Server - Audit Example of a basic patient identifiable Query (POST)

Basic Audit Log Patterns (BALP)
1.1.3 - Trial-Implementation International flag

This page is part of the IHE Basic Audit Log Patterns (BALP) (v1.1.3: Publication) based on FHIR (HL7® FHIR® Standard) R4. This is the current published version. For a full list of available versions, see the Directory of published versions

Example AuditEvent: Server - Audit Example of a basic patient identifiable Query (POST)

Audit Example for a RESTful Query using POST with a patient subject, recorded by the server

recorded by the server
server is FHIR application server defined by ex-device
client is a computer at myMachine.example.org
user is John Smith
query is for an Observation for given patient
patient is specified

The search received, and thus recorded:

POST /r4/Observation/_search HTTP/1.1
Host: test.fhir.org
Content-Type: application/x-www-form-urlencoded
Accept: application/fhir+json; fhirVersion=4.0
Content-Length: 87

patient=ex-patient&_lastUpdated=gt2020-11-06T21:52:30.300Z&_sort=_lastUpdated&_count=10

Generated Narrative: AuditEvent

Resource AuditEvent "ex-auditBasicQueryPost"

Profile: Basic AuditEvent for a successful Query with Patient

Security Labels: http://terminology.hl7.org/CodeSystem/v3-ActReason

type: Restful Operation (Details: http://terminology.hl7.org/CodeSystem/audit-event-type code rest = 'RESTful Operation', stated as 'Restful Operation')

subtype: search-type (Details: http://hl7.org/fhir/restful-interaction code search-type = 'search-type', stated as 'search-type')

action: E

recorded: Apr 29, 2020, 4:49:00 AM

outcome: 0

agent
type: Source Role ID (DICOM#110153)
who: : myMachine.example.org
requestor: false
Networks
- Address Type
* 2001:0db8:85a3:0000:0000:8a2e:0370:7334 2

agent
type: Destination Role ID (DICOM#110152)
who: Device/ex-device
requestor: false
Networks
- Address Type
* http://server.example.com/fhir 5

agent
type: information recipient (ParticipationType#IRCP)
who: : John Smith
requestor: true

Sources

Site

Observer

Type

server.example.com

Device/ex-device

Application Server (Details: http://terminology.hl7.org/CodeSystem/security-source-type code 4 = 'Application Server', stated as 'Application Server')

entity
type: System Object (Details: http://terminology.hl7.org/CodeSystem/audit-entity-type code 2 = 'System Object', stated as 'System Object')
role: Query (Details: http://terminology.hl7.org/CodeSystem/object-role code 24 = 'Query', stated as 'Query')
description: POST /r4/Observation/_search HTTP/1.1 Host: test.fhir.org Content-Type: application/x-www-form-urlencoded Accept: application/fhir+json; fhirVersion=4.0 Content-Length: 87 patient=ex-patient&_lastUpdated=gt2020-11-06T21:52:30.300Z&_sort=_lastUpdated&_count=10
query: (base64 data - 264 bytes)

entity
what: Patient/ex-patient " SCHMIDT"
type: Person (Details: http://terminology.hl7.org/CodeSystem/audit-entity-type code 1 = 'Person', stated as 'Person')
role: Patient (Details: http://terminology.hl7.org/CodeSystem/object-role code 1 = 'Patient', stated as 'Patient')

<prev

top

next>

IG © 2022+ IHE IT Infrastructure Technical Committee. Package ihe.iti.balp#1.1.3 based on FHIR 4.0.1. Generated 2024-02-14
Links: Table of Contents | QA Report | New Issue | Issues Version History | | Propose a change external