Basic Audit Log Patterns (BALP)
1.1.1 - Trial-Implementation International flag

This page is part of the IHE Basic Audit Log Patterns (BALP) (v1.1.1: Trial Implementation) based on FHIR R4. This is the current published version. For a full list of available versions, see the Directory of published versions

Example AuditEvent: Audit Example of a basic SAML access token of comprehensive from QDI sample

Generated Narrative: AuditEvent

Resource AuditEvent "ex-auditPoke-SAML-QDI-Comp"

Profile: Basic AuditEvent pattern for when an activity was authorized by an SAML access token Comprehensive

Security Labels: http://terminology.hl7.org/CodeSystem/v3-ActReason

type: Application Activity (Details: DICOM code 110100 = 'Application Activity', stated as 'Application Activity')

subtype: Boredom poke (Details: urn:ietf:rfc:1438 code poke = 'poke', stated as 'Boredom poke')

action: R

recorded: Dec 3, 2021, 3:49:00 AM

outcome: 0

agent

AuditEvent.agent Assurance Level: X509 (unknown#X509)

AuditEvent.agent other identifiers: SAML subject-id: Karl S Skagerberg

type: information recipient (ParticipationType#IRCP; The code used to identifiy a User Agent#UserSamlAgent)

role: Public health officier (unknown#307969004)

who:

requestor: true

policy: _d87f8adf-711a-4545-bf77-ff8517b498e4

purposeOfUse: Uses and disclosures for public health activities. (unknown#PUBLICHEALTH)

agent

type: healthcare provider (RoleClass#PROV)

who: : connectred5.fedsconnect.org

requestor: false

Sources

-SiteObserverType
*server.example.comDevice/ex-deviceApplication Server (Details: http://terminology.hl7.org/CodeSystem/security-source-type code 4 = 'Application Server', stated as 'Application Server')

entity

what:

type: Consent (Details: http://hl7.org/fhir/resource-types code Consent = 'Consent', stated as 'Consent')

detail

type: urn:ihe:iti:xua:2012:acp

value: urn:oid:1.2.3.4

detail

type: urn:oasis:names:tc:xacml:2.0:resource:resource-id

value: 500000000^^^&2.16.840.1.113883.3.333&ISO