PackagesCanonicalsLogsProblems
    Packages
    hl7.fhir.core@1.4.0
    http://hl7.org/fhir/StructureDefinition/AuditEvent
JSONFHIR SchemaOther Versions
description: Base StructureDefinition for AuditEvent Resource
package_name: hl7.fhir.core
derivation: specialization
name: AuditEvent
type: null
elements:
  outcomeDesc: {type: string, short: Description of the event outcome, isSummary: true, index: 5}
  type: {short: Type/identifier of event, type: Coding, isSummary: true, index: 0}
  outcome: {short: Whether the event succeeded or failed, comments: 'In some cases a "success" may be partial, for example, an incomplete or interrupted transfer of a radiological study. For the purpose of establishing accountability, these distinctions are not relevant.', type: code, isSummary: true, index: 4}
  source:
    short: Application systems and processes
    comments: Since multi-tier, distributed, or composite applications make source identification ambiguous, this collection of fields may repeat for each application or process actively involved in the event. For example, multiple value-sets can identify participating web servers, application processes, and database server threads in an n-tier distributed application. Passive event participants (e.g. low-level network transports) need not be identified.
    type: BackboneElement
    index: 21
    elements:
      site: {type: string, short: Logical source location within the enterprise, index: 22}
      identifier: {short: The identity of source detecting the event, type: Identifier, isSummary: true, index: 23}
      type: {short: The type of source where event originated, type: Coding, array: true, index: 24}
    required: [identifier]
  recorded: {short: Time when the event occurred on source, comments: 'In a distributed system, some sort of common time base (e.g. an NTP [RFC1305] server) is a good implementation tactic.', type: instant, isSummary: true, index: 3}
  agent:
    min: 1
    short: Actor involved in the event
    index: 7
    comments: |-
      Several agents may be associated (i.e. have some responsibility for an activity) with an event or activity.

      For example, an activity may be initiated by one user for other users or involve more than one user. However, only one user may be the initiator/requestor for the activity.
    type: BackboneElement
    array: true
    elements:
      role: {short: Agent role in the event, comments: should be roles relevant to the event. Should  not be an exhaustive list of roles., type: CodeableConcept, array: true, index: 8}
      requestor: {short: Whether user is initiator, comments: 'There can only be one initiator. If the initiator is not clear, then do not choose any one agent as the initiator.', type: boolean, index: 13}
      altId: {type: string, short: Alternative User id e.g. authentication, index: 11}
      name: {type: string, short: Human-meaningful name for the agent, index: 12}
      policy: {short: Policy that authorized event, comments: 'For example: Where an OAuth token authorizes, the unique identifier from the OAuth token is placed into the policy element Where a policy engine (e.g. XACML) holds policy logic, the unique policy identifier is placed into the policy element.', type: uri, array: true, index: 15}
      purposeOfUse: {short: Reason given for this user, comments: 'Use AuditEvent.agent.purposeOfUse when you know that is specific to the agent, otherwise use AuditEvent.purposeOfEvent. For example, during a machine-to-machine transfer it might not be obvious to the audit system who caused the event, but it does know why.', type: Coding, array: true, index: 20}
      reference: {short: Direct reference to resource, type: Reference, isSummary: true, index: 9}
      userId: {short: Unique identifier for the user, comments: 'a unique value within the Audit Source ID. For node-based authentication -- where only the system hardware or process, but not a human user, is identified -- User ID would be the node name.', type: Identifier, isSummary: true, index: 10}
      network:
        type: BackboneElement
        short: Logical network location for application activity
        index: 17
        elements:
          address: {short: Identifier for the network access point of the user device, comments: 'This could be a device id, IP address or some other identifier associated with a device.', type: string, index: 18}
          type: {short: The type of network access point, type: code, index: 19}
      location: {type: Reference, short: Where, index: 14}
      media: {short: Type of media, type: Coding, index: 16}
    required: [requestor]
  purposeOfEvent: {short: The purposeOfUse of the event, comments: 'Use AuditEvent.agent.purposeOfUse when you know that is specific to the agent, otherwise use AuditEvent.purposeOfEvent. For example, during a machine-to-machine transfer it might not be obvious to the audit system who caused the event, but it does know why.', type: Coding, array: true, isSummary: true, index: 6}
  action: {short: Type of action performed during the event, type: code, isSummary: true, index: 2}
  entity:
    constraint:
      sev-1: {human: Either a name or a query (NOT both), severity: error, expression: name.empty() or query.empty()}
    short: Specific instances of data or objects that have been accessed
    comments: Required unless the values for event identification, agent identification, and audit source identification are sufficient to document the entire auditable event. Because events may have more than one entity, this group can be a repeating set of values.
    type: BackboneElement
    array: true
    index: 25
    elements:
      role: {short: What role the entity played, type: Coding, index: 29}
      description: {type: string, short: Descriptive text, index: 33}
      name: {short: Descriptor for entity, comments: 'This field may be used in a query/report to identify audit events for a specific person.  For example, where multiple synonymous entity identifers (patient number, medical record number, encounter number, etc.) have been used.', type: string, isSummary: true, index: 32}
      type: {short: Type of object involved, comments: This value is distinct from the user's role or any user relationship to the entity., type: Coding, index: 28}
      lifecycle: {short: Life-cycle stage for the object, comments: 'This can be used to provide an audit trail for data, over time, as it passes through the system.', type: Coding, index: 30}
      reference: {type: Reference, short: Specific instance of resource (e.g. versioned), isSummary: true, index: 27}
      identifier: {short: Specific instance of object (e.g. versioned), comments: Identifier detail depends on entity type., type: Identifier, isSummary: true, index: 26}
      query: {short: Query parameters, type: base64Binary, isSummary: true, index: 34}
      securityLabel: {short: Security labels applied to the object, type: Coding, array: true, index: 31}
      detail:
        type: BackboneElement
        short: Additional Information about the entity
        array: true
        index: 35
        elements:
          type: {type: string, short: Name of the property, index: 36}
          value: {type: base64Binary, short: Property value, index: 37}
        required: [value, type]
  subtype: {short: More specific type/id for the event, type: Coding, array: true, isSummary: true, index: 1}
package_version: 1.4.0
class: resource
kind: resource
url: http://hl7.org/fhir/StructureDefinition/AuditEvent
base: http://hl7.org/fhir/StructureDefinition/DomainResource
version: null
required: [agent, recorded, source, type]