R4 Draft for Comment

This page is part of the FHIR Specification (v3.2.0: R4 Ballot 1). The current version which supercedes this version is 5.0.0. For a full list of available versions, see the Directory of published versions . Page versions: R4 R3 R2

Electronic Health Records Work Group Maturity Level: 1Informative Use Context: Any

The official URL for this profile is:

http://hl7.org/fhir/StructureDefinition/ehrsrle-auditevent

Defines the elements to be supported within the AuditEvent resource in order to conform with the Electronic Health Record System Functional Model Record Lifecycle Event standard

This profile was published on Thu, Dec 4, 2014 00:00+1100 as a draft by Health Level Seven International (Electronic Health Record).

Description of Profiles, Differentials, Snapshots, and how the XML and JSON presentations work.

This structure is derived from AuditEvent.

Summary

Must-Support: 27 elements

NameFlagsCard.TypeDescription & Constraintsdoco
.. AuditEvent I0..*Event record kept for security purposes
... id Σ0..1idLogical id of this artifact
... meta Σ0..1MetaMetadata about the resource
... implicitRules ?!Σ0..1uriA set of rules under which this content was created
... language 0..1codeLanguage of the resource content
Binding: Common Languages (extensible)
... text I0..1NarrativeText summary of the resource, for human interpretation
... contained 0..*ResourceContained, inline Resources
... extension 0..*ExtensionAdditional Content defined by implementations
... modifierExtension ?!0..*ExtensionExtensions that cannot be ignored
... type SΣ1..1CodingType/identifier of event
Binding: Audit Event ID (extensible)
... subtype SΣ0..*CodingMore specific type/id for the event
Binding: Audit Event Sub-Type (extensible)
... action SΣ0..1codeType of action performed during the event
Binding: AuditEventAction (required)
... period 0..1PeriodWhen the activity occurred
... recorded SΣ1..1instantTime when the event occurred on source
... outcome Σ0..1codeWhether the event succeeded or failed
Binding: AuditEventOutcome (required)
... outcomeDesc Σ0..1stringDescription of the event outcome
... purposeOfEvent SΣ0..*CodeableConceptThe purposeOfUse of the event
Binding: PurposeOfUse (extensible)
... agent SI1..*BackboneElementActor involved in the event
.... id 0..1stringxml:id (or equivalent in JSON)
.... extension 0..*ExtensionAdditional Content defined by implementations
.... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored
.... type 0..1CodeableConceptHow agent participated
Binding: ParticipationRoleType (extensible)
.... role S0..*CodeableConceptAgent role in the event
Binding: SecurityRoleType (example)
.... reference SΣ0..1Reference(PractitionerRole), Reference(Practitioner), Reference(Organization), Reference(Device), Reference(Patient), Reference(RelatedPerson)Direct reference to resource
.... userId SΣ0..1IdentifierUnique identifier for the user
.... altId 0..1stringAlternative User id e.g. authentication
.... name 0..1stringHuman-meaningful name for the agent
.... requestor SΣ1..1booleanWhether user is initiator
.... location S0..1Reference(Location)Where
.... policy S0..*uriPolicy that authorized event
.... media 0..1CodingType of media
Binding: Media Type Code (extensible)
.... network SI0..1BackboneElementLogical network location for application activity
..... id 0..1stringxml:id (or equivalent in JSON)
..... extension 0..*ExtensionAdditional Content defined by implementations
..... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored
..... address S0..1stringIdentifier for the network access point of the user device
..... type S0..1codeThe type of network access point
Binding: AuditEventAgentNetworkType (required)
.... purposeOfUse S0..*CodeableConceptReason given for this user
Binding: PurposeOfUse (extensible)
... source SI1..1BackboneElementAudit Event Reporter
.... id 0..1stringxml:id (or equivalent in JSON)
.... extension 0..*ExtensionAdditional Content defined by implementations
.... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored
.... site S0..1stringLogical source location within the enterprise
.... identifier SΣ1..1IdentifierThe identity of source detecting the event
.... type S0..*CodingThe type of source where event originated
Binding: Audit Event Source Type (extensible)
... entity SI0..*BackboneElementData or objects used
.... id 0..1stringxml:id (or equivalent in JSON)
.... extension 0..*ExtensionAdditional Content defined by implementations
.... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored
.... identifier SΣ0..1IdentifierSpecific instance of object
.... reference SΣ0..1Reference(Resource)Specific instance of resource
.... type S0..1CodingType of entity involved
Binding: AuditEventEntityType (extensible)
.... role S0..1CodingWhat role the entity played
Binding: AuditEventEntityRole (extensible)
.... lifecycle S0..1CodingLife-cycle stage for the entity
Binding: ObjectLifecycleEvents (extensible)
.... securityLabel S0..*CodingSecurity labels on the entity
Binding: All Security Labels (extensible)
.... name ΣI0..1stringDescriptor for entity
.... description 0..1stringDescriptive text
.... query ΣI0..1base64BinaryQuery parameters
.... detail I0..*BackboneElementAdditional Information about the entity
..... id 0..1stringxml:id (or equivalent in JSON)
..... extension 0..*ExtensionAdditional Content defined by implementations
..... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored
..... type 1..1stringName of the property
..... value[x] 1..1string, base64BinaryProperty value

doco Documentation for this format
<!-- EHRS FM Record Lifecycle Event - Audit Event -->doco

<AuditEvent xmlns="http://hl7.org/fhir"
>
  <!-- from Element: extension -->
 <id value="[id]"/><!-- 0..1 Logical id of this artifact -->
 <meta><!-- 0..1 Meta Metadata about the resource --></meta>
 <implicitRules value="[uri]"/><!-- 0..1 A set of rules under which this content was created -->
 <language value="[code]"/><!-- 0..1 Language of the resource content  -->
 <text><!-- 0..1 Narrative 
     Text summary of the resource, for human interpretation --></text>
 <contained><!-- 0..* Resource Contained, inline Resources --></contained>
 <modifierExtension><!-- 0..* Extension  Extensions that cannot be ignored  --></modifierExtension>
 <type><!-- 1..1 Coding Type/identifier of event  --></type>
 <subtype><!-- 0..* Coding More specific type/id for the event  --></subtype>
 <action value="[code]"/><!-- 0..1 Type of action performed during the event  -->
 <period><!-- 0..1 Period When the activity occurred --></period>
 <recorded value="[instant]"/><!-- 1..1 Time when the event occurred on source -->
 <outcome value="[code]"/><!-- 0..1 Whether the event succeeded or failed  -->
 <outcomeDesc value="[string]"/><!-- 0..1 Description of the event outcome -->
 <purposeOfEvent><!-- 0..* CodeableConcept The purposeOfUse of the event  --></purposeOfEvent>
 <agent> ?? 1..* BackboneElement  <!-- ?? 1..* Actor involved in the event -->
  <modifierExtension><!-- 0..* Extension  Extensions that cannot be ignored  --></modifierExtension>
  <type><!-- 0..1 CodeableConcept How agent participated  --></type>
  <role><!-- 0..* CodeableConcept Agent role in the event  --></role>
  <reference><!-- 0..1 Reference(PractitionerRole)|Reference(Practitioner)|Reference(Organization)|Reference(Device)|
    Reference(Patient)|Reference(RelatedPerson) Direct reference to resource --></reference>
  <userId><!-- 0..1 Identifier 
      Unique identifier for the user --></userId>
  <altId value="[string]"/><!-- 0..1 Alternative User id e.g. authentication -->
  <name value="[string]"/><!-- 0..1 Human-meaningful name for the agent -->
  <requestor value="[boolean]"/><!-- 1..1 Whether user is initiator -->
  <location><!-- 0..1 Reference(Location) Where --></location>
  <policy value="[uri]"/><!-- 0..* Policy that authorized event -->
  <media><!-- 0..1 Coding Type of media  --></media>
  <network> ?? 0..1 BackboneElement  <!-- ?? 0..1 Logical network location for application activity -->
   <modifierExtension><!-- 0..* Extension  Extensions that cannot be ignored  --></modifierExtension>
   <address value="[string]"/><!-- 0..1 Identifier for the network access point of the user device -->
   <type value="[code]"/><!-- 0..1 The type of network access point  -->
  </network>
  <purposeOfUse><!-- 0..* CodeableConcept Reason given for this user  --></purposeOfUse>
 </agent>
 <source> ?? 1..1 BackboneElement  <!-- ?? 1..1 Audit Event Reporter -->
  <modifierExtension><!-- 0..* Extension  Extensions that cannot be ignored  --></modifierExtension>
  <site value="[string]"/><!-- 0..1 Logical source location within the enterprise -->
  <identifier><!-- 1..1 Identifier 
      The identity of source detecting the event --></identifier>
  <type><!-- 0..* Coding The type of source where event originated  --></type>
 </source>
 <entity> ?? 0..* BackboneElement  <!-- ?? 0..* Data or objects used -->
  <modifierExtension><!-- 0..* Extension  Extensions that cannot be ignored  --></modifierExtension>
  <identifier><!-- 0..1 Identifier 
      Specific instance of object --></identifier>
  <reference><!-- 0..1 Reference(Resource) 
      Specific instance of resource --></reference>
  <type><!-- 0..1 Coding Type of entity involved  --></type>
  <role><!-- 0..1 Coding What role the entity played  --></role>
  <lifecycle><!-- 0..1 Coding Life-cycle stage for the entity  --></lifecycle>
  <securityLabel><!-- 0..* Coding Security labels on the entity  --></securityLabel>
  <name value="[string]"/><!-- 0..1 Descriptor for entity -->
  <description value="[string]"/><!-- 0..1 Descriptive text -->
  <query value="[base64Binary]"/><!-- 0..1 Query parameters -->
  <detail> ?? 0..* BackboneElement  <!-- ?? 0..* Additional Information about the entity -->
   <modifierExtension><!-- 0..* Extension  Extensions that cannot be ignored  --></modifierExtension>
   <type value="[string]"/><!-- 1..1 Name of the property -->
   <value[x]><!-- 1..1 string|base64Binary 
       Property value --></value[x]>
  </detail>
 </entity>
</AuditEvent>
{ // EHRS FM Record Lifecycle Event - Audit Event
  // from Element: extension
    "meta" : { Meta }, //Metadata about the resource
    "implicitRules" : "<uri>", //A set of rules under which this content was created
    "language" : "<code>", //Language of the resource content 
    "text" : { Narrative }, //Text summary of the resource, for human interpretation
    "contained" : [{ Resource }], //Contained, inline Resources
    "modifierExtension" : [{ Extension }], //Extensions that cannot be ignored
    "type" : { Coding }, // R! Type/identifier of event 
    "subtype" : [{ Coding }], //More specific type/id for the event 
    "action" : "<code>", //Type of action performed during the event 
    "period" : { Period }, //When the activity occurred
    "recorded" : "<instant>", // R! Time when the event occurred on source
    "outcome" : "<code>", //Whether the event succeeded or failed 
    "outcomeDesc" : "<string>", //Description of the event outcome
    "purposeOfEvent" : [{ CodeableConcept }], //The purposeOfUse of the event 
    "agent" : [{ BackboneElement }], // C? R! Actor involved in the event
    "source" : { BackboneElement }, // C? R! Audit Event Reporter
    "entity" : [{ BackboneElement }] // C?Data or objects used
  }

This structure is derived from AuditEvent.

Summary

Must-Support: 27 elements

Snapshot View

NameFlagsCard.TypeDescription & Constraintsdoco
.. AuditEvent I0..*Event record kept for security purposes
... id Σ0..1idLogical id of this artifact
... meta Σ0..1MetaMetadata about the resource
... implicitRules ?!Σ0..1uriA set of rules under which this content was created
... language 0..1codeLanguage of the resource content
Binding: Common Languages (extensible)
... text I0..1NarrativeText summary of the resource, for human interpretation
... contained 0..*ResourceContained, inline Resources
... extension 0..*ExtensionAdditional Content defined by implementations
... modifierExtension ?!0..*ExtensionExtensions that cannot be ignored
... type SΣ1..1CodingType/identifier of event
Binding: Audit Event ID (extensible)
... subtype SΣ0..*CodingMore specific type/id for the event
Binding: Audit Event Sub-Type (extensible)
... action SΣ0..1codeType of action performed during the event
Binding: AuditEventAction (required)
... period 0..1PeriodWhen the activity occurred
... recorded SΣ1..1instantTime when the event occurred on source
... outcome Σ0..1codeWhether the event succeeded or failed
Binding: AuditEventOutcome (required)
... outcomeDesc Σ0..1stringDescription of the event outcome
... purposeOfEvent SΣ0..*CodeableConceptThe purposeOfUse of the event
Binding: PurposeOfUse (extensible)
... agent SI1..*BackboneElementActor involved in the event
.... id 0..1stringxml:id (or equivalent in JSON)
.... extension 0..*ExtensionAdditional Content defined by implementations
.... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored
.... type 0..1CodeableConceptHow agent participated
Binding: ParticipationRoleType (extensible)
.... role S0..*CodeableConceptAgent role in the event
Binding: SecurityRoleType (example)
.... reference SΣ0..1Reference(PractitionerRole), Reference(Practitioner), Reference(Organization), Reference(Device), Reference(Patient), Reference(RelatedPerson)Direct reference to resource
.... userId SΣ0..1IdentifierUnique identifier for the user
.... altId 0..1stringAlternative User id e.g. authentication
.... name 0..1stringHuman-meaningful name for the agent
.... requestor SΣ1..1booleanWhether user is initiator
.... location S0..1Reference(Location)Where
.... policy S0..*uriPolicy that authorized event
.... media 0..1CodingType of media
Binding: Media Type Code (extensible)
.... network SI0..1BackboneElementLogical network location for application activity
..... id 0..1stringxml:id (or equivalent in JSON)
..... extension 0..*ExtensionAdditional Content defined by implementations
..... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored
..... address S0..1stringIdentifier for the network access point of the user device
..... type S0..1codeThe type of network access point
Binding: AuditEventAgentNetworkType (required)
.... purposeOfUse S0..*CodeableConceptReason given for this user
Binding: PurposeOfUse (extensible)
... source SI1..1BackboneElementAudit Event Reporter
.... id 0..1stringxml:id (or equivalent in JSON)
.... extension 0..*ExtensionAdditional Content defined by implementations
.... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored
.... site S0..1stringLogical source location within the enterprise
.... identifier SΣ1..1IdentifierThe identity of source detecting the event
.... type S0..*CodingThe type of source where event originated
Binding: Audit Event Source Type (extensible)
... entity SI0..*BackboneElementData or objects used
.... id 0..1stringxml:id (or equivalent in JSON)
.... extension 0..*ExtensionAdditional Content defined by implementations
.... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored
.... identifier SΣ0..1IdentifierSpecific instance of object
.... reference SΣ0..1Reference(Resource)Specific instance of resource
.... type S0..1CodingType of entity involved
Binding: AuditEventEntityType (extensible)
.... role S0..1CodingWhat role the entity played
Binding: AuditEventEntityRole (extensible)
.... lifecycle S0..1CodingLife-cycle stage for the entity
Binding: ObjectLifecycleEvents (extensible)
.... securityLabel S0..*CodingSecurity labels on the entity
Binding: All Security Labels (extensible)
.... name ΣI0..1stringDescriptor for entity
.... description 0..1stringDescriptive text
.... query ΣI0..1base64BinaryQuery parameters
.... detail I0..*BackboneElementAdditional Information about the entity
..... id 0..1stringxml:id (or equivalent in JSON)
..... extension 0..*ExtensionAdditional Content defined by implementations
..... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored
..... type 1..1stringName of the property
..... value[x] 1..1string, base64BinaryProperty value

doco Documentation for this format

XML Template

<!-- EHRS FM Record Lifecycle Event - Audit Event -->doco

<AuditEvent xmlns="http://hl7.org/fhir"
>
  <!-- from Element: extension -->
 <id value="[id]"/><!-- 0..1 Logical id of this artifact -->
 <meta><!-- 0..1 Meta Metadata about the resource --></meta>
 <implicitRules value="[uri]"/><!-- 0..1 A set of rules under which this content was created -->
 <language value="[code]"/><!-- 0..1 Language of the resource content  -->
 <text><!-- 0..1 Narrative 
     Text summary of the resource, for human interpretation --></text>
 <contained><!-- 0..* Resource Contained, inline Resources --></contained>
 <modifierExtension><!-- 0..* Extension  Extensions that cannot be ignored  --></modifierExtension>
 <type><!-- 1..1 Coding Type/identifier of event  --></type>
 <subtype><!-- 0..* Coding More specific type/id for the event  --></subtype>
 <action value="[code]"/><!-- 0..1 Type of action performed during the event  -->
 <period><!-- 0..1 Period When the activity occurred --></period>
 <recorded value="[instant]"/><!-- 1..1 Time when the event occurred on source -->
 <outcome value="[code]"/><!-- 0..1 Whether the event succeeded or failed  -->
 <outcomeDesc value="[string]"/><!-- 0..1 Description of the event outcome -->
 <purposeOfEvent><!-- 0..* CodeableConcept The purposeOfUse of the event  --></purposeOfEvent>
 <agent> ?? 1..* BackboneElement  <!-- ?? 1..* Actor involved in the event -->
  <modifierExtension><!-- 0..* Extension  Extensions that cannot be ignored  --></modifierExtension>
  <type><!-- 0..1 CodeableConcept How agent participated  --></type>
  <role><!-- 0..* CodeableConcept Agent role in the event  --></role>
  <reference><!-- 0..1 Reference(PractitionerRole)|Reference(Practitioner)|Reference(Organization)|Reference(Device)|
    Reference(Patient)|Reference(RelatedPerson) Direct reference to resource --></reference>
  <userId><!-- 0..1 Identifier 
      Unique identifier for the user --></userId>
  <altId value="[string]"/><!-- 0..1 Alternative User id e.g. authentication -->
  <name value="[string]"/><!-- 0..1 Human-meaningful name for the agent -->
  <requestor value="[boolean]"/><!-- 1..1 Whether user is initiator -->
  <location><!-- 0..1 Reference(Location) Where --></location>
  <policy value="[uri]"/><!-- 0..* Policy that authorized event -->
  <media><!-- 0..1 Coding Type of media  --></media>
  <network> ?? 0..1 BackboneElement  <!-- ?? 0..1 Logical network location for application activity -->
   <modifierExtension><!-- 0..* Extension  Extensions that cannot be ignored  --></modifierExtension>
   <address value="[string]"/><!-- 0..1 Identifier for the network access point of the user device -->
   <type value="[code]"/><!-- 0..1 The type of network access point  -->
  </network>
  <purposeOfUse><!-- 0..* CodeableConcept Reason given for this user  --></purposeOfUse>
 </agent>
 <source> ?? 1..1 BackboneElement  <!-- ?? 1..1 Audit Event Reporter -->
  <modifierExtension><!-- 0..* Extension  Extensions that cannot be ignored  --></modifierExtension>
  <site value="[string]"/><!-- 0..1 Logical source location within the enterprise -->
  <identifier><!-- 1..1 Identifier 
      The identity of source detecting the event --></identifier>
  <type><!-- 0..* Coding The type of source where event originated  --></type>
 </source>
 <entity> ?? 0..* BackboneElement  <!-- ?? 0..* Data or objects used -->
  <modifierExtension><!-- 0..* Extension  Extensions that cannot be ignored  --></modifierExtension>
  <identifier><!-- 0..1 Identifier 
      Specific instance of object --></identifier>
  <reference><!-- 0..1 Reference(Resource) 
      Specific instance of resource --></reference>
  <type><!-- 0..1 Coding Type of entity involved  --></type>
  <role><!-- 0..1 Coding What role the entity played  --></role>
  <lifecycle><!-- 0..1 Coding Life-cycle stage for the entity  --></lifecycle>
  <securityLabel><!-- 0..* Coding Security labels on the entity  --></securityLabel>
  <name value="[string]"/><!-- 0..1 Descriptor for entity -->
  <description value="[string]"/><!-- 0..1 Descriptive text -->
  <query value="[base64Binary]"/><!-- 0..1 Query parameters -->
  <detail> ?? 0..* BackboneElement  <!-- ?? 0..* Additional Information about the entity -->
   <modifierExtension><!-- 0..* Extension  Extensions that cannot be ignored  --></modifierExtension>
   <type value="[string]"/><!-- 1..1 Name of the property -->
   <value[x]><!-- 1..1 string|base64Binary 
       Property value --></value[x]>
  </detail>
 </entity>
</AuditEvent>

JSON Template

{ // EHRS FM Record Lifecycle Event - Audit Event
  // from Element: extension
    "meta" : { Meta }, //Metadata about the resource
    "implicitRules" : "<uri>", //A set of rules under which this content was created
    "language" : "<code>", //Language of the resource content 
    "text" : { Narrative }, //Text summary of the resource, for human interpretation
    "contained" : [{ Resource }], //Contained, inline Resources
    "modifierExtension" : [{ Extension }], //Extensions that cannot be ignored
    "type" : { Coding }, // R! Type/identifier of event 
    "subtype" : [{ Coding }], //More specific type/id for the event 
    "action" : "<code>", //Type of action performed during the event 
    "period" : { Period }, //When the activity occurred
    "recorded" : "<instant>", // R! Time when the event occurred on source
    "outcome" : "<code>", //Whether the event succeeded or failed 
    "outcomeDesc" : "<string>", //Description of the event outcome
    "purposeOfEvent" : [{ CodeableConcept }], //The purposeOfUse of the event 
    "agent" : [{ BackboneElement }], // C? R! Actor involved in the event
    "source" : { BackboneElement }, // C? R! Audit Event Reporter
    "entity" : [{ BackboneElement }] // C?Data or objects used
  }

 

Alternate definitions: Master Definition (XML, JSON), Schematron

PathNameConformanceValueSet
AuditEvent.languageCommon LanguagesextensibleCommon Languages
AuditEvent.typeAudit Event IDextensibleAudit Event ID
AuditEvent.subtypeAudit Event Sub-TypeextensibleAudit Event Sub-Type
AuditEvent.actionAuditEventActionrequiredAuditEventAction
AuditEvent.outcomeAuditEventOutcomerequiredAuditEventOutcome
AuditEvent.purposeOfEventPurposeOfUseextensiblePurposeOfUse
AuditEvent.agent.typeParticipationRoleTypeextensibleParticipationRoleType
AuditEvent.agent.role?extexamplesecurity-role-type
AuditEvent.agent.mediaMedia Type CodeextensibleMedia Type Code
AuditEvent.agent.network.typeAuditEventAgentNetworkTyperequiredAuditEventAgentNetworkType
AuditEvent.agent.purposeOfUsePurposeOfUseextensiblePurposeOfUse
AuditEvent.source.typeAudit Event Source TypeextensibleAudit Event Source Type
AuditEvent.entity.typeAuditEventEntityTypeextensibleAuditEventEntityType
AuditEvent.entity.roleAuditEventEntityRoleextensibleAuditEventEntityRole
AuditEvent.entity.lifecycle?extextensibleobject-lifecycle-events
AuditEvent.entity.securityLabelAll Security LabelsextensibleAll Security Labels
.