StructureDefinition: ehrsrle-auditevent

This page is part of the FHIR Specification (v4.4.0: R5 Preview #2). The current version which supercedes this version is 5.0.0. For a full list of available versions, see the Directory of published versions . Page versions: R4 R3 R2

E.?? StructureDefinition: ehrsrle-auditevent

Electronic Health Records

Work Group

Maturity Level: 1

Trial Use

Use Context: Any

The official URL for this profile is:

http://hl7.org/fhir/StructureDefinition/ehrsrle-auditevent

Defines the elements to be supported within the AuditEvent resource in order to conform with the Electronic Health Record System Functional Model Record Lifecycle Event standard

This profile was published on Thu, Dec 4, 2014 00:00+1100 as a draft by Health Level Seven International (Electronic Health Record).

E.??.1 Formal Views of Profile Content

Description of Profiles, Differentials, Snapshots, and how the XML and JSON presentations work.

Text Summary
Differential Table
Snapshot Table
XML Template
JSON Template
All

This structure is derived from AuditEvent.

Summary

Must-Support: 25 elements

This structure is derived from AuditEvent.

Name	Flags	Card.	Type	Description & Constraints
AuditEvent		0..*	AuditEvent	Record of an event
type	S	1..1	Coding	Type/identifier of event
subtype	S	0..*	Coding	More specific type/id for the event
action	S	0..1	code	Type of action performed during the event
recorded	S	1..1	instant	Time when the event was recorded
purposeOfEvent	S	0..*	CodeableConcept	The purposeOfUse of the event
agent	S	1..*	BackboneElement	Actor involved in the event
role	S	0..*	CodeableConcept	Agent role in the event
who	S	0..1	Reference(PractitionerRole \| Practitioner \| Organization \| Device \| Patient \| RelatedPerson)	Identifier of who
requestor	S	1..1	boolean	Whether user is initiator
location	S	0..1	Reference(Location)	Where
policy	S	0..*	uri	Policy that authorized event
network	S	0..1	BackboneElement	Logical network location for application activity
address	S	0..1	string	Identifier for the network access point of the user device
type	S	0..1	code	The type of network access point
purposeOfUse	S	0..*	CodeableConcept	Reason given for this user
source	S	1..1	BackboneElement	Audit Event Reporter
site	S	0..1	string	Logical source location within the enterprise
observer	S	1..1	Reference(PractitionerRole \| Practitioner \| Organization \| Device \| Patient \| RelatedPerson)	The identity of source detecting the event
type	S	0..*	Coding	The type of source where event originated
entity	S	0..*	BackboneElement	Data or objects used
what	S	0..1	Reference(Resource)	Specific instance of resource
type	S	0..1	Coding	Type of entity involved
role	S	0..1	Coding	What role the entity played
lifecycle	S	0..1	Coding	Life-cycle stage for the entity
securityLabel	S	0..*	Coding	Security labels on the entity
Documentation for this format

Name	Flags	Card.	Type	Description & Constraints
AuditEvent	I	0..*	AuditEvent	Record of an event
id	Σ	0..1	id	Logical id of this artifact
meta	ΣI	0..1	Meta	Metadata about the resource
implicitRules	?!ΣI	0..1	uri	A set of rules under which this content was created
language	I	0..1	code	Language of the resource content Binding: Common Languages (preferred) Max Binding: All Languages
text	I	0..1	Narrative	Text summary of the resource, for human interpretation
contained		0..*	Resource	Contained, inline Resources
extension	I	0..*	Extension	Additional content defined by implementations
modifierExtension	?!I	0..*	Extension	Extensions that cannot be ignored
type	SΣI	1..1	Coding	Type/identifier of event Binding: Audit Event ID (extensible)
subtype	SΣI	0..*	Coding	More specific type/id for the event Binding: Audit Event Sub-Type (extensible)
action	SΣI	0..1	code	Type of action performed during the event Binding: AuditEventAction (required)
severity	ΣI	0..1	code	Emergency \| Alert \| Critical \| Error \| Warning \| Notice \| Informational \| Debug Binding: AuditEventSeverity (required)
period	I	0..1	Period	When the activity occurred
recorded	SΣI	1..1	instant	Time when the event was recorded
outcome	ΣI	0..1	CodeableConcept	Whether the event succeeded or failed Binding: AuditEventOutcome (extensible)
purposeOfEvent	SΣI	0..*	CodeableConcept	The purposeOfUse of the event Binding: PurposeOfUse (extensible)
agent	SI	1..*	BackboneElement	Actor involved in the event
id		0..1	id	Unique id for inter-element referencing
extension	I	0..*	Extension	Additional content defined by implementations
modifierExtension	?!ΣI	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type	I	0..1	CodeableConcept	How agent participated Binding: ParticipationRoleType (extensible)
role	SI	0..*	CodeableConcept	Agent role in the event Binding: SecurityRoleType (example)
who	SΣI	0..1	Reference(PractitionerRole \| Practitioner \| Organization \| Device \| Patient \| RelatedPerson)	Identifier of who
altId	I	0..1	string	Alternative User identity
name	I	0..1	string	Human friendly name for the agent
requestor	SΣI	1..1	boolean	Whether user is initiator
location	SI	0..1	Reference(Location)	Where
policy	SI	0..*	uri	Policy that authorized event
media	I	0..1	Coding	Type of media Binding: Media Type Code (extensible)
network	SI	0..1	BackboneElement	Logical network location for application activity
id		0..1	id	Unique id for inter-element referencing
extension	I	0..*	Extension	Additional content defined by implementations
modifierExtension	?!ΣI	0..*	Extension	Extensions that cannot be ignored even if unrecognized
address	SI	0..1	string	Identifier for the network access point of the user device
type	SI	0..1	code	The type of network access point Binding: AuditEventAgentNetworkType (required)
purposeOfUse	SI	0..*	CodeableConcept	Reason given for this user Binding: PurposeOfUse (extensible)
source	SI	1..1	BackboneElement	Audit Event Reporter
id		0..1	id	Unique id for inter-element referencing
extension	I	0..*	Extension	Additional content defined by implementations
modifierExtension	?!ΣI	0..*	Extension	Extensions that cannot be ignored even if unrecognized
site	SI	0..1	string	Logical source location within the enterprise
observer	SΣI	1..1	Reference(PractitionerRole \| Practitioner \| Organization \| Device \| Patient \| RelatedPerson)	The identity of source detecting the event
type	SI	0..*	Coding	The type of source where event originated Binding: Audit Event Source Type (extensible)
entity	SI	0..*	BackboneElement	Data or objects used
id		0..1	id	Unique id for inter-element referencing
extension	I	0..*	Extension	Additional content defined by implementations
modifierExtension	?!ΣI	0..*	Extension	Extensions that cannot be ignored even if unrecognized
what	SΣI	0..1	Reference(Resource)	Specific instance of resource
type	SI	0..1	Coding	Type of entity involved Binding: Audit event entity type (extensible)
role	SI	0..1	Coding	What role the entity played Binding: AuditEventEntityRole (extensible)
lifecycle	SI	0..1	Coding	Life-cycle stage for the entity Binding: ObjectLifecycleEvents (extensible)
securityLabel	SI	0..*	Coding	Security labels on the entity Binding: SecurityLabels (extensible)
name	ΣI	0..1	string	Descriptor for entity
query	ΣI	0..1	base64Binary	Query parameters
detail	I	0..*	BackboneElement	Additional Information about the entity
id		0..1	id	Unique id for inter-element referencing
extension	I	0..*	Extension	Additional content defined by implementations
modifierExtension	?!ΣI	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type	I	1..1	string	Name of the property
value[x]	I	1..1		Property value
valueString			string
valueBase64Binary			base64Binary
Documentation for this format

<!-- EHRS FM Record Lifecycle Event - Audit Event -->

<AuditEvent xmlns="http://hl7.org/fhir"
>
  <!-- from Element: extension -->
 <id value="[id]"/><!-- 0..1 Logical id of this artifact -->
 <meta><!--  0..1 Meta Metadata about the resource --></meta>
 <implicitRules value="[uri]"/><!--  0..1 A set of rules under which this content was created -->
 <language value="[code]"/><!--  0..1 Language of the resource content   -->
 <text><!--  0..1 Narrative 
     Text summary of the resource, for human interpretation --></text>
 <contained><!-- 0..* Resource Contained, inline Resources --></contained>
 <modifierExtension><!--  0..* Extension  Extensions that cannot be ignored  --></modifierExtension>
 <type><!--  1..1 Coding Type/identifier of event   --></type>
 <subtype><!--  0..* Coding More specific type/id for the event   --></subtype>
 <action value="[code]"/><!--  0..1 Type of action performed during the event   -->
 <severity value="[code]"/><!--  0..1 Emergency | Alert | Critical | Error | Warning | Notice | Informational | Debug   -->
 <period><!--  0..1 Period When the activity occurred --></period>
 <recorded value="[instant]"/><!--  1..1 Time when the event was recorded -->
 <outcome><!--  0..1 CodeableConcept Whether the event succeeded or failed   --></outcome>
 <purposeOfEvent><!--  0..* CodeableConcept The purposeOfUse of the event   --></purposeOfEvent>
 <agent>  1..* BackboneElement  <!--  1..* Actor involved in the event -->
  <modifierExtension><!--  0..* Extension  Extensions that cannot be ignored even if unrecognized  --></modifierExtension>
  <type><!--  0..1 CodeableConcept How agent participated   --></type>
  <role><!--  0..* CodeableConcept Agent role in the event   --></role>
  <who><!--  0..1 Reference(PractitionerRole) Identifier of who --></who>
  <altId value="[string]"/><!--  0..1 Alternative User identity -->
  <name value="[string]"/><!--  0..1 Human friendly name for the agent -->
  <requestor value="[boolean]"/><!--  1..1 Whether user is initiator -->
  <location><!--  0..1 Reference(Location) Where --></location>
  <policy value="[uri]"/><!--  0..* Policy that authorized event -->
  <media><!--  0..1 Coding Type of media   --></media>
  <network>  0..1 BackboneElement  <!--  0..1 Logical network location for application activity -->
   <modifierExtension><!--  0..* Extension  Extensions that cannot be ignored even if unrecognized  --></modifierExtension>
   <address value="[string]"/><!--  0..1 Identifier for the network access point of the user device -->
   <type value="[code]"/><!--  0..1 The type of network access point   -->
  </network>
  <purposeOfUse><!--  0..* CodeableConcept Reason given for this user   --></purposeOfUse>
 </agent>
 <source>  1..1 BackboneElement  <!--  1..1 Audit Event Reporter -->
  <modifierExtension><!--  0..* Extension  Extensions that cannot be ignored even if unrecognized  --></modifierExtension>
  <site value="[string]"/><!--  0..1 Logical source location within the enterprise -->
  <observer><!--  1..1 Reference(PractitionerRole) 
      The identity of source detecting the event --></observer>
  <type><!--  0..* Coding The type of source where event originated   --></type>
 </source>
 <entity>  0..* BackboneElement  <!--  0..* Data or objects used -->
  <modifierExtension><!--  0..* Extension  Extensions that cannot be ignored even if unrecognized  --></modifierExtension>
  <what><!--  0..1 Reference(Resource) Specific instance of resource --></what>
  <type><!--  0..1 Coding Type of entity involved   --></type>
  <role><!--  0..1 Coding What role the entity played   --></role>
  <lifecycle><!--  0..1 Coding Life-cycle stage for the entity    --></lifecycle>
  <securityLabel><!--  0..* Coding Security labels on the entity   --></securityLabel>
  <name value="[string]"/><!--  0..1 Descriptor for entity -->
  <query value="[base64Binary]"/><!--  0..1 Query parameters -->
  <detail>  0..* BackboneElement  <!--  0..* Additional Information about the entity -->
   <modifierExtension><!--  0..* Extension  Extensions that cannot be ignored even if unrecognized  --></modifierExtension>
   <type value="[string]"/><!--  1..1 Name of the property -->
   <value[x]><!--  1..1 string|base64Binary 
       Property value --></value[x]>
  </detail>
 </entity>
</AuditEvent>

{ // EHRS FM Record Lifecycle Event - Audit Event
  // from Element: extension
    "meta" : { Meta }, // C?Metadata about the resource
    "implicitRules" : "<uri>", // C?A set of rules under which this content was created
    "language" : "<code>", // C?Language of the resource content
    "text" : { Narrative }, // C?Text summary of the resource, for human interpretation
    "contained" : [{ Resource }], //Contained, inline Resources
    "modifierExtension" : [{ Extension }], // C?Extensions that cannot be ignored
    "type" : { Coding }, // C? R! Type/identifier of event
    "subtype" : [{ Coding }], // C?More specific type/id for the event
    "action" : "<code>", // C?Type of action performed during the event
    "severity" : "<code>", // C?Emergency | Alert | Critical | Error | Warning | Notice | Informational | Debug
    "period" : { Period }, // C?When the activity occurred
    "recorded" : "<instant>", // C? R! Time when the event was recorded
    "outcome" : { CodeableConcept }, // C?Whether the event succeeded or failed
    "purposeOfEvent" : [{ CodeableConcept }], // C?The purposeOfUse of the event
    "agent" : [{ BackboneElement }], // C? R! Actor involved in the event
    "source" : { BackboneElement }, // C? R! Audit Event Reporter
    "entity" : [{ BackboneElement }] // C?Data or objects used
  }

This structure is derived from AuditEvent.

Summary

Must-Support: 25 elements

Differential View

This structure is derived from AuditEvent.

Name	Flags	Card.	Type	Description & Constraints
AuditEvent		0..*	AuditEvent	Record of an event
type	S	1..1	Coding	Type/identifier of event
subtype	S	0..*	Coding	More specific type/id for the event
action	S	0..1	code	Type of action performed during the event
recorded	S	1..1	instant	Time when the event was recorded
purposeOfEvent	S	0..*	CodeableConcept	The purposeOfUse of the event
agent	S	1..*	BackboneElement	Actor involved in the event
role	S	0..*	CodeableConcept	Agent role in the event
who	S	0..1	Reference(PractitionerRole \| Practitioner \| Organization \| Device \| Patient \| RelatedPerson)	Identifier of who
requestor	S	1..1	boolean	Whether user is initiator
location	S	0..1	Reference(Location)	Where
policy	S	0..*	uri	Policy that authorized event
network	S	0..1	BackboneElement	Logical network location for application activity
address	S	0..1	string	Identifier for the network access point of the user device
type	S	0..1	code	The type of network access point
purposeOfUse	S	0..*	CodeableConcept	Reason given for this user
source	S	1..1	BackboneElement	Audit Event Reporter
site	S	0..1	string	Logical source location within the enterprise
observer	S	1..1	Reference(PractitionerRole \| Practitioner \| Organization \| Device \| Patient \| RelatedPerson)	The identity of source detecting the event
type	S	0..*	Coding	The type of source where event originated
entity	S	0..*	BackboneElement	Data or objects used
what	S	0..1	Reference(Resource)	Specific instance of resource
type	S	0..1	Coding	Type of entity involved
role	S	0..1	Coding	What role the entity played
lifecycle	S	0..1	Coding	Life-cycle stage for the entity
securityLabel	S	0..*	Coding	Security labels on the entity
Documentation for this format

Snapshot View

Name	Flags	Card.	Type	Description & Constraints
AuditEvent	I	0..*	AuditEvent	Record of an event
id	Σ	0..1	id	Logical id of this artifact
meta	ΣI	0..1	Meta	Metadata about the resource
implicitRules	?!ΣI	0..1	uri	A set of rules under which this content was created
language	I	0..1	code	Language of the resource content Binding: Common Languages (preferred) Max Binding: All Languages
text	I	0..1	Narrative	Text summary of the resource, for human interpretation
contained		0..*	Resource	Contained, inline Resources
extension	I	0..*	Extension	Additional content defined by implementations
modifierExtension	?!I	0..*	Extension	Extensions that cannot be ignored
type	SΣI	1..1	Coding	Type/identifier of event Binding: Audit Event ID (extensible)
subtype	SΣI	0..*	Coding	More specific type/id for the event Binding: Audit Event Sub-Type (extensible)
action	SΣI	0..1	code	Type of action performed during the event Binding: AuditEventAction (required)
severity	ΣI	0..1	code	Emergency \| Alert \| Critical \| Error \| Warning \| Notice \| Informational \| Debug Binding: AuditEventSeverity (required)
period	I	0..1	Period	When the activity occurred
recorded	SΣI	1..1	instant	Time when the event was recorded
outcome	ΣI	0..1	CodeableConcept	Whether the event succeeded or failed Binding: AuditEventOutcome (extensible)
purposeOfEvent	SΣI	0..*	CodeableConcept	The purposeOfUse of the event Binding: PurposeOfUse (extensible)
agent	SI	1..*	BackboneElement	Actor involved in the event
id		0..1	id	Unique id for inter-element referencing
extension	I	0..*	Extension	Additional content defined by implementations
modifierExtension	?!ΣI	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type	I	0..1	CodeableConcept	How agent participated Binding: ParticipationRoleType (extensible)
role	SI	0..*	CodeableConcept	Agent role in the event Binding: SecurityRoleType (example)
who	SΣI	0..1	Reference(PractitionerRole \| Practitioner \| Organization \| Device \| Patient \| RelatedPerson)	Identifier of who
altId	I	0..1	string	Alternative User identity
name	I	0..1	string	Human friendly name for the agent
requestor	SΣI	1..1	boolean	Whether user is initiator
location	SI	0..1	Reference(Location)	Where
policy	SI	0..*	uri	Policy that authorized event
media	I	0..1	Coding	Type of media Binding: Media Type Code (extensible)
network	SI	0..1	BackboneElement	Logical network location for application activity
id		0..1	id	Unique id for inter-element referencing
extension	I	0..*	Extension	Additional content defined by implementations
modifierExtension	?!ΣI	0..*	Extension	Extensions that cannot be ignored even if unrecognized
address	SI	0..1	string	Identifier for the network access point of the user device
type	SI	0..1	code	The type of network access point Binding: AuditEventAgentNetworkType (required)
purposeOfUse	SI	0..*	CodeableConcept	Reason given for this user Binding: PurposeOfUse (extensible)
source	SI	1..1	BackboneElement	Audit Event Reporter
id		0..1	id	Unique id for inter-element referencing
extension	I	0..*	Extension	Additional content defined by implementations
modifierExtension	?!ΣI	0..*	Extension	Extensions that cannot be ignored even if unrecognized
site	SI	0..1	string	Logical source location within the enterprise
observer	SΣI	1..1	Reference(PractitionerRole \| Practitioner \| Organization \| Device \| Patient \| RelatedPerson)	The identity of source detecting the event
type	SI	0..*	Coding	The type of source where event originated Binding: Audit Event Source Type (extensible)
entity	SI	0..*	BackboneElement	Data or objects used
id		0..1	id	Unique id for inter-element referencing
extension	I	0..*	Extension	Additional content defined by implementations
modifierExtension	?!ΣI	0..*	Extension	Extensions that cannot be ignored even if unrecognized
what	SΣI	0..1	Reference(Resource)	Specific instance of resource
type	SI	0..1	Coding	Type of entity involved Binding: Audit event entity type (extensible)
role	SI	0..1	Coding	What role the entity played Binding: AuditEventEntityRole (extensible)
lifecycle	SI	0..1	Coding	Life-cycle stage for the entity Binding: ObjectLifecycleEvents (extensible)
securityLabel	SI	0..*	Coding	Security labels on the entity Binding: SecurityLabels (extensible)
name	ΣI	0..1	string	Descriptor for entity
query	ΣI	0..1	base64Binary	Query parameters
detail	I	0..*	BackboneElement	Additional Information about the entity
id		0..1	id	Unique id for inter-element referencing
extension	I	0..*	Extension	Additional content defined by implementations
modifierExtension	?!ΣI	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type	I	1..1	string	Name of the property
value[x]	I	1..1		Property value
valueString			string
valueBase64Binary			base64Binary
Documentation for this format

XML Template

<!-- EHRS FM Record Lifecycle Event - Audit Event -->

<AuditEvent xmlns="http://hl7.org/fhir"
>
  <!-- from Element: extension -->
 <id value="[id]"/><!-- 0..1 Logical id of this artifact -->
 <meta><!--  0..1 Meta Metadata about the resource --></meta>
 <implicitRules value="[uri]"/><!--  0..1 A set of rules under which this content was created -->
 <language value="[code]"/><!--  0..1 Language of the resource content   -->
 <text><!--  0..1 Narrative 
     Text summary of the resource, for human interpretation --></text>
 <contained><!-- 0..* Resource Contained, inline Resources --></contained>
 <modifierExtension><!--  0..* Extension  Extensions that cannot be ignored  --></modifierExtension>
 <type><!--  1..1 Coding Type/identifier of event   --></type>
 <subtype><!--  0..* Coding More specific type/id for the event   --></subtype>
 <action value="[code]"/><!--  0..1 Type of action performed during the event   -->
 <severity value="[code]"/><!--  0..1 Emergency | Alert | Critical | Error | Warning | Notice | Informational | Debug   -->
 <period><!--  0..1 Period When the activity occurred --></period>
 <recorded value="[instant]"/><!--  1..1 Time when the event was recorded -->
 <outcome><!--  0..1 CodeableConcept Whether the event succeeded or failed   --></outcome>
 <purposeOfEvent><!--  0..* CodeableConcept The purposeOfUse of the event   --></purposeOfEvent>
 <agent>  1..* BackboneElement  <!--  1..* Actor involved in the event -->
  <modifierExtension><!--  0..* Extension  Extensions that cannot be ignored even if unrecognized  --></modifierExtension>
  <type><!--  0..1 CodeableConcept How agent participated   --></type>
  <role><!--  0..* CodeableConcept Agent role in the event   --></role>
  <who><!--  0..1 Reference(PractitionerRole) Identifier of who --></who>
  <altId value="[string]"/><!--  0..1 Alternative User identity -->
  <name value="[string]"/><!--  0..1 Human friendly name for the agent -->
  <requestor value="[boolean]"/><!--  1..1 Whether user is initiator -->
  <location><!--  0..1 Reference(Location) Where --></location>
  <policy value="[uri]"/><!--  0..* Policy that authorized event -->
  <media><!--  0..1 Coding Type of media   --></media>
  <network>  0..1 BackboneElement  <!--  0..1 Logical network location for application activity -->
   <modifierExtension><!--  0..* Extension  Extensions that cannot be ignored even if unrecognized  --></modifierExtension>
   <address value="[string]"/><!--  0..1 Identifier for the network access point of the user device -->
   <type value="[code]"/><!--  0..1 The type of network access point   -->
  </network>
  <purposeOfUse><!--  0..* CodeableConcept Reason given for this user   --></purposeOfUse>
 </agent>
 <source>  1..1 BackboneElement  <!--  1..1 Audit Event Reporter -->
  <modifierExtension><!--  0..* Extension  Extensions that cannot be ignored even if unrecognized  --></modifierExtension>
  <site value="[string]"/><!--  0..1 Logical source location within the enterprise -->
  <observer><!--  1..1 Reference(PractitionerRole) 
      The identity of source detecting the event --></observer>
  <type><!--  0..* Coding The type of source where event originated   --></type>
 </source>
 <entity>  0..* BackboneElement  <!--  0..* Data or objects used -->
  <modifierExtension><!--  0..* Extension  Extensions that cannot be ignored even if unrecognized  --></modifierExtension>
  <what><!--  0..1 Reference(Resource) Specific instance of resource --></what>
  <type><!--  0..1 Coding Type of entity involved   --></type>
  <role><!--  0..1 Coding What role the entity played   --></role>
  <lifecycle><!--  0..1 Coding Life-cycle stage for the entity    --></lifecycle>
  <securityLabel><!--  0..* Coding Security labels on the entity   --></securityLabel>
  <name value="[string]"/><!--  0..1 Descriptor for entity -->
  <query value="[base64Binary]"/><!--  0..1 Query parameters -->
  <detail>  0..* BackboneElement  <!--  0..* Additional Information about the entity -->
   <modifierExtension><!--  0..* Extension  Extensions that cannot be ignored even if unrecognized  --></modifierExtension>
   <type value="[string]"/><!--  1..1 Name of the property -->
   <value[x]><!--  1..1 string|base64Binary 
       Property value --></value[x]>
  </detail>
 </entity>
</AuditEvent>

JSON Template

{ // EHRS FM Record Lifecycle Event - Audit Event
  // from Element: extension
    "meta" : { Meta }, // C?Metadata about the resource
    "implicitRules" : "<uri>", // C?A set of rules under which this content was created
    "language" : "<code>", // C?Language of the resource content
    "text" : { Narrative }, // C?Text summary of the resource, for human interpretation
    "contained" : [{ Resource }], //Contained, inline Resources
    "modifierExtension" : [{ Extension }], // C?Extensions that cannot be ignored
    "type" : { Coding }, // C? R! Type/identifier of event
    "subtype" : [{ Coding }], // C?More specific type/id for the event
    "action" : "<code>", // C?Type of action performed during the event
    "severity" : "<code>", // C?Emergency | Alert | Critical | Error | Warning | Notice | Informational | Debug
    "period" : { Period }, // C?When the activity occurred
    "recorded" : "<instant>", // C? R! Time when the event was recorded
    "outcome" : { CodeableConcept }, // C?Whether the event succeeded or failed
    "purposeOfEvent" : [{ CodeableConcept }], // C?The purposeOfUse of the event
    "agent" : [{ BackboneElement }], // C? R! Actor involved in the event
    "source" : { BackboneElement }, // C? R! Audit Event Reporter
    "entity" : [{ BackboneElement }] // C?Data or objects used
  }

Alternate definitions: Master Definition (XML, JSON), Schematron

E.??.2 Terminology Bindings

Path	Name	Conformance	ValueSet
AuditEvent.language	Common Languages	preferred	Common Languages
AuditEvent.type	Audit Event ID	extensible	Audit Event ID
AuditEvent.subtype	Audit Event Sub-Type	extensible	Audit Event Sub-Type
AuditEvent.action	AuditEventAction	required	AuditEventAction
AuditEvent.severity	AuditEventSeverity	required	AuditEventSeverity
AuditEvent.outcome	AuditEventOutcome	extensible	AuditEventOutcome
AuditEvent.purposeOfEvent	V3 Value SetPurposeOfUse	extensible	V3 Value SetPurposeOfUse
AuditEvent.agent.type	ParticipationRoleType	extensible	ParticipationRoleType
AuditEvent.agent.role	SecurityRoleType	example	SecurityRoleType
AuditEvent.agent.media	Media Type Code	extensible	Media Type Code
AuditEvent.agent.network.type	AuditEventAgentNetworkType	required	AuditEventAgentNetworkType
AuditEvent.agent.purposeOfUse	V3 Value SetPurposeOfUse	extensible	V3 Value SetPurposeOfUse
AuditEvent.source.type	Audit Event Source Type	extensible	Audit Event Source Type
AuditEvent.entity.type	Audit event entity type	extensible	Audit event entity type
AuditEvent.entity.role	AuditEventEntityRole	extensible	AuditEventEntityRole
AuditEvent.entity.lifecycle	?ext	extensible	object-lifecycle-events
AuditEvent.entity.securityLabel	SecurityLabels	extensible	SecurityLabels