Basic Audit Log Patterns (BALP)
1.1.3 - Trial-Implementation International flag

This page is part of the IHE Basic Audit Log Patterns (BALP) (v1.1.3: Publication) based on FHIR (HL7® FHIR® Standard) R4. This is the current published version. For a full list of available versions, see the Directory of published versions

: IHE BALP Audit Consumer - XML Representation

Active as of 2022-10-28

Raw xml | Download



<CapabilityStatement xmlns="http://hl7.org/fhir">
  <id value="IHE.BALP.AuditConsumer"/>
  <text>
    <status value="extensions"/>
    <div xmlns="http://www.w3.org/1999/xhtml"><h2 id="title">IHE BALP Audit Consumer</h2><ul><li>Implementation Guide Version: 1.1.3</li><li>FHIR Version: 4.0.1</li><li>Supported Formats: <code>application/fhir+xml</code>, <code>application/fhir+json</code></li><li>Supported Patch Formats: </li><li>Published on: Fri Oct 28 00:00:00 CDT 2022</li><li>Published by: IHE IT Infrastructure Technical Committee</li></ul><blockquote class="impl-note"><p><strong>Note to Implementers: FHIR Capabilities</strong></p><p>Any FHIR capability may be 'allowed' by the system unless explicitly marked as &quot;SHALL NOT&quot;. A few items are marked as MAY in the Implementation Guide to highlight their potential relevance to the use case.</p></blockquote><h2 id="rest">FHIR RESTful Capabilities</h2><div class="panel panel-default"><div class="panel-heading"><h3 id="mode1" class="panel-title">Mode: <code>client</code></h3></div><div class="panel-body"><div><p>BALP Audit Consumer will query for AuditEvent resources.</p>
</div><div class="lead"><em>Security</em></div><blockquote><div><p><a href="https://profiles.ihe.net/ITI/TF/Volume1/ch-9.html">ATNA</a> required, encouraged <a href="https://profiles.ihe.net/ITI/IUA/index.html">IHE-IUA</a> or SMART-on-FHIR</p>
</div></blockquote><div class="lead"><em>Summary of System-wide Interactions</em></div></div></div><h3 id="resourcesCap1">Capabilities by Resource/Profile</h3><h4 id="resourcesSummary1">Summary</h4><p>The summary table lists the resources that are part of this configuration, and for each resource it lists:</p><ul><li>The relevant profiles (if any)</li><li>The interactions supported by each resource (<b><span class="bg-info">R</span></b>ead, <b><span class="bg-info">S</span></b>earch, <b><span class="bg-info">U</span></b>pdate, and <b><span class="bg-info">C</span></b>reate, are always shown, while <b><span class="bg-info">VR</span></b>ead, <b><span class="bg-info">P</span></b>atch, <b><span class="bg-info">D</span></b>elete, <b><span class="bg-info">H</span></b>istory on <b><span class="bg-info">I</span></b>nstance, or <b><span class="bg-info">H</span></b>istory on <b><span class="bg-info">T</span></b>ype are only present if at least one of the resources has support for them.</li><li><span>The required, recommended, and some optional search parameters (if any). </span></li><li>The linked resources enabled for <code>_include</code></li><li>The other resources enabled for <code>_revinclude</code></li><li>The operations on the resource (if any)</li></ul><div class="table-responsive"><table class="table table-condensed table-hover"><thead><tr><th><b>Resource Type</b></th><th><b>Profile</b></th><th class="text-center"><b title="GET a resource (read interaction)">R</b></th><th class="text-center"><b title="GET all set of resources of the type (search interaction)">S</b></th><th class="text-center"><b title="PUT a new resource version (update interaction)">U</b></th><th class="text-center"><b title="POST a new resource (create interaction)">C</b></th><th><b title="Required and recommended search parameters">Searches</b></th><th><code><b>_include</b></code></th><th><code><b>_revinclude</b></code></th><th><b>Operations</b></th></tr></thead><tbody><tr><td><a href="#AuditEvent1-1">AuditEvent</a></td><td>Supported profiles:<br/>  <a href="StructureDefinition-IHE.BasicAudit.Create.html">Basic AuditEvent for a successful Create not related to a Patient</a><br/>  <a href="StructureDefinition-IHE.BasicAudit.Read.html">Basic AuditEvent for a successful Read</a><br/>  <a href="StructureDefinition-IHE.BasicAudit.Update.html">Basic AuditEvent for a successful Update</a><br/>  <a href="StructureDefinition-IHE.BasicAudit.Delete.html">Basic AuditEvent for a successful Delete</a><br/>  <a href="StructureDefinition-IHE.BasicAudit.Query.html">Basic AuditEvent for a successful Query</a><br/>  <a href="StructureDefinition-IHE.BasicAudit.PatientCreate.html">Basic AuditEvent for a successful Create with known Patient subject</a><br/>  <a href="StructureDefinition-IHE.BasicAudit.PatientRead.html">Basic AuditEvent for a successful Read with a Patient</a><br/>  <a href="StructureDefinition-IHE.BasicAudit.PatientUpdate.html">Basic AuditEvent for a successful Update with a Patient subject</a><br/>  <a href="StructureDefinition-IHE.BasicAudit.PatientDelete.html">Basic AuditEvent for a successful Delete with Patient</a><br/>  <a href="StructureDefinition-IHE.BasicAudit.PatientQuery.html">Basic AuditEvent for a successful Query with Patient</a><br/>  <a href="StructureDefinition-IHE.IUA.71.html">IHE IUA ITI-71 AuditEvent for a successful Get Access Token</a><br/>  <a href="StructureDefinition-IHE.BasicAudit.OAUTHaccessTokenUse.Comprehensive.html">Basic AuditEvent pattern for when an activity was authorized by an IUA access token</a><br/>  <a href="StructureDefinition-IHE.BasicAudit.OAUTHaccessTokenUse.Minimal.html">Basic AuditEvent pattern for oAuth Opaque</a><br/>  <a href="StructureDefinition-IHE.BasicAudit.OAUTHaccessTokenUse.Opaque.html">Basic AuditEvent pattern for oAuth Opaque</a><br/>  <a href="StructureDefinition-IHE.BasicAudit.SAMLaccessTokenUse.Comprehensive.html">Basic AuditEvent pattern for when an activity was authorized by an SAML access token Comprehensive</a><br/>  <a href="StructureDefinition-IHE.BasicAudit.SAMLaccessTokenUse.Minimal.html">Basic AuditEvent pattern for when an activity was authorized by an SAML access token Minimal</a><br/>  <a href="StructureDefinition-IHE.BasicAudit.AuthZconsent.html">Basic AuditEvent pattern for when an Authorization permit is decided</a><br/>  <a href="StructureDefinition-IHE.BasicAudit.PrivacyDisclosure.Recipient.html">Audit Event for a Privacy Disclosure as recorded by a Recipient</a><br/>  <a href="StructureDefinition-IHE.BasicAudit.PrivacyDisclosure.Source.html">Audit Event for Privacy Disclosure at Source</a></td><td>y</td><td class="text-center">y</td><td class="text-center"></td><td class="text-center"></td><td>_id, _lastUpdated, date, address, agent.identifier, patient.identifier, entity.identifier, entity-type, entity-role, source.identifier, type, subtype, outcome</td><td/><td/><td/></tr></tbody></table></div><hr/><div class="panel panel-default"><div class="panel-heading"><h4 id="AuditEvent1-1" class="panel-title"><span style="float: right;">Resource Conformance: supported</span>AuditEvent</h4></div><div class="panel-body"><div class="container"><div class="row"><div class="col-lg-4"><span class="lead">Core FHIR Resource</span><br/><a href="http://hl7.org/fhir/R4/auditevent.html">AuditEvent</a></div><div class="col-lg-4"><span class="lead">Reference Policy</span><br/></div><div class="col-lg-4"><span class="lead">Interaction summary</span><br/><ul><li>Supports <code>search-type</code>, <code>read</code>.</li></ul></div></div><p/><div class="row"><div class="col-6"><span class="lead">Supported Profiles</span><p><a href="StructureDefinition-IHE.BasicAudit.Create.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Create</a><br/><a href="StructureDefinition-IHE.BasicAudit.Read.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Read</a><br/><a href="StructureDefinition-IHE.BasicAudit.Update.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Update</a><br/><a href="StructureDefinition-IHE.BasicAudit.Delete.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Delete</a><br/><a href="StructureDefinition-IHE.BasicAudit.Query.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Query</a><br/><a href="StructureDefinition-IHE.BasicAudit.PatientCreate.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientCreate</a><br/><a href="StructureDefinition-IHE.BasicAudit.PatientRead.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientRead</a><br/><a href="StructureDefinition-IHE.BasicAudit.PatientUpdate.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientUpdate</a><br/><a href="StructureDefinition-IHE.BasicAudit.PatientDelete.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientDelete</a><br/><a href="StructureDefinition-IHE.BasicAudit.PatientQuery.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientQuery</a><br/><a href="StructureDefinition-IHE.IUA.71.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.IUA.71</a><br/><a href="StructureDefinition-IHE.BasicAudit.OAUTHaccessTokenUse.Comprehensive.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.OAUTHaccessTokenUse.Comprehensive</a><br/><a href="StructureDefinition-IHE.BasicAudit.OAUTHaccessTokenUse.Minimal.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.OAUTHaccessTokenUse.Minimal</a><br/><a href="StructureDefinition-IHE.BasicAudit.OAUTHaccessTokenUse.Opaque.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.OAUTHaccessTokenUse.Opaque</a><br/><a href="StructureDefinition-IHE.BasicAudit.SAMLaccessTokenUse.Comprehensive.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.SAMLaccessTokenUse.Comprehensive</a><br/><a href="StructureDefinition-IHE.BasicAudit.SAMLaccessTokenUse.Minimal.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.SAMLaccessTokenUse.Minimal</a><br/><a href="StructureDefinition-IHE.BasicAudit.AuthZconsent.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.AuthZconsent</a><br/><a href="StructureDefinition-IHE.BasicAudit.PrivacyDisclosure.Recipient.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PrivacyDisclosure.Recipient</a><br/><a href="StructureDefinition-IHE.BasicAudit.PrivacyDisclosure.Source.html">https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PrivacyDisclosure.Source</a></p></div></div><p/><div class="row"><div class="col-12"><span class="lead">Documentation</span><blockquote><div><p>For Retrieve ATNA Audit Event [ITI-81]. Note that all BALP Content profiles are listed here.</p>
</div></blockquote></div></div><div class="row"><div class="col-lg-7"><span class="lead">Search Parameters</span><table class="table table-condensed table-hover"><thead><tr><th>Conformance</th><th>Parameter</th><th>Type</th><th>Documentation</th></tr></thead><tbody><tr><td><b>SHALL</b></td><td>_id</td><td><code>token</code></td><td><div></div></td></tr><tr><td><b>SHALL</b></td><td>_lastUpdated</td><td><code>date</code></td><td><div></div></td></tr><tr><td><b>SHALL</b></td><td>date</td><td><code>date</code></td><td><div></div></td></tr><tr><td><b>SHALL</b></td><td>address</td><td><code>string</code></td><td><div></div></td></tr><tr><td><b>SHALL</b></td><td>agent.identifier</td><td><code>token</code></td><td><div></div></td></tr><tr><td><b>SHALL</b></td><td>patient.identifier</td><td><code>token</code></td><td><div></div></td></tr><tr><td><b>SHALL</b></td><td>entity.identifier</td><td><code>token</code></td><td><div></div></td></tr><tr><td><b>SHALL</b></td><td>entity-type</td><td><code>token</code></td><td><div></div></td></tr><tr><td><b>SHALL</b></td><td>entity-role</td><td><code>token</code></td><td><div></div></td></tr><tr><td><b>SHALL</b></td><td>source.identifier</td><td><code>token</code></td><td><div></div></td></tr><tr><td><b>SHALL</b></td><td>type</td><td><code>token</code></td><td><div></div></td></tr><tr><td><b>SHALL</b></td><td>subtype</td><td><code>token</code></td><td><div></div></td></tr><tr><td><b>SHALL</b></td><td>outcome</td><td><code>token</code></td><td><div></div></td></tr></tbody></table></div><div class="col-lg-5"> </div></div></div></div></div></div>
  </text>
  <url
       value="https://profiles.ihe.net/ITI/BALP/CapabilityStatement/IHE.BALP.AuditConsumer"/>
  <version value="1.1.3"/>
  <name value="IHE_BALP_AuditConsumer"/>
  <title value="IHE BALP Audit Consumer"/>
  <status value="active"/>
  <experimental value="false"/>
  <date value="2022-10-28"/>
  <publisher value="IHE IT Infrastructure Technical Committee"/>
  <contact>
    <name value="IHE IT Infrastructure Technical Committee"/>
    <telecom>
      <system value="url"/>
      <value value="https://www.ihe.net/ihe_domains/it_infrastructure/"/>
    </telecom>
    <telecom>
      <system value="email"/>
      <value value="iti@ihe.net"/>
    </telecom>
  </contact>
  <contact>
    <name value="IHE IT Infrastructure Technical Committee"/>
    <telecom>
      <system value="email"/>
      <value value="iti@ihe.net"/>
    </telecom>
  </contact>
  <description
               value="CapabilityStatement for [Audit Consumer](volume-1.html#152112-audit-consumer) Actor in [BALP](index.html).

This CapabilityStatement replicates the requirements that would come from the ATNA **Audit Consumer* actor supporting **ATNA Retrieve Audit Message Option**."/>
  <jurisdiction>
    <coding>
      <system value="http://unstats.un.org/unsd/methods/m49/m49.htm"/>
      <code value="001"/>
    </coding>
  </jurisdiction>
  <kind value="requirements"/>
  <fhirVersion value="4.0.1"/>
  <format value="application/fhir+xml"/>
  <format value="application/fhir+json"/>
  <rest>
    <mode value="client"/>
    <documentation
                   value="BALP Audit Consumer will query for AuditEvent resources."/>
    <security>
      <description
                   value="[ATNA](https://profiles.ihe.net/ITI/TF/Volume1/ch-9.html) required, encouraged [IHE-IUA](https://profiles.ihe.net/ITI/IUA/index.html) or SMART-on-FHIR"/>
    </security>
    <resource>
      <type value="AuditEvent"/>
      <supportedProfile
                        value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Create"/>
      <supportedProfile
                        value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Read"/>
      <supportedProfile
                        value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Update"/>
      <supportedProfile
                        value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Delete"/>
      <supportedProfile
                        value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Query"/>
      <supportedProfile
                        value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientCreate"/>
      <supportedProfile
                        value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientRead"/>
      <supportedProfile
                        value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientUpdate"/>
      <supportedProfile
                        value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientDelete"/>
      <supportedProfile
                        value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientQuery"/>
      <supportedProfile
                        value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.IUA.71"/>
      <supportedProfile
                        value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.OAUTHaccessTokenUse.Comprehensive"/>
      <supportedProfile
                        value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.OAUTHaccessTokenUse.Minimal"/>
      <supportedProfile
                        value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.OAUTHaccessTokenUse.Opaque"/>
      <supportedProfile
                        value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.SAMLaccessTokenUse.Comprehensive"/>
      <supportedProfile
                        value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.SAMLaccessTokenUse.Minimal"/>
      <supportedProfile
                        value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.AuthZconsent"/>
      <supportedProfile
                        value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PrivacyDisclosure.Recipient"/>
      <supportedProfile
                        value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PrivacyDisclosure.Source"/>
      <documentation
                     value="For Retrieve ATNA Audit Event [ITI-81]. Note that all BALP Content profiles are listed here."/>
      <interaction>
        <code value="search-type"/>
      </interaction>
      <interaction>
        <code value="read"/>
      </interaction>
      <searchParam>
        <name value="_id"/>
        <type value="token"/>
      </searchParam>
      <searchParam>
        <name value="_lastUpdated"/>
        <type value="date"/>
      </searchParam>
      <searchParam>
        <name value="date"/>
        <type value="date"/>
      </searchParam>
      <searchParam>
        <name value="address"/>
        <type value="string"/>
      </searchParam>
      <searchParam>
        <name value="agent.identifier"/>
        <type value="token"/>
      </searchParam>
      <searchParam>
        <name value="patient.identifier"/>
        <type value="token"/>
      </searchParam>
      <searchParam>
        <name value="entity.identifier"/>
        <type value="token"/>
      </searchParam>
      <searchParam>
        <name value="entity-type"/>
        <type value="token"/>
      </searchParam>
      <searchParam>
        <name value="entity-role"/>
        <type value="token"/>
      </searchParam>
      <searchParam>
        <name value="source.identifier"/>
        <type value="token"/>
      </searchParam>
      <searchParam>
        <name value="type"/>
        <type value="token"/>
      </searchParam>
      <searchParam>
        <name value="subtype"/>
        <type value="token"/>
      </searchParam>
      <searchParam>
        <name value="outcome"/>
        <type value="token"/>
      </searchParam>
    </resource>
  </rest>
</CapabilityStatement>