Requirements

Scalable Consent Management Testing Guide - Local Development build (v0.1.0) built by the FHIR (HL7® FHIR® Standard) Build Tools. See the Directory of published versions

Page standards status: Informative

RTM - Requirements

This page displays the Requirements Traceability Matrix (RTM) from the perspective of the requirements. All requirements captured are included, whether or not they are traced. Each requirement may be expanded to show the requirements details as well as the traced test cases.

Requirements-components-admin-service

565: Consent Administration Service SHOULD NOT use cross version extensions on R4 subscriptions to describe any elements also described by this guide

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/STU1.1/components.html
Conformance: SHOULD
Notes: Not exactly sure how to test this
Traced Test Cases:
- 199: Read a Subscription
- 265: Notify for a Subscription - rest-hook

Requirements-components-client

512: Consent Client SHOULD NOT use cross version extensions on R4 subscriptions to describe any elements also described by this guide

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/STU1.1/components.html
Conformance: SHOULD
Notes: Not exactly sure how to test this
Traced Test Cases:
- 232: Workflow: Create a Subscription - rest-hook

Requirements-capstmt-admin-service

1: Consent Administration Service SHALL implement the server CapabilityStatement

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/artifacts.html
Conformance: SHALL
Notes: Does this mean a conforming system has to reference the "requirements" CS here, or could they just have their own CS that happens to be compatible? Also, what test should this be traced to? I'm thinking this traces to test procedure that ensures the right complement of tests are applied to a given system.
Traced Test Cases:
- 101: Obtain server CapabilityStatement

2: Consent Administration Service SHALL support JSON FHIR

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Notes: - Plan is to have JSON and XML flavors of all tests, but explicitly tracing each of those back to these requirements is probably not necessary.
Traced Test Cases:
- 136: Obtain server CapabilityStatement - JSON

34: Consent Administration Service SHALL support XML FHIR

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Notes: - Plan is to have JSON and XML flavors of all tests, but explicitly tracing each of those back to these requirements is probably not necessary.
Traced Test Cases:
- 137: Obtain server CapabilityStatement - XML

43: Consent Administration Service SHALL support Consent resource

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Traced Test Cases:

35: Consent Administration Service SHALL support Consent resources that conform to FASTConsent profile

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Related Requirement: 597: StructureDefinition FASTConsent
Traced Test Cases:

331: Consent Administration Service SHALL mark with profile assertions Consent resources that conform to the FASTConsent profile

Specification: HL7 FHIR R4
Link to Text: https://hl7.org/fhir/R4/profiling.html
Conformance: SHALL
Related Requirement: 597: StructureDefinition FASTConsent
Notes: Base FHIR requirement, applies because of declaring supportedProfile. Not marking as fully tested because I will continue to need to trace this to every transaction that applies.
Traced Test Cases:

332: Consent Administration Service SHALL support searching by the _profile parameter for Consent resources that conform to the FASTConsent profile

Specification: HL7 FHIR R4
Link to Text: https://hl7.org/fhir/R4/profiling.html
Conformance: SHALL
Related Requirement: 597: StructureDefinition FASTConsent
Notes: Base FHIR requirement, applies because of declaring supportedProfile
Traced Test Cases:
- 166: Search for Consent by FASTConsent profile - JSON
- 167: Search for Consent by FASTConsent profile - XML

36: Consent Administration Service SHALL support Consent read

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Traced Test Cases:
- 1: Read a Consent
- 101: Obtain server CapabilityStatement

37: Consent Administration Service SHALL support Consent search

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Traced Test Cases:
- 2: Search for a Consent
- 101: Obtain server CapabilityStatement

199: Consent Administration Service SHALL support Consent search by FASTConsentController

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Related Requirement: 472: SearchParameter FASTConsentController
Traced Test Cases:

72: Consent Administration Service SHALL support Consent search by date

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Traced Test Cases:

38: Consent Administration Service SHALL support Consent search by FASTConsentGrantee

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Related Requirement: 473: SearchParameter FASTConsentGrantee
Notes: Missing corresponding req in Tech spec 6.2.3.4
Traced Test Cases:

200: Consent Administration Service SHALL support Consent search by FASTConsentManager

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Related Requirement: 474: SearchParameter FASTConsentManager
Traced Test Cases:

39: Consent Administration Service SHALL support Consent search by FASTConsentOrganizationId

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Related Requirement: 475: SearchParameter FASTConsentOrganizationId
Notes: Matches identifier of grantee, manager, controller or the provision.actor.reference Missing corresponding req in Tech spec 6.2.3.4
Traced Test Cases:

40: Consent Administration Service SHALL support Consent search by patient

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Traced Test Cases:

368: Consent Administration Service SHALL support Consent search by FASTConsentPatientId

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Related Requirement: 476: SearchParameter FASTConsentPatientId
Notes: Matches patient.identifier or patient.extension additionalIdentifier Missing corresponding req in Tech spec 6.2.3.4
Traced Test Cases:

42: Consent Administration Service SHALL support Consent search by scope

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Traced Test Cases:

41: Consent Administration Service SHALL support Consent search by status

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Traced Test Cases:

46: Consent Administration Service SHALL support $fileConsent operation against Consent resource

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Related Requirement: 463: OperationDefinition FileConsent
Traced Test Cases:
- 68: Operation: File a Consent
- 101: Obtain server CapabilityStatement

374: Consent Administration Service SHALL support $revokeConsent operation against Consent resource

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Related Requirement: 466: OperationDefinition RevokeConsent
Traced Test Cases:
- 70: Operation: Revoke a Consent
- 101: Obtain server CapabilityStatement

661: Consent Administration Service SHALL support Subscription resource

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Traced Test Cases:
- 141: Read an AuditEvent
- 142: Search for an AuditEvent

377: Consent Administration Service SHALL support Consent subscriptions as defined by the FASTConsentSubscriptionTopic for FHIR R4 with Subscriptions Backport

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Traced Test Cases:

378: Consent Administration Service SHALL support Subscription create

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Notes: For now, testing limited to the topic declared in the CapStmt
Traced Test Cases:
- 232: Workflow: Create a Subscription - rest-hook
- 101: Obtain server CapabilityStatement

379: Consent Administration Service SHALL support Subscription update

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Traced Test Cases:
- 306: Workflow: Update a Subscription - rest-hook
- 101: Obtain server CapabilityStatement

380: Consent Administration Service SHALL support Subscription delete

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Traced Test Cases:

415: Consent Administration Service SHALL support $recordDisclosure operation against AuditEvent resource

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Related Requirement: 445: The RecordDisclosure operation is invoked as [base]/AuditEvent/$recordDisclosure
Traced Test Cases:
- 69: Operation: Record a Disclosure
- 101: Obtain server CapabilityStatement

397: Consent Administration Service SHALL support AuditEvent resource

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Traced Test Cases:

398: Consent Administration Service SHALL support AuditEvent resources that conform to FASTConsentAuditEvent profile

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Traced Test Cases:

399: Consent Administration Service SHALL mark with profile assertions AuditEvent resources that conform to the FASTConsentAuditEvent profile

Specification: HL7 FHIR R4
Link to Text: https://hl7.org/fhir/R4/profiling.html
Conformance: SHALL
Notes: Base FHIR requirement, applies because of declaring supportedProfile. Not marking as fully tested because I will continue to need to trace this to every transaction that applies.
Traced Test Cases:

400: Consent Administration Service SHALL support searching by the _profile parameter for AuditEvent resources that conform to the FASTConsentAuditEvent profile

Specification: HL7 FHIR R4
Link to Text: https://hl7.org/fhir/R4/profiling.html
Conformance: SHALL
Notes: Base FHIR requirement, applies because of declaring supportedProfile
Traced Test Cases:
- 168: Search for AuditEvent by FASTConsentAuditEvent profile - JSON
- 169: Search for AuditEvent by FASTConsentAuditEvent profile - XML

404: Consent Administration Service SHALL support AuditEvent read

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Traced Test Cases:
- 141: Read an AuditEvent
- 101: Obtain server CapabilityStatement

406: Consent Administration Service SHALL support AuditEvent search

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Traced Test Cases:
- 142: Search for an AuditEvent
- 101: Obtain server CapabilityStatement

409: Consent Administration Service SHALL support AuditEvent search by FASTAuditEventConsent

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Traced Test Cases:

412: Consent Administration Service SHALL support AuditEvent search by patient

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Traced Test Cases:

505: Consent Administration Service SHALL support Subscription read

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/CapabilityStatement-backport-subscription-server-r4.html
Conformance: SHALL
Traced Test Cases:
- 199: Read a Subscription

503: Consent Administration Service SHOULD support Subscription write via POST or PUT

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/CapabilityStatement-backport-subscription-server-r4.html
Conformance: SHOULD
Notes: - "After POSTing the subscription, the client parses the Location header and saves the new Subscription's logical id for use in subsequent operations." - implies server should always return Location
Traced Test Cases:
- 232: Workflow: Create a Subscription - rest-hook
- 305: Workflow: Create a Subscription - rest-hook PUT

509: Consent Administration Service SHOULD support Subscription update via PUT or PATCH

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/CapabilityStatement-backport-subscription-server-r4.html
Conformance: SHOULD
Notes: The CapStmt and the rendered page disagree - the raw CS does not include patch and the page does. Not testing patch at this time.
Traced Test Cases:

510: Consent Administration Service SHOULD support Subscription delete

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/CapabilityStatement-backport-subscription-server-r4.html
Conformance: SHOULD
Traced Test Cases:
- 100: Workflow: Consent subscription and notification
- 303: Workflow: Consent subscription and notification - no filters

511: Consent Administration Service SHOULD support Subscription search

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/CapabilityStatement-backport-subscription-server-r4.html
Conformance: SHOULD
Notes: Not testing search at this time
Traced Test Cases:
- 101: Obtain server CapabilityStatement

602: Consent Administration Service SHALL support Subscription search by url

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/CapabilityStatement-backport-subscription-server-r4.json
Conformance: SHALL
Notes: Not testing search at this time. Also, the raw CapStmt (linked) and the rendered page for the CapStmt disagree: the raw says SHALL, the page says SHOULD. See: https://hl7.org/fhir/uv/subscriptions-backport/CapabilityStatement-backport-subscription-server-r4.html#:~:text=Search%20Parameter%20Summary,uri
Traced Test Cases:
- 101: Obtain server CapabilityStatement

604: Consent Administration Service SHOULD support Subscription search by status

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/CapabilityStatement-backport-subscription-server-r4.html
Conformance: SHOULD
Notes: Not testing search at this time
Traced Test Cases:
- 101: Obtain server CapabilityStatement

508: Consent Administration Service SHALL support $status operation against Subscription resource

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/CapabilityStatement-backport-subscription-server-r4.html
Conformance: SHALL
Traced Test Cases:
- 266: Operation: Get Subscription Status

694: Consent Administration Service MAY support $events operation against Subscription resource

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/CapabilityStatement-backport-subscription-server-r4.json
Conformance: MAY
Notes: Not testing at this time
Traced Test Cases:
- 101: Obtain server CapabilityStatement

695: Consent Administration Service MAY support $get-ws-binding-token operation against Subscription resource

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/CapabilityStatement-backport-subscription-server-r4.json
Conformance: MAY
Notes: Not testing at this time
Traced Test Cases:

517: Consent Administration Service SHALL support Subscription resources that conform to BackportSubscription profile

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/CapabilityStatement-backport-subscription-server-r4.json
Conformance: SHALL
Traced Test Cases:

514: Consent Administration Service SHALL mark with profile assertions Subscription resources that conform to the BackportSubscription profile

Specification: HL7 FHIR R4
Link to Text: https://hl7.org/fhir/R4/profiling.html
Conformance: SHALL
Notes: Base FHIR requirement, applies because of declaring supportedProfile. Not marking as fully tested because I will continue to need to trace this to every transaction that applies.
Traced Test Cases:

515: Consent Administration Service SHALL support searching by the _profile parameter for Subscription resources that conform to the BackportSubscription profile

Specification: HL7 FHIR R4
Link to Text: https://hl7.org/fhir/R4/profiling.html
Conformance: SHALL
Notes: Base FHIR requirement, applies because of declaring supportedProfile
Traced Test Cases:
- 168: Search for AuditEvent by FASTConsentAuditEvent profile - JSON
- 169: Search for AuditEvent by FASTConsentAuditEvent profile - XML

Requirements-capstmt-client

48: Consent Client SHALL implement the client CapabilityStatement

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/artifacts.html
Conformance: SHALL
Notes: - Interpreting this as: a client doesn't necessarily have to maintain and make available a client CS, but does have to implement the functionality therein. So specific requirements from the CS are traced to tests that exercise them.
Does this mean a conforming system has to reference the "requirements" CS here, or could they just have their own CS that happens to be compatible?
- Traced Test Cases:
  - 134: Test client CapabilityStatement

49: Consent Client SHALL support JSON FHIR

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentClientCapabilities.json.html
Conformance: SHALL
Notes: - Plan is to have JSON and XML flavors of all tests, but explicitly tracing each of those back to these requirements is probably not necessary.
Traced Test Cases:
- 136: Obtain server CapabilityStatement - JSON
- 138: Test client CapabilityStatement - JSON

50: Consent Client SHALL support XML FHIR

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentClientCapabilities.json.html
Conformance: SHALL
Notes: - Plan is to have JSON and XML flavors of all tests, but explicitly tracing each of those back to these requirements is probably not necessary.
Traced Test Cases:
- 137: Obtain server CapabilityStatement - XML
- 139: Test client CapabilityStatement - XML

333: Consent Client SHALL support Consent resource

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentAdministrativeServerCapabilities.json.html
Conformance: SHALL
Traced Test Cases:

52: Consent Client SHALL support Consent resources that conform to FASTConsent profile

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentClientCapabilities.json.html
Conformance: SHALL
Related Requirement: 597: StructureDefinition FASTConsent
Traced Test Cases:

334: Consent Client SHALL mark with profile assertions Consent resources that conform to the FASTConsent profile

Specification: HL7 FHIR R4
Link to Text: https://hl7.org/fhir/R4/profiling.html
Conformance: SHALL
Related Requirement: 597: StructureDefinition FASTConsent
Notes: Base FHIR requirement, applies because of declaring supportedProfile. Not marking as fully tested because I will continue to need to trace this to every transaction that applies.
Traced Test Cases:

56: Consent Client SHALL support Consent read

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentClientCapabilities.json.html
Conformance: SHALL
Traced Test Cases:
- 1: Read a Consent
- 134: Test client CapabilityStatement

57: Consent Client SHALL support Consent search

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentClientCapabilities.json.html
Conformance: SHALL
Traced Test Cases:
- 2: Search for a Consent
- 134: Test client CapabilityStatement

58: Consent Client SHALL support Consent search by FASTConsentController

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentClientCapabilities.json.html
Conformance: SHALL
Related Requirement: 472: SearchParameter FASTConsentController
Traced Test Cases:

369: Consent Client SHALL support Consent search by date

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentClientCapabilities.json.html
Conformance: SHALL
Traced Test Cases:

370: Consent Client SHALL support Consent search by FASTConsentGrantee

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentClientCapabilities.json.html
Conformance: SHALL
Related Requirement: 473: SearchParameter FASTConsentGrantee
Traced Test Cases:

371: Consent Client SHALL support Consent search by FASTConsentManager

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentClientCapabilities.json.html
Conformance: SHALL
Related Requirement: 474: SearchParameter FASTConsentManager
Traced Test Cases:

59: Consent Client SHALL support Consent search by FASTConsentOrganizationId

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentClientCapabilities.json.html
Conformance: SHALL
Related Requirement: 475: SearchParameter FASTConsentOrganizationId
Notes: Matches identifier of grantee, manager, controller or the provision.actor.reference
Traced Test Cases:

60: Consent Client SHALL support Consent search by patient

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentClientCapabilities.json.html
Conformance: SHALL
Traced Test Cases:

372: Consent Client SHALL support Consent search by FASTConsentPatientId

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentClientCapabilities.json.html
Conformance: SHALL
Related Requirement: 476: SearchParameter FASTConsentPatientId
Notes: Matches patient.identifier or patient.extension additionalIdentifier
Traced Test Cases:

47: Consent Client SHALL support Consent search by scope

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentClientCapabilities.json.html
Conformance: SHALL
Traced Test Cases:

61: Consent Client SHALL support Consent search by status

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentClientCapabilities.json.html
Conformance: SHALL
Traced Test Cases:

53: Consent Client SHALL support $fileConsent operation against Consent resource

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentClientCapabilities.json.html
Conformance: SHALL
Related Requirement: 463: OperationDefinition FileConsent
Traced Test Cases:
- 68: Operation: File a Consent
- 134: Test client CapabilityStatement

376: Consent Client SHALL support $revokeConsent operation against Consent resource

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentClientCapabilities.json.html
Conformance: SHALL
Related Requirement: 466: OperationDefinition RevokeConsent
Traced Test Cases:
- 70: Operation: Revoke a Consent
- 134: Test client CapabilityStatement

381: Consent Client SHALL support Consent subscriptions as defined by the FASTConsentSubscriptionTopic for FHIR R4 with Subscriptions Backport

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentClientCapabilities.json.html
Conformance: SHALL
Traced Test Cases:

382: Consent Client SHALL support Subscription create

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentClientCapabilities.json.html
Conformance: SHALL
Traced Test Cases:
- 232: Workflow: Create a Subscription - rest-hook
- 134: Test client CapabilityStatement

383: Consent Client SHALL support Subscription update

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentClientCapabilities.json.html
Conformance: SHALL
Traced Test Cases:
- 306: Workflow: Update a Subscription - rest-hook
- 134: Test client CapabilityStatement

384: Consent Client SHALL support Subscription delete

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentClientCapabilities.json.html
Conformance: SHALL
Traced Test Cases:

416: Consent Client SHALL support $recordDisclosure operation against AuditEvent resource

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentClientCapabilities.json.html
Conformance: SHALL
Related Requirement: 445: The RecordDisclosure operation is invoked as [base]/AuditEvent/$recordDisclosure
Traced Test Cases:
- 69: Operation: Record a Disclosure
- 134: Test client CapabilityStatement

401: Consent Client SHALL support AuditEvent resource

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentClientCapabilities.json.html
Conformance: SHALL
Traced Test Cases:

402: Consent Client SHALL support AuditEvent resources that conform to FASTConsentAuditEvent profile

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentClientCapabilities.json.html
Conformance: SHALL
Traced Test Cases:

403: Consent Client SHALL mark with profile assertions AuditEvent resources that conform to the FASTConsentAuditEvent profile

Specification: HL7 FHIR R4
Link to Text: https://hl7.org/fhir/R4/profiling.html
Conformance: SHALL
Notes: Base FHIR requirement, applies because of declaring supportedProfile. Not marking as fully tested because I will continue to need to trace this to every transaction that applies.
Traced Test Cases:
- 69: Operation: Record a Disclosure

405: Consent Client SHALL support AuditEvent read

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentClientCapabilities.json.html
Conformance: SHALL
Traced Test Cases:
- 141: Read an AuditEvent
- 134: Test client CapabilityStatement

408: Consent Client SHALL support AuditEvent search

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentClientCapabilities.json.html
Conformance: SHALL
Traced Test Cases:
- 142: Search for an AuditEvent
- 134: Test client CapabilityStatement

411: Consent Client SHALL support AuditEvent search by FASTAuditEventConsent

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentClientCapabilities.json.html
Conformance: SHALL
Traced Test Cases:

414: Consent Client SHALL support AuditEvent search by patient

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/CapabilityStatement-ConsentClientCapabilities.json.html
Conformance: SHALL
Traced Test Cases:

Requirements-technical-specification-admin-service

68: Consent Administration Service SHOULD return OperationOutcome with details of which business rules did not allow an operation to be successful if an HTTP status code of 4xx or 5xx is returned

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/technical.html
Conformance: SHOULD
Traced Test Cases:
- 308: Error: Create a Subscription - rest-hook - unsupported backport-channel-type
- 309: Error: Create a Subscription - rest-hook - unsupported filter

69: Consent Administration Service MAY return OperationOutcome for a successful operation

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/technical.html
Conformance: MAY
Notes: - Right now, linking to each transaction. But rather than link many generic requirements to every transaction, should I create generic tests that each transaction uses? • For now, no, but consider iterating into this. Once everything traces, can consider refactoring traces. • An argument for doing this: every time we add a new transaction, we need to add those traces.
Traced Test Cases:

63: Consent Administration Service SHALL support Consent search

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/technical.html
Conformance: SHALL
Traced Test Cases:
- 2: Search for a Consent

364: Consent Administration Service SHALL support Consent search by FASTConsentController

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/technical.html
Conformance: SHALL
Related Requirement: 472: SearchParameter FASTConsentController
Traced Test Cases:
- 144: Search for Consent by FASTConsentController - JSON
- 145: Search for Consent by FASTConsentController - XML

365: Consent Administration Service SHALL support Consent search by date

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/technical.html
Conformance: SHALL
Traced Test Cases:
- 146: Search for Consent by date - JSON
- 147: Search for Consent by date - XML

367: Consent Administration Service SHALL support Consent search by FASTConsentManager

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/technical.html
Conformance: SHALL
Related Requirement: 474: SearchParameter FASTConsentManager
Traced Test Cases:
- 150: Search for Consent by FASTConsentManager - JSON
- 151: Search for Consent by FASTConsentManager - XML

71: Consent Administration Service SHALL support Consent search by patient

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/technical.html
Conformance: SHALL
Traced Test Cases:
- 154: Search for Consent by patient - JSON
- 155: Search for Consent by patient - XML

201: Consent Administration Service SHALL support Consent search by scope

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/technical.html
Conformance: SHALL
Traced Test Cases:
- 158: Search for Consent by scope - JSON
- 159: Search for Consent by scope - XML

73: Consent Administration Service SHALL support Consent search by status

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/technical.html
Conformance: SHALL
Traced Test Cases:
- 160: Search for Consent by status - JSON
- 161: Search for Consent by status - XML

62: Consent Administration Service SHALL support File Consent operation

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/technical.html
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/technical.html
Conformance: SHALL
Related Requirement: 463: OperationDefinition FileConsent
Notes: Redundant with CapStmt
Traced Test Cases:
- 68: Operation: File a Consent

101: Consent Administration Service SHALL support Revoke Consent operation

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/technical.html
Conformance: SHALL
Related Requirement: 466: OperationDefinition RevokeConsent
Notes: Redundant with CapStmt
Traced Test Cases:
- 70: Operation: Revoke a Consent

64: Consent Administration Service SHALL support Consent subscriptions (as defined by the FAST Subscription Topic for FHIR R4 with Subscriptions Backport)

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/technical.html
Conformance: SHALL
Notes: Fix: "a consent administration service SHALL support subscriptions to allow other systems to be informed when consents for a patient have changed." - this should be more precise, like "a consent administration service SHALL support subscriptions as defined by the FAST Subscription Topic, e.g. to allow other systems to be informed when consents for a patient have changed."
Traced Test Cases:

407: Consent Administration Service SHALL support AuditEvent search

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/technical.html
Conformance: SHALL
Traced Test Cases:
- 142: Search for an AuditEvent

266: Consent Administration Service SHALL support AuditEvent search by FASTAuditEventConsent

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/technical.html
Conformance: SHALL
Notes: Need to specify actor(s). For now, assuming CAS SHALL support and Consent Client MAY support
Traced Test Cases:
- 162: Search for AuditEvent by FASTAuditEventConsent - JSON
- 163: Search for AuditEvent by FASTAuditEventConsent - XML

298: Consent Administration Service SHALL support AuditEvent search by patient

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/technical.html
Conformance: SHALL
Notes: Need to specify actor(s). For now, assuming CAS SHALL support and Consent Client MAY support
Traced Test Cases:
- 164: Search for AuditEvent by patient - JSON
- 165: Search for AuditEvent by patient - XML

Requirements-technical-specification-client

67: Consent Client SHALL query the consent administration service for the identifiers of the involved patients, practitioners, organizations, and related persons

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/technical.html
Conformance: SHALL
Notes: Not testable yet - need lots more details about the lifecycle of relates resource instances. Query or match? Implies CAS is an MPI and similar for other resources? Doesn’t say what triggers these queries to occur, or what effect it has on workflows, or whether discovered identifiers are used in resources…
Traced Test Cases:

202: Consent Client MAY subscribe to Consent topics as defined by the FAST Subscription Topic

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/technical.html
Conformance: MAY
Notes: - No conformance words "client will…", so not clear which actors SHALL or MAY support. For now, treating as MAY for both clients and servers - tests can be conditional.
Nature of topic is it allows combinations of criteria. I'll call out each criterion below for traceability.
TBD whether there need to be requirements for CAS to detect and fire Consent events or if implied by subs framework.
- Traced Test Cases:
  - 100: Workflow: Consent subscription and notification
  - 303: Workflow: Consent subscription and notification - no filters

265: This guide mandates that Subscriptions be used

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/technical.html
Conformance: SHALL
Notes: Need conformance words - who does this apply to? Assuming clients, but which ones? What triggering actions? Are clients required to support only, or that they positively subscribe to specific other systems? Suggest referencing section with normative workflows.
Traced Test Cases:

167: If a system accesses a Consent instance for determining whether information can be accessed, the Record Disclosure Operation SHALL be used

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/technical.html
Conformance: SHALL
Notes: - Need to clarify which system has the responsibility for calling this - assuming Consent Client, calling the CAS.
For now, assuming client calls after accessing.
- Traced Test Cases:
  - 67: Workflow: Utilize Consent For Disclosure

267: Consent Client SHALL support AuditEvent search by FASTAuditEventConsent

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/technical.html
Conformance: SHALL
Notes: Implied - need requirement
Traced Test Cases:
- 162: Search for AuditEvent by FASTAuditEventConsent - JSON
- 163: Search for AuditEvent by FASTAuditEventConsent - XML

299: Consent Client SHALL support AuditEvent search by patient

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/technical.html
Conformance: SHALL
Notes: Implied - need requirement
Traced Test Cases:
- 164: Search for AuditEvent by patient - JSON
- 165: Search for AuditEvent by patient - XML

Requirements-subscriptiontopic-fastconsentsubscriptiontopic-admin-service

600: Consent Administration Service SHALL trigger a notification for every Consent create, unless filtered out

Specification: HL7 FHIR R5
Link to Text: https://hl7.org/fhir/subscriptiontopic.html
Conformance: SHALL
Parent: SubscriptionTopic FASTConsentSubscriptionTopic
Notes: This requirement is derived by the definition in the topic plus the actual behavior defined in R5 SubscriptionTopic (which is what's linked).
Traced Test Cases:
- 100: Workflow: Consent subscription and notification

606: Consent Administration Service SHALL trigger a notification for every Consent update, unless filtered out

Specification: HL7 FHIR R5
Link to Text: https://hl7.org/fhir/subscriptiontopic.html
Conformance: SHALL
Parent: SubscriptionTopic FASTConsentSubscriptionTopic
Notes: This requirement is derived by the definition in the topic plus the actual behavior defined in R5 SubscriptionTopic (which is what's linked).
Traced Test Cases:
- 100: Workflow: Consent subscription and notification

607: Consent Administration Service SHALL trigger a notification for every Consent delete, unless filtered out

Specification: HL7 FHIR R5
Link to Text: https://hl7.org/fhir/subscriptiontopic.html
Conformance: SHALL
Parent: SubscriptionTopic FASTConsentSubscriptionTopic
Notes: This requirement is derived by the definition in the topic plus the actual behavior defined in R5 SubscriptionTopic (which is what's linked).
Traced Test Cases:
- 100: Workflow: Consent subscription and notification

603: Consent Administration Service SHALL support Consent notification filter by SearchParameter FASTConsentPatientId

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/SubscriptionTopic-FASTConsentSubscriptionTopic.json.html
Conformance: SHALL
Parent: SubscriptionTopic FASTConsentSubscriptionTopic
Related Requirement: 476: SearchParameter FASTConsentPatientId
Traced Test Cases:
- 298: Workflow: Consent subscription and notification - FASTConsentPatientId

628: Consent Administration Service SHALL support Consent notification filter by SearchParameter FASTConsentOrganizationId

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/SubscriptionTopic-FASTConsentSubscriptionTopic.json.html
Conformance: SHALL
Parent: SubscriptionTopic FASTConsentSubscriptionTopic
Related Requirement: 475: SearchParameter FASTConsentOrganizationId
Traced Test Cases:
- 299: Workflow: Consent subscription and notification - FASTConsentOrganizationId

629: Consent Administration Service SHALL support Consent notification filter by actor identifier

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/SubscriptionTopic-FASTConsentSubscriptionTopic.json.html
Conformance: SHALL
Parent: SubscriptionTopic FASTConsentSubscriptionTopic
Traced Test Cases:
- 300: Workflow: Consent subscription and notification - actor

630: Consent Administration Service SHALL support Consent notification filter by status

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/SubscriptionTopic-FASTConsentSubscriptionTopic.json.html
Conformance: SHALL
Parent: SubscriptionTopic FASTConsentSubscriptionTopic
Traced Test Cases:
- 301: Workflow: Consent subscription and notification - status

631: Consent Administration Service SHALL support Consent notification filter by scope

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/SubscriptionTopic-FASTConsentSubscriptionTopic.json.html
Conformance: SHALL
Parent: SubscriptionTopic FASTConsentSubscriptionTopic
Traced Test Cases:
- 302: Workflow: Consent subscription and notification - scope

632: Consent Administration Service SHALL support Consent notification filter combinations

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/SubscriptionTopic-FASTConsentSubscriptionTopic.json.html
Conformance: SHALL
Parent: SubscriptionTopic FASTConsentSubscriptionTopic
Traced Test Cases:
- 304: Workflow: Consent subscription and notification - all filters

633: Consent Administration Service MAY support Consent notification filters by search parameters not listed by FASTConsentSubscriptionTopic

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/components.html
Conformance: MAY
Parent: SubscriptionTopic FASTConsentSubscriptionTopic
Notes: Not going to test just yet
Traced Test Cases:

Requirements-subscriptiontopic-fastconsentsubscriptiontopic-client

635: Consent Client MAY support Consent notification filter by SearchParameter FASTConsentPatientId

Specification: HL7 FAST Consent IG
Conformance: MAY
Traced Test Cases:
- 298: Workflow: Consent subscription and notification - FASTConsentPatientId

636: Consent Client MAY support Consent notification filter by SearchParameter FASTConsentOrganizationId

Specification: HL7 FAST Consent IG
Conformance: MAY
Traced Test Cases:
- 299: Workflow: Consent subscription and notification - FASTConsentOrganizationId

637: Consent Client MAY support Consent notification filter by actor identifier

Specification: HL7 FAST Consent IG
Conformance: MAY
Traced Test Cases:
- 300: Workflow: Consent subscription and notification - actor

638: Consent Client MAY support Consent notification filter by status

Specification: HL7 FAST Consent IG
Conformance: MAY
Traced Test Cases:
- 301: Workflow: Consent subscription and notification - status

639: Consent Client MAY support Consent notification filter by scope

Specification: HL7 FAST Consent IG
Conformance: MAY
Traced Test Cases:
- 302: Workflow: Consent subscription and notification - scope

640: Consent Client MAY support Consent notification filter combinations

Specification: HL7 FAST Consent IG
Conformance: MAY
Traced Test Cases:
- 304: Workflow: Consent subscription and notification - all filters

Requirements-conformance-admin-service

496: Consent Administration Service SHALL support Subscription read

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/conformance.html
Conformance: SHALL
Traced Test Cases:
- 199: Read a Subscription

497: Consent Administration Service SHALL support Subscription write

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/conformance.html
Conformance: SHALL
Traced Test Cases:
- 232: Workflow: Create a Subscription - rest-hook

498: Consent Administration Service SHALL support $status operation against Subscription resource

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/conformance.html
Conformance: SHALL
Traced Test Cases:
- 266: Operation: Get Subscription Status

499: Consent Administration Service SHOULD support Subscription topic discovery via the CapabilityStatement SubscriptionTopic Canonical extension

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/conformance.html
Conformance: SHOULD
Traced Test Cases:
- 232: Workflow: Create a Subscription - rest-hook
- 101: Obtain server CapabilityStatement

500: Consent Administration Service SHALL support at least one Subscription channel type, and SHOULD include one from Subscriptions R5 Backport IG

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/conformance.html
Conformance: SHALLSHOULD
Traced Test Cases:

501: Consent Administration Service SHALL support at least one Subscription Payload Type

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/conformance.html
Conformance: SHALL
Traced Test Cases:

502: Consent Administration Service SHALL conform to the BackportSubscriptionCapabilityStatementR4 CapabilityStatement

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/conformance.html
Conformance: SHALL
Notes: Expect this means include the same declarations in addition to including it in some way
Traced Test Cases:

567: Consent Administration Service SHOULD NOT use cross version extensions on R4 subscriptions to describe any elements also described by this guide

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/conformance.html
Conformance: SHOULD
Notes: Not exactly sure how to test this
Traced Test Cases:
- 199: Read a Subscription
- 265: Notify for a Subscription - rest-hook

504: Consent Administration Service SHOULD declare conformance with the BackportSubscriptionCapabilityStatementR4 using CapabilityStatement.instantiates

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/conformance.html
Conformance: SHOULD
Traced Test Cases:
- 101: Obtain server CapabilityStatement

513: Consent Administration Service SHALL support Subscription resources that conform to BackportSubscription profile

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/conformance.html
Conformance: SHALL
Traced Test Cases:

506: Consent Administration Service SHALL be able to read values in the backport-channel-type extension

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/conformance.html
Conformance: SHALL
Traced Test Cases:
- 232: Workflow: Create a Subscription - rest-hook
- 265: Notify for a Subscription - rest-hook

507: Consent Administration Service SHALL reject the subscription request if a client requests an unsupported channel via the backport-channel-type extension

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/conformance.html
Conformance: SHALL
Traced Test Cases:
- 308: Error: Create a Subscription - rest-hook - unsupported backport-channel-type

529: Consent Administration Service SHALL be able to read values in the backport-filter-criteria extension

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/conformance.html
Conformance: SHALL
Traced Test Cases:
- 232: Workflow: Create a Subscription - rest-hook
- 265: Notify for a Subscription - rest-hook

530: Consent Administration Service SHALL be able to apply filters as described by any Subscription Topics the server advertises support for

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/conformance.html
Conformance: SHALL
Traced Test Cases:
- 265: Notify for a Subscription - rest-hook

531: Consent Administration Service SHALL reject the subscription request if any filters are unsupported

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/conformance.html
Conformance: SHALL
Notes: Will test with a variety of query strings that are not supported per the server's CapStmt.
Traced Test Cases:
- 309: Error: Create a Subscription - rest-hook - unsupported filter

533: Consent Administration Service SHALL be able to read values in the backport-payload-content extension

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/conformance.html
Conformance: SHALL
Traced Test Cases:
- 232: Workflow: Create a Subscription - rest-hook

534: Consent Administration Service SHALL include information in notifications as described in this guide based on the value of the backport-payload-content extension

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/conformance.html
Conformance: SHALL
Traced Test Cases:

535: Consent Administration Service SHALL reject the subscription request if a client asks for a content level the server does not intend to support (e.g., does not meet security requirements)

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/conformance.html
Conformance: SHALL
Notes: This cannot be fully tested for a given system unless we know its specific requirements, but we can hit it with each content level as an exploratory test.
Traced Test Cases:
- 310: Error: Create a Subscription - rest-hook - unsupported content level

563: Consent Administration Service SHALL be able to generate a valid and correct R4 Backported R5 SubscriptionStatus resource for each notification

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/conformance.html
Conformance: SHALL
Traced Test Cases:
- 265: Notify for a Subscription - rest-hook

538: Consent Administration Service SHALL be able to read values in Subscription.criteria for subscription topics referenced by it

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/conformance.html
Conformance: SHALL
Traced Test Cases:
- 232: Workflow: Create a Subscription - rest-hook

539: Consent Administration Service SHALL reject the subscription request if it does not support a requested topic or will not honor the subscription otherwise

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/conformance.html
Conformance: SHALL
Traced Test Cases:
- 311: Error: Create a Subscription - rest-hook - unsupported topic

Requirements-conformance-client

566: Consent Client SHOULD NOT use cross version extensions on R4 subscriptions to describe any elements also described by this guide

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/conformance.html
Conformance: SHOULD
Notes: Not exactly sure how to test this
Traced Test Cases:
- 232: Workflow: Create a Subscription - rest-hook

516: Consent Client MAY support the backport-channel-type extension

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/conformance.html
Conformance: MAY
Notes: Not testing at this time
Traced Test Cases:

532: Consent Client SHALL be able to write values in the backport-filter-criteria extension

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/conformance.html
Conformance: SHALL
Traced Test Cases:
- 232: Workflow: Create a Subscription - rest-hook

536: Consent Client SHALL be able to write values in the backport-payload-content extension

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/conformance.html
Conformance: SHALL
Traced Test Cases:
- 232: Workflow: Create a Subscription - rest-hook

564: Consent Client SHALL be able to process a valid R4 Backported R5 SubscriptionStatus resource without errors

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/conformance.html
Conformance: SHALL
Traced Test Cases:

540: Consent Client SHALL be able to write subscription topic URLs in Subscription.criteria

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/conformance.html
Conformance: SHALL
Traced Test Cases:
- 232: Workflow: Create a Subscription - rest-hook

Requirements-subscriptiontopic-fastconsentsubscriptiontopic-client-admin-ser

596: SubscriptionTopic FASTConsentSubscriptionTopic

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/SubscriptionTopic-FASTConsentSubscriptionTopic.html
Conformance: SHALL
Notes: This topic is defined as an auto-backported R5 SubscriptionTopic (see note below), so this means the requirements for processing it are defined in the captured R5 requirements below. Note: its raw representation (https://build.fhir.org/ig/HL7/fhir-consent-management/SubscriptionTopic-FASTConsentSubscriptionTopic.json) is as a Basic resource.
Traced Test Cases:
- 140: Validate FHIR resources

Requirements-structure-definitions-client-admin-service

464: StructureDefinition FileConsentParameters

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/StructureDefinition-FileConsentParameters.html
Conformance: SHALL
Traced Test Cases:
- 68: Operation: File a Consent

70: The FileConsent operation "consent" input parameter SHALL be 1..1 and conform to the FASTConsent profile

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/StructureDefinition-FileConsentParameters-definitions.html
Conformance: SHALL
Parent: StructureDefinition FileConsentParameters
Related Requirement: 597: StructureDefinition FASTConsent
Traced Test Cases:
- 68: Operation: File a Consent

430: The FileConsent operation "document" input parameter SHALL be 1..1 and conform to either the us-core-questionnaireresponse or FASTDocumentReference profile

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/StructureDefinition-FileConsentParameters-definitions.html
Conformance: SHALL
Parent: StructureDefinition FileConsentParameters
Traced Test Cases:
- 68: Operation: File a Consent

469: StructureDefinition RevokeConsentParameters

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/StructureDefinition-RevokeConsentParameters.html
Conformance: SHALL
Traced Test Cases:
- 70: Operation: Revoke a Consent

441: The RevokeConsent operation "consent" input parameter SHALL be 1..1 and conform to the FASTConsent profile

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/StructureDefinition-RevokeConsentParameters-definitions.html
Conformance: SHALL
Parent: StructureDefinition RevokeConsentParameters
Related Requirement: 597: StructureDefinition FASTConsent
Traced Test Cases:
- 70: Operation: Revoke a Consent

448: The RevokeConsent operation "patient" input parameter SHALL be 1..1 and conform to the us-core-patient profile

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/StructureDefinition-RevokeConsentParameters-definitions.html
Conformance: SHALL
Parent: StructureDefinition RevokeConsentParameters
Traced Test Cases:
- 70: Operation: Revoke a Consent

443: The RevokeConsent operation "document" input parameter SHALL be 0..1 and conform to either the us-core-questionnaireresponse or FASTDocumentReference profile

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/StructureDefinition-RevokeConsentParameters-definitions.html
Conformance: SHALL
Parent: StructureDefinition RevokeConsentParameters
Traced Test Cases:
- 70: Operation: Revoke a Consent

470: StructureDefinition RecordDisclosureParameters

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/StructureDefinition-RecordDisclosureParameters.html
Conformance: SHALL
Traced Test Cases:
- 69: Operation: Record a Disclosure

452: The RecordDisclosure operation "disclosure" input parameter SHALL be 1..1 and conform to the FASTConsentAuditEvent profile

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/StructureDefinition-RecordDisclosureParameters-definitions.html
Conformance: SHALL
Parent: StructureDefinition RecordDisclosureParameters
Traced Test Cases:
- 69: Operation: Record a Disclosure

450: The RecordDisclosure operation "consent" input parameter SHALL be 1..1 and conform to the FASTConsent profile

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/StructureDefinition-RecordDisclosureParameters-definitions.html
Conformance: SHALL
Parent: StructureDefinition RecordDisclosureParameters
Related Requirement: 597: StructureDefinition FASTConsent
Traced Test Cases:
- 69: Operation: Record a Disclosure

477: StructureDefinition FASTSubscription

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/StructureDefinition-FASTSubscription.html
Conformance: SHALL
Related Requirement: 595: StructureDefinition BackportSubscription
Notes: - No requirements to use this yet
The constraint that status is always "active" might not make sense. I think the client is supposed to POST it as "requested".
- Traced Test Cases:
  - 140: Validate FHIR resources

595: StructureDefinition BackportSubscription

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/StructureDefinition-backport-subscription.html
Conformance: SHALL
Traced Test Cases:
- 140: Validate FHIR resources

597: StructureDefinition FASTConsent

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/StructureDefinition-FASTConsent.html
Conformance: SHALL
Notes: Many nested profiles, including from US Core. Will be checked by validator.
Traced Test Cases:
- 140: Validate FHIR resources

599: StructureDefinition FASTDocumentReference

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/StructureDefinition-FASTDocumentReference.html
Conformance: SHALL
Notes: Many nested profiles, including from US Core. Will be checked by validator.
Traced Test Cases:
- 140: Validate FHIR resources

601: StructureDefinition FASTReference

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/StructureDefinition-FASTReference.html
Conformance: SHALL
Notes: Many nested profiles, including from US Core. Will be checked by validator.
Traced Test Cases:
- 140: Validate FHIR resources

598: StructureDefinition FASTConsentAuditEvent

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/StructureDefinition-FASTConsentAuditEvent.html
Conformance: SHALL
Notes: Many nested profiles, including from US Core. Will be checked by validator.
Traced Test Cases:
- 140: Validate FHIR resources

Requirements-conformance-client-admin-service

562: Notification bundles SHALL contain a FHIR R4 Parameters resource, conforming to the R4 Backported R5 SubscriptionStatus profile, as the first entry

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/conformance.html
Conformance: SHALL
Notes: Not sure why, but this requirement is nearly repeated a couple sentences later as "The status entry SHALL be the first entry of each notification bundle." No need to capture that.
Traced Test Cases:
- 265: Notify for a Subscription - rest-hook

537: Subscription.criteria SHALL contain the canonical URL for the Subscription Topic

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/conformance.html
Conformance: SHALL
Traced Test Cases:
- 199: Read a Subscription
- 232: Workflow: Create a Subscription - rest-hook

Requirements-workflow-client-admin-service

541: Informative: Consent Client and Consent Administration Service generally follow the subscription workflow for R4 systems in section 2.3.3

Specification: Subscriptions R5 Backport
Link to Text: https://hl7.org/fhir/uv/subscriptions-backport/workflow.html
Conformance: SHALL
Notes: All constituent parts of this workflow are normatively defined elsewhere. Will use this workflow as a basis for the test cases needed.
Traced Test Cases:
- 100: Workflow: Consent subscription and notification
- 303: Workflow: Consent subscription and notification - no filters

Requirements-search-parameters-client-admin-service

472: SearchParameter FASTConsentController

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/SearchParameter-fast-consent-controller.html
Conformance: SHALL
Traced Test Cases:
- 144: Search for Consent by FASTConsentController - JSON
- 145: Search for Consent by FASTConsentController - XML

473: SearchParameter FASTConsentGrantee

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/SearchParameter-fast-consent-grantee.html
Conformance: SHALL
Traced Test Cases:
- 148: Search for Consent by FASTConsentGrantee - JSON
- 149: Search for Consent by FASTConsentGrantee - XML

474: SearchParameter FASTConsentManager

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/SearchParameter-fast-consent-manager.html
Conformance: SHALL
Traced Test Cases:
- 150: Search for Consent by FASTConsentManager - JSON
- 151: Search for Consent by FASTConsentManager - XML

475: SearchParameter FASTConsentOrganizationId

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/SearchParameter-fast-consent-organizationId.html
Conformance: SHALL
Traced Test Cases:
- 152: Search for Consent by FASTConsentOrganizationId - JSON
- 153: Search for Consent by FASTConsentOrganizationId - XML

476: SearchParameter FASTConsentPatientId

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/SearchParameter-fast-consent-patientId.html
Conformance: SHALL
Traced Test Cases:
- 156: Search for Consent by FASTConsentPatientId - JSON
- 157: Search for Consent by FASTConsentPatientId - XML

471: SearchParameter FASTAuditEventConsent

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/SearchParameter-fast-auditevent-consent.html
Conformance: SHALL
Traced Test Cases:
- 162: Search for AuditEvent by FASTAuditEventConsent - JSON
- 163: Search for AuditEvent by FASTAuditEventConsent - XML

Requirements-extended-operations-client-admin-service

463: OperationDefinition FileConsent

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/OperationDefinition-file-consent.html
Conformance: SHALL
Traced Test Cases:
- 68: Operation: File a Consent

133: The FileConsent operation is invoked as [base]/Consent/$fileConsent

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/OperationDefinition-file-consent.html
Conformance: SHALL
Parent: OperationDefinition FileConsent
Traced Test Cases:
- 68: Operation: File a Consent

134: The FileConsent operation input parameters SHALL conform to the FileConsentParameters profile

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/OperationDefinition-file-consent.json.html
Conformance: SHALL
Parent: OperationDefinition FileConsent
Notes: For the most part, I'm not going to trace to everything in StructDefs, because the FHIR validator will check these. We may revisit this decision.
Traced Test Cases:
- 68: Operation: File a Consent

135: The FileConsent operation "consent" input parameter SHALL be 1..1 and a Consent resource

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/OperationDefinition-file-consent.json.html
Conformance: SHALL
Parent: OperationDefinition FileConsent
Traced Test Cases:
- 68: Operation: File a Consent

166: The FileConsent operation "document" input parameter SHALL be 1..1 and any resource

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/OperationDefinition-file-consent.json.html
Conformance: SHALL
Parent: OperationDefinition FileConsent
Traced Test Cases:
- 68: Operation: File a Consent

168: The FileConsent operation "return" output parameter SHALL be 0..1 and be an OperationOutcome

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/OperationDefinition-file-consent.json.html
Conformance: SHALL
Parent: OperationDefinition FileConsent
Notes: Note no defined way to return Consent ID
Traced Test Cases:
- 68: Operation: File a Consent

466: OperationDefinition RevokeConsent

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/OperationDefinition-revoke-consent.html
Conformance: SHALL
Traced Test Cases:
- 70: Operation: Revoke a Consent

438: The RevokeConsent operation is invoked as [base]/Consent/$revokeConsent

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/OperationDefinition-revoke-consent.html
Conformance: SHALL
Parent: OperationDefinition RevokeConsent
Traced Test Cases:
- 70: Operation: Revoke a Consent

439: The RevokeConsent operation input parameters SHALL conform to the RevokeConsentParameters profile

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/OperationDefinition-revoke-consent.json.html
Conformance: SHALL
Parent: OperationDefinition RevokeConsent
Traced Test Cases:
- 70: Operation: Revoke a Consent

440: The RevokeConsent operation "consent" input parameter SHALL be 1..1 and conform to the FASTConsent profile

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/OperationDefinition-revoke-consent.json.html
Conformance: SHALL
Parent: OperationDefinition RevokeConsent
Related Requirement: 597: StructureDefinition FASTConsent
Traced Test Cases:
- 70: Operation: Revoke a Consent

447: The RevokeConsent operation "patient" input parameter SHALL be 1..1 and conform to the us-core-patient profile

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/OperationDefinition-revoke-consent.json.html
Conformance: SHALL
Parent: OperationDefinition RevokeConsent
Notes: - See http://hl7.org/fhir/us/core/STU6.1/StructureDefinition-us-core-patient.html
Consider tracking that
- Traced Test Cases:
  - 70: Operation: Revoke a Consent

442: The RevokeConsent operation "document" input parameter SHALL be 0..1 and any resource

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/OperationDefinition-revoke-consent.json.html
Conformance: SHALL
Parent: OperationDefinition RevokeConsent
Traced Test Cases:
- 70: Operation: Revoke a Consent

444: The RevokeConsent operation "return" output parameter SHALL be 0..1 and be an OperationOutcome

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/OperationDefinition-revoke-consent.json.html
Conformance: SHALL
Parent: OperationDefinition RevokeConsent
Traced Test Cases:
- 70: Operation: Revoke a Consent

467: OperationDefinition RecordDisclosure

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/OperationDefinition-record-disclosure.html
Conformance: SHALL
Traced Test Cases:
- 69: Operation: Record a Disclosure

445: The RecordDisclosure operation is invoked as [base]/AuditEvent/$recordDisclosure

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/OperationDefinition-record-disclosure.html
Conformance: SHALL
Parent: OperationDefinition RecordDisclosure
Traced Test Cases:
- 69: Operation: Record a Disclosure

446: The RecordDisclosure operation input parameters SHALL conform to the RecordDisclosureParameters profile

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/OperationDefinition-record-disclosure.json.html
Conformance: SHALL
Parent: OperationDefinition RecordDisclosure
Traced Test Cases:
- 69: Operation: Record a Disclosure

451: The RecordDisclosure operation "disclosure" input parameter SHALL be 1..1 and an AuditEvent resource

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/OperationDefinition-record-disclosure.json.html
Conformance: SHALL
Parent: OperationDefinition RecordDisclosure
Traced Test Cases:
- 69: Operation: Record a Disclosure

449: The RecordDisclosure operation "consent" input parameter SHALL be 1..1 and conform to the FASTConsent profile

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/OperationDefinition-record-disclosure.json.html
Conformance: SHALL
Parent: OperationDefinition RecordDisclosure
Related Requirement: 597: StructureDefinition FASTConsent
Traced Test Cases:
- 69: Operation: Record a Disclosure

453: The RecordDisclosure operation "return" output parameter SHALL be 0..1 and be an OperationOutcome

Specification: HL7 FAST Consent IG
Link to Text: https://build.fhir.org/ig/HL7/fhir-consent-management/OperationDefinition-record-disclosure.json.html
Conformance: SHALL
Traced Test Cases:
- 69: Operation: Record a Disclosure