diff --git a/care/emr/api/viewsets/condition.py b/care/emr/api/viewsets/condition.py
index efe44749f6..547b591215 100644
--- a/care/emr/api/viewsets/condition.py
+++ b/care/emr/api/viewsets/condition.py
@@ -1,6 +1,7 @@
 from django_filters import CharFilter, FilterSet, UUIDFilter
 from django_filters.rest_framework import DjangoFilterBackend
-from rest_framework.exceptions import PermissionDenied
+from rest_framework.exceptions import ValidationError
+from rest_framework.generics import get_object_or_404
 
 from care.emr.api.viewsets.base import EMRModelViewSet, EMRQuestionnaireResponseMixin
 from care.emr.api.viewsets.encounter_authz_base import EncounterBasedAuthorizationBase
@@ -17,6 +18,20 @@
 from care.emr.resources.questionnaire.spec import SubjectType
 
 
+class ValidateEncounterMixin:
+    """
+    Mixin to validate encounter and its relationship with the patient.
+    """
+
+    def validate_data(self, instance, model_obj=None):
+        # Ensure the encounter exists and matches the patient's external ID
+        encounter = get_object_or_404(Encounter, external_id=instance.encounter)
+        if str(encounter.patient.external_id) != self.kwargs["patient_external_id"]:
+            raise ValidationError(
+                "Patient external ID mismatch with encounter's patient"
+            )
+
+
 class ConditionFilters(FilterSet):
     encounter = UUIDFilter(field_name="encounter__external_id")
     clinical_status = CharFilter(field_name="clinical_status", lookup_expr="iexact")
@@ -27,7 +42,10 @@ class ConditionFilters(FilterSet):
 
 
 class SymptomViewSet(
-    EncounterBasedAuthorizationBase, EMRQuestionnaireResponseMixin, EMRModelViewSet
+    ValidateEncounterMixin,
+    EncounterBasedAuthorizationBase,
+    EMRQuestionnaireResponseMixin,
+    EMRModelViewSet,
 ):
     database_model = Condition
     pydantic_model = ConditionSpec
@@ -45,13 +63,6 @@ def perform_create(self, instance):
         instance.category = CategoryChoices.problem_list_item.value
         super().perform_create(instance)
 
-    def authorize_create(self, instance: ConditionSpec):
-        encounter = Encounter.objects.get(external_id=instance.encounter)
-        if str(encounter.patient.external_id) != self.kwargs["patient_external_id"]:
-            err = "Malformed request"
-            raise PermissionDenied(err)
-        # Check if the user has access to the patient and write access to the encounter
-
     def get_queryset(self):
         # Check if the user has read access to the patient and their EMR Data
         self.authorize_read_encounter()
@@ -70,7 +81,10 @@ def get_queryset(self):
 
 
 class DiagnosisViewSet(
-    EncounterBasedAuthorizationBase, EMRQuestionnaireResponseMixin, EMRModelViewSet
+    ValidateEncounterMixin,
+    EncounterBasedAuthorizationBase,
+    EMRQuestionnaireResponseMixin,
+    EMRModelViewSet,
 ):
     database_model = Condition
     pydantic_model = ConditionSpec
@@ -88,13 +102,6 @@ def perform_create(self, instance):
         instance.category = CategoryChoices.encounter_diagnosis.value
         super().perform_create(instance)
 
-    def authorize_create(self, instance: ConditionSpec):
-        encounter = Encounter.objects.get(external_id=instance.encounter)
-        if str(encounter.patient.external_id) != self.kwargs["patient_external_id"]:
-            err = "Malformed request"
-            raise PermissionDenied(err)
-        # Check if the user has access to the patient and write access to the encounter
-
     def get_queryset(self):
         # Check if the user has read access to the patient and their EMR Data
         self.authorize_read_encounter()