23Q4
Give Feedback GovStack Home

UC-C-PIC-A: Organisation Administration Use Cases (CONFIGURATION)

Following are the use-case specifications required by the organisation IT administrators for updating Data Policies required for an identified Consent Agreements (within postpartum and infant care)

Table of Contents

UC-C-PIC-A-001: Postpartum and infant care (Configuration CREATE)

UC-C-PIC-A-002: Postpartum and infant care (Configuration UPDATE)

UC-C-PIC-A-003: Postpartum and infant care (Configuration READ)

UC-C-PIC-A-004: Postpartum and infant care (Configuration DELETE)

UC-C-PIC-A-005: Postpartum and infant care (Configuration NOTIFICATIONS)

UC-C-PIC-A-001: Postpartum and infant care (Configuration CREATE)

ID

UC-C-PIC-001

Name

Postpartum and infant care (Configuration CREATE)

Description

The use case implements configuration of a consent agreement towards infant care use case scenarios. This results in a saved configuration to be issued to all mothers requiring infant care.

Trigger (the event that triggers the use case)

  1. The (healthcare) application admin/user wishes to configure the policies associated with the data usage.

  2. Any change in the pre-condition that requires a re-configuration.

Preconditions (list of conditions that MUST be met in order for the use case to be successful)

  1. The (healthcare) application admin/user is logged into the system and has sufficient privileges to use the system

  2. A healthcare policy exists, and is based on existing data laws for healthcare.

  3. Assumption: consent is needed for pulling data from another system of the mother needing care.

Data inputs

  1. Existing data policies relevant to the healthcare scenario

  2. Any legal information, standards.

Actors (a person, a company or organisation, a computer program, or a computer system - hardware, software, or both)

  1. The (healthcare) application admin/user configures the data usage policy. (a person, IT admin)

  2. The health-care provider application. (a computer system)

  3. DPO, Auditors (A person, or an independent authority)

Optionally: a data intermediary or a data operator.

Normal Course (what happens if the event is triggered and the preconditions have been met)

  1. The healthcare application user is able to invoke the configuration workflow.

  2. The healthcare user uses the existing policy relevant to registering for postpartum and infant care. This could be signed off by the organisation's DPO, for example.

  3. The data required are:

    1. Usage purpose

    2. Data policies and rules

    3. Define what data is being collected

  5. The configuration is saved.

  6. Once the DPO approves, the configuration is published towards the end-use case. I.e. registration system.

Alternative Course (links to other use cases in case there are different ways how to solve the same use case)

  1. Data configuration error scenarios

  2. DPO disapproves and the configuration is re-submitted for review and approval.

Data output

  1. The consent configuration data

Post-Conditions (the success criteria)

  1. The data usage policy is saved in the system and is available for the month to consent to during the registration process.

  2. The system is now configured and ready for collecting user consent during a registration workflow.

Exceptions (error situations)

(TBD - Should align with other error scenarios.)

Related BBs (working groups related to that particular use case)

  1. Identity BB (Required for acquiring authentication token)

  2. Workflow BB - workflow management

  3. Information Mediator BB - providing interfaces

  4. Security BB - supervision

Sequence diagram

The following sequence diagrams details the role of the Independent Authority and the DPIA (Data Protection Impact Assessment) as the document upon which the postpartum infant care program can rely to parametrise the healthcare application for interacting with the Consent BB.

Diagram Source

UC-C-PIC-A-002: Postpartum and infant care (Configuration UPDATE)

ID

UC-C-PIC-002

Name

Postpartum and infant care (Configuration UPDATE)

Description

Here, an organisation Administrator updates Consent Agreement based on the Data Policy requirements..

Trigger (the event that triggers the use case)

  1. The (healthcare) application admin/user wishes to configure the policies associated with the data usage.

  2. Any change in the pre-condition that requires a re-configuration.

Preconditions (list of conditions that MUST be met in order for the use case to be successful)

  1. The (healthcare) application admin/user is logged into the system and has sufficient privileges to use the system

  2. A healthcare policy exists, and is based on existing data laws for healthcare.

  3. Assumption: consent is needed for pulling data from another system of the mother needing care.

Data inputs

  1. Existing data policies relevant to the healthcare scenario

  2. Any legal information, standards.

Actors (a person, a company or organisation, a computer program, or a computer system - hardware, software, or both)

  1. The (healthcare) application admin/user configures the data usage policy. (a person, IT admin)

  2. The health-care provider application. (a computer system)

  3. DPO, Auditors (A person, or an independent authority)

Optionally: a data intermediary or a data operator.

Normal Course (what happens if the event is triggered and the preconditions have been met)

TBD

Alternative Course (links to other use cases in case there are different ways how to solve the same use case)

  1. Data configuration error scenarios

  2. DPO disapproves and the configuration is re-submitted for review and approval.

Data output

  1. Updated consent configuration data, Revision

Post-Conditions (the success criteria)

  1. The data usage policy is saved in the system and is available for the month to consent to during the registration process.

  2. The system is now configured and ready for collecting user consent during a registration workflow.

Exceptions (error situations)

(TBD - Should align with other error scenarios.)

Related BBs (working groups related to that particular use case)

  1. Identity BB (Required for acquiring authentication token)

  2. Workflow BB - workflow management

  3. Registries BB - stores the data agreement data,

  4. Information Mediator BB - providing interfaces

  5. Security BB - supervision

Sequence diagram

UC-C-PIC-A-003: Postpartum and infant care (Configuration READ)

UC-C-PIC-A-004: Postpartum and infant care (Configuration DELETE)

UC-C-PIC-A-005: Postpartum and infant care (Configuration NOTIFICATIONS)

Last updated

Copyright © 2024