2nd DSTU Draft For Comment

This page is part of the FHIR Specification (v0.4.0: DSTU 2 Draft). The current version which supercedes this version is 5.0.0. For a full list of available versions, see the Directory of published versions

Securityevent.questionnaire

This is an example form generated from the questionnaire. See also the XML or JSON format.

Securityevent.questionnaire - FHIR v0.4.0 Form
2nd DSTU Draft For Comment

This is an example form generated from the questionnaire. See also the XML or JSON format

Event record kept for security purposes

Based on ATNA (RFC 3881).

SecurityEvent
SecurityEvent.id
SecurityEvent.id.value Logical id of this artefact
SecurityEvent.id 1

Metadata about the resource

SecurityEvent.meta
SecurityEvent.meta 1
SecurityEvent.implicitRules
SecurityEvent.implicitRules.value A set of rules under which this content was created
SecurityEvent.implicitRules 1
SecurityEvent.language
SecurityEvent.language.value language
SecurityEvent.language 1

Text summary of the resource, for human interpretation

SecurityEvent.text
SecurityEvent.text 1

Contained, inline Resources

SecurityEvent.contained
SecurityEvent.contained 1

What was done

SecurityEvent.event
SecurityEvent.event.id
SecurityEvent.event.id.value xml:id (or equivalent in JSON)
SecurityEvent.event.id 1

Type/identifier of event

SecurityEvent.event.type
SecurityEvent.event.type.coding code:
SecurityEvent.event.type.text text:
SecurityEvent.event.type 1

More specific type/id for the event

SecurityEvent.event.subtype
SecurityEvent.event.subtype.coding code:
SecurityEvent.event.subtype.text text:
SecurityEvent.event.subtype 1
SecurityEvent.event.action
SecurityEvent.event.action.value action
SecurityEvent.event.action 1
SecurityEvent.event.dateTime
SecurityEvent.event.dateTime.value Time when the event occurred on source
SecurityEvent.event.dateTime 1
SecurityEvent.event.outcome
SecurityEvent.event.outcome.value outcome
SecurityEvent.event.outcome 1
SecurityEvent.event.outcomeDesc
SecurityEvent.event.outcomeDesc.value Description of the event outcome
SecurityEvent.event.outcomeDesc 1
SecurityEvent.event 1

A person, a hardware device or software process

There may be more than one user per event, for example, in cases of actions initiated by one user for other users, or in events that involve more than one user, hardware device, or system process. However, only one user may be the initiator/requestor for the event.

SecurityEvent.participant
SecurityEvent.participant.id
SecurityEvent.participant.id.value xml:id (or equivalent in JSON)
SecurityEvent.participant.id 1

User roles (e.g. local RBAC codes)

SecurityEvent.participant.role
SecurityEvent.participant.role.coding code:
SecurityEvent.participant.role.text text:
SecurityEvent.participant.role 1

Direct reference to resource

SecurityEvent.participant.reference
SecurityEvent.participant.reference._type type
SecurityEvent.participant.reference._Practitioner
SecurityEvent.participant.reference._Practitioner.value Practitioner
SecurityEvent.participant.reference._Practitioner 1
SecurityEvent.participant.reference._Patient
SecurityEvent.participant.reference._Patient.value Patient
SecurityEvent.participant.reference._Patient 1
SecurityEvent.participant.reference._Device
SecurityEvent.participant.reference._Device.value Device
SecurityEvent.participant.reference._Device 1
SecurityEvent.participant.reference 1
SecurityEvent.participant.userId
SecurityEvent.participant.userId.value Unique identifier for the user
SecurityEvent.participant.userId 1
SecurityEvent.participant.altId
SecurityEvent.participant.altId.value Alternative User id e.g. authentication
SecurityEvent.participant.altId 1
SecurityEvent.participant.name
SecurityEvent.participant.name.value Human-meaningful name for the user
SecurityEvent.participant.name 1
SecurityEvent.participant.requestor
SecurityEvent.participant.requestor.value Whether user is initiator
SecurityEvent.participant.requestor 1
SecurityEvent.participant.media
SecurityEvent.participant.media.value Type of media
SecurityEvent.participant.media 1

Logical network location for application activity

SecurityEvent.participant.network
SecurityEvent.participant.network.id
SecurityEvent.participant.network.id.value xml:id (or equivalent in JSON)
SecurityEvent.participant.network.id 1
SecurityEvent.participant.network.identifier
SecurityEvent.participant.network.identifier.value Identifier for the network access point of the user device
SecurityEvent.participant.network.identifier 1
SecurityEvent.participant.network.type
SecurityEvent.participant.network.type.value type
SecurityEvent.participant.network.type 1
SecurityEvent.participant.network 1
SecurityEvent.participant 1

Application systems and processes

Since multi-tier, distributed, or composite applications make source identification ambiguous, this collection of fields may repeat for each application or process actively involved in the event. For example, multiple value-sets can identify participating web servers, application processes, and database server threads in an n-tier distributed application. Passive event participants, e.g., low-level network transports, need not be identified.

SecurityEvent.source
SecurityEvent.source.id
SecurityEvent.source.id.value xml:id (or equivalent in JSON)
SecurityEvent.source.id 1
SecurityEvent.source.site
SecurityEvent.source.site.value Logical source location within the enterprise
SecurityEvent.source.site 1
SecurityEvent.source.identifier
SecurityEvent.source.identifier.value The id of source where event originated
SecurityEvent.source.identifier 1
SecurityEvent.source.type
SecurityEvent.source.type.value The type of source where event originated
SecurityEvent.source.type 1
SecurityEvent.source 1

Specific instances of data or objects that have been accessed

required unless the values for Event Identification, Active Participant Identification, and Audit Source Identification are sufficient to document the entire auditable event. Because events may have more than one participant object, this group can be a repeating set of values.

SecurityEvent.object
SecurityEvent.object.id
SecurityEvent.object.id.value xml:id (or equivalent in JSON)
SecurityEvent.object.id 1

Specific instance of object (e.g. versioned)

SecurityEvent.object.identifier
SecurityEvent.object.identifier.label label:
SecurityEvent.object.identifier.system system:
SecurityEvent.object.identifier.value value:
SecurityEvent.object.identifier 1
SecurityEvent.object.reference
SecurityEvent.object.reference.value Specific instance of resource (e.g. versioned)
SecurityEvent.object.reference 1
SecurityEvent.object.type
SecurityEvent.object.type.value type
SecurityEvent.object.type 1
SecurityEvent.object.role
SecurityEvent.object.role.value role
SecurityEvent.object.role 1
SecurityEvent.object.lifecycle
SecurityEvent.object.lifecycle.value lifecycle
SecurityEvent.object.lifecycle 1

Policy-defined sensitivity for the object

SecurityEvent.object.sensitivity
SecurityEvent.object.sensitivity.coding code:
SecurityEvent.object.sensitivity.text text:
SecurityEvent.object.sensitivity 1
SecurityEvent.object.name
SecurityEvent.object.name.value Instance-specific descriptor for Object
SecurityEvent.object.name 1
SecurityEvent.object.description
SecurityEvent.object.description.value Descriptive text
SecurityEvent.object.description 1

Actual query for object

SecurityEvent.object.query
SecurityEvent.object.query 1

Additional Information about the Object

SecurityEvent.object.detail
SecurityEvent.object.detail.id
SecurityEvent.object.detail.id.value xml:id (or equivalent in JSON)
SecurityEvent.object.detail.id 1
SecurityEvent.object.detail.type
SecurityEvent.object.detail.type.value Name of the property
SecurityEvent.object.detail.type 1

Property value

SecurityEvent.object.detail.value
SecurityEvent.object.detail.value 1
SecurityEvent.object.detail 1
SecurityEvent.object 1
SecurityEvent 1