Auditevent-example-consent-authz.json

Release 5 Ballot

This page is part of the FHIR Specification (v5.0.0-ballot: R5 Ballot - see ballot notes). The current version which supercedes this version is 5.0.0. For a full list of available versions, see the Directory of published versions

Example AuditEvent/example-consent-permit-authz (JSON)

Security Work Group

Maturity Level: N/A

Standards Status: Informative

Compartments: Device, Patient, Practitioner

Raw JSON (canonical form + also see JSON Format Specification)

An AuditEvent recording a 'permit' authorization decision by a Consent Decision Service, based on a Consent resource (C1) filed by a patient (P1), in response to a request by an organization (Org1) for the purpose of treatment (TREAT).

{
  "resourceType": "AuditEvent",
  "id": "example-consent-permit-authz",
  "text": {
    "status": "generated",
    "div": "<div xmlns=\"http://www.w3.org/1999/xhtml\"><p><b>Generated Narrative: AuditEvent</b><a name=\"example-consent-permit-authz\"> </a></p><div style=\"display: inline-block; background-color: #d9e0e7; padding: 6px; margin: 4px; border: 1px solid #8da1b4; border-radius: 5px; line-height: 60%\"><p style=\"margin-bottom: 0px\">Resource AuditEvent &quot;example-consent-permit-authz&quot; </p></div><p><b>code</b>: Query <span style=\"background: LightGoldenRodYellow; margin: 4px; border: 1px solid khaki\"> (<a href=\"http://dicom.nema.org/resources/ontology/DCM\">DICOM</a>#110112)</span></p><p><b>action</b>: E</p><p><b>recorded</b>: 09/09/2021 7:51:59 AM</p><h3>Outcomes</h3><table class=\"grid\"><tr><td>-</td><td><b>Code</b></td><td><b>Detail</b></td></tr><tr><td>*</td><td>Success (Details: http://terminology.hl7.org/CodeSystem/audit-event-outcome code success = 'Success', stated as 'Success')</td><td>CONSENT_PERMIT <span style=\"background: LightGoldenRodYellow; margin: 4px; border: 1px solid khaki\"> ()</span></td></tr></table><p><b>patient</b>: <a href=\"patient-example.html\">Patient/example</a> &quot;Peter CHALMERS&quot;</p><h3>Agents</h3><table class=\"grid\"><tr><td>-</td><td><b>Type</b></td><td><b>Who</b></td><td><b>Requestor</b></td><td><b>Authorization</b></td></tr><tr><td>*</td><td>Destination Role ID <span style=\"background: LightGoldenRodYellow; margin: 4px; border: 1px solid khaki\"> (<a href=\"http://dicom.nema.org/resources/ontology/DCM\">DICOM</a>#110152)</span></td><td><span/></td><td>true</td><td>treatment <span style=\"background: LightGoldenRodYellow; margin: 4px; border: 1px solid khaki\"> (<a href=\"http://terminology.hl7.org/3.1.0/CodeSystem-v3-ActReason.html\">ActReason</a>#TREAT)</span></td></tr></table><h3>Sources</h3><table class=\"grid\"><tr><td>-</td><td><b>Observer</b></td><td><b>Type</b></td></tr><tr><td>*</td><td><span>: LEAP Consent Decision Service</span></td><td>Application Server <span style=\"background: LightGoldenRodYellow; margin: 4px; border: 1px solid khaki\"> (<a href=\"http://terminology.hl7.org/3.1.0/CodeSystem-security-source-type.html\">Audit Event Source Type</a>#4)</span></td></tr></table><h3>Entities</h3><table class=\"grid\"><tr><td>-</td><td><b>What</b></td><td><b>Role</b></td></tr><tr><td>*</td><td><a href=\"consent-example.html\">Consent/consent-example-basic</a></td><td>Domain Resource <span style=\"background: LightGoldenRodYellow; margin: 4px; border: 1px solid khaki\"> (<a href=\"codesystem-object-role.html\">AuditEventEntityRole</a>#4)</span></td></tr></table></div>"
  },
  "code": {
    "coding": [
      {
        "system": "http://dicom.nema.org/resources/ontology/DCM",
        "code": "110112",
        "display": "Query"
      }
    ]
  },
  "action": "E",
  "recorded": "2021-09-08T21:51:59.932Z",
  "outcome": {
    "code": {
      "system": "http://terminology.hl7.org/CodeSystem/audit-event-outcome",
      "code": "success",
      "display": "Success"
    },
    "detail": [
      {
        "text": "CONSENT_PERMIT"
      }
    ]
  },
  "patient": {
    "reference": "Patient/example"
  },
  "agent": [
    {
      "type": {
        "coding": [
          {
            "system": "http://dicom.nema.org/resources/ontology/DCM",
            "code": "110152",
            "display": "Destination Role ID"
          }
        ]
      },
      "who": {
        "identifier": {
          "system": "https://github.com/synthetichealth/synthea",
          "value": "Org1"
        }
      },
      "requestor": true,
      "authorization": [
        {
          "coding": [
            {
              "system": "http://terminology.hl7.org/CodeSystem/v3-ActReason",
              "code": "TREAT"
            }
          ]
        }
      ]
    }
  ],
  "source": {
    "observer": {
      "display": "LEAP Consent Decision Service"
    },
    "type": [
      {
        "coding": [
          {
            "system": "http://terminology.hl7.org/CodeSystem/security-source-type",
            "code": "4",
            "display": "Application Server"
          }
        ]
      }
    ]
  },
  "entity": [
    {
      "what": {
        "reference": "Consent/consent-example-basic"
      },
      "role": {
        "coding": [
          {
            "system": "http://terminology.hl7.org/CodeSystem/object-role",
            "code": "4",
            "display": "Domain Resource"
          }
        ]
      }
    }
  ]
}

Usage note: every effort has been made to ensure that the examples are correct and useful, but they are not a normative part of the specification.