Stream: smart/health-cards
Topic: Connectathon 27 MITRE Issuer Testing
Reece Adamson (May 18 2021 at 13:32):
@James Kizer, @Vijayendra Prabhakar, @Ron Jawanda, @Christian Paquin or anyone else trying to read/verify health cards want to try testing some of the ones we've generated?
Feel free to add your own patients too via the "New Patient" option on the homepage (https://connectathon.vci.org/)
e.g. https://connectathon.vci.org/patients/1 (here you can view the QR code or download as a file)
Reece Adamson (May 18 2021 at 13:35):
Attaching the file download option too for convenience: bradley_nikolaus.smart-health-card
Zulip is making this a .txt so I'd recommend getting it straight from the site or you'll need to fix the extension
Ron Jawanda (May 18 2021 at 13:37):
Hi @Reece Adamson I want to , i went and watched fridays video. I'm still quite lost. I'm a client person that wants to figure out how to read these but i don't know where the endpoints are (if they are actual endpoints) . Don't know how to start but I would like to. I guess my first question is where is the server what is the endpoint.
Christian Paquin (May 18 2021 at 13:39):
Reece Adamson said:
Christian Paquin or anyone else trying to read/verify health cards want to try testing some of the ones we've generated?
Verifying a QR code generated with demo data gives me this:
JWS.payload
│
├─ Warning
│ · JWS.payload.vc.type should contain 'https://smarthealth.cards#health-card'
│
├─ Error
│ · Schema: {"instancePath":"/vc/credentialSubject/fhirVersion","schemaPath":"#/properties/vc/properties/credentialSubject/properties/fhirVersion/type","keyword":"type","params":{"type":"string"},"message":"must be string"}
The fhir version is currently null.
Neelima Karipineni (May 18 2021 at 13:40):
@Ron Jawanda do you want to rejoin the Zoom meeting? We're still on the call, might be easier to answer your questions live.
James Kizer (May 18 2021 at 14:08):
Yeah, I'm seeing the same null value for fhriVersion
Reece Adamson (May 18 2021 at 14:09):
Well that's no good - looking into it now.
Daniel Lee (May 18 2021 at 15:22):
@James Kizer @Christian Paquin fix for the fhirVersion is deployed.
Michael O'Hanlon (May 18 2021 at 15:29):
Seems to be validating now with the Microsoft SDK
Christian Paquin (May 18 2021 at 15:31):
Daniel Lee said:
James Kizer Christian Paquin fix for the
fhirVersionis deployed.
Works in the validation SDK. The VC type contains https://healthwallet.cards#health-card instead of https://smarthealth.cards#health-card. We throw a warning for this, if the specified VC type isn't present, but I'm not sure if this should be an error. The spec only shows it has an example, but has no explicit requirement for it. @Josh Mandel, guidance?
See PR 144 for a suggested spec edit.
Michael O'Hanlon (May 18 2021 at 15:32):
@Christian Paquin We're making a quick update for this now.
James Kizer (May 18 2021 at 15:33):
Also, should the VC type include https://smarthealth.cards#immunization as well?
Stephen MacVicar (May 18 2021 at 15:39):
I feel like the spec isn't clear about exactly which types should be included. Just the most specific or a list including all the more general types as well?
Vijayendra Prabhakar (May 18 2021 at 15:40):
Reece Adamson said:
James Kizer, Vijayendra Prabhakar, Ron Jawanda, Christian Paquin or anyone else trying to read/verify health cards want to try testing some of the ones we've generated?
Feel free to add your own patients too via the "New Patient" option on the homepage (https://connectathon.vci.org/)
e.g. https://connectathon.vci.org/patients/1 (here you can view the QR code or download as a file)
Hey @Reece Adamson we tried importing one of the health cards and we were able to verify it.
Zameer Sura (May 18 2021 at 15:48):
@Reece Adamson I see that the implementation returns a SHC for a patient with no immunization data. Is this valid?
The VCI spec requires that an immunization SHC bundle have 1..* immunizations.
For our FHIR implementation if we have a patient with no qualifying immunization details, we would return a 200 OK with an empty Parameters resource like (i.e. no verifiableCredential parameters)
{
"resourceType": "Parameters"
}
James Kizer (May 18 2021 at 15:48):
@Stephen MacVicar my expectation (which could be wrong) is that it should list all the types such that performing a set intersection leads to the most granular type possible. In CommonHealth, we determine how we render a card based on the list containing [https://smarthealth.cards#covid19, https://smarthealth.cards#immunization] or [https://smarthealth.cards#covid19, https://smarthealth.cards#laboratory]
James Kizer (May 18 2021 at 15:51):
@Zameer Sura which sample patient returns the empty resource? I'd like to try this out in CommonHealth to see if we're handing it properly
Stephen MacVicar (May 18 2021 at 15:52):
I think that is a fair expectation, but I would find it helpful (particularly from a testing perspective) to have more clarity in the spec about it.
Reece Adamson (May 18 2021 at 15:52):
@Zameer Sura it will do that for Patients that have no recorded immunizations. Right now the application isn't really restrictive and just returns a Health Card for whatever FHIR data it has.
Reece Adamson (May 18 2021 at 15:53):
A Health Card conforming to the SMART Health Cards: Vaccination & Testing FHIR IG shouldn't just have just a patient and should include https://smarthealth.cards#immunization and/or https://smarthealth.cards#laboratory, and optionally https://smarthealth.cards#covid19 depending on the type of card
Zameer Sura (May 18 2021 at 15:53):
@James Kizer the patient documented in https://github.com/joeratt/connectathon_notes/blob/may_2021-HL7-health_cards/health_cards/Cerner%20SMART%20Health%20Cards%20-%20Integration%20Notes.md#smart-fredrick should return an empty resource
James Kizer (May 18 2021 at 15:55):
Thanks @Zameer Sura !
Josh Mandel (May 18 2021 at 16:36):
Re: types, thanks for the discussion and PR on this! Agreed, clarification of expectations is a big help here.
Abbie Watson (May 18 2021 at 18:21):
Reece Adamson said:
James Kizer, Vijayendra Prabhakar, Ron Jawanda, Christian Paquin or anyone else trying to read/verify health cards want to try testing some of the ones we've generated?
Okay, trying the QR code above with our barcode scanner. Immunization record arrives with blank fields. But otherwise, looks like card encoding/decoding and and JWT cryptography is all working. This outcome continues the disagreement with the Bundle+Patient+DEFLATE+shortRef architecture, without support for plain FHIR resources.
Reece Adamson (May 18 2021 at 18:32):
Hey @Abbie Watson. It looks like you were able to get the DEFLATE working properly based on the properly extracted CVX code. Do you see any issues with the decoded payload? It looks like it came through across correctly in the siemens verifier and were able to extract the name and birth date.
e.g. If you inspec the patient "Bradley, Nikolaus" in the siemens verifier
Abbie Watson (May 18 2021 at 18:58):
Agreed, that DEFLATE is working properly and the QR code is working according to spec. I'm voicing disagreement with the spec assumptions, and pointing out how in practice it's going to wind up delivering results that appears to be missing data. The 20% storage gains that DEFLATE provides comes at the cost of (de)compression errors, readability, usability, non-standard patterns, breaking existing libraries/functions, etc.
Josh Mandel (May 18 2021 at 19:33):
FWIW keep in mind that DEFLATE gives us 60-90(++)% reduction of payload size (not 20%). For a rough example:
$ EX='{"iss":"https://smarthealth.cards/examples/issuer","nbf":1620847989.837,"vc":{"type":["https://smarthealth.cards#health-card","https://smarthealth.cards#immunization","https://smarthealth.cards#covid19"],"credentialSubject":{"fhirVersion":"4.0.1","fhirBundle":{"resourceType":"Bundle","type":"collection","entry":[{"fullUrl":"resource:0","resource":{"resourceType":"Patient","name":[{"family":"Anyperson","given":["John","B."]}],"birthDate":"1951-01-20"}},{"fullUrl":"resource:1","resource":{"resourceType":"Immunization","status":"completed","vaccineCode":{"coding":[{"system":"http://hl7.org/fhir/sid/cvx","code":"207"}]},"patient":{"reference":"resource:0"},"occurrenceDateTime":"2021-01-01","performer":[{"actor":{"display":"ABC General Hospital"}}],"lotNumber":"0000001"}},{"fullUrl":"resource:2","resource":{"resourceType":"Immunization","status":"completed","vaccineCode":{"coding":[{"system":"http://hl7.org/fhir/sid/cvx","code":"207"}]},"patient":{"reference":"resource:0"},"occurrenceDateTime":"2021-01-29","performer":[{"actor":{"display":"ABC General Hospital"}}],"lotNumber":"0000007"}}]}}}}'
$ echo $EX | wc -c
1105
$ echo $EX | gzip | wc -c
449
Stephen MacVicar (May 19 2021 at 16:15):
The tests at https://inferno-dev.healthit.gov have been updated so that they now perform FHIR validation
Reece Adamson (May 19 2021 at 16:20):
against the SMART Health Cards: Vaccination & Testing Vaccination Credential Bundle profile
James Kizer (May 19 2021 at 17:10):
@Reece Adamson I'm testing out the file import flow for this patient https://connectathon.vci.org/patients/1 and I'm running into issues with the file. It looks like the kid for the file is 4VFcTjMP4sXNIjv1WwxWEFi7bdA9OpLOHhBiDdXJzM4, which doesn't appear to match a key in the JWKSet doc. The QR code kid is uZ84161RsBjULyL2sD59OycDFHKGIJZDOhjGBZCxqnY, which does match
Reece Adamson (May 19 2021 at 17:15):
When did you download the file? I just downloaded it and see the kid in the JWS header matching as uZ84161RsBjULyL2sD59OycDFHKGIJZDOhjGBZCxqnY
Reece Adamson (May 19 2021 at 17:16):
@Stephen MacVicar for the deployed instance is the signing key regenerated every time we re-deploy?
James Kizer (May 19 2021 at 17:22):
Yeah, looks good now. Must have been a stale file
Richard Braman (FLY.HEALTH) (May 19 2021 at 18:19):
Thanks to Reese and Dan for the help in polishing off the Cert.Health implementation. We are now passing all tests for issuance.
Abbie Watson (May 21 2021 at 16:48):
Okay, updated the reader app to read in the Bundle.Patient demographics.
IMG_8010.PNG
Last updated: Apr 12 2022 at 19:14 UTC
