Ghasi e-Prescribing Gateway Service — Epics
Service: ghasi-eprescribing-gateway-service Epic prefix: EPRX-EPIC Last updated: 2026-04-18
Epics
EPRX-EPIC-01 — Phase 0: Foundations and ADR Closure
| Field | Value |
|---|---|
| Issue type | Epic |
| Summary | ADR acceptance, dual-entrypoint docs, and canonical product narrative |
| Status | Done |
| Priority | Must |
| Labels | service:eprescribing-gateway, domain:eprescribing, slice:S0 |
| Components | ghasi-eprescribing-gateway-service, fhir-gateway |
| Fix version | M0 |
| FR references | FR-EPRX-001 |
| Legacy FR refs | FR-RX-001 |
| Dependencies | IDENT-EPIC-01, INTEROP-EPIC-01 |
| Rollup status | Done |
Business outcome: Stakeholders can answer "which URL do I use for national prescribing?" without ambiguity. ADR-0043 and ADR-0044 accepted and implemented.
Description:
This foundational epic closes the dual-entrypoint confusion: /v1/ghasi-e-prescribing-gateway (direct/B2B) vs /fhir/R4/interop/ghasi-eprescribing/* (first-party via fhir-gateway). It ensures Kong routes are configured, gepgw_* persistence is established per ADR-0044, and the FHIR R4 baseline surface is deployed.
Stories: EPRX-US-001, EPRX-US-002
EPRX-EPIC-02 — MedicationRequest Lifecycle
| Field | Value |
|---|---|
| Issue type | Epic |
| Summary | EHR creates, revises, and cancels prescriptions via gateway |
| Status | In Progress |
| Priority | Must |
| Labels | service:eprescribing-gateway, domain:eprescribing, slice:S1 |
| Components | ghasi-eprescribing-gateway-service, orders-service |
| Fix version | M1 |
| FR references | FR-EPRX-002, FR-EPRX-003, FR-EPRX-004, FR-EPRX-005, FR-EPRX-006 |
| Legacy FR refs | FR-RX-001, FR-RX-003, FR-RX-004, FR-RX-005, FR-RX-006 |
| Dependencies | EPRX-EPIC-01, ORDERS-EPIC-01 |
| Rollup status | Partial |
Business outcome: EHR (orders-service/CPOE) can create, update, and cancel prescriptions on the national gateway; Pharmacy receives authoritative interop copies with idempotent retries and ETag safety.
Description:
Covers the prescriber side of the prescription workflow: FHIR MedicationRequest create (idempotent), update, and cancellation. Enforces that only ehr-backend persona can write MR. Issues prescription business ID and ETag on creation. Validates against tenant-configured IG. Emits events and audit records.
Stories: EPRX-US-003, EPRX-US-004, EPRX-US-005, EPRX-US-006
EPRX-EPIC-03 — MedicationDispense Lifecycle
| Field | Value |
|---|---|
| Issue type | Epic |
| Summary | Pharmacy creates fulfillment records; gateway validates and correlates |
| Status | In Progress |
| Priority | Must |
| Labels | service:eprescribing-gateway, domain:eprescribing, slice:S1 |
| Components | ghasi-eprescribing-gateway-service, pharmacy-service |
| Fix version | M1 |
| FR references | FR-EPRX-007, FR-EPRX-008 |
| Legacy FR refs | FR-RX-002 |
| Dependencies | EPRX-EPIC-02 |
| Rollup status | Partial |
Business outcome: Pharmacy can record prescription fulfillment (including partial fills); gateway validates the dispense against the known prescription; end-to-end correlation is maintained.
Description:
Covers pharmacy-side dispense records. Enforces that only pharmacy-backend persona can write MedicationDispense. Validates that the referenced MedicationRequest exists for the tenant. Supports partial fills. Updates prescription status on completion. Emits dispense events and notifies EHR.
Stories: EPRX-US-007, EPRX-US-008
EPRX-EPIC-04 — Subscription Notifications
| Field | Value |
|---|---|
| Issue type | Epic |
| Summary | Reliable HTTPS Subscription notifications to EHR and Pharmacy |
| Status | In Progress |
| Priority | Must |
| Labels | service:eprescribing-gateway, domain:eprescribing, slice:S1 |
| Components | ghasi-eprescribing-gateway-service |
| Fix version | M1 |
| FR references | FR-EPRX-009, FR-EPRX-010 |
| Legacy FR refs | FR-RX-009, FR-RX-010 |
| Dependencies | EPRX-EPIC-02, EPRX-EPIC-03 |
| Rollup status | Partial |
Business outcome: EHR and Pharmacy receive real-time status updates via signed HTTPS Subscriptions with guaranteed at-least-once delivery; failed deliveries are recoverable via DLQ and replay.
Description:
Covers FHIR Subscription registration, HMAC-signed payload delivery, retry policy, DLQ for failed deliveries, and manual replay tool. Subscription replay protection via X-Ghasi-Delivery-Id. Consumer deduplication documented in integration guide.
Stories: EPRX-US-009, EPRX-US-010, EPRX-US-011
EPRX-EPIC-05 — Audit and HIPAA-Equivalent Compliance
| Field | Value |
|---|---|
| Issue type | Epic |
| Summary | Complete HIPAA-equivalent audit trail for all prescription mutations |
| Status | In Progress |
| Priority | Must |
| Labels | service:eprescribing-gateway, domain:eprescribing, slice:S0, type:compliance |
| Components | ghasi-eprescribing-gateway-service, audit-service |
| Fix version | M1 |
| FR references | FR-EPRX-011, FR-EPRX-012 |
| Legacy FR refs | FR-RX-011, FR-RX-012 |
| Dependencies | EPRX-EPIC-02, EPRX-EPIC-03 |
| Rollup status | Partial |
Business outcome: Every create/update/delete of a prescription or dispense generates an immutable audit record with actor, tenant, correlation ID, and prescription business ID — satisfying HIPAA Security Rule equivalent requirements.
Description:
Audit records emitted for every state-changing operation. AuditEvent FHIR resources created for interop audit trail. Retention and legal hold hooks per tenant. Audit trail visible in security dashboard. Security reviewer sign-off required before production.
Stories: EPRX-US-012
EPRX-EPIC-06 — Tenant Security and Isolation
| Field | Value |
|---|---|
| Issue type | Epic |
| Summary | Zero cross-tenant leakage; persona enforcement; entitlement gate |
| Status | In Progress |
| Priority | Must |
| Labels | service:eprescribing-gateway, domain:eprescribing, slice:S0, type:security |
| Components | ghasi-eprescribing-gateway-service |
| Fix version | M1 |
| FR references | FR-EPRX-013 |
| Legacy FR refs | FR-RX-008 |
| Dependencies | IDENT-EPIC-01, TENANT-EPIC-01 |
| Rollup status | Partial |
Business outcome: No tenant can read or write another tenant's prescriptions; wrong-persona writes are blocked; unlicensed tenants receive 403.
Description:
RLS policies on all gepgw_* tables; adversarial cross-tenant test in CI; persona enforcement test; module entitlement gate. Security penetration test required before Phase 1 production.
Stories: EPRX-US-013, EPRX-US-014
EPRX-EPIC-07 — Phase 2: Enterprise Hardening
| Field | Value |
|---|---|
| Issue type | Epic |
| Summary | Task/Directory depth, Redis, HAPI validator, load tests |
| Status | To Do |
| Priority | Should |
| Labels | service:eprescribing-gateway, domain:eprescribing, slice:S2 |
| Components | ghasi-eprescribing-gateway-service |
| Fix version | M2 |
| FR references | FR-EPRX-014, FR-EPRX-015 |
| Legacy FR refs | FR-RX-020, FR-RX-021 |
| Dependencies | EPRX-EPIC-02, EPRX-EPIC-03 |
| Rollup status | Not started |
Business outcome: Gateway is production-hardened: Task renewals/clarifications fully operational, pharmacy directory search live, Redis caching operational, HAPI FHIR validator deployed.
Description: Phase 2 extends the MVP with: (1) full Task workflow for renewals and clarifications (FR-RX-020), (2) real Organization/Endpoint data for pharmacy directory search (FR-RX-021), (3) Redis for idempotency/rate-limit store, (4) HAPI FHIR validator replacing Zod where required by tenant IG depth, (5) load tests at target throughput.
Stories: EPRX-US-015, EPRX-US-016, EPRX-US-017
EPRX-EPIC-08 — Phase 3: Third-Party Onboarding
| Field | Value |
|---|---|
| Issue type | Epic |
| Summary | Repeatable onboarding for non-Ghasi EMRs and pharmacy systems |
| Status | To Do |
| Priority | Should |
| Labels | service:eprescribing-gateway, domain:eprescribing, slice:S3 |
| Components | ghasi-eprescribing-gateway-service |
| Fix version | M3 |
| FR references | FR-EPRX-016 |
| Legacy FR refs | — |
| Dependencies | EPRX-EPIC-07 |
| Rollup status | Not started |
Business outcome: Any national EMR or pharmacy can onboard to the same gateway contract with documented registration, scoped credentials, and three-party contract tests.
Description: Registration portal for B2B client credentials + optional mTLS; per-tenant IG package strategy; partner contract test harness (three-party simulators); external pharmacy directory with real Organization/Endpoint data.
Stories: EPRX-US-018, EPRX-US-019