Basic Audit Log Patterns (BALP)
1.1.3 - Trial-Implementation
This page is part of the IHE Basic Audit Log Patterns (BALP) (v1.1.3: Publication) based on FHIR (HL7® FHIR® Standard) R4. This is the current published version. For a full list of available versions, see the Directory of published versions
Active as of 2022-10-28 |
<CapabilityStatement xmlns="http://hl7.org/fhir">
<id value="IHE.BALP.ATNA.AuditRecordRepository"/>
<text>
<status value="extensions"/>
<div xmlns="http://www.w3.org/1999/xhtml"><h2 id="title">IHE ATNA Audit Record Repository supporting BALP Content</h2><ul><li>Implementation Guide Version: 1.1.3</li><li>FHIR Version: 4.0.1</li><li>Supported Formats: <code>application/fhir+xml</code>, <code>application/fhir+json</code></li><li>Supported Patch Formats: </li><li>Published on: Fri Oct 28 00:00:00 CDT 2022</li><li>Published by: IHE IT Infrastructure Technical Committee</li></ul><blockquote class="impl-note"><p><strong>Note to Implementers: FHIR Capabilities</strong></p><p>Any FHIR capability may be 'allowed' by the system unless explicitly marked as "SHALL NOT". A few items are marked as MAY in the Implementation Guide to highlight their potential relevance to the use case.</p></blockquote><h2 id="rest">FHIR RESTful Capabilities</h2><div class="panel panel-default"><div class="panel-heading"><h3 id="mode1" class="panel-title">Mode: <code>server</code></h3></div><div class="panel-body"><div class="lead"><em>Security</em></div><blockquote><div><p><a href="https://profiles.ihe.net/ITI/TF/Volume1/ch-9.html">ATNA</a> required, encouraged <a href="https://profiles.ihe.net/ITI/IUA/index.html">IHE-IUA</a> or SMART-on-FHIR</p>
</div></blockquote><div class="lead"><em>Summary of System-wide Interactions</em></div></div></div><h3 id="resourcesCap1">Capabilities by Resource/Profile</h3><h4 id="resourcesSummary1">Summary</h4><p>The summary table lists the resources that are part of this configuration, and for each resource it lists:</p><ul><li>The relevant profiles (if any)</li><li>The interactions supported by each resource (<b><span class="bg-info">R</span></b>ead, <b><span class="bg-info">S</span></b>earch, <b><span class="bg-info">U</span></b>pdate, and <b><span class="bg-info">C</span></b>reate, are always shown, while <b><span class="bg-info">VR</span></b>ead, <b><span class="bg-info">P</span></b>atch, <b><span class="bg-info">D</span></b>elete, <b><span class="bg-info">H</span></b>istory on <b><span class="bg-info">I</span></b>nstance, or <b><span class="bg-info">H</span></b>istory on <b><span class="bg-info">T</span></b>ype are only present if at least one of the resources has support for them.</li><li><span>The required, recommended, and some optional search parameters (if any). </span></li><li>The linked resources enabled for <code>_include</code></li><li>The other resources enabled for <code>_revinclude</code></li><li>The operations on the resource (if any)</li></ul><div class="table-responsive"><table class="table table-condensed table-hover"><thead><tr><th><b>Resource Type</b></th><th><b>Profile</b></th><th class="text-center"><b title="GET a resource (read interaction)">R</b></th><th class="text-center"><b title="GET all set of resources of the type (search interaction)">S</b></th><th class="text-center"><b title="PUT a new resource version (update interaction)">U</b></th><th class="text-center"><b title="POST a new resource (create interaction)">C</b></th><th><b title="Required and recommended search parameters">Searches</b></th><th><code><b>_include</b></code></th><th><code><b>_revinclude</b></code></th><th><b>Operations</b></th></tr></thead><tbody><tr><td><a href="#AuditEvent1-1">AuditEvent</a></td><td>Supported profiles:<br/> <a href="StructureDefinition-IHE.BasicAudit.Create.html">Basic AuditEvent for a successful Create not related to a Patient</a><br/> <a href="StructureDefinition-IHE.BasicAudit.Read.html">Basic AuditEvent for a successful Read</a><br/> <a href="StructureDefinition-IHE.BasicAudit.Update.html">Basic AuditEvent for a successful Update</a><br/> <a href="StructureDefinition-IHE.BasicAudit.Delete.html">Basic AuditEvent for a successful Delete</a><br/> <a href="StructureDefinition-IHE.BasicAudit.Query.html">Basic AuditEvent for a successful Query</a><br/> <a href="StructureDefinition-IHE.BasicAudit.PatientCreate.html">Basic AuditEvent for a successful Create with known Patient subject</a><br/> <a href="StructureDefinition-IHE.BasicAudit.PatientRead.html">Basic AuditEvent for a successful Read with a Patient</a><br/> <a href="StructureDefinition-IHE.BasicAudit.PatientUpdate.html">Basic AuditEvent for a successful Update with a Patient subject</a><br/> <a href="StructureDefinition-IHE.BasicAudit.PatientDelete.html">Basic AuditEvent for a successful Delete with Patient</a><br/> <a href="StructureDefinition-IHE.BasicAudit.PatientQuery.html">Basic AuditEvent for a successful Query with Patient</a><br/> <a href="StructureDefinition-IHE.IUA.71.html">IHE IUA ITI-71 AuditEvent for a successful Get Access Token</a><br/> <a href="StructureDefinition-IHE.BasicAudit.OAUTHaccessTokenUse.Comprehensive.html">Basic AuditEvent pattern for when an activity was authorized by an IUA access token</a><br/> <a href="StructureDefinition-IHE.BasicAudit.OAUTHaccessTokenUse.Minimal.html">Basic AuditEvent pattern for oAuth Opaque</a><br/> <a href="StructureDefinition-IHE.BasicAudit.OAUTHaccessTokenUse.Opaque.html">Basic AuditEvent pattern for oAuth Opaque</a><br/> <a href="StructureDefinition-IHE.BasicAudit.SAMLaccessTokenUse.Comprehensive.html">Basic AuditEvent pattern for when an activity was authorized by an SAML access token Comprehensive</a><br/> <a href="StructureDefinition-IHE.BasicAudit.SAMLaccessTokenUse.Minimal.html">Basic AuditEvent pattern for when an activity was authorized by an SAML access token Minimal</a><br/> <a href="StructureDefinition-IHE.BasicAudit.AuthZconsent.html">Basic AuditEvent pattern for when an Authorization permit is decided</a><br/> <a href="StructureDefinition-IHE.BasicAudit.PrivacyDisclosure.Recipient.html">Audit Event for a Privacy Disclosure as recorded by a Recipient</a><br/> <a href="StructureDefinition-IHE.BasicAudit.PrivacyDisclosure.Source.html">Audit Event for Privacy Disclosure at Source</a></td><td>y</td><td class="text-center">y</td><td class="text-center"></td><td class="text-center">y</td><td>_id, _lastUpdated, date, address, agent.identifier, patient.identifier, entity.identifier, entity-type, entity-role, source.identifier, type, subtype, outcome</td><td/><td/><td/></tr></tbody></table></div><hr/><div class="panel panel-default"><div class="panel-heading"><h4 id="AuditEvent1-1" class="panel-title"><span style="float: right;">Resource Conformance: supported</span>AuditEvent</h4></div><div class="panel-body"><div class="container"><div class="row"><div class="col-lg-4"><span class="lead">Core FHIR Resource</span><br/><a href="http://hl7.org/fhir/R4/auditevent.html">AuditEvent</a></div><div class="col-lg-4"><span class="lead">Reference Policy</span><br/></div><div class="col-lg-4"><span class="lead">Interaction summary</span><br/><ul><li>Supports <code>search-type</code>, <code>read</code>, <code>create</code>.</li></ul></div></div><p/><div class="row"><div class="col-6"><span class="lead">Supported Profiles</span><p><a href="StructureDefinition-IHE.BasicAudit.Create.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Create</a><br/><a href="StructureDefinition-IHE.BasicAudit.Read.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Read</a><br/><a href="StructureDefinition-IHE.BasicAudit.Update.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Update</a><br/><a href="StructureDefinition-IHE.BasicAudit.Delete.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Delete</a><br/><a href="StructureDefinition-IHE.BasicAudit.Query.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Query</a><br/><a href="StructureDefinition-IHE.BasicAudit.PatientCreate.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientCreate</a><br/><a href="StructureDefinition-IHE.BasicAudit.PatientRead.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientRead</a><br/><a href="StructureDefinition-IHE.BasicAudit.PatientUpdate.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientUpdate</a><br/><a href="StructureDefinition-IHE.BasicAudit.PatientDelete.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientDelete</a><br/><a href="StructureDefinition-IHE.BasicAudit.PatientQuery.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientQuery</a><br/><a href="StructureDefinition-IHE.IUA.71.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.IUA.71</a><br/><a href="StructureDefinition-IHE.BasicAudit.OAUTHaccessTokenUse.Comprehensive.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.OAUTHaccessTokenUse.Comprehensive</a><br/><a href="StructureDefinition-IHE.BasicAudit.OAUTHaccessTokenUse.Minimal.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.OAUTHaccessTokenUse.Minimal</a><br/><a href="StructureDefinition-IHE.BasicAudit.OAUTHaccessTokenUse.Opaque.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.OAUTHaccessTokenUse.Opaque</a><br/><a href="StructureDefinition-IHE.BasicAudit.SAMLaccessTokenUse.Comprehensive.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.SAMLaccessTokenUse.Comprehensive</a><br/><a href="StructureDefinition-IHE.BasicAudit.SAMLaccessTokenUse.Minimal.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.SAMLaccessTokenUse.Minimal</a><br/><a href="StructureDefinition-IHE.BasicAudit.AuthZconsent.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.AuthZconsent</a><br/><a href="StructureDefinition-IHE.BasicAudit.PrivacyDisclosure.Recipient.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PrivacyDisclosure.Recipient</a><br/><a href="StructureDefinition-IHE.BasicAudit.PrivacyDisclosure.Source.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PrivacyDisclosure.Source</a></p></div></div><p/><div class="row"><div class="col-12"><span class="lead">Documentation</span><blockquote><div><p>For Retrieve ATNA Audit Event [ITI-81] and the FHIR Record Audit Event [ITI-20]. Note that all BALP Content profiles are listed here.</p>
</div></blockquote></div></div><div class="row"><div class="col-lg-7"><span class="lead">Search Parameters</span><table class="table table-condensed table-hover"><thead><tr><th>Conformance</th><th>Parameter</th><th>Type</th><th>Documentation</th></tr></thead><tbody><tr><td><b>SHALL</b></td><td>_id</td><td><code>token</code></td><td><div></div></td></tr><tr><td><b>SHALL</b></td><td>_lastUpdated</td><td><code>date</code></td><td><div></div></td></tr><tr><td><b>SHALL</b></td><td>date</td><td><code>date</code></td><td><div></div></td></tr><tr><td><b>SHALL</b></td><td>address</td><td><code>string</code></td><td><div></div></td></tr><tr><td><b>SHALL</b></td><td>agent.identifier</td><td><code>token</code></td><td><div></div></td></tr><tr><td><b>SHALL</b></td><td>patient.identifier</td><td><code>token</code></td><td><div></div></td></tr><tr><td><b>SHALL</b></td><td>entity.identifier</td><td><code>token</code></td><td><div></div></td></tr><tr><td><b>SHALL</b></td><td>entity-type</td><td><code>token</code></td><td><div></div></td></tr><tr><td><b>SHALL</b></td><td>entity-role</td><td><code>token</code></td><td><div></div></td></tr><tr><td><b>SHALL</b></td><td>source.identifier</td><td><code>token</code></td><td><div></div></td></tr><tr><td><b>SHALL</b></td><td>type</td><td><code>token</code></td><td><div></div></td></tr><tr><td><b>SHALL</b></td><td>subtype</td><td><code>token</code></td><td><div></div></td></tr><tr><td><b>SHALL</b></td><td>outcome</td><td><code>token</code></td><td><div></div></td></tr></tbody></table></div><div class="col-lg-5"> </div></div></div></div></div></div>
</text>
<url
value="https://profiles.ihe.net/ITI/BALP/CapabilityStatement/IHE.BALP.ATNA.AuditRecordRepository"/>
<version value="1.1.3"/>
<name value="IHE_BALP_ATNA_AuditRecordRepository"/>
<title value="IHE ATNA Audit Record Repository supporting BALP Content"/>
<status value="active"/>
<experimental value="false"/>
<date value="2022-10-28"/>
<publisher value="IHE IT Infrastructure Technical Committee"/>
<contact>
<name value="IHE IT Infrastructure Technical Committee"/>
<telecom>
<system value="url"/>
<value value="https://www.ihe.net/ihe_domains/it_infrastructure/"/>
</telecom>
<telecom>
<system value="email"/>
<value value="iti@ihe.net"/>
</telecom>
</contact>
<contact>
<name value="IHE IT Infrastructure Technical Committee"/>
<telecom>
<system value="email"/>
<value value="iti@ihe.net"/>
</telecom>
</contact>
<description
value="CapabilityStatement for [ATNA](https://profiles.ihe.net/ITI/TF/Volume1/ch-9.html) Audit Record Repository Actor with the ATNA ATX:FHIR Feed Option and Retrieve Audit Message Option defined in [RESTful-ATNA Supplement](https://www.ihe.net/uploadedFiles/Documents/ITI/IHE_ITI_Suppl_RESTful-ATNA.pdf) that also has support for BALP Content.
This Actor is derived off of the ATNA Audit Record Repository actor that is not yet defined fully in an IG. This CapabilityStatement does not represent a formal Actor, but rather a system that has grouped ATNA and BALP."/>
<jurisdiction>
<coding>
<system value="http://unstats.un.org/unsd/methods/m49/m49.htm"/>
<code value="001"/>
</coding>
</jurisdiction>
<kind value="requirements"/>
<fhirVersion value="4.0.1"/>
<format value="application/fhir+xml"/>
<format value="application/fhir+json"/>
<rest>
<mode value="server"/>
<security>
<description
value="[ATNA](https://profiles.ihe.net/ITI/TF/Volume1/ch-9.html) required, encouraged [IHE-IUA](https://profiles.ihe.net/ITI/IUA/index.html) or SMART-on-FHIR"/>
</security>
<resource>
<type value="AuditEvent"/>
<supportedProfile
value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Create"/>
<supportedProfile
value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Read"/>
<supportedProfile
value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Update"/>
<supportedProfile
value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Delete"/>
<supportedProfile
value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Query"/>
<supportedProfile
value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientCreate"/>
<supportedProfile
value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientRead"/>
<supportedProfile
value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientUpdate"/>
<supportedProfile
value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientDelete"/>
<supportedProfile
value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientQuery"/>
<supportedProfile
value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.IUA.71"/>
<supportedProfile
value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.OAUTHaccessTokenUse.Comprehensive"/>
<supportedProfile
value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.OAUTHaccessTokenUse.Minimal"/>
<supportedProfile
value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.OAUTHaccessTokenUse.Opaque"/>
<supportedProfile
value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.SAMLaccessTokenUse.Comprehensive"/>
<supportedProfile
value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.SAMLaccessTokenUse.Minimal"/>
<supportedProfile
value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.AuthZconsent"/>
<supportedProfile
value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PrivacyDisclosure.Recipient"/>
<supportedProfile
value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PrivacyDisclosure.Source"/>
<documentation
value="For Retrieve ATNA Audit Event [ITI-81] and the FHIR Record Audit Event [ITI-20]. Note that all BALP Content profiles are listed here."/>
<interaction>
<code value="search-type"/>
</interaction>
<interaction>
<code value="read"/>
</interaction>
<interaction>
<code value="create"/>
</interaction>
<searchParam>
<name value="_id"/>
<type value="token"/>
</searchParam>
<searchParam>
<name value="_lastUpdated"/>
<type value="date"/>
</searchParam>
<searchParam>
<name value="date"/>
<type value="date"/>
</searchParam>
<searchParam>
<name value="address"/>
<type value="string"/>
</searchParam>
<searchParam>
<name value="agent.identifier"/>
<type value="token"/>
</searchParam>
<searchParam>
<name value="patient.identifier"/>
<type value="token"/>
</searchParam>
<searchParam>
<name value="entity.identifier"/>
<type value="token"/>
</searchParam>
<searchParam>
<name value="entity-type"/>
<type value="token"/>
</searchParam>
<searchParam>
<name value="entity-role"/>
<type value="token"/>
</searchParam>
<searchParam>
<name value="source.identifier"/>
<type value="token"/>
</searchParam>
<searchParam>
<name value="type"/>
<type value="token"/>
</searchParam>
<searchParam>
<name value="subtype"/>
<type value="token"/>
</searchParam>
<searchParam>
<name value="outcome"/>
<type value="token"/>
</searchParam>
</resource>
</rest>
</CapabilityStatement>