Basic Audit Log Patterns (BALP)
1.1.3 - Trial-Implementation International flag

This page is part of the IHE Basic Audit Log Patterns (BALP) (v1.1.3: Publication) based on FHIR (HL7® FHIR® Standard) R4. This is the current published version. For a full list of available versions, see the Directory of published versions

Example AuditEvent: Audit Example of a basic Authorization Deny access

Generated Narrative: AuditEvent

Resource AuditEvent "ex-auditAuthZconsent-deny"

Profile: Basic AuditEvent pattern for when an Authorization permit is decided

Security Labels:

type: Security Alert (Details: DICOM code 110113 = 'Security Alert', stated as 'Security Alert')

subtype: Authorization Decision using Roles and Consent (Details: code AuthZ-Consent = 'Authorization Decision using Roles and Consent', stated as 'null')

action: E

recorded: Dec 27, 2021, 3:49:00 AM

outcome: 8

outcomeDesc: Consent denied access to this user


type: Application (DICOM#110150)

who: Device/ex-device

requestor: false




type: information recipient (ParticipationType#IRCP)

who: Practitioner/ex-practitioner

requestor: true

purposeOfUse: patient requested (ActReason#PATRQT)


type: healthcare provider (RoleClass#PROV)

who: Organization/ex-organization "nowhere"

requestor: false


type: Authorization Server (Security Role Type#authserver)

who: Device/ex-authz

requestor: false


*server.example.comDevice/ex-authzSecurity Server (Details: code 6 = 'Security Server', stated as 'Security Server')


what: Patient/ex-patient " SCHMIDT"

type: Person (Details: code 1 = 'Person', stated as 'null')

role: Patient (Details: code 1 = 'Patient', stated as 'Patient')


what: Consent/ex-consent

type: Consent (Details: code Consent = 'Consent', stated as 'null')