Aggregated Endpoint API Requirements

1 Aggregated API Overview
2 Explanation of Terms
3 Custom Operations
- 3.1 $carers

Aggregated API Overview

All resource types supported are in R4 and implement all search parameters as defined in the core R4 spec.

The full list of R4 FHIR resources defined in the core spec are visible here: Resourcelist - FHIR v4.0.1 , and the list of core spec search parameters can be seen in the “Search Parameters” section on each resource. An example for AllergyIntolerance is visible here: AllergyIntolerance - FHIR v4.0.1

All supported resource types support the standard _total, page, _count, _format _id and _sort search parameters.

Supported Resource Type	Read Request Supported	Search Request Supported	Authorization Requirements	Mandatory Search Parameters ¹
AllergyIntolerance			Standard	`patient:Patient.identifier`
Appointment			Standard	`actor:Patient.identifier`
CarePlan			Standard	`subject:Patient.identifier`
CareTeam			Standard	`subject:Patient.identifier`
ChargeItem			Standard	`subject:Patient.identifier`
ChargeItemDefinition			No granular authorization implemented	`identifier`
CodeSystem			No granular authorization implemented	N/A
Communication			Standard	`subject:Patient.identifier`
Composition			Standard	`subject:Patient.identifier`
Condition			Standard	`subject:Patient.identifier`
Consent			Standard	`patient:Patient.identifier`
Device			Standard	`patient:Patient.identifier`
DeviceRequest			Standard	`subject:Patient.identifier`
DeviceUseStatement			Standard	`subject:Patient.identifier`
DiagnosticReport			Standard	`subject:Patient.identifier`
DocumentReference			Standard	`subject:Patient.identifier`
Encounter			Standard	`subject:Patient.identifier`
EpisodeOfCare			Standard	`patient:Patient.identifier`
Flag			Standard	`subject:Patient.identifier`
HealthcareService			No granular authorization implemented	`organization:Organization.identifier` OR `identifier`
Immunization			Standard	`patient:Patient.identifier`
ImmunizationRecommendation			Standard	`patient:Patient.identifier`
Invoice			Standard	`subject:Patient.identifier`
Location			No granular authorization implemented	`organization:Organization.identifier` OR `identifier`
Medication			No authorization	N/A
MedicationAdministration			Standard	`subject:Patient.identifier`
MedicationDispense			Standard	`subject:Patient.identifier`
MedicationRequest			Standard	`subject:Patient.identifier`
MedicationStatement			Standard	`subject:Patient.identifier`
NutritionOrder			Standard	`patient:Patient.identifier`
Observation			Standard	`subject:Patient.identifier`
Organization			No granular authorization implemented	`identifier`
Patient			Standard	`identifier`
PaymentNotice			No granular authorization implemented	`identifier`
PaymentReconciliation			No granular authorization implemented	`identifier`
Person			No granular authorization implemented	N/A
Practitioner			No granular authorization implemented	N/A
PractitionerRole			N/A	N/A
Procedure			Standard	`subject:Patient.identifier`
Questionnaire	Special: conducted through AQS	Special: conducted through AQS	Standard	Special: conducted through AQS
QuestionnaireResponse	Special: conducted through AQS	Special: conducted through AQS	Standard	Special: conducted through AQS
RelatedPerson			Standard	`patient:Patient.identifier`
ServiceRequest			Standard	`patient.identifier`
Specimen			Standard	`patient:Patient.identifier`
Task			Standard	`patient.identifier`
ValueSet			No granular authorization implemented	N/A

¹ - All mandatory search parameters are optional if utilising a “no granular authorization” approach.

Explanation of Terms

Read Request Supported → This resource supports reading for a single resource
- e.g. GET /fhir/<resource_type>/<resource_id>
Search Request Supported → This resource supports searching for a single or multiple resources
- e.g. GET /fhir/<resource_type>?<search_param1>=<value1>&<search_param2>=<value2>
Authorization Requirements → How the request being made is authorized to only return data the caller is permitted to view
- Standard → Uses PKB’s Consent-based and source-based authorization to control access to data.
- No granular authorization implemented → Only allows for broad access without specific data-point level authorization where the caller has been specifically determined to have general access to the data. This option is not permitted by default and may be retired over time.
- No authorization → This resource is not subject to authorization
Mandatory Search Parameters → Any search parameters, in the core R4 spec or otherwise, which are deemed mandatory for a search request to be executed successfully. A search request which does not include these parameters will be rejected.

Custom Operations

$carers

This endpoint allows you to pull a list of the patient’s carers. See the following for more info: Extract Carers for a Patient