Professional Documents
Culture Documents
T Rec H.830.16 201910 I!!pdf e
T Rec H.830.16 201910 I!!pdf e
T Rec H.830.16 201910 I!!pdf e
ITU-T H.830.16
TELECOMMUNICATION (10/2019)
STANDARDIZATION SECTOR
OF ITU
Conformance of ITU-T H.810 personal health system: Services interface Part 16:
FHIR Observation Upload: Health & Fitness Service receiver
Summary
Recommendation ITU-T H.830.16 provides a test suite structure (TSS) and the test purposes (TPs) for
fast healthcare interoperability resource (FHIR) Observation Upload through the Health & Fitness
Service (HFS) receiver in the Services interface, based on the requirements defined in the
Recommendations of the ITU-T H.810 sub-series, of which Recommendation ITU-T H.810 (2017) is
the base Recommendation. The objective of this test specification is to provide a high probability of
interoperability at this interface.
Recommendation ITU-T H.830.16 includes an electronic attachment with the protocol implementation
conformance statements (PICSs) and the protocol implementation extra information for testing
(PIXIT) required for the implementation of Annex A.
History
Edition Recommendation Approval Study Group Unique ID*
1.0 ITU-T H.830.16 2018-08-29 16 11.1002/1000/13677
2.0 ITU-T H.830.16 2019-10-17 16 11.1002/1000/14097
Keywords
Conformance testing, Continua Design Guidelines, e-health, Health & Fitness Service, ITU-T H.810,
personal connected health devices, Services interface, Capability Exchange, FHIR Observation
Upload.
* To access the Recommendation, type the URL http://handle.itu.int/ in the address field of your web
browser, followed by the Recommendation's unique ID. For example, http://handle.itu.int/11.1002/1000/11
830-en.
NOTE
In this Recommendation, the expression "Administration" is used for conciseness to indicate both a
telecommunication administration and a recognized operating agency.
Compliance with this Recommendation is voluntary. However, the Recommendation may contain certain
mandatory provisions (to ensure, e.g., interoperability or applicability) and compliance with the
Recommendation is achieved when all of these mandatory provisions are met. The words "shall" or some other
obligatory language such as "must" and the negative equivalents are used to express requirements. The use of
such words does not suggest that compliance with the Recommendation is required of any party.
ITU 2019
All rights reserved. No part of this publication may be reproduced, by any means whatsoever, without the prior
written permission of ITU.
Electronic attachment: This Recommendation includes an electronic attachment with the protocol
implementation conformance statements (PICSs) and the protocol implementation extra information
for testing (PIXIT) required for the implementation of Annex A.
Conformance of ITU-T H.810 personal health system: Services interface Part 16:
FHIR Observation Upload: Health & Fitness Service receiver
1 Scope
The scope of this Recommendation1 is to provide a test suite structure (TSS) and the test purposes
(TPs) for the Services interface based on the requirements defined in Continua Design Guidelines
(CDG) [ITU-T H.810 (2017)]. The objective of this test specification is to provide a high probability
of interoperability at this interface.
The TSS and TPs for the Services interface have been divided into the parts specified below. This
Recommendation covers Part 16.
– Part 1: Web services interoperability. Health & Fitness Service sender
– Part 2: Web services interoperability. Health & Fitness Service receiver
– Part 3: SOAP/ATNA. Health & Fitness Service sender
– Part 4: SOAP/ATNA. Health & Fitness Service receiver
– Part 5: PCD-01 HL7 Messages. Health & Fitness Service sender
– Part 6: PCD-01 HL7 Messages. Health & Fitness Service receiver
– Part 7: Consent Management. Health & Fitness Service sender
– Part 8: Consent Management. Health & Fitness Service receiver
– Part 9: hData Observation Upload. Health & Fitness Service sender
– Part 10: hData Observation Upload. Health & Fitness Service receiver
– Part 11: Questionnaires. Health & Fitness Service sender
– Part 12: Questionnaires. Health & Fitness Service receiver
– Part 13: Capability Exchange. Health & Fitness Service sender
– Part 14: Capability Exchange. Health & Fitness Service receiver
– Part 15: FHIR Observation Upload. Health & Fitness Service sender
– Part 16: FHIR Observation Upload. Health & Fitness Service receiver
2 References
The following ITU-T Recommendations and other references contain provisions which, through
reference in this text, constitute provisions of this Recommendation. At the time of publication, the
editions indicated were valid. All Recommendations and other references are subject to revision; users
of this Recommendation are therefore encouraged to investigate the possibility of applying the most
recent edition of the Recommendations and other references listed below. A list of the currently valid
ITU-T Recommendations is regularly published. The reference to a document within this
Recommendation does not give it, as a stand-alone document, the status of a Recommendation.
[ITU-T H.810 (2017)] Recommendation ITU-T H.810 (2017), Interoperability design guidelines
for personal connected health systems: Introduction.
1 This Recommendation includes an electronic attachment with the protocol implementation conformance statements
(PICS) and the protocol implementation extra information for testing (PIXIT) required for the implementation of Annex
A.
3 Definitions
Table 1 – List of designations associated with the various versions of the CDG
CDG Transposed as Version Description Designation
release
2017 – 7.0 Release 2017 of the CDG including –
maintenance updates of the CDG 2016
and additional guidelines that cover new
functionalities.
2016 plus [ITU-T H.810 (2016)] 6.1 Release 2016 plus errata noting all –
errata ratified bugs [b-CDG 2016].
2016 – 6.0 Release 2016 of the CDG including Iris
maintenance updates of the CDG 2015
and additional guidelines that cover new
functionalities.
2015 plus [b-ITU-T H.810 5.1 Release 2015 plus errata noting all –
errata (2015)] ratified bugs [b-CDG 2015]. The 2013
edition of [ITU-T H.810] is split into
eight parts in the ITU-T H.810 series.
2015 – 5.0 Release 2015 of the CDG including Genome
maintenance updates of the CDG 2013
and additional guidelines that cover new
functionalities.
2013 plus [b-ITU-T H.810 4.1 Release 2013 plus errata noting all –
errata (2013)] ratified bugs [b-CDG 2013].
2013 – 4.0 Release 2013 of the CDG including Endorphin
maintenance updates of the CDG 2012
and additional guidelines that cover new
functionalities.
Test procedures
(This annex forms an integral part of this Recommendation.)
HFSCommon 20; O
Other PICSs
Initial condition The simulated PHG supporting FHIR Observation Client and Capability Exchange Continua
Certified Capability Classes is ready to request the root file of the H&FS under test using TLS
1.1.
Test procedure 1. The simulated PHG performs an HTTP GET of root.xml using TLS v.1.1.
2. The simulated PHG obtains the root.xml file of the H&FS under test and checks that:
a) There is a <profile> element in which:
<id> element has a value of "FHIR-Observation-Server-4C".
<reference> elements points to the latest revision of the hData Content Profile
document that the implementation supports
b) There is a <resourceType> element in which:
<resourceTypeID> element has a value of "OAuthDescriptor".
<reference> elements points to the latest revision of the reference document
that the implementation supports
<representation> element has a <mediaType> element which value is
"application/json" or "application/xml".
c) There is a <section> element in which:
<profileID> has a value of "FHIR-Observation-Server-4C".
<resourceTypeID> has a value of "OAuthDescriptor".
<resourcePrefix> has a value of "true".
<path> element contains an atom feed to get the OAuthDescriptor.
3. The simulated PHG retrieves the atom feed returned by the H&FS and checks that:
Pass/Fail criteria The root file contains all the elements and values described in step 2.
The provided atom feed contains at least one OAuthDescriptor listed.
The OAuthDescriptor can be retrieved using the link element in the atom feed.
The OAuthDescriptor is compliant to the description given in step 4.
If the <mediaType> element of the <resourceType>with a <resourceTypeID> value of
"OAuthDescriptor" is set to application/xml the OAuthDescriptor will be retrieved in XML
format.
If the <mediaType> element of the <resourceType>with a <resourceTypeID> value of
"OAuthDescriptor" is set to application/json the OAuthDescriptor will be retrieved in
JSON format.
Notes
TP Id TP/HFS/REC/FHIR/GEN/BV-001
HFSCommon 20; O
Other PICSs
Initial condition The simulated PHG supporting FHIR Observation Reporting Client Continua Certified
Capability Class is ready to request the root file of the H&FS under test using TLS 1.1.
Test procedure 1. The simulated PHG performs an HTTP GET of root.xml using TLS v.1.1.
2. The simulated PHG obtains the root.xml file of the H&FS under test and checks that:
a) There is a <profile> element in which:
<id> element has a value of "FHIR-Observation-Reporting-Server-4C".
<reference> elements points to the latest revision of the hData Content Profile
document that the implementation supports
b) There is a <resourceType> element in which:
<resourceTypeID> element has a value of "OAuthDescriptor".
<reference> elements points to the latest revision of the reference document
that the implementation supports.
<representation> element has a <mediaType> element which value is
"application/json" or "application/xml".
c) There is a <section> element in which:
<profileID> has a value of "FHIR-Observation-Reporting-Server-4C".
<resourceTypeID> has a value of "OAuthDescriptor".
<resourcePrefix> has a value of "true".
<path> element contains an atom feed to get the OAuthDescriptor-
3. The simulated PHG retrieves the atom feed returned by the H&FS and checks that:
a) There is (at least) one OAuthDescriptor listed.
4. The simulated PHG retrieves the OAuthDescriptor (in XML or JSON format) using the
link element of the atom feed and checks that:
a) There is a resourceServerURL element which value is an URL (the endpoint where
the H&FS expects to receive measurements).
b) There is a tokenEndpointURL element which value is an URL (the endpoint for
obtaining the bearer OAuth token).
c) There is a grantTypes element and it contains one or more of the following strings:
"clientCredential"
"resourceOwnerCredential"
"implicit"
"authorizationCode"
d) Additionally, the grantTypes element may contain:
"rfc7523"
e) There may be an authorizationEndpointURL element which value is an URL (the
OAuth endpoint the H&FS expects the PHG to use for OAuth authorization).
Pass/Fail criteria The root file contains all the elements and values described in step 2.
The provided atom feed contains at least one OAuthDescriptor listed.
The OAuthDescriptor can be retrieved using the link element in the atom feed.
Notes
TP Id TP/HFS/REC/FHIR/GEN/BV-002
Initial condition The simulated PHG supporting FHIR Observation Reporting Client Continua Certified
Capability Class is ready to perform a conditional create operation to upload a complete FHIR
bundle (with no external references) to the H&FS under test. PHG has previously retrieved
both the root file and the OAuthDescriptor from the H&FS under test.
Test procedure 1. The simulated PHG performs a create operation (HTTP POST) to upload a complete
FHIR bundle (in XML format) containing a new measurement using TLS 1.1 and an
OAuth 2.0 bearer token obtained using the client credentials grant type.
2. The H&FS accepts the request and returns <HTTP 201> (Created).
3. The simulated PHG performs a create operation (HTTP POST) to upload a complete
FHIR bundle (in JSON format) containing a new measurement using TLS 1.1 and an
OAuth 2.0 bearer token obtained using the resource owner credentials grant type.
4. The H&FS accepts the request and returns <HTTP 201> (Created).
IF C_REC_FHIR_001=TRUE continue with step 5, ELSE the test case ends.
5. The simulated PHG performs a create operation (HTTP POST) to upload a complete
FHIR bundle (in XML format) containing a new measurement using TLS 1.1 and an
OAuth 2.0 bearer token obtained using the authorization code grant type.
6. The H&FS accepts the request and returns <HTTP 201> (Created).
7. The simulated PHG performs a create operation (HTTP POST) to upload a complete
FHIR bundle (in JSON format) containing a new measurement using TLS 1.1 and an
OAuth 2.0 bearer token obtained using the implicit grant type.
8. The H&FS accepts the request and returns <HTTP 201> (Created).
Notes
TP Id TP/HFS/REC/FHIR/GEN/BV-003
Initial condition The simulated PHG supporting FHIR Observation Reporting Client Continua Certified
Capability Class is ready to retrieve the OAuthDescriptor of the H&FS and to perform a
conditional create operation to upload a complete FHIR bundle (with no external references).
PHG has previously retrieved the root file from the H&FS under test.
Test procedure 1. The simulated PHG retrieves the OAuthDescriptor (in XML or JSON format) using the
link element of the atom feed provided by the root file of the H&FS under test.
2. The simulated PHG checks that the grantTypes element of the OAuthDescriptor contains
the string "rfc7523".
3. The simulated PHG performs a create operation (HTTP POST) to upload a complete
FHIR bundle containing a new measurement using TLS 1.1 and a single valid JSON
Web Token.
4. The H&FS accepts the request and returns <HTTP 201> (Created).
5. The simulated PHG performs a create operation (HTTP POST) to upload a complete
FHIR bundle containing a new measurement using TLS 1.1 and an invalid JSON Web
Token.
6. The H&FS does not accept the request and returns an error (i.e. an <HTTP 400> (Bad
Request)) with additional information using the "error_description" or "error_uri"
parameters.
Notes
Other PICSs
Initial condition The simulated PHG supporting FHIR Observation Reporting Client Continua Certified
Capability Class is ready to perform a conditional create operation to upload a complete FHIR
bundle with an Observation resource (with no external references) to the H&FS under test.
PHG has previously retrieved both the root file and the OAuthDescriptor from the H&FS under
test. The H&FS under test have no previously stored resources.
Test procedure 1. The simulated PHG performs a create operation (HTTP POST) to upload a complete
FHIR bundle containing an Observation resource (using TLS 1.1 and an OAuth 2.0
bearer token obtained using the client credentials grant type).
2. The H&FS accepts the request and returns <HTTP 201> (Created) and a Location
header, which contains the new Logical Id and Version Id of the created resources.
3. The simulated PHG performs a conditional create operation (HTTP POST) using the HL7
defined extension header "If-None-Exist" to upload a FHIR Observation resource (which
references can be resolved within the H&FS) using TLS 1.1 and an OAuth 2.0 bearer
token obtained using the client credentials grant type. The simulated PHG uses a non-
existent Logical Id (other than the ones returned in step 2) as the search parameter in the
"If-None-Exist" header.
4. The H&FS accepts the request and returns <HTTP 201> (Created) and a Location
header, which contains the new Logical Id and Version Id of the created resource
version.
5. The simulated PHG performs a conditional create operation (HTTP POST) using the HL7
defined extension header "If-None-Exist" to upload the same FHIR Observation
Resource as in step 3 (using TLS 1.1 and an OAuth 2.0 bearer token obtained using the
client credentials grant type). The simulated PHG uses Logical Id obtained in step 4 as
the search parameter in the "If-None-Exist" header.
6. The H&FS ignores the operation as it finds a match and returns <HTTP 200> (OK).
7. The simulated PHG performs an update operation (HTTP PUT) to update the FHIR
Observation resource uploaded in step 3 (using TLS 1.1 and an OAuth 2.0 bearer token
obtained using the client credentials grant type). This operation uses a non-existent id
(not the one obtained in step 4)
8. The H&FS creates the resource (as no resource already exists for the given id) and
returns <HTTP 201> (Created) and a Location header, which contains the new Logical Id
and Version Id of the created resource version
9. The simulated PHG performs an update operation (HTTP PUT) to update the FHIR
Observation resource uploaded in step 3 (using TLS 1.1 and an OAuth 2.0 bearer token
obtained using the client credentials grant type). This operation uses the id obtained in
step 4.
10. The H&FS accepts the request, updates the resource, and returns an <HTTP 200> (OK)
status code.
Pass/Fail criteria The H&FS accepts the operations and responds as described in step 2, 4, 6, 8, 10, 12
and 14.
Notes
[b-HFSS PICS & PIXIT] HFS Sender PICS and PIXIT Test Tool v7.0.0.0 – Excel sheet v1.8.
<https://handle.itu.int/11.1002/2000/12067>
[b-HL7 V3 HRF] Health Level Seven (2014), HL7 Version 3 Specification: hData
Record Format, Release 1.
http://www.hl7.org/documentcenter/private/standards/v3/V3_ITS_HDATA_RF_R1_2014JUN.
pdf
[b-IETF RFC 3339] IETF RFC 3339 (2002), Date and time on the Internet: Timestamps.
https://datatracker.ietf.org/doc/rfc3339
Series D Tariff and accounting principles and international telecommunication/ICT economic and
policy issues
Series E Overall network operation, telephone service, service operation and human factors
Series J Cable networks and transmission of television, sound programme and other multimedia
signals
Printed in Switzerland
Geneva, 2019