This page is part of the FHIR Specification (v0.4.0: DSTU 2 Draft). The current version which supercedes this version is 5.0.0. For a full list of available versions, see the Directory of published versions

• Content
• Detailed Descriptions
• Mappings
• XML
• JSON

Profile: EHRSecurityEvent

The official URL for this profile is:

http://hl7.org/fhir/Profile/securityevent-ehrs-rle-ehrsecurityevent

. Defines the elements to be supported within the SecurityEvent resource in order to conform with the Electronic Health Record System Functional Model Record Lifecycle Event standard : EHRS FM Record Lifecycle Event - Security Event

This profile was published on Thu, Dec 4, 2014 00:00+1100 as a draft by Health Level Seven, Inc. - EHR WG.

unable to summarise extension (wrong count)

Formal Views of Profile Content

Description of Profiles, Differentials, Snapshots, and how the XML and JSON presentations work.

• Differential Table
• Snapshot Table
• XML
• JSON
• All

Differential View

This structure is derived from SecurityEvent.

Name	Flags	Card.	Type	Description & Constraints
SecurityEvent		1..1
event	S	1..1
type	S	1..1
subtype	S	0..*
action	S	0..1
dateTime	S	1..1
securityevent-ehrs-rle-location	S	0..1	Location	Where the activity occurred, if relevant
securityevent-ehrs-rle-reason	S	0..1	CodeableConcept	Reason activity is occurring
securityevent-ehrs-rle-policy	S	0..1	uri	Policy or plan th eactivity was defined by
participant	S	1..*
role	S	0..*
reference	S	0..1
userId	S	0..1
requestor	S	1..1
network	S	0..1
identifier	S	0..1
type	S	0..1
source	S	1..1
site	S	0..1
identifier	S	1..1
type	S	1..1
object	S	0..*
identifier	S	0..1
reference	S	0..1
type	S	0..1
role	S	0..1
lifecycle	S	0..1
sensitivity	S	0..1

Snapshot View

Name	Flags	Card.	Type	Description & Constraints
SecurityEvent		1..1		Event record kept for security purposes
id		0..1	id	Logical id of this artefact
meta		0..1	Meta	Metadata about the resource
implicitRules	M	0..1	uri	A set of rules under which this content was created
language		0..1	code	Language of the resource content Binding: Language (required, not extensible)
text	I	0..1	Narrative	Text summary of the resource, for human interpretation
contained		0..*	Resource	Contained, inline Resources
extension		0..*	Extension	Additional Content defined by implementations
modifierExtension		0..*	Extension	Extensions that cannot be ignored
event	S	1..1		What was done
id		0..1	id	xml:id (or equivalent in JSON)
securityevent-ehrs-rle-location	S	0..1	Location	Additional Content defined by implementations
securityevent-ehrs-rle-reason	S	0..1	CodeableConcept	Additional Content defined by implementations
securityevent-ehrs-rle-policy	S	0..1	uri	Additional Content defined by implementations
modifierExtension		0..*	Extension	Extensions that cannot be ignored
type	S	1..1	CodeableConcept	Type/identifier of event Binding: SecurityEventType (preferred, extensible)
subtype	S	0..*	CodeableConcept	More specific type/id for the event Binding: SecurityEventSubType (preferred, extensible)
action	S	0..1	code	Type of action performed during the event Binding: SecurityEventAction (required, not extensible)
dateTime	S	1..1	instant	Time when the event occurred on source
outcome		0..1	code	Whether the event succeeded or failed Binding: SecurityEventOutcome (required, not extensible)
outcomeDesc		0..1	string	Description of the event outcome
participant	S I	1..*		A person, a hardware device or software process sev-3: Either a userId or a reference, but not both
id		0..1	id	xml:id (or equivalent in JSON)
extension		0..*	Extension	Additional Content defined by implementations
modifierExtension		0..*	Extension	Extensions that cannot be ignored
role	S	0..*	CodeableConcept	User roles (e.g. local RBAC codes) Binding: DICOMRoleId (preferred, extensible)
reference	S I	0..1	Practitioner, Patient, Device	Direct reference to resource
userId	S I	0..1	string	Unique identifier for the user
altId		0..1	string	Alternative User id e.g. authentication
name		0..1	string	Human-meaningful name for the user
requestor	S	1..1	boolean	Whether user is initiator
media		0..1	Coding	Type of media
network	S	0..1		Logical network location for application activity
id		0..1	id	xml:id (or equivalent in JSON)
extension		0..*	Extension	Additional Content defined by implementations
modifierExtension		0..*	Extension	Extensions that cannot be ignored
identifier	S	0..1	string	Identifier for the network access point of the user device
type	S	0..1	code	The type of network access point Binding: SecurityEventParticipantNetworkType (required, not extensible)
source	S	1..1		Application systems and processes
id		0..1	id	xml:id (or equivalent in JSON)
extension		0..*	Extension	Additional Content defined by implementations
modifierExtension		0..*	Extension	Extensions that cannot be ignored
site	S	0..1	string	Logical source location within the enterprise
identifier	S	1..1	string	The id of source where event originated
type	S	1..1	Coding	The type of source where event originated Binding: SecurityEventSourceType (preferred, extensible)
object	S I	0..*		Specific instances of data or objects that have been accessed sev-2: Either an identifier or a reference, but not both sev-1: Either a name or a query (or both)
id		0..1	id	xml:id (or equivalent in JSON)
extension		0..*	Extension	Additional Content defined by implementations
modifierExtension		0..*	Extension	Extensions that cannot be ignored
identifier	S I	0..1	Identifier	Specific instance of object (e.g. versioned)
reference	S I	0..1	Any	Specific instance of resource (e.g. versioned)
type	S	0..1	code	Object type being audited Binding: SecurityEventObjectType (required, not extensible)
role	S	0..1	code	Functional application role of Object Binding: SecurityEventObjectRole (required, not extensible)
lifecycle	S	0..1	code	Life-cycle stage for the object Binding: SecurityEventObjectLifecycle (required, not extensible)
sensitivity	S	0..1	CodeableConcept	Policy-defined sensitivity for the object Binding: SecurityEventObjectSensitivity (example, extensible)
name	I	0..1	string	Instance-specific descriptor for Object
description		0..1	string	Descriptive text
query	I	0..1	base64Binary	Actual query for object
detail		0..*		Additional Information about the Object
id		0..1	id	xml:id (or equivalent in JSON)
extension		0..*	Extension	Additional Content defined by implementations
modifierExtension		0..*	Extension	Extensions that cannot be ignored
type		1..1	string	Name of the property
value		1..1	base64Binary	Property value

XML Template

JSON Template

todo

Differential View

This structure is derived from SecurityEvent.

Name	Flags	Card.	Type	Description & Constraints
SecurityEvent		1..1
event	S	1..1
type	S	1..1
subtype	S	0..*
action	S	0..1
dateTime	S	1..1
securityevent-ehrs-rle-location	S	0..1	Location	Where the activity occurred, if relevant
securityevent-ehrs-rle-reason	S	0..1	CodeableConcept	Reason activity is occurring
securityevent-ehrs-rle-policy	S	0..1	uri	Policy or plan th eactivity was defined by
participant	S	1..*
role	S	0..*
reference	S	0..1
userId	S	0..1
requestor	S	1..1
network	S	0..1
identifier	S	0..1
type	S	0..1
source	S	1..1
site	S	0..1
identifier	S	1..1
type	S	1..1
object	S	0..*
identifier	S	0..1
reference	S	0..1
type	S	0..1
role	S	0..1
lifecycle	S	0..1
sensitivity	S	0..1

Snapshot View

Name	Flags	Card.	Type	Description & Constraints
SecurityEvent		1..1		Event record kept for security purposes
id		0..1	id	Logical id of this artefact
meta		0..1	Meta	Metadata about the resource
implicitRules	M	0..1	uri	A set of rules under which this content was created
language		0..1	code	Language of the resource content Binding: Language (required, not extensible)
text	I	0..1	Narrative	Text summary of the resource, for human interpretation
contained		0..*	Resource	Contained, inline Resources
extension		0..*	Extension	Additional Content defined by implementations
modifierExtension		0..*	Extension	Extensions that cannot be ignored
event	S	1..1		What was done
id		0..1	id	xml:id (or equivalent in JSON)
securityevent-ehrs-rle-location	S	0..1	Location	Additional Content defined by implementations
securityevent-ehrs-rle-reason	S	0..1	CodeableConcept	Additional Content defined by implementations
securityevent-ehrs-rle-policy	S	0..1	uri	Additional Content defined by implementations
modifierExtension		0..*	Extension	Extensions that cannot be ignored
type	S	1..1	CodeableConcept	Type/identifier of event Binding: SecurityEventType (preferred, extensible)
subtype	S	0..*	CodeableConcept	More specific type/id for the event Binding: SecurityEventSubType (preferred, extensible)
action	S	0..1	code	Type of action performed during the event Binding: SecurityEventAction (required, not extensible)
dateTime	S	1..1	instant	Time when the event occurred on source
outcome		0..1	code	Whether the event succeeded or failed Binding: SecurityEventOutcome (required, not extensible)
outcomeDesc		0..1	string	Description of the event outcome
participant	S I	1..*		A person, a hardware device or software process sev-3: Either a userId or a reference, but not both
id		0..1	id	xml:id (or equivalent in JSON)
extension		0..*	Extension	Additional Content defined by implementations
modifierExtension		0..*	Extension	Extensions that cannot be ignored
role	S	0..*	CodeableConcept	User roles (e.g. local RBAC codes) Binding: DICOMRoleId (preferred, extensible)
reference	S I	0..1	Practitioner, Patient, Device	Direct reference to resource
userId	S I	0..1	string	Unique identifier for the user
altId		0..1	string	Alternative User id e.g. authentication
name		0..1	string	Human-meaningful name for the user
requestor	S	1..1	boolean	Whether user is initiator
media		0..1	Coding	Type of media
network	S	0..1		Logical network location for application activity
id		0..1	id	xml:id (or equivalent in JSON)
extension		0..*	Extension	Additional Content defined by implementations
modifierExtension		0..*	Extension	Extensions that cannot be ignored
identifier	S	0..1	string	Identifier for the network access point of the user device
type	S	0..1	code	The type of network access point Binding: SecurityEventParticipantNetworkType (required, not extensible)
source	S	1..1		Application systems and processes
id		0..1	id	xml:id (or equivalent in JSON)
extension		0..*	Extension	Additional Content defined by implementations
modifierExtension		0..*	Extension	Extensions that cannot be ignored
site	S	0..1	string	Logical source location within the enterprise
identifier	S	1..1	string	The id of source where event originated
type	S	1..1	Coding	The type of source where event originated Binding: SecurityEventSourceType (preferred, extensible)
object	S I	0..*		Specific instances of data or objects that have been accessed sev-2: Either an identifier or a reference, but not both sev-1: Either a name or a query (or both)
id		0..1	id	xml:id (or equivalent in JSON)
extension		0..*	Extension	Additional Content defined by implementations
modifierExtension		0..*	Extension	Extensions that cannot be ignored
identifier	S I	0..1	Identifier	Specific instance of object (e.g. versioned)
reference	S I	0..1	Any	Specific instance of resource (e.g. versioned)
type	S	0..1	code	Object type being audited Binding: SecurityEventObjectType (required, not extensible)
role	S	0..1	code	Functional application role of Object Binding: SecurityEventObjectRole (required, not extensible)
lifecycle	S	0..1	code	Life-cycle stage for the object Binding: SecurityEventObjectLifecycle (required, not extensible)
sensitivity	S	0..1	CodeableConcept	Policy-defined sensitivity for the object Binding: SecurityEventObjectSensitivity (example, extensible)
name	I	0..1	string	Instance-specific descriptor for Object
description		0..1	string	Descriptive text
query	I	0..1	base64Binary	Actual query for object
detail		0..*		Additional Information about the Object
id		0..1	id	xml:id (or equivalent in JSON)
extension		0..*	Extension	Additional Content defined by implementations
modifierExtension		0..*	Extension	Extensions that cannot be ignored
type		1..1	string	Name of the property
value		1..1	base64Binary	Property value

XML Template

JSON Template

todo

Other definitions: (todo)

Terminology Bindings

Constraints