53):

I think this is a misunderstanding on how a FHIR Resource+REST API works on a technical level.

The logical model consists of all those resources and this extra resources represent the provenance of the focused resource e.g. Immunization.
It is provenance not clinical safety.

It is a well accepted pattern these resources can be referenced by well known codes/identifiers. With REST we can now add in resource references. Either pattern is fine.
As long as these resources can be retrieved (easily), then you have no technical reason for including them in the query and this is a clinically accepted pattern which has been implemented in all commonly used HL7 interfaces in the NHS.
Any consumer can retrieve the provenance if they need to.

Last updated: Apr 12 2022 at 19:14 UTC


An HL7 Website -