This page is part of the FHIR Specification (v0.0.82: DSTU 1). The current version which supercedes this version is 5.0.0. For a full list of available versions, see the Directory of published versions

StructureDefinition: EHRAuditEvent

The official URL for this profile is:

http://hl7.org/fhir/StructureDefinition/auditevent-ehrs-rle-ehrauditevent

Defines the elements to be supported within the AuditEvent resource in order to conform with the Electronic Health Record System Functional Model Record Lifecycle Event standard

This profile was published on Thu, Dec 4, 2014 00:00+1100 as a draft by Health Level Seven, Inc. - EHR WG.

Formal Views of Profile Content

Description of Profiles, Differentials, Snapshots, and how the XML and JSON presentations work.

This structure is derived from AuditEvent.

unable to summarise extension (wrong count)

This structure is derived from AuditEvent.

NameFlagsCard.TypeDescription & Constraintsdoco
.. AuditEvent 1..1AuditEvent
... event S1..1
.... type S1..1
.... subtype S0..*
.... action S0..1
.... dateTime S1..1
.... auditevent-ehrs-rle-location S0..1LocationWhere the activity occurred, if relevant
.... auditevent-ehrs-rle-reason S0..1CodeableConceptReason activity is occurring
.... auditevent-ehrs-rle-policy S0..1uriPolicy or plan th eactivity was defined by
... participant S1..*
.... role S0..*
.... reference S0..1
.... userId S0..1
.... requestor S1..1
.... network S0..1
..... identifier S0..1
..... type S0..1
... source S1..1
.... site S0..1
.... identifier S1..1
.... type S1..1
... object S0..*
.... identifier S0..1
.... reference S0..1
.... type S0..1
.... role S0..1
.... lifecycle S0..1
.... sensitivity S0..1
NameFlagsCard.TypeDescription & Constraintsdoco
.. AuditEvent 1..1AuditEventEvent record kept for security purposes
... meta 0..1MetaMetadata about the resource
... implicitRules ?!0..1uriA set of rules under which this content was created
... language 0..1codeLanguage of the resource content
Binding: Language (required)
... text I0..1NarrativeText summary of the resource, for human interpretation
... contained 0..*ResourceContained, inline Resources
... extension 0..*ExtensionAdditional Content defined by implementations
... modifierExtension 0..*ExtensionExtensions that cannot be ignored
... event S1..1What was done
.... auditevent-ehrs-rle-location S0..1LocationExtension
.... auditevent-ehrs-rle-reason S0..1CodeableConceptExtension
.... auditevent-ehrs-rle-policy S0..1uriExtension
.... modifierExtension 0..*ExtensionExtensions that cannot be ignored
.... type S1..1CodeableConceptType/identifier of event
Binding: AuditEventType (required)
.... subtype S0..*CodeableConceptMore specific type/id for the event
Binding: AuditEventSubType (required)
.... action S0..1codeType of action performed during the event
Binding: AuditEventAction (required)
.... dateTime S1..1instantTime when the event occurred on source
.... outcome 0..1codeWhether the event succeeded or failed
Binding: AuditEventOutcome (required)
.... outcomeDesc 0..1stringDescription of the event outcome
... participant S I1..*A person, a hardware device or software process
sev-3: Either a userId or a reference, but not both
.... extension 0..*ExtensionAdditional Content defined by implementations
.... modifierExtension 0..*ExtensionExtensions that cannot be ignored
.... role S0..*CodeableConceptUser roles (e.g. local RBAC codes)
Binding: DICOMRoleId (required)
.... reference S I0..1Practitioner, Organization, Device, Patient, RelatedPersonDirect reference to resource
.... userId S I0..1stringUnique identifier for the user
.... altId 0..1stringAlternative User id e.g. authentication
.... name 0..1stringHuman-meaningful name for the user
.... requestor S1..1booleanWhether user is initiator
.... location 0..1LocationWhere
.... policy 0..*uriPolicy that authorized event
.... media 0..1CodingType of media
.... network S0..1Logical network location for application activity
..... extension 0..*ExtensionAdditional Content defined by implementations
..... modifierExtension 0..*ExtensionExtensions that cannot be ignored
..... identifier S0..1stringIdentifier for the network access point of the user device
..... type S0..1codeThe type of network access point
Binding: AuditEventParticipantNetworkType (required)
... source S1..1Application systems and processes
.... extension 0..*ExtensionAdditional Content defined by implementations
.... modifierExtension 0..*ExtensionExtensions that cannot be ignored
.... site S0..1stringLogical source location within the enterprise
.... identifier S1..1stringThe id of source where event originated
.... type S1..1CodingThe type of source where event originated
Binding: AuditEventSourceType (required)
... object S I0..*Specific instances of data or objects that have been accessed
sev-2: Either an identifier or a reference, but not both
sev-1: Either a name or a query (or both)
.... extension 0..*ExtensionAdditional Content defined by implementations
.... modifierExtension 0..*ExtensionExtensions that cannot be ignored
.... identifier S I0..1IdentifierSpecific instance of object (e.g. versioned)
.... reference S I0..1ResourceSpecific instance of resource (e.g. versioned)
.... type S0..1codeObject type being audited
Binding: AuditEventObjectType (required)
.... role S0..1codeFunctional application role of Object
Binding: AuditEventObjectRole (required)
.... lifecycle S0..1codeLife-cycle stage for the object
Binding: AuditEventObjectLifecycle (required)
.... sensitivity S0..1CodeableConceptPolicy-defined sensitivity for the object
Binding: AuditEventObjectSensitivity (example)
.... name I0..1stringInstance-specific descriptor for Object
.... description 0..1stringDescriptive text
.... query I0..1base64BinaryActual query for object
.... detail 0..*Additional Information about the Object
..... extension 0..*ExtensionAdditional Content defined by implementations
..... modifierExtension 0..*ExtensionExtensions that cannot be ignored
..... type 1..1stringName of the property
..... value 1..1base64BinaryProperty value

todo

This structure is derived from AuditEvent.

unable to summarise extension (wrong count)

Differential View

This structure is derived from AuditEvent.

NameFlagsCard.TypeDescription & Constraintsdoco
.. AuditEvent 1..1AuditEvent
... event S1..1
.... type S1..1
.... subtype S0..*
.... action S0..1
.... dateTime S1..1
.... auditevent-ehrs-rle-location S0..1LocationWhere the activity occurred, if relevant
.... auditevent-ehrs-rle-reason S0..1CodeableConceptReason activity is occurring
.... auditevent-ehrs-rle-policy S0..1uriPolicy or plan th eactivity was defined by
... participant S1..*
.... role S0..*
.... reference S0..1
.... userId S0..1
.... requestor S1..1
.... network S0..1
..... identifier S0..1
..... type S0..1
... source S1..1
.... site S0..1
.... identifier S1..1
.... type S1..1
... object S0..*
.... identifier S0..1
.... reference S0..1
.... type S0..1
.... role S0..1
.... lifecycle S0..1
.... sensitivity S0..1

Snapshot View

NameFlagsCard.TypeDescription & Constraintsdoco
.. AuditEvent 1..1AuditEventEvent record kept for security purposes
... meta 0..1MetaMetadata about the resource
... implicitRules ?!0..1uriA set of rules under which this content was created
... language 0..1codeLanguage of the resource content
Binding: Language (required)
... text I0..1NarrativeText summary of the resource, for human interpretation
... contained 0..*ResourceContained, inline Resources
... extension 0..*ExtensionAdditional Content defined by implementations
... modifierExtension 0..*ExtensionExtensions that cannot be ignored
... event S1..1What was done
.... auditevent-ehrs-rle-location S0..1LocationExtension
.... auditevent-ehrs-rle-reason S0..1CodeableConceptExtension
.... auditevent-ehrs-rle-policy S0..1uriExtension
.... modifierExtension 0..*ExtensionExtensions that cannot be ignored
.... type S1..1CodeableConceptType/identifier of event
Binding: AuditEventType (required)
.... subtype S0..*CodeableConceptMore specific type/id for the event
Binding: AuditEventSubType (required)
.... action S0..1codeType of action performed during the event
Binding: AuditEventAction (required)
.... dateTime S1..1instantTime when the event occurred on source
.... outcome 0..1codeWhether the event succeeded or failed
Binding: AuditEventOutcome (required)
.... outcomeDesc 0..1stringDescription of the event outcome
... participant S I1..*A person, a hardware device or software process
sev-3: Either a userId or a reference, but not both
.... extension 0..*ExtensionAdditional Content defined by implementations
.... modifierExtension 0..*ExtensionExtensions that cannot be ignored
.... role S0..*CodeableConceptUser roles (e.g. local RBAC codes)
Binding: DICOMRoleId (required)
.... reference S I0..1Practitioner, Organization, Device, Patient, RelatedPersonDirect reference to resource
.... userId S I0..1stringUnique identifier for the user
.... altId 0..1stringAlternative User id e.g. authentication
.... name 0..1stringHuman-meaningful name for the user
.... requestor S1..1booleanWhether user is initiator
.... location 0..1LocationWhere
.... policy 0..*uriPolicy that authorized event
.... media 0..1CodingType of media
.... network S0..1Logical network location for application activity
..... extension 0..*ExtensionAdditional Content defined by implementations
..... modifierExtension 0..*ExtensionExtensions that cannot be ignored
..... identifier S0..1stringIdentifier for the network access point of the user device
..... type S0..1codeThe type of network access point
Binding: AuditEventParticipantNetworkType (required)
... source S1..1Application systems and processes
.... extension 0..*ExtensionAdditional Content defined by implementations
.... modifierExtension 0..*ExtensionExtensions that cannot be ignored
.... site S0..1stringLogical source location within the enterprise
.... identifier S1..1stringThe id of source where event originated
.... type S1..1CodingThe type of source where event originated
Binding: AuditEventSourceType (required)
... object S I0..*Specific instances of data or objects that have been accessed
sev-2: Either an identifier or a reference, but not both
sev-1: Either a name or a query (or both)
.... extension 0..*ExtensionAdditional Content defined by implementations
.... modifierExtension 0..*ExtensionExtensions that cannot be ignored
.... identifier S I0..1IdentifierSpecific instance of object (e.g. versioned)
.... reference S I0..1ResourceSpecific instance of resource (e.g. versioned)
.... type S0..1codeObject type being audited
Binding: AuditEventObjectType (required)
.... role S0..1codeFunctional application role of Object
Binding: AuditEventObjectRole (required)
.... lifecycle S0..1codeLife-cycle stage for the object
Binding: AuditEventObjectLifecycle (required)
.... sensitivity S0..1CodeableConceptPolicy-defined sensitivity for the object
Binding: AuditEventObjectSensitivity (example)
.... name I0..1stringInstance-specific descriptor for Object
.... description 0..1stringDescriptive text
.... query I0..1base64BinaryActual query for object
.... detail 0..*Additional Information about the Object
..... extension 0..*ExtensionAdditional Content defined by implementations
..... modifierExtension 0..*ExtensionExtensions that cannot be ignored
..... type 1..1stringName of the property
..... value 1..1base64BinaryProperty value

XML Template

JSON Template

todo

 

Other representations of profile: (todo)

Terminology Bindings

PathNameConformanceValueSet
AuditEvent.languageLanguagerequiredhttp://tools.ietf.org/html/bcp47
AuditEvent.event.typeAuditEventTyperequiredAudit Event ID
AuditEvent.event.subtypeAuditEventSubTyperequiredAudit Event Sub-Type
AuditEvent.event.actionAuditEventActionrequiredAuditEventAction
AuditEvent.event.outcomeAuditEventOutcomerequiredAuditEventOutcome
AuditEvent.participant.roleDICOMRoleIdrequiredAudit Active Participant Role ID Code
AuditEvent.participant.network.typeAuditEventParticipantNetworkTyperequiredAuditEventParticipantNetworkType
AuditEvent.source.typeAuditEventSourceTyperequiredAudit Event Source Type
AuditEvent.object.typeAuditEventObjectTyperequiredAuditEventObjectType
AuditEvent.object.roleAuditEventObjectRolerequiredAuditEventObjectRole
AuditEvent.object.lifecycleAuditEventObjectLifecyclerequiredAuditEventObjectLifecycle
AuditEvent.object.sensitivityAuditEventObjectSensitivityexampleAudit Event Object Sensitivity

Constraints

IdPathNameDetails
sev-3AuditEvent.participantParticipant IdentificationEither a userId or a reference, but not both
XPath: exists(f:userId) != exists(f:reference)
sev-2AuditEvent.objectObject IdentificationEither an identifier or a reference, but not both
XPath: exists(f:identifier) != exists(f:reference)
sev-1AuditEvent.objectObject NameEither a name or a query (or both)
XPath: not(exists(f:name)) or not(exists(f:query))
.