Basic Audit Log Patterns (BALP)
1.1.3 - Trial-Implementation International flag

This page is part of the IHE Basic Audit Log Patterns (BALP) (v1.1.3: Publication) based on FHIR (HL7® FHIR® Standard) R4. This is the current published version. For a full list of available versions, see the Directory of published versions

CapabilityStatement: IHE BALP Audit Consumer

Official URL: https://profiles.ihe.net/ITI/BALP/CapabilityStatement/IHE.BALP.AuditConsumer Version: 1.1.3
Active as of 2022-10-28 Computable Name: IHE_BALP_AuditConsumer

CapabilityStatement for Audit Consumer Actor in BALP.

This CapabilityStatement replicates the requirements that would come from the ATNA Audit Consumer* actor supporting **ATNA Retrieve Audit Message Option.

Raw OpenAPI-Swagger Definition file | Download

IHE BALP Audit Consumer

  • Implementation Guide Version: 1.1.3
  • FHIR Version: 4.0.1
  • Supported Formats: application/fhir+xml, application/fhir+json
  • Supported Patch Formats:
  • Published on: Fri Oct 28 00:00:00 CDT 2022
  • Published by: IHE IT Infrastructure Technical Committee

Note to Implementers: FHIR Capabilities

Any FHIR capability may be 'allowed' by the system unless explicitly marked as "SHALL NOT". A few items are marked as MAY in the Implementation Guide to highlight their potential relevance to the use case.

FHIR RESTful Capabilities

Mode: client

BALP Audit Consumer will query for AuditEvent resources.

Security

ATNA required, encouraged IHE-IUA or SMART-on-FHIR

Summary of System-wide Interactions

Capabilities by Resource/Profile

Summary

The summary table lists the resources that are part of this configuration, and for each resource it lists:

  • The relevant profiles (if any)
  • The interactions supported by each resource (Read, Search, Update, and Create, are always shown, while VRead, Patch, Delete, History on Instance, or History on Type are only present if at least one of the resources has support for them.
  • The required, recommended, and some optional search parameters (if any).
  • The linked resources enabled for _include
  • The other resources enabled for _revinclude
  • The operations on the resource (if any)
Resource TypeProfileRSUCSearches_include_revincludeOperations
AuditEventSupported profiles:
  Basic AuditEvent for a successful Create not related to a Patient
  Basic AuditEvent for a successful Read
  Basic AuditEvent for a successful Update
  Basic AuditEvent for a successful Delete
  Basic AuditEvent for a successful Query
  Basic AuditEvent for a successful Create with known Patient subject
  Basic AuditEvent for a successful Read with a Patient
  Basic AuditEvent for a successful Update with a Patient subject
  Basic AuditEvent for a successful Delete with Patient
  Basic AuditEvent for a successful Query with Patient
  IHE IUA ITI-71 AuditEvent for a successful Get Access Token
  Basic AuditEvent pattern for when an activity was authorized by an IUA access token
  Basic AuditEvent pattern for oAuth Opaque
  Basic AuditEvent pattern for oAuth Opaque
  Basic AuditEvent pattern for when an activity was authorized by an SAML access token Comprehensive
  Basic AuditEvent pattern for when an activity was authorized by an SAML access token Minimal
  Basic AuditEvent pattern for when an Authorization permit is decided
  Audit Event for a Privacy Disclosure as recorded by a Recipient
  Audit Event for Privacy Disclosure at Source		yy_id, _lastUpdated, date, address, agent.identifier, patient.identifier, entity.identifier, entity-type, entity-role, source.identifier, type, subtype, outcome

Resource Conformance: supportedAuditEvent

Core FHIR Resource
AuditEvent
Reference Policy
Interaction summary
  • Supports search-type, read.

Supported Profiles

https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Create
https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Read
https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Update
https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Delete
https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Query
https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientCreate
https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientRead
https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientUpdate
https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientDelete
https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientQuery
https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.IUA.71
https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.OAUTHaccessTokenUse.Comprehensive
https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.OAUTHaccessTokenUse.Minimal
https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.OAUTHaccessTokenUse.Opaque
https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.SAMLaccessTokenUse.Comprehensive
https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.SAMLaccessTokenUse.Minimal
https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.AuthZconsent
https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PrivacyDisclosure.Recipient
https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PrivacyDisclosure.Source

Documentation

For Retrieve ATNA Audit Event [ITI-81]. Note that all BALP Content profiles are listed here.

Search Parameters
ConformanceParameterTypeDocumentation
SHALL_idtoken
SHALL_lastUpdateddate
SHALLdatedate
SHALLaddressstring
SHALLagent.identifiertoken
SHALLpatient.identifiertoken
SHALLentity.identifiertoken
SHALLentity-typetoken
SHALLentity-roletoken
SHALLsource.identifiertoken
SHALLtypetoken
SHALLsubtypetoken
SHALLoutcometoken