{
"description": "The Basic Audit Log Patterns (BALP) Implementation Guide is a Content Profile that defines some basic and reusable AuditEvent patterns. This includes basic audit log profiles for FHIR RESTful operations to be used when there is not a more specific audit event defined. A focus is enabling Privacy centric AuditEvent logs that hold well formed indication of the Patient when they are the subject of the activity being recorded in the log. Where a more specific audit event can be defined it should be derived off of these basic patterns.",
"_filename": "ImplementationGuide-ihe.iti.balp.json",
"package_name": "ihe.iti.balp",
"definition": {
"page": {
"page": [ {
"title": "Basic Audit Log Patterns (BALP)",
"nameUrl": "index.html",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-page-name",
"valueUrl": "index.html"
} ],
"generation": "markdown"
}, {
"title": "1:52 Basic Audit Log Patterns",
"nameUrl": "volume-1.html",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-page-name",
"valueUrl": "volume-1.html"
} ],
"generation": "markdown"
}, {
"title": "3:5.7 Basic Audit Log Patterns",
"nameUrl": "content.html",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-page-name",
"valueUrl": "content.html"
} ],
"generation": "markdown"
}, {
"title": "BasicAudit Test Plan",
"nameUrl": "testplan.html",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-page-name",
"valueUrl": "testplan.html"
} ],
"generation": "markdown"
}, {
"title": "Changes to Other IHE Specifications",
"nameUrl": "other.html",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-page-name",
"valueUrl": "other.html"
} ],
"generation": "markdown"
}, {
"title": "Download and Analysis",
"nameUrl": "download.html",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-page-name",
"valueUrl": "download.html"
} ],
"generation": "markdown"
}, {
"title": "AuditEvent Use in IHE Profiles",
"nameUrl": "appendix.html",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-page-name",
"valueUrl": "appendix.html"
} ],
"generation": "markdown"
}, {
"title": "BasicAudit Open and Closed issues",
"nameUrl": "issues.html",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-page-name",
"valueUrl": "issues.html"
} ],
"generation": "markdown"
} ],
"title": "Table of Contents",
"nameUrl": "toc.html",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-page-name",
"valueUrl": "toc.html"
} ],
"generation": "html"
},
"resource": [ {
"name": "Agent types holding User-Agent",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "ValueSet"
} ],
"reference": {
"reference": "ValueSet/UserAgentTypesVS"
},
"description": "AuditEvent.agent.type values holding OAuth/SAML identified user. Note that user is not just users, but representes the higest agent responsible for triggering the activity being recorded in the AuditEvent.\n\nOften this agent also has a type coding that is more specific to the transaction and the direction of the transaction.\n- http://terminology.hl7.org/CodeSystem/v3-ParticipationType#IRCP // use for query/retrieve\n- http://terminology.hl7.org/CodeSystem/v3-RoleClass#AGNT // use for push/create/update\n- http://terminology.hl7.org/CodeSystem/v3-RoleClass#PAT // use when the user is the patient\n- http://terminology.hl7.org/CodeSystem/v3-ParticipationType#AUT \"Author\" // used with create/update\n- http://terminology.hl7.org/CodeSystem/v3-ParticipationType#INF \"Informant\" // used with export\n- http://terminology.hl7.org/CodeSystem/v3-ParticipationType#CST \"Custodian\" // used with export",
"exampleBoolean": false
}, {
"name": "all Reads",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "ValueSet"
} ],
"reference": {
"reference": "ValueSet/AllReadVS"
},
"description": "ValueSet of the restful-interaction reads",
"exampleBoolean": false
}, {
"name": "all Searches",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "ValueSet"
} ],
"reference": {
"reference": "ValueSet/AllSearchVS"
},
"description": "ValueSet of the restful-interaction searches",
"exampleBoolean": false
}, {
"name": "all Updates",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "ValueSet"
} ],
"reference": {
"reference": "ValueSet/AllUpdateVS"
},
"description": "ValueSet of the restful-interaction updates",
"exampleBoolean": false
}, {
"name": "Audit Event for a Privacy Disclosure as recorded by a Recipient",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "StructureDefinition:resource"
} ],
"reference": {
"reference": "StructureDefinition/IHE.BasicAudit.PrivacyDisclosure.Recipient"
},
"description": "Defines constraints on the AuditEvent Resource to record when a Privacy Disclosure is detected at the Recipient of the data.\n\n- Import event\n- shall have source of itself\n- shall have a source agent\n- shall have a recipient agent\n- may have user, app, organization agent(s)\n - combine with the Security Token pattern\n- may, if known, have the custodian that released the data\n- may, if known, have the authorizer that represented the patient (may be the patient)\n- shall have a patient entity\n- shall have a set identity entity",
"exampleBoolean": false
}, {
"name": "Audit Event for Privacy Disclosure at Source",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "StructureDefinition:resource"
} ],
"reference": {
"reference": "StructureDefinition/IHE.BasicAudit.PrivacyDisclosure.Source"
},
"description": "Defines constraints on the AuditEvent Resource to record when a Privacy Disclosure happens at the Source.\n\n- Import event\n- shall have source of itself\n- shall have a source agent\n- shall have a recipient agent\n- may have user, app, organization agent(s)\n - combine with the Security Token pattern\n- should have the custodian that released the data\n- should have the authorizer that represented the patient (may be the patient)\n- shall have a patient entity\n- shall have the set of data entity(ies)",
"exampleBoolean": false
}, {
"name": "Audit Example of a basic Authorization Deny access",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditAuthZconsent-deny"
},
"description": "Example AuditEvent showing an authorization decision resulting in deny.",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.AuthZconsent"
}, {
"name": "Audit Example of a basic Authorization Permit access",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditAuthZconsent"
},
"description": "Example AuditEvent showing an authorization decision.",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.AuthZconsent"
}, {
"name": "Audit Example of a basic SAML access token of comprehensive",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditPoke-SAML-Comp"
},
"description": "Example AuditEvent showing just the comprehensive SAML access token. The event being recorded is a theoretical **poke** (not intended to represent anything useful).\n\nComprehensive is different than Minimal in that it presumes that when the AuditEvent is used, the appropriate use of the AuditEvent does not have access to the SAML Idenity Provider (IDP), or that the IDP may have forgotten about the issued ID.\n\n**Builds upon the Minimal**\n\nSAML field | example value |\n-----|-----|\nSubject.NameID | 05086900124\nIssuer | https://sts.sykehuspartner.no\nID | XC4WdYS0W5bjsMGc5Ue6tClD_5U\npurposeOfUse | http://terminology.hl7.org/CodeSystem/v3-ActReason#PATRQT\nassurance | authenticated AAL 4\n~subject:subject-id | JohnDoe\n~subject:npi | 1234567@myNPIregistry.example.org\n~subject:provider-identifier | JohnD\n~subject:organization | St. Mary of Examples\n~subject:organization-id | 1234567@myOrganizationRegistry.example.org\n~bppc:2007:docid | urn:uuid:a4b1d27e-5493-11ec-bf63-0242ac130002 \n~xua:2012:acp | urn:uuid:b8aa8eec-5493-11ec-bf63-0242ac130002\n~homeCommunityId | urn:uuid:cadbf8d0-5493-11ec-bf63-0242ac130002 \n~resource:resource-id | urn:uuid:d7391e5a-5493-11ec-bf63-0242ac130002",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.SAMLaccessTokenUse.Comprehensive"
}, {
"name": "Audit Example of a basic SAML access token of comprehensive from QDI sample",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditPoke-SAML-QDI-Comp"
},
"description": "Example AuditEvent showing QDI sample with just the comprehensive SAML access token. The event being recorded is a theoretical **poke** (not intended to represent anything useful).\n\nSAML | example value |\n-----|-----|\nSubject.NameID | UID=kskagerb\nIssuer | CN=John Miller,OU=Harris,O=HITS,L=Melbourne,ST=FL,C=US\nID | _d87f8adf-711a-4545-bf77-ff8517b498e4\nsubject-id | Karl S Skagerberg\nsubject:organization | connectred5.fedsconnect.org\nsubject:organization-id | urn:oid:2.16.840.1.113883.3.333\nhomeCommunityId | urn:oid:2.16.840.1.113883.3.333\nsubject:role | 2.16.840.1.113883.6.96#307969004\npurposofuse | 2.16.840.1.113883.3.18.7.1#PUBLICHEALTH\nresource-id | 500000000^^^&2.16.840.1.113883.3.333&ISO\nAuthzDecisionStatement | nesting\n.AccessConsentPolicy | urn:oid:1.2.3.4\n.InstanceAccessConsentPolicy | urn:oid:1.2.3.4.123456789\nAuthnContextClassRef | urn:oasis:names:tc:SAML:2.0:ac:classes:X509",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.SAMLaccessTokenUse.Comprehensive"
}, {
"name": "Audit Example of a basic SAML access token of minimal",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditPoke-SAML-Min"
},
"description": "Example AuditEvent showing just the minimal SAML access token. The event being recorded is a theoretical **poke** (not intended to represent anything useful).\n\nMinimal only records the SAML assertion id, issuer, and subject. Minimal may record roles and purposeOfUse if known. Minimal presumes you have access to the SAML Identity Provider (IDP) to reverse lookup given this information.\n\nSAML field | example value |\n-----|-----|\nSubject.NameID | 05086900124\nIssuer | https://sts.sykehuspartner.no\nID | XC4WdYS0W5bjsMGc5Ue6tClD_5U",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.SAMLaccessTokenUse.Minimal"
}, {
"name": "Audit Example of a basic SAML access token of minimal from QDI sample",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditPoke-SAML-QDI-Min"
},
"description": "Example AuditEvent showing QDI sample with just the minimal SAML access token. The event being recorded is a theoretical **poke** (not intended to represent anything useful).\n\nMinimal only records the SAML assertion id, issuer, and subject. Minimal may record roles and purposeOfUse if known. Minimal presumes you have access to the SAML Identity Provider (IDP) to reverse lookup given this information.\n\nSAML field | example value |\n-----|-----|\nSubject.NameID | UID=kskagerb \nIssuer | CN=John Miller,OU=Harris,O=HITS,L=Melbourne,ST=FL,C=US\nID | _d87f8adf-711a-4545-bf77-ff8517b498e4\nsubject-id | Karl S Skagerberg\nsubject:organization | connectred5.fedsconnect.org\nsubject:organization-id | urn:oid:2.16.840.1.113883.3.333\nhomeCommunityId | urn:oid:2.16.840.1.113883.3.333\nsubject:role | 2.16.840.1.113883.6.96#307969004\npurposofuse | 2.16.840.1.113883.3.18.7.1#PUBLICHEALTH\nresource-id | 500000000^^^&2.16.840.1.113883.3.333&ISO\nAuthzDecisionStatement | nesting\n.AccessConsentPolicy | urn:oid:1.2.3.4\n.InstanceAccessConsentPolicy | urn:oid:1.2.3.4.123456789\nAuthnContextClassRef | urn:oasis:names:tc:SAML:2.0:ac:classes:X509",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.SAMLaccessTokenUse.Minimal"
}, {
"name": "Audit Example of a basic SAML access token of minimal with multiple PurposeOfUse",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditPoke-SAML-Min2"
},
"description": "Example AuditEvent showing just the minimal SAML access token. The event being recorded is a theoretical **poke** (not intended to represent anything useful).\n\nMinimal only records the SAML assertion id, issuer, and subject. Minimal may record roles and purposeOfUse if known. Minimal presumes you have access to the SAML Identity Provider (IDP) to reverse lookup given this information.\n\nSAML field | example value |\n-----|-----|\nSubject.NameID | \"JoeL\" \nIssuer | \"https://carequality.org\" \nID | \"_5a6b51b7-cd3e-4629-aac8-9846cbc3cf84\" \n~purposeOfUse | http://terminology.hl7.org/CodeSystem/v3-ActReason, TREAT\n~purposeOfUse | http://terminology.hl7.org/CodeSystem/v3-ActReason, ETREAT\n~purposeOfUse | http://terminology.hl7.org/CodeSystem/v3-ActReason, HPAYMT\n~purposeOfUse | http://terminology.hl7.org/CodeSystem/v3-ActReason, HOPERAT",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.SAMLaccessTokenUse.Minimal"
}, {
"name": "Audit Example of Privacy Disclosure at recipient",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditPrivacyDisclosure-recipient"
},
"description": "Audit Example for a Privacy Disclosure as recorded at the recipient",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PrivacyDisclosure.Recipient"
}, {
"name": "Audit Example of Privacy Disclosure at recipient",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditPrivacyDisclosure-recipient-minCodes"
},
"description": "Audit Example for a Privacy Disclosure as recorded at the recipient",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PrivacyDisclosure.Recipient"
}, {
"name": "Audit Example of Privacy Disclosure at source",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditPrivacyDisclosure-source"
},
"description": "Audit Example for a Privacy Disclosure from source perspective",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PrivacyDisclosure.Source"
}, {
"name": "Audit Example of Privacy Disclosure at source",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditPrivacyDisclosure-source2"
},
"description": "Audit Example for a Privacy Disclosure from source perspective",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PrivacyDisclosure.Source"
}, {
"name": "Audit Example of Privacy Disclosure of a patient specific MeasureReport",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditPrivacyDisclosure-measurereport"
},
"description": "Audit Example for a Privacy Disclosure from source perspective of a MeasureReport",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PrivacyDisclosure.Source"
}, {
"name": "AuditEvent.agent Assurance Level",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "StructureDefinition:extension"
} ],
"reference": {
"reference": "StructureDefinition/ihe-assuranceLevel"
},
"description": "The assuranceLevel element carries various types of Assurance level. May be an Identity Assurance (IAL), an Authentication Assurance Level (AAL), a Federation Assurance Level (FAL), or other. \n\nIn SAML this is [defined to be carried](https://docs.oasis-open.org/security/saml/v2.0/saml-authn-context-2.0-os.pdf) in the `saml:AuthnContextClassRef`, but may be carried elsewhere based on the use-case and profiling of SAML.\n\nThe Vocabulary is not defined here. Some sources of vocabulary:\n- HL7 v3 [Security Trust Assurance ValueSet](https://terminology.hl7.org/3.0.0/ValueSet-v3-SecurityTrustAssuranceObservationValue.html). These include ISO-7498-2, NIST 800-63-1, and NIST-800-63-2.\n- [idmanagement.gov](https://developers.login.gov/saml/#specifying-attributes-and-assurance-levels) published on login.gov\n - this is defined to be carried in the saml:AuthnContextClassRef\n- OASIS [Authentication Context for SAML](https://docs.oasis-open.org/security/saml/v2.0/saml-authn-context-2.0-os.pdf)\n- An example of a customized and purpose defined small set of codes can be found in the HL7 [SMART Health Cards](http://hl7.org/fhir/uv/shc-vaccination/2021Sep/) defines a [valueset](http://hl7.org/fhir/uv/shc-vaccination/ValueSet/identity-assurance-level)",
"exampleBoolean": false
}, {
"name": "AuditEvent.agent other identifiers",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "StructureDefinition:extension"
} ],
"reference": {
"reference": "StructureDefinition/ihe-otherId"
},
"description": "Carries other identifiers are known for an agent.",
"exampleBoolean": false
}, {
"name": "Authorization subType events",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "CodeSystem"
} ],
"reference": {
"reference": "CodeSystem/AuthZsubType"
},
"description": "These AuditEvent subTypes are related to Authorization Decisions. These are more specific types of Security Alert.",
"exampleBoolean": false
}, {
"name": "Authorization subType events valueset",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "ValueSet"
} ],
"reference": {
"reference": "ValueSet/AuthZsubTypeVS"
},
"description": "ValueSet of the Authorization AuditEvent types",
"exampleBoolean": false
}, {
"name": "Basic AuditEvent for a successful Create not related to a Patient",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "StructureDefinition:resource"
} ],
"reference": {
"reference": "StructureDefinition/IHE.BasicAudit.Create"
},
"description": "A basic AuditEvent profile for when a RESTful Create action happens successfully.\n\n- Given a Resource Create is requested \n- And that resource does not have a Patient subject or is otherwise associated with a Patient\n - when the resource is Patient specific then [PatientCreate](StructureDefinition-IHE.BasicAudit.PatientCreate.html) is used\n- And the request is authorized\n - Authorization failures should follow [FHIR core Access Denied](http://hl7.org/fhir/security.html#AccessDenied)\n- When successful\n - Note a failure AuditEvent may follow this pattern, but would not be a successful outcome and should have an OperationOutcome\n- Then the AuditEvent recorded will conform",
"exampleBoolean": false
}, {
"name": "Basic AuditEvent for a successful Create with known Patient subject",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "StructureDefinition:resource"
} ],
"reference": {
"reference": "StructureDefinition/IHE.BasicAudit.PatientCreate"
},
"description": "A basic AuditEvent profile for when a RESTful Create action happens successfully, and where there is an identifiable Patient subject associated with the create of the Resource.\n\n- Given a Resource Create is requested \n- And that resource has a Patient subject or is otherwise associated with a Patient\n- And the request is authorized\n - Authorization failures should follow [FHIR core Access Denied](http://hl7.org/fhir/security.html#AccessDenied)\n- When successful\n - Note a failure AuditEvent may follow this pattern, but would not be a successful outcome and should have an OperationOutcome\n- Then the AuditEvent recorded will conform",
"exampleBoolean": false
}, {
"name": "Basic AuditEvent for a successful Delete",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "StructureDefinition:resource"
} ],
"reference": {
"reference": "StructureDefinition/IHE.BasicAudit.Delete"
},
"description": "A basic AuditEvent profile for when a RESTful Delete action happens successfully.\n\n- Given a Resource Delete is requested \n- And that resource has does not have a Patient subject or is otherwise associated with a Patient\n - when the resource is Patient specific then [PatientDelete](StructureDefinition-IHE.BasicAudit.PatientDelete.html) is used\n- And the request is authorized\n - Authorization failures should follow [FHIR core Access Denied](http://hl7.org/fhir/security.html#AccessDenied)\n- When successful\n - Note a failure AuditEvent may follow this pattern, but would not be a successful outcome and should have an OperationOutcome\n- Then the AuditEvent recorded will conform",
"exampleBoolean": false
}, {
"name": "Basic AuditEvent for a successful Delete with Patient",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "StructureDefinition:resource"
} ],
"reference": {
"reference": "StructureDefinition/IHE.BasicAudit.PatientDelete"
},
"description": "A basic AuditEvent profile for when a RESTful Delete action happens successfully, and where there is an identifiable Patient subject associated with the Resource being deleted.\n\n- Given a Resource Delete is requested \n- And that resource has a Patient subject or is otherwise associated with a Patient\n- And the request is authorized\n - Authorization failures should follow [FHIR core Access Denied](http://hl7.org/fhir/security.html#AccessDenied)\n- When successful\n - Note a failure AuditEvent may follow this pattern, but would not be a successful outcome and should have an OperationOutcome\n- Then the AuditEvent recorded will conform",
"exampleBoolean": false
}, {
"name": "Basic AuditEvent for a successful Query",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "StructureDefinition:resource"
} ],
"reference": {
"reference": "StructureDefinition/IHE.BasicAudit.Query"
},
"description": "A basic AuditEvent profile for when a RESTful Query / Search action happens successfully.\n\n- Given a RESTful Query is requested\n- And the request does not have a Patient subject indicated\n - The requestor logging the event would potentially not know they have requested Patient specific data\n - The data objects may not be patient specific kind of objects\n - when the request is Patient specific then [PatientQuery](StructureDefinition-IHE.BasicAudit.PatientQuery.html) is used\n- And the request is authorized\n - Authorization failures should follow [FHIR core Access Denied](http://hl7.org/fhir/security.html#AccessDenied)\n- When successful\n - Note a failure AuditEvent may follow this pattern, but would not be a successful outcome and should have an OperationOutcome\n - Note success may result in zero or more results. The number of results and the content of the results are not recorded.\n- And the results are not Patient specific\n - when the results are Patient specific then [PatientQuery](StructureDefinition-IHE.BasicAudit.PatientQuery.html) are used\n- Then the AuditEvent recorded will conform\n - The raw search request is base64 encoded and placed in the .entity[query].query element. The base64 encoding of the raw search request enables preserving exactly what was requested, including possibly malicious patterns. This enables detection of malicious or malformed requests.\n - The cleaned search may be recorded (not base64) in the .entity[query].description. The cleaned search request would have removed parameters that were not understood/supported. The cleaned search request in the .description element enables more efficient processing.\n\nNote: the pattern defined in DICOM and IHE have the client is identified as the Source Role ID, and the server is identified as the Destination Role ID. This represents the query parameters are flowing from the client to the server. This may not be so obvious, as the data actually flows the opposite direction. This pattern is established and thus followed here.",
"exampleBoolean": false
}, {
"name": "Basic AuditEvent for a successful Query with Patient",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "StructureDefinition:resource"
} ],
"reference": {
"reference": "StructureDefinition/IHE.BasicAudit.PatientQuery"
},
"description": "A basic AuditEvent profile for when a RESTful Query action happens successfully, and where there is an identifiable Patient subject associated with the read Resource(s).\n\n- Given a RESTful Query is requested\n- And the request is for a Patient subject indicated\n - The requestor includes a Patient id or identifier as a query parameter\n - The requestor security context is limited to a given Patient identity\n- And the request is authorized\n - Authorization failures should follow [FHIR core Access Denied](http://hl7.org/fhir/security.html#AccessDenied)\n- When successful\n - Note a failure AuditEvent may follow this pattern, but would not be a successful outcome and should have an OperationOutcome\n - Note success may result in zero or more results. The number of results and the content of the results are not recorded.\n- Then the AuditEvent recorded will conform\n - The raw search request is base64 encoded and placed in the .entity[query].query element. The base64 encoding of the raw search request enables preserving exactly what was requested, including possibly malicious patterns. This enables detection of malicious or malformed requests.\n - The cleaned search may be recorded (not base64) in the .entity[query].description. The cleaned search request would have removed parameters that were not understood/supported. The cleaned search request in the .description element enables more efficient processing.\n- And When multiple patient results are returned, one AuditEvent is created for every Patient identified in the resulting search set. Note this is true when the search set bundle includes any number of resources that collectively reference multiple Patients. This includes one Resource with multiple subject values, or many Resources with single subject values that are different.\n\nNote: the pattern defined in DICOM and IHE have that the client is identified as the Source Role ID, and the server is identified as the Destination Role ID. This may not be so obvious, as the data actually flows the opposite direction. This pattern is established and thus followed here.",
"exampleBoolean": false
}, {
"name": "Basic AuditEvent for a successful Read",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "StructureDefinition:resource"
} ],
"reference": {
"reference": "StructureDefinition/IHE.BasicAudit.Read"
},
"description": "A basic AuditEvent profile for when a RESTful Read action happens successfully.\n\n- Given a Resource Read is requested \n- And that resource does not have a Patient subject or is otherwise associated with a Patient\n - when the resource is Patient specific then [PatientRead](StructureDefinition-IHE.BasicAudit.PatientRead.html) is used\n- And the request is authorized\n - Authorization failures should follow [FHIR core Access Denied](http://hl7.org/fhir/security.html#AccessDenied)\n- When successful\n - Note a failure AuditEvent may follow this pattern, but would not be a successful outcome and should have an OperationOutcome\n- Then the AuditEvent recorded will conform",
"exampleBoolean": false
}, {
"name": "Basic AuditEvent for a successful Read with a Patient",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "StructureDefinition:resource"
} ],
"reference": {
"reference": "StructureDefinition/IHE.BasicAudit.PatientRead"
},
"description": "A basic AuditEvent profile for when a RESTful Read action happens successfully, and where there is an identifiable Patient subject associated with the read Resource.\n\n- Given a Resource Read is requested \n- And that resource has a Patient subject or is otherwise associated with a Patient\n- And the request is authorized\n - Authorization failures should follow [FHIR core Access Denied](http://hl7.org/fhir/security.html#AccessDenied)\n- When successful\n - Note a failure AuditEvent may follow this pattern, but would not be a successful outcome and should have an OperationOutcome\n- Then the AuditEvent recorded will conform",
"exampleBoolean": false
}, {
"name": "Basic AuditEvent for a successful Update",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "StructureDefinition:resource"
} ],
"reference": {
"reference": "StructureDefinition/IHE.BasicAudit.Update"
},
"description": "A basic AuditEvent profile for when a RESTful Update action happens successfully.\n\n- Given a Resource Update is requested \n- And that resource does not have a Patient subject or is otherwise associated with a Patient\n - when the resource is Patient specific then [PatientUpdate](StructureDefinition-IHE.BasicAudit.PatientUpdate.html) is used\n- And the request is authorized\n - Authorization failures should follow [FHIR core Access Denied](http://hl7.org/fhir/security.html#AccessDenied)\n- When successful\n - Note a failure AuditEvent may follow this pattern, but would not be a successful outcome and should have an OperationOutcome\n- Then the AuditEvent recorded will conform\n- And where the server supports FHIR Versioning the AuditEvent should use the version specific id",
"exampleBoolean": false
}, {
"name": "Basic AuditEvent for a successful Update with a Patient subject",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "StructureDefinition:resource"
} ],
"reference": {
"reference": "StructureDefinition/IHE.BasicAudit.PatientUpdate"
},
"description": "A basic AuditEvent profile for when a RESTful Update action happens successfully, and where there is an identifiable Patient subject associated with the Update of the Resource.\n\n- Given a Resource Update is requested \n- And that resource has a Patient subject or is otherwise associated with a Patient\n- And the request is authorized\n - Authorization failures should follow [FHIR core Access Denied](http://hl7.org/fhir/security.html#AccessDenied)\n- When successful\n - Note a failure AuditEvent may follow this pattern, but would not be a successful outcome and should have an OperationOutcome\n- Then the AuditEvent recorded will conform\n- And where the server supports FHIR Versioning the AuditEvent should use the version specific id",
"exampleBoolean": false
}, {
"name": "Basic AuditEvent pattern for oAuth Opaque",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "StructureDefinition:resource"
} ],
"reference": {
"reference": "StructureDefinition/IHE.BasicAudit.OAUTHaccessTokenUse.Opaque"
},
"description": "Used when:\n- only have an opaque oAuth token (e.g. clients).\n- have access to the oAuth token, but want to log minimal details.\n\n- oUser slice holds fragment of the opaque oAuth token\n - record only the last 32 characters of the oAuth token to limit risk or replay\n - presume 32 characters is enough to coorelate AuditEvent log entries",
"exampleBoolean": false
}, {
"name": "Basic AuditEvent pattern for oAuth Opaque",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "StructureDefinition:resource"
} ],
"reference": {
"reference": "StructureDefinition/IHE.BasicAudit.OAUTHaccessTokenUse.Minimal"
},
"description": "Used when access to the oAuth token, but want to log minimal details.\n\n- oUser slice holds only the JWT ID",
"exampleBoolean": false
}, {
"name": "Basic AuditEvent pattern for when an activity was authorized by an IUA access token",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "StructureDefinition:resource"
} ],
"reference": {
"reference": "StructureDefinition/IHE.BasicAudit.OAUTHaccessTokenUse.Comprehensive"
},
"description": "A basic AuditEvent profile for when an activity was authorized by an IUA access token. This profile is expected to be used with some other detail that explains the activity. This profile only covers the IUA access token.\n\n- Given an activity has occured\n- And OAuth is used to authorize (both app and user)\n- And the given activity is using http with authorization: bearer mechanism \n - IUA - [3.72 Incorporate Access Token \\[ITI-72\\]](https://profiles.ihe.net/ITI/IUA/index.html#372-incorporate-access-token-iti-72)\n - Bulk Data Access - [11. Presenting an Access Token to FHIR API](https://hl7.org/fhir/uv/bulkdata/authorization/index.html#presenting-an-access-token-to-fhir-api)\n - SMART-app-launch - [7.1.5 Step 4: App accesses clinical data via FHIR API](http://hl7.org/fhir/smart-app-launch/index.html#step-4-app-accesses-clinical-data-via-fhir-api)\n - [HL7 Security for Scalable Registration, Authentication, and Authorization (aka UDAP) ](http://hl7.org/fhir/us/udap-security/history.html) when it gets published \n- When an AuditEvent is recorded for the activity\n- Then that AuditEvent would follow this profile regarding recording the IUA access token details\n- note: this profile records minimal information from the IUA access token, which presumes that use of the AuditEvent at a later time will be able to resolve the given information.\n- client slice holds the application details\n - This is likely replicated in other slices, but is consistently identified as the Application slice for ease of tracking all events caused by this client\n - place the client_id into .who.identifier.value (system is not needed, but avaialble if you have a system)\n - any network identification detail should be placed in .network (may be a IP address, or hostname)\n- oUser slice holds the user details\n - user id is recorded in the .who.identifier\n - user id is also recorded in .name to be more easy searched\n - if roles or purposeOfUse are known record them here\n - the JWT ID is recorded in .policy. Expecting that during audit anaysis this ID can be looked up and dereferenced",
"exampleBoolean": false
}, {
"name": "Basic AuditEvent pattern for when an activity was authorized by an SAML access token Comprehensive",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "StructureDefinition:resource"
} ],
"reference": {
"reference": "StructureDefinition/IHE.BasicAudit.SAMLaccessTokenUse.Comprehensive"
},
"description": "A basic AuditEvent profile for when an activity was authorized by an SAML access token. This profile is expected to be used with some other detail that explains the activity. This profile only covers the SAML access token. \n\nThe following table uses a short-hand for the SAML fields and FHIR AuditEvent elements to keep the table compact. It is presumed the reader can understand the SAML field and the FHIR AuditEvent element given. Note the `~` character represents attributes under the SAML `AttributeStatement`. \n\n**Builds upon the Minimal**\n\n| SAML field | Comprehensive AuditEvent\n|------------------------------|-----------------------------------|\n| ID | agent[user].policy\n| Issuer | agent[user].who.identifier.system\n| Subject.NameID | agent[user].who.identifier.value\n| ~subject:role | agent[user].role\n| ~subject:purposeofuse | agent[user].purposeOfUse\n| AuthnContextClassRef | agent[user].extension[assuranceLevel]\n| ~subject:subject-id | agent[user].extension[otherId][subject-id].value\n| ~subject:npi | agent[user].extension[otherId][npi].value\n| ~subject:provider-identifier | agent[user].extension[otherId][provider-id].value\n| ~subject:organization | agent[userorg].who.display\n| ~subject:organization-id | agent[userorg].who.identifier.value\n| ~homeCommunityId | agent[homeCommunityId].who.identifier.value \n| ~bppc:2007:docid | entity[consent].what.identifier.value \n| ~xua:2012:acp | entity[consent].detail.valueString \n| ~resource:resource-id | entity[consent-patient].what.identifier.value",
"exampleBoolean": false
}, {
"name": "Basic AuditEvent pattern for when an activity was authorized by an SAML access token Minimal",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "StructureDefinition:resource"
} ],
"reference": {
"reference": "StructureDefinition/IHE.BasicAudit.SAMLaccessTokenUse.Minimal"
},
"description": "A basic AuditEvent profile for when an activity was authorized by an SAML access token. This profile is expected to be used with some other detail that explains the activity. This profile only covers the SAML access token.\n\n- Given an activity has occurred\n- And SAML is used to authorize a transaction\n- And the given activity is using the SAML\n - XUA \n - SAML requires ID and Issuer, so this profile of AuditEvent will work with any SAML token.\n - usually SOAP, but not limited to SOAP\n- When an AuditEvent is recorded for the activity\n- Presumes that the consent and server have been identified in agent elements, best case with certificate identities\n- Then that AuditEvent would follow this profile regarding recording the SAML access token details\n\nThe following table uses a short-hand for the SAML fields and FHIR AuditEvent elements to keep the table compact. It is presumed the reader can understand the SAML field and the FHIR AuditEvent element given. Note the `~` character represents attributes under the SAML `AttributeStatement`. \n\n| SAML field | Minimal AuditEvent\n|-----------------------|----------------------|\n| ID | agent[user].policy\n| Issuer | agent[user].who.identifier.system\n| Subject.NameID | agent[user].who.identifier.value\n| ~subject:purposeofuse | agent[user].purposeOfUse\n\nnote: this profile records minimal information from the SAML access token, which presumes that use of the AuditEvent at a later time will be able to resolve the given information.",
"exampleBoolean": false
}, {
"name": "Basic AuditEvent pattern for when an Authorization permit is decided",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "StructureDefinition:resource"
} ],
"reference": {
"reference": "StructureDefinition/IHE.BasicAudit.AuthZconsent"
},
"description": "An AduitEvent recording a permit authorization decision by a Consent Decision Service, \n\n- Given an Authorization Decision resulted in a permit\n- And based on a Consent resource (C1) \n- And filed by a patient (P1), \n- And in response to a request by an organization (Org1) \n- And for the purpose of treatment (TREAT).\n- And the given request is authorized \n- When an AuditEvent is recorded for the activity\n- Then that AuditEvent would follow this profile regarding recording the authorization decision\n - Security Alert\n - Authorization Decison by Consent\n - Execute action\n - date/time recorded\n - outcome\n - success when Permit\n\t- failure when Deny\n\t- outcomeDesc would explain why a deny\n - recorded by the authorization server\n - Agents\n - client app\n\t- user\n\t - user requested purposeOfUse\n\t- user organization\n\t- authorization service\n - Entity\n - patient subject\n\t- consent on file for that patient\n\t- the token id (JWT ID) issued (if one is issued) should be recorded\n\t- other data may be recorded that was used in the decision",
"exampleBoolean": false
}, {
"name": "Client - Audit Example of a basic patient identifiable Create by the author",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicCreateClient"
},
"description": "Audit Example for a RESTful Create of a resource with a patient subject created by the author\n\n- recorded by the client with [server](AuditEvent-ex-auditBasicCreateServer.html)\n- server is FHIR application server defined by ex-device\n- client is an app on myMachine on myMachine\n- user is the author John Smith\n- patient is ex-patient\n- created resource is ex-list",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientCreate"
}, {
"name": "Client - Audit Example of a basic patient identifiable Create of a Job with no user",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicCreateNoUserJob"
},
"description": "Audit Example for a RESTful Create of a Job (document) resource with a patient subject with no user. This might be a B2B exchange where the OAuth token just identifies the requesting organization.\n\n- recorded by the client - ex-device\n- server is FHIR application server defined by ex-device\n- client is an app on myMachine on myMachine\n- patient is ex-patient\n- created job is ex-documentreference",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientCreate"
}, {
"name": "Client - Audit Example of a basic patient identifiable Create of a Report with no user",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicCreateNoUserReport"
},
"description": "Audit Example for a RESTful Create of a Report (document) resource with a patient subject with no user. This might be a B2B exchange where the OAuth token just identifies the requesting organization.\n\n- recorded by the client - ex-device\n- server is FHIR application server defined by ex-device\n- client is an app on myMachine on myMachine\n- patient is ex-patient\n- created resource is ex-documentreference",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientCreate"
}, {
"name": "Client - Audit Example of a basic patient identifiable Create with no user",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicCreateNoUser"
},
"description": "Audit Example for a RESTful Create of a resource with a patient subject with no user. This might be a B2B exchange where the OAuth token just identifies the requesting organization.\n\n- recorded by the client - ex-device\n- server is FHIR application server defined by ex-device\n- client is an app on myMachine on myMachine\n- patient is ex-patient\n- created resource is ex-list",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientCreate"
}, {
"name": "Client - Audit Example of a basic patient identifiable Delete",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicDelete2"
},
"description": "Audit Example for a RESTful Delete of a resource with a patient subject\n\n- recorded by the client\n- client is an app on myMachine\n- user is an Custodian Charley Miller\n- patient is identified as ex-patient\n- deleted object is ex-list",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientDelete"
}, {
"name": "Client - Audit Example of a basic patient identifiable Delete at Client",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicDeleteClient"
},
"description": "Audit Example for a RESTful Delete of a resource with a patient subject\n\n- recorded by the client peer [server](AuditEvent-ex-auditBasicDeleteServer.html)\n- client is an app on myMachine\n- user is the Author John Smith\n- patient is identified as ex-patient\n- deleted object is ex-list",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientDelete"
}, {
"name": "Client - Audit Example of a basic patient identifiable Delete of a Job with no user",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicDeleteNoUserJob"
},
"description": "Audit Example for a RESTful Delete of a Job (document) resource with a patient subject with no user. This might be a B2B exchange where the OAuth token just identifies the requesting organization.\n\n- recorded by the client\n- client is an app on myMachine\n- user is NOT specified. \n- patient is identified as ex-patient\n- deleted Job is ex-documentreference",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientDelete"
}, {
"name": "Client - Audit Example of a basic patient identifiable Delete of a Report with no user",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicDeleteNoUserReport"
},
"description": "Audit Example for a RESTful Delete of a Report (document) resource with a patient subject with no user. This might be a B2B exchange where the OAuth token just identifies the requesting organization.\n\n- recorded by the client\n- client is an app on myMachine\n- user is NOT specified. \n- patient is identified as ex-patient\n- deleted Report is ex-documentreference",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientDelete"
}, {
"name": "Client - Audit Example of a basic patient identifiable Delete with no user",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicDeleteNoUser"
},
"description": "Audit Example for a RESTful Delete of a resource with a patient subject with no user. This might be a B2B exchange where the OAuth token just identifies the requesting organization.\n\n- recorded by the client\n- client is an app on myMachine\n- user is NOT specified. \n- patient is identified as ex-patient\n- deleted object is ex-list",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientDelete"
}, {
"name": "Client - Audit Example of a basic patient identifiable Query (GET)",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicQueryGetClient"
},
"description": "Audit Example for a RESTful Query using GET with a patient subject, recorded by the Client\n- recorded by the client\n - see same event as recorded by the [server](AuditEvent-ex-auditBasicQueryGetServer.html)\n- server is FHIR application server defined by ex-device\n- client is a computer at myMachine.example.org\n- user is John Smith\n- query is for an Observation for given patient\n- patient is specified\n- X-Request-Id is specified",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientQuery"
}, {
"name": "Client - Audit Example of a basic patient identifiable read",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicReadClient"
},
"description": "Audit Example for a RESTful read of a resource with a patient subject\n\n- recorded by the client peer [server](AuditEvent-ex-auditBasicReadServer.html)\n- server is FHIR application server defined by ex-device\n- client is an app on myMachine on myMachine\n- user is John Smith\n- patient is ex-patient\n- read resource is ex-list\n- x-request-id is 76d148b6-586d-11ec-bf63-0242ac130002",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientRead"
}, {
"name": "Dummy Consent example",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "Consent"
} ],
"reference": {
"reference": "Consent/ex-consent"
},
"description": "Dummy Consent example for completeness sake. No actual use of this resource other than an example target",
"exampleBoolean": true
}, {
"name": "Dummy Device authorization service example",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "Device"
} ],
"reference": {
"reference": "Device/ex-authz"
},
"description": "Dummy Device authorization service example for completeness sake. No actual use of this resource other than an example target",
"exampleBoolean": true
}, {
"name": "Dummy Device example",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "Device"
} ],
"reference": {
"reference": "Device/ex-device"
},
"description": "Dummy Device example for completeness sake. No actual use of this resource other than an example target",
"exampleBoolean": true
}, {
"name": "Dummy DocumentReference 2 example",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "DocumentReference"
} ],
"reference": {
"reference": "DocumentReference/ex-documentreference2"
},
"description": "Dummy DocumentReference 2 example for completeness sake. No actual use of this resource other than an example target",
"exampleBoolean": true
}, {
"name": "Dummy DocumentReference example",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "DocumentReference"
} ],
"reference": {
"reference": "DocumentReference/ex-documentreference"
},
"description": "Dummy DocumentReference example for completeness sake. No actual use of this resource other than an example target",
"exampleBoolean": true
}, {
"name": "Dummy List example",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "List"
} ],
"reference": {
"reference": "List/ex-list"
},
"description": "Dummy List example for completeness sake. No actual use of this resource other than an example target",
"exampleBoolean": true
}, {
"name": "Dummy MeasureReport example",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "MeasureReport"
} ],
"reference": {
"reference": "MeasureReport/ex-measurereport"
},
"description": "Dummy MeasureReport example for completeness sake. No actual use of this resource other than an example target that is NOT patient specific.",
"exampleBoolean": true
}, {
"name": "Dummy Organization example",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "Organization"
} ],
"reference": {
"reference": "Organization/ex-organization"
},
"description": "Dummy Organization example for completeness sake. No actual use of this resource other than an example target",
"exampleBoolean": true
}, {
"name": "Dummy Patient example",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "Patient"
} ],
"reference": {
"reference": "Patient/ex-patient"
},
"description": "Dummy patient example for completeness sake. No actual use of this resource other than an example target",
"exampleBoolean": true
}, {
"name": "Dummy Practitioner example",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "Practitioner"
} ],
"reference": {
"reference": "Practitioner/ex-practitioner"
},
"description": "Dummy Practitioner example for completeness sake. No actual use of this resource other than an example target",
"exampleBoolean": true
}, {
"name": "Entity Types that are defined in IHE BasicAudit",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "CodeSystem"
} ],
"reference": {
"reference": "CodeSystem/BasicAuditEntityType"
},
"description": "These are new codes used in BasicAudit IG, where AuditEvent.entity is used to hold a specific kind of data that is not covered by the existing valueSet.",
"exampleBoolean": false
}, {
"name": "Entity Types used by IHE BasicAudit",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "ValueSet"
} ],
"reference": {
"reference": "ValueSet/BasicAuditEntityTypesVS"
},
"description": "For use with AuditEvent.entity.type. This includes codes defined in the BasicAudit.",
"exampleBoolean": false
}, {
"name": "Example document that says: Hello World",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "Binary"
} ],
"reference": {
"reference": "Binary/ex-b-binary"
},
"description": "Dummy Binary that just says Hello World",
"exampleBoolean": true
}, {
"name": "IHE ATNA Audit Record Repository supporting BALP Content",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "CapabilityStatement"
} ],
"reference": {
"reference": "CapabilityStatement/IHE.BALP.ATNA.AuditRecordRepository"
},
"description": "CapabilityStatement for [ATNA](https://profiles.ihe.net/ITI/TF/Volume1/ch-9.html) Audit Record Repository Actor with the ATNA ATX:FHIR Feed Option and Retrieve Audit Message Option defined in [RESTful-ATNA Supplement](https://www.ihe.net/uploadedFiles/Documents/ITI/IHE_ITI_Suppl_RESTful-ATNA.pdf) that also has support for BALP Content.\n\nThis Actor is derived off of the ATNA Audit Record Repository actor that is not yet defined fully in an IG. This CapabilityStatement does not represent a formal Actor, but rather a system that has grouped ATNA and BALP.",
"exampleBoolean": false
}, {
"name": "IHE BALP Audit Consumer",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "CapabilityStatement"
} ],
"reference": {
"reference": "CapabilityStatement/IHE.BALP.AuditConsumer"
},
"description": "CapabilityStatement for [Audit Consumer](volume-1.html#152112-audit-consumer) Actor in [BALP](index.html).\n\nThis CapabilityStatement replicates the requirements that would come from the ATNA **Audit Consumer* actor supporting **ATNA Retrieve Audit Message Option**.",
"exampleBoolean": false
}, {
"name": "IHE BALP Audit Creator",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "CapabilityStatement"
} ],
"reference": {
"reference": "CapabilityStatement/IHE.BALP.AuditCreator"
},
"description": "CapabilityStatement for [Audit Creator](volume-1.html#152111-audit-creator) Actor in [BALP](index.html).\n\nThis Actor is derived off of the **ATNA Secure Application** or **Secure Node** actor with **ATNA ATX:FHIR Feed Option** using ITI-20.",
"exampleBoolean": false
}, {
"name": "IHE IUA ITI-71 AuditEvent for a successful Get Access Token",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "StructureDefinition:resource"
} ],
"reference": {
"reference": "StructureDefinition/IHE.IUA.71"
},
"description": "Defines constraints on the AuditEvent Resource to record when a ITI-71 - Get Access Token succeeds\n\nThis AuditEvent is recorded by Authorization Client and/or Authorization Server that are grouped with ATNA Secure Node or Secure Application.\n- User Authenticated event\n- ITI-71 subtype\n- 2 or 3 agents\n - client - \n - auth-server\n - user user\n- 1 entity \n - the access token request",
"exampleBoolean": false
}, {
"name": "oAuth Client - Audit Example of a basic patient identifiable read",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicReadOClient"
},
"description": "Audit Example for a oAuth authorized RESTful read of a resource with a patient subject\n\n- This example is otherwise the same as [client](AuditEvent-ex-auditBasicReadClient.html) \n- client logs using the OAUTHaccessTokenUseOpaque profile as it doesn't have access to the details",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.OAUTHaccessTokenUse.Opaque"
}, {
"name": "oAuth Server - Audit Example of a basic patient identifiable read",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicReadOServer"
},
"description": "Audit Example for a oAuth authorized RESTful read of a resource with a patient subject\n\n- This example is otherwise the same as [server](AuditEvent-ex-auditBasicReadServer.html)\n- server has access to the oAuth token details so uses IUAaccessOAUTHaccessTokenUseComprehensiveTokenUse profile\n- TODO. Sushi has issues that prevent me from including all the agent entries, so this just has the agent entries for the oAuth profile and not the Read profile\n - should also be a Destination and Source agent",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.OAUTHaccessTokenUse.Comprehensive"
}, {
"name": "oAuth Server Minimal - Audit Example of a basic patient identifiable read",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicReadOServerMin"
},
"description": "Audit Example for minimally recorded oAuth authorized RESTful read of a resource with a patient subject\n\n- This example is otherwise the same as [server](AuditEvent-ex-auditBasicReadServer.html)\n- server has access to the oAuth token details but policy requests minimal recorded so uses IUAaccessOAUTHaccessTokenUseMinimalTokenUse profile\n- TODO. Sushi has issues that prevent me from including all the agent entries, so this just has the agent entries for the oAuth profile and not the Read profile\n - should also be a Destination and Source agent",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.OAUTHaccessTokenUse.Minimal"
}, {
"name": "Other Id Types ValueSet",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "ValueSet"
} ],
"reference": {
"reference": "ValueSet/OtherIdentifierTypesVS"
},
"description": "ValueSet of the Other Id Types allowed",
"exampleBoolean": false
}, {
"name": "OtherId Identifier Types",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "CodeSystem"
} ],
"reference": {
"reference": "CodeSystem/OtherIdentifierTypes"
},
"description": "OtherId Types beyond those in the FHIR core",
"exampleBoolean": false
}, {
"name": "participant source types for RESTful create",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "ValueSet"
} ],
"reference": {
"reference": "ValueSet/DataSources"
},
"description": "create agent participant types for user operators that are in REST",
"exampleBoolean": false
}, {
"name": "RESTful objects role in the event",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "ValueSet"
} ],
"reference": {
"reference": "ValueSet/RestObjectRoles"
},
"description": "The role that the given Object played in the Audit Event recorded",
"exampleBoolean": false
}, {
"name": "SAML example from CareQuality",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "DocumentReference"
} ],
"reference": {
"reference": "DocumentReference/Dr-SAML-QDI"
},
"description": "Example of a SAML assertion as seen in CareQuality.",
"exampleBoolean": true
}, {
"name": "Server - Audit Example of a basic Create",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicCreateNoPatient"
},
"description": "Audit Example for a RESTful Create of a resource with No patient subject. This example is a summary measure report.\n\n- recorded by the client\n- server is FHIR application server defined by ex-device\n- client is an app on myMachine on myMachine\n- user is John Smith\n- created resource is ex-measurereport",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Create"
}, {
"name": "Server - Audit Example of a basic object Delete at server",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicDeleteNoPatient"
},
"description": "Audit Example for a RESTful Delete of a resource that is NOT patient specific\n\n- recorded by the server\n- client is an app on myMachine\n- user is the Author John Smith\n- deleted object is ex-measurereport that is a summary FEMA COVID report draft",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Delete"
}, {
"name": "Server - Audit Example of a basic patient identifiable Create",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicCreateServer"
},
"description": "Audit Example for a RESTful Create of a resource with a patient subject\n\n- recorded by the server with [client](AuditEvent-ex-auditBasicCreateClient.html)\n- server is FHIR application server defined by ex-device\n- client is an app on myMachine on myMachine\n- user is John Smith\n- patient is ex-patient\n- created resource is ex-list",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientCreate"
}, {
"name": "Server - Audit Example of a basic patient identifiable Create by a custodian",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicCreate2"
},
"description": "Audit Example for a RESTful Create of a resource with a patient subject by a custodian\n\n- recorded by the server\n- server is FHIR application server defined by ex-device\n- client is an app on myMachine on myMachine\n- user is an Custodian Charley Miller\n- patient is ex-patient\n- created resource is ex-list",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientCreate"
}, {
"name": "Server - Audit Example of a basic patient identifiable Create by an informant",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicCreate1"
},
"description": "Audit Example for a RESTful Create of a resource with a patient subject by an informant\n\n- recorded by the server\n- server is FHIR application server defined by ex-device\n- client is an app on myMachine on myMachine\n- user is an Informant Betty Jones\n- patient is ex-patient\n- created resource is ex-list",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientCreate"
}, {
"name": "Server - Audit Example of a basic patient identifiable Delete at server",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicDeleteServer"
},
"description": "Audit Example for a RESTful Delete of a resource with a patient subject\n\n- recorded by the server peer [client](AuditEvent-ex-auditBasicDeleteClient.html)\n- client is an app on myMachine\n- user is the Author John Smith\n- patient is identified as ex-patient\n- deleted object is ex-list",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientDelete"
}, {
"name": "Server - Audit Example of a basic patient identifiable Delete by Informant",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicDeleteInformant"
},
"description": "Audit Example for a RESTful Delete of a resource with a patient subject\n\n- recorded by the server\n- server is FHIR application server defined by ex-device\n- client is an app on myMachine on myMachine\n- user is an Informant Betty Jones\n- patient is identified as ex-patient\n- deleted object is ex-list",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientDelete"
}, {
"name": "Server - Audit Example of a basic patient identifiable Query (GET)",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicQueryGetServer"
},
"description": "Audit Example for a RESTful Query using GET with a patient subject, recorded by the Server\n- recorded by the server \n - see same event as recorded by the [client](AuditEvent-ex-auditBasicQueryGetClient.html)\n- server is FHIR application server defined by ex-device\n- client is a computer at myMachine.example.org\n- user is John Smith\n- query is for an Observation for given patient\n- patient is specified\n- X-Request-Id is specified",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientQuery"
}, {
"name": "Server - Audit Example of a basic patient identifiable Query (POST)",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicQueryPost"
},
"description": "Audit Example for a RESTful Query using POST with a patient subject, recorded by the server\n- recorded by the server\n- server is FHIR application server defined by ex-device\n- client is a computer at myMachine.example.org\n- user is John Smith\n- query is for an Observation for given patient\n- patient is specified",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientQuery"
}, {
"name": "Server - Audit Example of a basic patient identifiable read",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicReadNoPatient"
},
"description": "Audit Example for a RESTful read of a resource with no patient subject\n\n- recorded by the server\n- server is FHIR application server defined by ex-device\n- client is an app on myMachine on myMachine\n- user is John Smith\n- read resource is ex-measurereport",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Read"
}, {
"name": "Server - Audit Example of a basic patient identifiable read",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicReadServer"
},
"description": "Audit Example for a RESTful read of a resource with a patient subject\n\n- recorded by the server peer [client](AuditEvent-ex-auditBasicReadClient.html)\n- server is FHIR application server defined by ex-device\n- client is an app on myMachine on myMachine\n- user is John Smith\n- patient is ex-patient\n- read resource is ex-list\n- x-request-id is 76d148b6-586d-11ec-bf63-0242ac130002",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientRead"
}, {
"name": "Server - Audit Example of a basic patient identifiable read with no user",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicReadNoUser"
},
"description": "Audit Example for a RESTful read of a resource with a patient subject with no user. This might be a B2B exchange where the OAuth token just identifies the requesting organization.\n\n- recorded by the server\n- server is FHIR application server defined by ex-device\n- client is an app on myMachine on myMachine\n- user is John Smith\n- patient is ex-patient\n- read resource is ex-list\n- x-request-id is c07cf648-f068-4dd9-9411-8e69ca07d525",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientRead"
}, {
"name": "Server - Audit Example of a basic patient identifiable Update by the custodian",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicUpdate2"
},
"description": "Audit Example for a RESTful Update of a resource with a patient subject, updated by the custodian.\n\n- recorded by the server\n- server is FHIR application server defined by ex-device defined by ex-device\n- client is an app on myMachine on myMachine\n- user is an Custodian Charley Miller\n- patient is ex-patient\n- created resource is ex-list",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientUpdate"
}, {
"name": "Server - Audit Example of a basic patient identifiable Update by the informant",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicUpdate1"
},
"description": "Audit Example for a RESTful Update by the informant of a resource with a patient subject\n\n- recorded by the server\n- server is FHIR application server defined by ex-device defined by ex-device\n- client is an app on myMachine on myMachine\n- user is an Informant Betty Jones\n- patient is ex-patient\n- created resource is ex-list",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientUpdate"
}, {
"name": "Server - Audit Example of a basic patient identifiable Update of a Job with no user",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicUpdateNoUserJob"
},
"description": "Audit Example for a RESTful Update of a Job (document) resource with a patient subject with no user. This might be a B2B exchange where the OAuth token just identifies the requesting organization.\n\n- recorded by the server\n- server is FHIR application server defined by ex-device defined by ex-device\n- client is an app on myMachine on myMachine\n- patient is ex-patient\n- created Job is ex-documentreference",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientUpdate"
}, {
"name": "Server - Audit Example of a basic patient identifiable Update of a Report with no user",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicUpdateNoUserReport"
},
"description": "Audit Example for a RESTful Update of a Report (document) resource with a patient subject with no user. This might be a B2B exchange where the OAuth token just identifies the requesting organization.\n\n- recorded by the server\n- server is FHIR application server defined by ex-device defined by ex-device\n- client is an app on myMachine on myMachine\n- patient is ex-patient\n- created report is ex-documentreference",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientUpdate"
}, {
"name": "Server - Audit Example of a basic patient identifiable Update using Patch",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicPatch"
},
"description": "Audit Example for a RESTful Update using Patch of a resource with a patient subject\n\n- recorded by the server\n- server is FHIR application server defined by ex-device\n- client is an app on myMachine on myMachine\n- user is John Smith\n- patient is ex-patient\n- created resource is ex-list",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientUpdate"
}, {
"name": "Server - Audit Example of a basic patient identifiable Update with no user",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicUpdateNoUser"
},
"description": "Audit Example for a RESTful Update of a resource with a patient subject with no user. This might be a B2B exchange where the OAuth token just identifies the requesting organization.\n\n- recorded by the server\n- server is FHIR application server defined by ex-device defined by ex-device\n- client is myMachine\n- patient is ex-patient\n- created resource is ex-list",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientUpdate"
}, {
"name": "Server - Audit Example of a basic Query (GET)",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicQueryGetNoPatient"
},
"description": "Audit Example for a RESTful Query using GET with NO patient subject, recorded by the Server.\n- recorded by the server\n- server is FHIR application server defined by ex-device\n- client is a computer at myMachine.example.org\n- user is John Smith\n- query is for a MeasureReport\n- X-Request-Id is specified",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Query"
}, {
"name": "Server - Audit Example of a basic Update of a measure report",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "AuditEvent"
} ],
"reference": {
"reference": "AuditEvent/ex-auditBasicUpdateNoPatient"
},
"description": "Audit Example for a RESTful Update of a Measure Report resource. This might be a B2B exchange where the OAuth token just identifies the requesting organization.\n\n- recorded by the server\n- server is FHIR application server defined by ex-device defined by ex-device\n- client is an app on myMachine on myMachine\n- user is John Smith\n- created resource is ex-measurereport",
"exampleCanonical": "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Update"
}, {
"name": "The code used to identifiy a User Agent",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/resource-information",
"valueString": "CodeSystem"
} ],
"reference": {
"reference": "CodeSystem/UserAgentTypes"
},
"description": "Code used to identify the User Agent.\nDefined codes for SAML vs OAuth to enable differentiation of .policy as the token ID",
"exampleBoolean": false
} ],
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "copyrightyear"
}, {
"url": "value",
"valueString": "2022+"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "releaselabel"
}, {
"url": "value",
"valueString": "Trial-Implementation"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "show-inherited-invariants"
}, {
"url": "value",
"valueString": "false"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "usage-stats-opt-out"
}, {
"url": "value",
"valueString": "false"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "logging"
}, {
"url": "value",
"valueString": "progress"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "shownav"
}, {
"url": "value",
"valueString": "true"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "active-tables"
}, {
"url": "value",
"valueString": "false"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "apply-contact"
}, {
"url": "value",
"valueString": "true"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "apply-jurisdiction"
}, {
"url": "value",
"valueString": "true"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "apply-publisher"
}, {
"url": "value",
"valueString": "true"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "apply-version"
}, {
"url": "value",
"valueString": "true"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "autoload-resources"
}, {
"url": "value",
"valueString": "true"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "path-binary"
}, {
"url": "value",
"valueString": "input/saml"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "path-liquid"
}, {
"url": "value",
"valueString": "template/liquid"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "path-liquid"
}, {
"url": "value",
"valueString": "input/liquid"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "path-qa"
}, {
"url": "value",
"valueString": "temp/qa"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "path-temp"
}, {
"url": "value",
"valueString": "temp/pages"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "path-output"
}, {
"url": "value",
"valueString": "output"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "path-suppressed-warnings"
}, {
"url": "value",
"valueString": "input/ignoreWarnings.txt"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "path-history"
}, {
"url": "value",
"valueString": "https://profiles.ihe.net/ITI/BALP/history.html"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "template-html"
}, {
"url": "value",
"valueString": "template-page.html"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "template-md"
}, {
"url": "value",
"valueString": "template-page-md.html"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "apply-context"
}, {
"url": "value",
"valueString": "true"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "apply-copyright"
}, {
"url": "value",
"valueString": "true"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "apply-license"
}, {
"url": "value",
"valueString": "true"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "apply-wg"
}, {
"url": "value",
"valueString": "true"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "fmm-definition"
}, {
"url": "value",
"valueString": "http://hl7.org/fhir/versions.html#maturity"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "propagate-status"
}, {
"url": "value",
"valueString": "true"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "excludelogbinaryformat"
}, {
"url": "value",
"valueString": "true"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueString": "tabbed-snapshots"
}, {
"url": "value",
"valueString": "true"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-internal-dependency",
"valueCode": "hl7.fhir.uv.tools#0.1.0"
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "copyrightyear"
}, {
"url": "value",
"valueString": "2022+"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "releaselabel"
}, {
"url": "value",
"valueString": "Trial-Implementation"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "show-inherited-invariants"
}, {
"url": "value",
"valueString": "false"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "usage-stats-opt-out"
}, {
"url": "value",
"valueString": "false"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "logging"
}, {
"url": "value",
"valueString": "progress"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "shownav"
}, {
"url": "value",
"valueString": "true"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "active-tables"
}, {
"url": "value",
"valueString": "false"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "apply-contact"
}, {
"url": "value",
"valueString": "true"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "apply-jurisdiction"
}, {
"url": "value",
"valueString": "true"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "apply-publisher"
}, {
"url": "value",
"valueString": "true"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "apply-version"
}, {
"url": "value",
"valueString": "true"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "autoload-resources"
}, {
"url": "value",
"valueString": "true"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "path-binary"
}, {
"url": "value",
"valueString": "input/saml"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "path-liquid"
}, {
"url": "value",
"valueString": "template/liquid"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "path-liquid"
}, {
"url": "value",
"valueString": "input/liquid"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "path-qa"
}, {
"url": "value",
"valueString": "temp/qa"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "path-temp"
}, {
"url": "value",
"valueString": "temp/pages"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "path-output"
}, {
"url": "value",
"valueString": "output"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "path-suppressed-warnings"
}, {
"url": "value",
"valueString": "input/ignoreWarnings.txt"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "path-history"
}, {
"url": "value",
"valueString": "https://profiles.ihe.net/ITI/BALP/history.html"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "template-html"
}, {
"url": "value",
"valueString": "template-page.html"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "template-md"
}, {
"url": "value",
"valueString": "template-page-md.html"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "apply-context"
}, {
"url": "value",
"valueString": "true"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "apply-copyright"
}, {
"url": "value",
"valueString": "true"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "apply-license"
}, {
"url": "value",
"valueString": "true"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "apply-wg"
}, {
"url": "value",
"valueString": "true"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "fmm-definition"
}, {
"url": "value",
"valueString": "http://hl7.org/fhir/versions.html#maturity"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "propagate-status"
}, {
"url": "value",
"valueString": "true"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "excludelogbinaryformat"
}, {
"url": "value",
"valueString": "true"
} ]
}, {
"url": "http://hl7.org/fhir/tools/StructureDefinition/ig-parameter",
"extension": [ {
"url": "code",
"valueCode": "tabbed-snapshots"
}, {
"url": "value",
"valueString": "true"
} ]
} ],
"parameter": [ {
"code": "path-resource",
"value": "fsh-generated/resources"
}, {
"code": "path-resource",
"value": "input/capabilities"
}, {
"code": "path-resource",
"value": "input/examples"
}, {
"code": "path-resource",
"value": "input/extensions"
}, {
"code": "path-resource",
"value": "input/models"
}, {
"code": "path-resource",
"value": "input/operations"
}, {
"code": "path-resource",
"value": "input/profiles"
}, {
"code": "path-resource",
"value": "input/resources"
}, {
"code": "path-resource",
"value": "input/vocabulary"
}, {
"code": "path-resource",
"value": "input/testing"
}, {
"code": "path-resource",
"value": "input/history"
}, {
"code": "path-pages",
"value": "template/config"
}, {
"code": "path-pages",
"value": "input/images"
}, {
"code": "path-tx-cache",
"value": "input-cache/txcache"
} ]
},
"date": "2024-02-16",
"publisher": "IHE IT Infrastructure Technical Committee",
"fhirVersion": [ "4.0.1" ],
"license": "CC-BY-4.0",
"jurisdiction": [ {
"coding": [ {
"code": "001",
"system": "http://unstats.un.org/unsd/methods/m49/m49.htm"
} ]
} ],
"dependsOn": [ {
"id": "hl7tx",
"uri": "http://terminology.hl7.org/ImplementationGuide/hl7.terminology",
"version": "5.3.0",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/implementationguide-dependency-comment",
"valueMarkdown": "Automatically added as a dependency - all IGs depend on HL7 Terminology"
} ],
"packageId": "hl7.terminology.r4"
}, {
"id": "hl7ext",
"uri": "http://hl7.org/fhir/extensions/ImplementationGuide/hl7.fhir.uv.extensions",
"version": "1.0.0",
"extension": [ {
"url": "http://hl7.org/fhir/tools/StructureDefinition/implementationguide-dependency-comment",
"valueMarkdown": "Automatically added as a dependency - all IGs depend on the HL7 Extension Pack"
} ],
"packageId": "hl7.fhir.uv.extensions.r4"
} ],
"name": "IHE_ITI_BALP",
"type": null,
"experimental": null,
"resourceType": "ImplementationGuide",
"title": "Basic Audit Log Patterns (BALP)",
"package_version": "1.1.3",
"status": "active",
"id": "b2ca573d-8a76-4e64-97de-a1183c146406",
"kind": null,
"url": "https://profiles.ihe.net/ITI/BALP/ImplementationGuide/ihe.iti.balp",
"version": "1.1.3",
"packageId": "ihe.iti.balp",
"contact": [ {
"name": "IHE IT Infrastructure Technical Committee",
"telecom": [ {
"value": "https://www.ihe.net/ihe_domains/it_infrastructure/",
"system": "url"
}, {
"value": "iti@ihe.net",
"system": "email"
} ]
}, {
"name": "IHE IT Infrastructure Technical Committee",
"telecom": [ {
"value": "iti@ihe.net",
"system": "email"
} ]
} ]
}