Basic Audit Log Patterns (BALP)
1.1.3 - Trial-Implementation International flag

This page is part of the IHE Basic Audit Log Patterns (BALP) (v1.1.3: Publication) based on FHIR (HL7® FHIR® Standard) R4. This is the current published version. For a full list of available versions, see the Directory of published versions

: Audit Example of a basic SAML access token of comprehensive - XML Representation

Raw xml | Download



<AuditEvent xmlns="http://hl7.org/fhir">
  <id value="ex-auditPoke-SAML-Comp"/>
  <meta>
    <profile
             value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.SAMLaccessTokenUse.Comprehensive"/>
    <security>
      <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
      <code value="HTEST"/>
    </security>
  </meta>
  <text>
    <status value="extensions"/>
    <div xmlns="http://www.w3.org/1999/xhtml"><p><b>Generated Narrative: AuditEvent</b><a name="ex-auditPoke-SAML-Comp"> </a></p><div style="display: inline-block; background-color: #d9e0e7; padding: 6px; margin: 4px; border: 1px solid #8da1b4; border-radius: 5px; line-height: 60%"><p style="margin-bottom: 0px">Resource AuditEvent &quot;ex-auditPoke-SAML-Comp&quot; </p><p style="margin-bottom: 0px">Profile: <a href="StructureDefinition-IHE.BasicAudit.SAMLaccessTokenUse.Comprehensive.html">Basic AuditEvent pattern for when an activity was authorized by an SAML access token Comprehensive</a></p><p style="margin-bottom: 0px">Security Labels: <span title="{http://terminology.hl7.org/CodeSystem/v3-ActReason http://terminology.hl7.org/CodeSystem/v3-ActReason}">http://terminology.hl7.org/CodeSystem/v3-ActReason</span></p></div><p><b>type</b>: Application Activity (Details: DICOM code 110100 = 'Application Activity', stated as 'Application Activity')</p><p><b>subtype</b>: Boredom poke (Details: urn:ietf:rfc:1438 code poke = 'poke', stated as 'Boredom poke')</p><p><b>action</b>: R</p><p><b>recorded</b>: Dec 3, 2021, 3:49:00 AM</p><p><b>outcome</b>: 0</p><blockquote><p><b>agent</b></p><p><b>AuditEvent.agent Assurance Level</b>: high authentication process level of assurance <span style="background: LightGoldenRodYellow; margin: 4px; border: 1px solid khaki"> (<a href="http://terminology.hl7.org/5.3.0/CodeSystem-v3-ObservationValue.html">ObservationValue</a>#LOAAP4)</span></p><p><b>AuditEvent.agent other identifiers</b>: SAML subject-id/JohnDoe</p><p><b>AuditEvent.agent other identifiers</b>: National provider identifier/1234567@myNPIregistry.example.org</p><p><b>AuditEvent.agent other identifiers</b>: Provider number/JohnD</p><p><b>type</b>: information recipient <span style="background: LightGoldenRodYellow; margin: 4px; border: 1px solid khaki"> (<a href="CodeSystem-UserAgentTypes.html">The code used to identifiy a User Agent</a>#UserSamlAgent; <a href="http://terminology.hl7.org/5.3.0/CodeSystem-v3-ParticipationType.html">ParticipationType</a>#IRCP)</span></p><p><b>who</b>: <span><code>https://sts.sykehuspartner.no</code>/05086900124</span></p><p><b>requestor</b>: true</p><p><b>policy</b>: <code>XC4WdYS0W5bjsMGc5Ue6tClD_5U</code></p><p><b>purposeOfUse</b>: patient requested <span style="background: LightGoldenRodYellow; margin: 4px; border: 1px solid khaki"> (<a href="http://terminology.hl7.org/5.3.0/CodeSystem-v3-ActReason.html">ActReason</a>#PATRQT)</span></p></blockquote><blockquote><p><b>agent</b></p><p><b>type</b>: healthcare provider <span style="background: LightGoldenRodYellow; margin: 4px; border: 1px solid khaki"> (<a href="http://terminology.hl7.org/5.3.0/CodeSystem-v3-RoleClass.html">RoleClass</a>#PROV)</span></p><p><b>who</b>: <span>: St. Mary of Examples</span></p><p><b>requestor</b>: false</p></blockquote><blockquote><p><b>agent</b></p><p><b>type</b>: homeCommunityId <span style="background: LightGoldenRodYellow; margin: 4px; border: 1px solid khaki"> (unknown#homeCommunityId)</span></p><p><b>who</b>: <span>homeCommunityId/urn:uuid:cadbf8d0-5493-11ec-bf63-0242ac130002</span></p><p><b>requestor</b>: false</p></blockquote><h3>Sources</h3><table class="grid"><tr><td style="display: none">-</td><td><b>Site</b></td><td><b>Observer</b></td><td><b>Type</b></td></tr><tr><td style="display: none">*</td><td>server.example.com</td><td><a href="Device-ex-device.html">Device/ex-device</a></td><td>Application Server (Details: http://terminology.hl7.org/CodeSystem/security-source-type code 4 = 'Application Server', stated as 'Application Server')</td></tr></table><blockquote><p><b>entity</b></p><p><b>what</b>: <span>urn:uuid:a4b1d27e-5493-11ec-bf63-0242ac130002</span></p><p><b>type</b>: Consent (Details: http://hl7.org/fhir/resource-types code Consent = 'Consent', stated as 'Consent')</p><blockquote><p><b>detail</b></p><p><b>type</b>: urn:ihe:iti:xua:2012:acp</p><p><b>value</b>: urn:uuid:b8aa8eec-5493-11ec-bf63-0242ac130002</p></blockquote><blockquote><p><b>detail</b></p><p><b>type</b>: urn:oasis:names:tc:xacml:2.0:resource:resource-id</p><p><b>value</b>: urn:uuid:d7391e5a-5493-11ec-bf63-0242ac130002</p></blockquote></blockquote></div>
  </text>
  <type>
    <system value="http://dicom.nema.org/resources/ontology/DCM"/>
    <code value="110100"/>
    <display value="Application Activity"/>
  </type>
  <subtype>
    <system value="urn:ietf:rfc:1438"/>
    <code value="poke"/>
    <display value="Boredom poke"/>
  </subtype>
  <action value="R"/>
  <recorded value="2021-12-03T09:49:00.000Z"/>
  <outcome value="0"/>
  <agent>
    <extension
               url="https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-assuranceLevel">
      <valueCodeableConcept>
        <coding>
          <system
                  value="http://terminology.hl7.org/CodeSystem/v3-ObservationValue"/>
          <code value="LOAAP4"/>
        </coding>
      </valueCodeableConcept>
    </extension>
    <extension
               url="https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-otherId">
      <valueIdentifier>
        <type>
          <coding>
            <system
                    value="https://profiles.ihe.net/ITI/BALP/CodeSystem/OtherIdentifierTypes"/>
            <code value="SAML-subject-id"/>
          </coding>
        </type>
        <value value="JohnDoe"/>
      </valueIdentifier>
    </extension>
    <extension
               url="https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-otherId">
      <valueIdentifier>
        <type>
          <coding>
            <system value="http://terminology.hl7.org/CodeSystem/v2-0203"/>
            <code value="NPI"/>
          </coding>
        </type>
        <value value="1234567@myNPIregistry.example.org"/>
      </valueIdentifier>
    </extension>
    <extension
               url="https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-otherId">
      <valueIdentifier>
        <type>
          <coding>
            <system value="http://terminology.hl7.org/CodeSystem/v2-0203"/>
            <code value="PRN"/>
          </coding>
        </type>
        <value value="JohnD"/>
      </valueIdentifier>
    </extension>
    <type>
      <coding>
        <system
                value="https://profiles.ihe.net/ITI/BALP/CodeSystem/UserAgentTypes"/>
        <code value="UserSamlAgent"/>
      </coding>
      <coding>
        <system
                value="http://terminology.hl7.org/CodeSystem/v3-ParticipationType"/>
        <code value="IRCP"/>
        <display value="information recipient"/>
      </coding>
    </type>
    <who>
      <identifier>
        <system value="https://sts.sykehuspartner.no"/>
        <value value="05086900124"/>
      </identifier>
    </who>
    <requestor value="true"/>
    <policy value="XC4WdYS0W5bjsMGc5Ue6tClD_5U"/>
    <purposeOfUse>
      <coding>
        <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
        <code value="PATRQT"/>
      </coding>
    </purposeOfUse>
  </agent>
  <agent>
    <type>
      <coding>
        <system value="http://terminology.hl7.org/CodeSystem/v3-RoleClass"/>
        <code value="PROV"/>
        <display value="healthcare provider"/>
      </coding>
    </type>
    <who>
      <identifier>
        <value value="1234567@myOrganizationRegistry.example.org"/>
      </identifier>
      <display value="St. Mary of Examples"/>
    </who>
    <requestor value="false"/>
  </agent>
  <agent>
    <type>
      <coding>
        <system value="urn:ihe:iti:xca:2010"/>
        <code value="homeCommunityId"/>
      </coding>
    </type>
    <who>
      <identifier>
        <type>
          <coding>
            <system value="urn:ihe:iti:xca:2010"/>
            <code value="homeCommunityId"/>
          </coding>
        </type>
        <value value="urn:uuid:cadbf8d0-5493-11ec-bf63-0242ac130002"/>
      </identifier>
    </who>
    <requestor value="false"/>
  </agent>
  <source>
    <site value="server.example.com"/>
    <observer>🔗 
      <reference value="Device/ex-device"/>
    </observer>
    <type>
      <system
              value="http://terminology.hl7.org/CodeSystem/security-source-type"/>
      <code value="4"/>
      <display value="Application Server"/>
    </type>
  </source>
  <entity>
    <what>
      <identifier>
        <value value="urn:uuid:a4b1d27e-5493-11ec-bf63-0242ac130002"/>
      </identifier>
    </what>
    <type>
      <system value="http://hl7.org/fhir/resource-types"/>
      <code value="Consent"/>
      <display value="Consent"/>
    </type>
    <detail>
      <type value="urn:ihe:iti:xua:2012:acp"/>
      <valueString value="urn:uuid:b8aa8eec-5493-11ec-bf63-0242ac130002"/>
    </detail>
    <detail>
      <type value="urn:oasis:names:tc:xacml:2.0:resource:resource-id"/>
      <valueString value="urn:uuid:d7391e5a-5493-11ec-bf63-0242ac130002"/>
    </detail>
  </entity>
</AuditEvent>