Basic Audit Log Patterns (BALP)
1.1.3 - Trial-Implementation
Basic Audit Log Patterns (BALP)
1.1.3 - Trial-Implementation
This page is part of the IHE Basic Audit Log Patterns (BALP) (v1.1.3: Publication) based on FHIR (HL7® FHIR® Standard) R4. This is the current published version. For a full list of available versions, see the Directory of published versions
| Official URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.SAMLaccessTokenUse.Minimal | Version: 1.1.3 | |||
| Active as of 2024-02-14 | Computable Name: SAMLaccessTokenUseMinimal | |||
A basic AuditEvent profile for when an activity was authorized by an SAML access token. This profile is expected to be used with some other detail that explains the activity. This profile only covers the SAML access token.
The following table uses a short-hand for the SAML fields and FHIR AuditEvent elements to keep the table compact. It is presumed the reader can understand the SAML field and the FHIR AuditEvent element given. Note the ~ character represents attributes under the SAML AttributeStatement.
| SAML field | Minimal AuditEvent |
|---|---|
| ID | agent[user].policy |
| Issuer | agent[user].who.identifier.system |
| Subject.NameID | agent[user].who.identifier.value |
| ~subject:purposeofuse | agent[user].purposeOfUse |
note: this profile records minimal information from the SAML access token, which presumes that use of the AuditEvent at a later time will be able to resolve the given information.
Usage:
Description of Profiles, Differentials, Snapshots and how the different presentations work.
This structure is derived from AuditEvent
| Name | Flags | Card. | Type | Description & Constraints |
|---|---|---|---|---|
  AuditEvent | 0..* | AuditEvent | Event record kept for security purposes | |
  Slices for agent | 1..* | BackboneElement | Actor involved in the event Slice: Unordered, Open by pattern:type | |
   agent:All Slices | Content/Rules for all slices | |||
  Slices for extension | 0..* | Extension | Extension Slice: Unordered, Open by value:url | |
 assuranceLevel | S | 0..* | CodeableConcept | AuditEvent.agent Assurance Level URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-assuranceLevel Binding: SecurityTrustAssuranceObservationValue (preferred) |
 otherId | S | 0..* | Identifier | AuditEvent.agent other identifiers URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-otherId |
| agent:user | 1..* | BackboneElement | Actor involved in the event | |
 assuranceLevel | S | 0..* | CodeableConcept | AuditEvent.agent Assurance Level URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-assuranceLevel Binding: SecurityTrustAssuranceObservationValue (preferred) |
| otherId | S | 0..* | Identifier | AuditEvent.agent other identifiers URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-otherId |
| type | 1..1 | CodeableConcept | How agent participated Required Pattern: At least the following | |
  coding | 1..* | Coding | Code defined by a terminology system Fixed Value: (complex) | |
 system | 1..1 | uri | Identity of the terminology system Fixed Value: https://profiles.ihe.net/ITI/BALP/CodeSystem/UserAgentTypes | |
| code | 1..1 | code | Symbol in syntax defined by the system Fixed Value: UserSamlAgent | |
| who | 1..1 | Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson) | Identifier of who | |
| identifier | ||||
| system | S | 0..1 | uri | SAML Issuer |
| value | S | 1..1 | string | SAML Subject.NameID |
| requestor | 1..1 | boolean | Whether user is initiator Required Pattern: true | |
| policy | S | 1..1 | uri | SAML token ID |
| media | 0..0 | |||
| network | 0..0 | |||
 purposeOfUse | S | 0..* | CodeableConcept | SAML subject:purposeofuse |
| Documentation for this format | ||||
| Name | Flags | Card. | Type | Description & Constraints |
|---|---|---|---|---|
| AuditEvent | 0..* | AuditEvent | Event record kept for security purposes | |
 implicitRules | ?!Σ | 0..1 | uri | A set of rules under which this content was created |
 modifierExtension | ?! | 0..* | Extension | Extensions that cannot be ignored |
 type | Σ | 1..1 | Coding | Type/identifier of event Binding: AuditEventID (extensible): Type of event. |
| recorded | Σ | 1..1 | instant | Time when the event was recorded |
| Slices for agent | 1..* | BackboneElement | Actor involved in the event Slice: Unordered, Open by pattern:type | |
 agent:All Slices | Content/Rules for all slices | |||
| Slices for extension | 0..* | Extension | Extension Slice: Unordered, Open by value:url | |
| assuranceLevel | S | 0..* | CodeableConcept | AuditEvent.agent Assurance Level URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-assuranceLevel Binding: SecurityTrustAssuranceObservationValue (preferred) |
| otherId | S | 0..* | Identifier | AuditEvent.agent other identifiers URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-otherId |
| modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized |
| requestor | Σ | 1..1 | boolean | Whether user is initiator |
| agent:user | 1..* | BackboneElement | Actor involved in the event | |
| assuranceLevel | S | 0..* | CodeableConcept | AuditEvent.agent Assurance Level URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-assuranceLevel Binding: SecurityTrustAssuranceObservationValue (preferred) |
| otherId | S | 0..* | Identifier | AuditEvent.agent other identifiers URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-otherId |
| modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized |
| type | 1..1 | CodeableConcept | How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. Required Pattern: At least the following | |
| coding | 1..* | Coding | Code defined by a terminology system Fixed Value: (complex) | |
| system | 1..1 | uri | Identity of the terminology system Fixed Value: https://profiles.ihe.net/ITI/BALP/CodeSystem/UserAgentTypes | |
| code | 1..1 | code | Symbol in syntax defined by the system Fixed Value: UserSamlAgent | |
 who | Σ | 1..1 | Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson) | Identifier of who |
| identifier | Σ | 0..1 | Identifier | Logical reference, when literal reference is not known |
| use | ?!Σ | 0..1 | code | usual | official | temp | secondary | old (If known) Binding: IdentifierUse (required): Identifies the purpose for this identifier, if known . |
| system | SΣ | 0..1 | uri | SAML Issuer Example General: http://www.acme.com/identifiers/patient |
| value | SΣ | 1..1 | string | SAML Subject.NameID Example General: 123456 |
| requestor | Σ | 1..1 | boolean | Whether user is initiator Required Pattern: true |
| policy | S | 1..1 | uri | SAML token ID |
| purposeOfUse | S | 0..* | CodeableConcept | SAML subject:purposeofuse Binding: PurposeOfUse (extensible): The reason the activity took place. |
| source | 1..1 | BackboneElement | Audit Event Reporter | |
| modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized |
| observer | Σ | 1..1 | Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson) | The identity of source detecting the event |
| Documentation for this format | ||||
| Path | Conformance | ValueSet / Code | URI |
| AuditEvent.type | extensible | AuditEventIDhttp://hl7.org/fhir/ValueSet/audit-event-typefrom the FHIR Standard | |
| AuditEvent.agent:user.type | extensible | Pattern: UserSamlAgenthttp://hl7.org/fhir/ValueSet/participation-role-typefrom the FHIR Standard | |
| AuditEvent.agent:user.who.identifier.use | required | IdentifierUsehttp://hl7.org/fhir/ValueSet/identifier-use|4.0.1from the FHIR Standard | |
| AuditEvent.agent:user.purposeOfUse | extensible | PurposeOfUsehttp://terminology.hl7.org/ValueSet/v3-PurposeOfUse |
| Name | Flags | Card. | Type | Description & Constraints | ||||
|---|---|---|---|---|---|---|---|---|
| AuditEvent | 0..* | AuditEvent | Event record kept for security purposes | |||||
| id | Σ | 0..1 | id | Logical id of this artifact | ||||
| meta | Σ | 0..1 | Meta | Metadata about the resource | ||||
| implicitRules | ?!Σ | 0..1 | uri | A set of rules under which this content was created | ||||
| language | 0..1 | code | Language of the resource content Binding: CommonLanguages (preferred): A human language.
| |||||
| text | 0..1 | Narrative | Text summary of the resource, for human interpretation | |||||
| contained | 0..* | Resource | Contained, inline Resources | |||||
| extension | 0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension | ?! | 0..* | Extension | Extensions that cannot be ignored | ||||
| type | Σ | 1..1 | Coding | Type/identifier of event Binding: AuditEventID (extensible): Type of event. | ||||
| subtype | Σ | 0..* | Coding | More specific type/id for the event Binding: AuditEventSub-Type (extensible): Sub-type of event. | ||||
| action | Σ | 0..1 | code | Type of action performed during the event Binding: AuditEventAction (required): Indicator for type of action performed during the event that generated the event. | ||||
| period | 0..1 | Period | When the activity occurred | |||||
| recorded | Σ | 1..1 | instant | Time when the event was recorded | ||||
| outcome | Σ | 0..1 | code | Whether the event succeeded or failed Binding: AuditEventOutcome (required): Indicates whether the event succeeded or failed. | ||||
| outcomeDesc | Σ | 0..1 | string | Description of the event outcome | ||||
| purposeOfEvent | Σ | 0..* | CodeableConcept | The purposeOfUse of the event Binding: PurposeOfUse (extensible): The reason the activity took place. | ||||
| Slices for agent | 1..* | BackboneElement | Actor involved in the event Slice: Unordered, Open by pattern:type | |||||
| agent:All Slices | Content/Rules for all slices | |||||||
| id | 0..1 | string | Unique id for inter-element referencing | |||||
| Slices for extension | 0..* | Extension | Extension Slice: Unordered, Open by value:url | |||||
| assuranceLevel | S | 0..* | CodeableConcept | AuditEvent.agent Assurance Level URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-assuranceLevel Binding: SecurityTrustAssuranceObservationValue (preferred) | ||||
| otherId | S | 0..* | Identifier | AuditEvent.agent other identifiers URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-otherId | ||||
| modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| type | 0..1 | CodeableConcept | How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. | |||||
| role | 0..* | CodeableConcept | Agent role in the event Binding: SecurityRoleType (example): What security role enabled the agent to participate in the event. | |||||
| who | Σ | 0..1 | Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson) | Identifier of who | ||||
| altId | 0..1 | string | Alternative User identity | |||||
| name | 0..1 | string | Human friendly name for the agent | |||||
| requestor | Σ | 1..1 | boolean | Whether user is initiator | ||||
| location | 0..1 | Reference(Location) | Where | |||||
| policy | 0..* | uri | Policy that authorized event | |||||
| media | 0..1 | Coding | Type of media Binding: MediaTypeCode (extensible): Used when the event is about exporting/importing onto media. | |||||
| network | 0..1 | BackboneElement | Logical network location for application activity | |||||
| id | 0..1 | string | Unique id for inter-element referencing | |||||
| extension | 0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| address | 0..1 | string | Identifier for the network access point of the user device | |||||
| type | 0..1 | code | The type of network access point Binding: AuditEventAgentNetworkType (required): The type of network access point of this agent in the audit event. | |||||
| purposeOfUse | 0..* | CodeableConcept | Reason given for this user Binding: PurposeOfUse (extensible): The reason the activity took place. | |||||
| agent:user | 1..* | BackboneElement | Actor involved in the event | |||||
| id | 0..1 | string | Unique id for inter-element referencing | |||||
| Slices for extension | 0..* | Extension | Extension Slice: Unordered, Open by value:url | |||||
| assuranceLevel | S | 0..* | CodeableConcept | AuditEvent.agent Assurance Level URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-assuranceLevel Binding: SecurityTrustAssuranceObservationValue (preferred) | ||||
| otherId | S | 0..* | Identifier | AuditEvent.agent other identifiers URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-otherId | ||||
| modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| type | 1..1 | CodeableConcept | How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. Required Pattern: At least the following | |||||
| id | 0..1 | string | Unique id for inter-element referencing | |||||
| extension | 0..* | Extension | Additional content defined by implementations | |||||
| coding | 1..* | Coding | Code defined by a terminology system Fixed Value: (complex) | |||||
| id | 0..1 | string | Unique id for inter-element referencing | |||||
| extension | 0..* | Extension | Additional content defined by implementations | |||||
| system | 1..1 | uri | Identity of the terminology system Fixed Value: https://profiles.ihe.net/ITI/BALP/CodeSystem/UserAgentTypes | |||||
| version | 0..1 | string | Version of the system - if relevant | |||||
| code | 1..1 | code | Symbol in syntax defined by the system Fixed Value: UserSamlAgent | |||||
| display | 0..1 | string | Representation defined by the system | |||||
| userSelected | 0..1 | boolean | If this coding was chosen directly by the user | |||||
| text | 0..1 | string | Plain text representation of the concept | |||||
| role | 0..* | CodeableConcept | Agent role in the event Binding: SecurityRoleType (example): What security role enabled the agent to participate in the event. | |||||
| who | Σ | 1..1 | Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson) | Identifier of who | ||||
| id | 0..1 | string | Unique id for inter-element referencing | |||||
| extension | 0..* | Extension | Additional content defined by implementations Slice: Unordered, Open by value:url | |||||
| reference | ΣC | 0..1 | string | Literal reference, Relative, internal or absolute URL | ||||
| type | Σ | 0..1 | uri | Type the reference refers to (e.g. "Patient") Binding: ResourceType (extensible): Aa resource (or, for logical models, the URI of the logical model). | ||||
| identifier | Σ | 0..1 | Identifier | Logical reference, when literal reference is not known | ||||
| id | 0..1 | string | Unique id for inter-element referencing | |||||
| extension | 0..* | Extension | Additional content defined by implementations Slice: Unordered, Open by value:url | |||||
| use | ?!Σ | 0..1 | code | usual | official | temp | secondary | old (If known) Binding: IdentifierUse (required): Identifies the purpose for this identifier, if known . | ||||
| type | Σ | 0..1 | CodeableConcept | Description of identifier Binding: Identifier Type Codes (extensible): A coded type for an identifier that can be used to determine which identifier to use for a specific purpose. | ||||
| system | SΣ | 0..1 | uri | SAML Issuer Example General: http://www.acme.com/identifiers/patient | ||||
| value | SΣ | 1..1 | string | SAML Subject.NameID Example General: 123456 | ||||
| period | Σ | 0..1 | Period | Time period when id is/was valid for use | ||||
| assigner | Σ | 0..1 | Reference(Organization) | Organization that issued id (may be just text) | ||||
| display | Σ | 0..1 | string | Text alternative for the resource | ||||
| altId | 0..1 | string | Alternative User identity | |||||
| name | 0..1 | string | Human friendly name for the agent | |||||
| requestor | Σ | 1..1 | boolean | Whether user is initiator Required Pattern: true | ||||
| location | 0..1 | Reference(Location) | Where | |||||
| policy | S | 1..1 | uri | SAML token ID | ||||
| purposeOfUse | S | 0..* | CodeableConcept | SAML subject:purposeofuse Binding: PurposeOfUse (extensible): The reason the activity took place. | ||||
| source | 1..1 | BackboneElement | Audit Event Reporter | |||||
| id | 0..1 | string | Unique id for inter-element referencing | |||||
| extension | 0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| site | 0..1 | string | Logical source location within the enterprise | |||||
| observer | Σ | 1..1 | Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson) | The identity of source detecting the event | ||||
| type | 0..* | Coding | The type of source where event originated Binding: AuditEventSourceType (extensible): Code specifying the type of system that detected and recorded the event. | |||||
| entity | C | 0..* | BackboneElement | Data or objects used | ||||
| id | 0..1 | string | Unique id for inter-element referencing | |||||
| extension | 0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| what | Σ | 0..1 | Reference(Resource) | Specific instance of resource | ||||
| type | 0..1 | Coding | Type of entity involved Binding: AuditEventEntityType (extensible): Code for the entity type involved in the audit event. | |||||
| role | 0..1 | Coding | What role the entity played Binding: AuditEventEntityRole (extensible): Code representing the role the entity played in the audit event. | |||||
| lifecycle | 0..1 | Coding | Life-cycle stage for the entity Binding: ObjectLifecycleEvents (extensible): Identifier for the data life-cycle stage for the entity. | |||||
| securityLabel | 0..* | Coding | Security labels on the entity Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System. | |||||
| name | ΣC | 0..1 | string | Descriptor for entity | ||||
| description | 0..1 | string | Descriptive text | |||||
| query | ΣC | 0..1 | base64Binary | Query parameters | ||||
| detail | 0..* | BackboneElement | Additional Information about the entity | |||||
| id | 0..1 | string | Unique id for inter-element referencing | |||||
| extension | 0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| type | 1..1 | string | Name of the property | |||||
 value[x] | 1..1 | Property value | ||||||
| valueString | string | |||||||
| valueBase64Binary | base64Binary | |||||||
| Documentation for this format | ||||||||
| Path | Conformance | ValueSet / Code | URI | |||
| AuditEvent.language | preferred | CommonLanguages
http://hl7.org/fhir/ValueSet/languagesfrom the FHIR Standard | ||||
| AuditEvent.type | extensible | AuditEventIDhttp://hl7.org/fhir/ValueSet/audit-event-typefrom the FHIR Standard | ||||
| AuditEvent.subtype | extensible | AuditEventSub-Typehttp://hl7.org/fhir/ValueSet/audit-event-sub-typefrom the FHIR Standard | ||||
| AuditEvent.action | required | AuditEventActionhttp://hl7.org/fhir/ValueSet/audit-event-action|4.0.1from the FHIR Standard | ||||
| AuditEvent.outcome | required | AuditEventOutcomehttp://hl7.org/fhir/ValueSet/audit-event-outcome|4.0.1from the FHIR Standard | ||||
| AuditEvent.purposeOfEvent | extensible | PurposeOfUsehttp://terminology.hl7.org/ValueSet/v3-PurposeOfUse | ||||
| AuditEvent.agent.type | extensible | ParticipationRoleTypehttp://hl7.org/fhir/ValueSet/participation-role-typefrom the FHIR Standard | ||||
| AuditEvent.agent.role | example | SecurityRoleTypehttp://hl7.org/fhir/ValueSet/security-role-typefrom the FHIR Standard | ||||
| AuditEvent.agent.media | extensible | MediaTypeCodehttp://hl7.org/fhir/ValueSet/dicm-405-mediatypefrom the FHIR Standard | ||||
| AuditEvent.agent.network.type | required | AuditEventAgentNetworkTypehttp://hl7.org/fhir/ValueSet/network-type|4.0.1from the FHIR Standard | ||||
| AuditEvent.agent.purposeOfUse | extensible | PurposeOfUsehttp://terminology.hl7.org/ValueSet/v3-PurposeOfUse | ||||
| AuditEvent.agent:user.type | extensible | Pattern: UserSamlAgenthttp://hl7.org/fhir/ValueSet/participation-role-typefrom the FHIR Standard | ||||
| AuditEvent.agent:user.role | example | SecurityRoleTypehttp://hl7.org/fhir/ValueSet/security-role-typefrom the FHIR Standard | ||||
| AuditEvent.agent:user.who.type | extensible | ResourceTypehttp://hl7.org/fhir/ValueSet/resource-types | ||||
| AuditEvent.agent:user.who.identifier.use | required | IdentifierUsehttp://hl7.org/fhir/ValueSet/identifier-use|4.0.1from the FHIR Standard | ||||
| AuditEvent.agent:user.who.identifier.type | extensible | Identifier Type Codeshttp://hl7.org/fhir/ValueSet/identifier-typefrom the FHIR Standard | ||||
| AuditEvent.agent:user.network.type | required | AuditEventAgentNetworkTypehttp://hl7.org/fhir/ValueSet/network-type|4.0.1from the FHIR Standard | ||||
| AuditEvent.agent:user.purposeOfUse | extensible | PurposeOfUsehttp://terminology.hl7.org/ValueSet/v3-PurposeOfUse | ||||
| AuditEvent.source.type | extensible | AuditEventSourceTypehttp://hl7.org/fhir/ValueSet/audit-source-typefrom the FHIR Standard | ||||
| AuditEvent.entity.type | extensible | AuditEventEntityTypehttp://hl7.org/fhir/ValueSet/audit-entity-typefrom the FHIR Standard | ||||
| AuditEvent.entity.role | extensible | AuditEventEntityRolehttp://hl7.org/fhir/ValueSet/object-rolefrom the FHIR Standard | ||||
| AuditEvent.entity.lifecycle | extensible | ObjectLifecycleEventshttp://hl7.org/fhir/ValueSet/object-lifecycle-eventsfrom the FHIR Standard | ||||
| AuditEvent.entity.securityLabel | extensible | All Security Labelshttp://hl7.org/fhir/ValueSet/security-labelsfrom the FHIR Standard |
This structure is derived from AuditEvent
Summary
Mandatory: 4 elements (1 nested mandatory element)
Must-Support: 8 elements
Prohibited: 2 elements
Extensions
This structure refers to these extensions:
Slices
This structure defines the following Slices:
Differential View
This structure is derived from AuditEvent
| Name | Flags | Card. | Type | Description & Constraints |
|---|---|---|---|---|
| AuditEvent | 0..* | AuditEvent | Event record kept for security purposes | |
| Slices for agent | 1..* | BackboneElement | Actor involved in the event Slice: Unordered, Open by pattern:type | |
| agent:All Slices | Content/Rules for all slices | |||
| Slices for extension | 0..* | Extension | Extension Slice: Unordered, Open by value:url | |
| assuranceLevel | S | 0..* | CodeableConcept | AuditEvent.agent Assurance Level URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-assuranceLevel Binding: SecurityTrustAssuranceObservationValue (preferred) |
| otherId | S | 0..* | Identifier | AuditEvent.agent other identifiers URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-otherId |
| agent:user | 1..* | BackboneElement | Actor involved in the event | |
| assuranceLevel | S | 0..* | CodeableConcept | AuditEvent.agent Assurance Level URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-assuranceLevel Binding: SecurityTrustAssuranceObservationValue (preferred) |
| otherId | S | 0..* | Identifier | AuditEvent.agent other identifiers URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-otherId |
| type | 1..1 | CodeableConcept | How agent participated Required Pattern: At least the following | |
| coding | 1..* | Coding | Code defined by a terminology system Fixed Value: (complex) | |
| system | 1..1 | uri | Identity of the terminology system Fixed Value: https://profiles.ihe.net/ITI/BALP/CodeSystem/UserAgentTypes | |
| code | 1..1 | code | Symbol in syntax defined by the system Fixed Value: UserSamlAgent | |
| who | 1..1 | Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson) | Identifier of who | |
| identifier | ||||
| system | S | 0..1 | uri | SAML Issuer |
| value | S | 1..1 | string | SAML Subject.NameID |
| requestor | 1..1 | boolean | Whether user is initiator Required Pattern: true | |
| policy | S | 1..1 | uri | SAML token ID |
| media | 0..0 | |||
| network | 0..0 | |||
| purposeOfUse | S | 0..* | CodeableConcept | SAML subject:purposeofuse |
| Documentation for this format | ||||
Key Elements View
| Name | Flags | Card. | Type | Description & Constraints |
|---|---|---|---|---|
| AuditEvent | 0..* | AuditEvent | Event record kept for security purposes | |
| implicitRules | ?!Σ | 0..1 | uri | A set of rules under which this content was created |
| modifierExtension | ?! | 0..* | Extension | Extensions that cannot be ignored |
| type | Σ | 1..1 | Coding | Type/identifier of event Binding: AuditEventID (extensible): Type of event. |
| recorded | Σ | 1..1 | instant | Time when the event was recorded |
| Slices for agent | 1..* | BackboneElement | Actor involved in the event Slice: Unordered, Open by pattern:type | |
| agent:All Slices | Content/Rules for all slices | |||
| Slices for extension | 0..* | Extension | Extension Slice: Unordered, Open by value:url | |
| assuranceLevel | S | 0..* | CodeableConcept | AuditEvent.agent Assurance Level URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-assuranceLevel Binding: SecurityTrustAssuranceObservationValue (preferred) |
| otherId | S | 0..* | Identifier | AuditEvent.agent other identifiers URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-otherId |
| modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized |
| requestor | Σ | 1..1 | boolean | Whether user is initiator |
| agent:user | 1..* | BackboneElement | Actor involved in the event | |
| assuranceLevel | S | 0..* | CodeableConcept | AuditEvent.agent Assurance Level URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-assuranceLevel Binding: SecurityTrustAssuranceObservationValue (preferred) |
| otherId | S | 0..* | Identifier | AuditEvent.agent other identifiers URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-otherId |
| modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized |
| type | 1..1 | CodeableConcept | How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. Required Pattern: At least the following | |
| coding | 1..* | Coding | Code defined by a terminology system Fixed Value: (complex) | |
| system | 1..1 | uri | Identity of the terminology system Fixed Value: https://profiles.ihe.net/ITI/BALP/CodeSystem/UserAgentTypes | |
| code | 1..1 | code | Symbol in syntax defined by the system Fixed Value: UserSamlAgent | |
| who | Σ | 1..1 | Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson) | Identifier of who |
| identifier | Σ | 0..1 | Identifier | Logical reference, when literal reference is not known |
| use | ?!Σ | 0..1 | code | usual | official | temp | secondary | old (If known) Binding: IdentifierUse (required): Identifies the purpose for this identifier, if known . |
| system | SΣ | 0..1 | uri | SAML Issuer Example General: http://www.acme.com/identifiers/patient |
| value | SΣ | 1..1 | string | SAML Subject.NameID Example General: 123456 |
| requestor | Σ | 1..1 | boolean | Whether user is initiator Required Pattern: true |
| policy | S | 1..1 | uri | SAML token ID |
| purposeOfUse | S | 0..* | CodeableConcept | SAML subject:purposeofuse Binding: PurposeOfUse (extensible): The reason the activity took place. |
| source | 1..1 | BackboneElement | Audit Event Reporter | |
| modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized |
| observer | Σ | 1..1 | Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson) | The identity of source detecting the event |
| Documentation for this format | ||||
| Path | Conformance | ValueSet / Code | URI |
| AuditEvent.type | extensible | AuditEventIDhttp://hl7.org/fhir/ValueSet/audit-event-typefrom the FHIR Standard | |
| AuditEvent.agent:user.type | extensible | Pattern: UserSamlAgenthttp://hl7.org/fhir/ValueSet/participation-role-typefrom the FHIR Standard | |
| AuditEvent.agent:user.who.identifier.use | required | IdentifierUsehttp://hl7.org/fhir/ValueSet/identifier-use|4.0.1from the FHIR Standard | |
| AuditEvent.agent:user.purposeOfUse | extensible | PurposeOfUsehttp://terminology.hl7.org/ValueSet/v3-PurposeOfUse |
Snapshot View
| Name | Flags | Card. | Type | Description & Constraints | ||||
|---|---|---|---|---|---|---|---|---|
| AuditEvent | 0..* | AuditEvent | Event record kept for security purposes | |||||
| id | Σ | 0..1 | id | Logical id of this artifact | ||||
| meta | Σ | 0..1 | Meta | Metadata about the resource | ||||
| implicitRules | ?!Σ | 0..1 | uri | A set of rules under which this content was created | ||||
| language | 0..1 | code | Language of the resource content Binding: CommonLanguages (preferred): A human language.
| |||||
| text | 0..1 | Narrative | Text summary of the resource, for human interpretation | |||||
| contained | 0..* | Resource | Contained, inline Resources | |||||
| extension | 0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension | ?! | 0..* | Extension | Extensions that cannot be ignored | ||||
| type | Σ | 1..1 | Coding | Type/identifier of event Binding: AuditEventID (extensible): Type of event. | ||||
| subtype | Σ | 0..* | Coding | More specific type/id for the event Binding: AuditEventSub-Type (extensible): Sub-type of event. | ||||
| action | Σ | 0..1 | code | Type of action performed during the event Binding: AuditEventAction (required): Indicator for type of action performed during the event that generated the event. | ||||
| period | 0..1 | Period | When the activity occurred | |||||
| recorded | Σ | 1..1 | instant | Time when the event was recorded | ||||
| outcome | Σ | 0..1 | code | Whether the event succeeded or failed Binding: AuditEventOutcome (required): Indicates whether the event succeeded or failed. | ||||
| outcomeDesc | Σ | 0..1 | string | Description of the event outcome | ||||
| purposeOfEvent | Σ | 0..* | CodeableConcept | The purposeOfUse of the event Binding: PurposeOfUse (extensible): The reason the activity took place. | ||||
| Slices for agent | 1..* | BackboneElement | Actor involved in the event Slice: Unordered, Open by pattern:type | |||||
| agent:All Slices | Content/Rules for all slices | |||||||
| id | 0..1 | string | Unique id for inter-element referencing | |||||
| Slices for extension | 0..* | Extension | Extension Slice: Unordered, Open by value:url | |||||
| assuranceLevel | S | 0..* | CodeableConcept | AuditEvent.agent Assurance Level URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-assuranceLevel Binding: SecurityTrustAssuranceObservationValue (preferred) | ||||
| otherId | S | 0..* | Identifier | AuditEvent.agent other identifiers URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-otherId | ||||
| modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| type | 0..1 | CodeableConcept | How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. | |||||
| role | 0..* | CodeableConcept | Agent role in the event Binding: SecurityRoleType (example): What security role enabled the agent to participate in the event. | |||||
| who | Σ | 0..1 | Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson) | Identifier of who | ||||
| altId | 0..1 | string | Alternative User identity | |||||
| name | 0..1 | string | Human friendly name for the agent | |||||
| requestor | Σ | 1..1 | boolean | Whether user is initiator | ||||
| location | 0..1 | Reference(Location) | Where | |||||
| policy | 0..* | uri | Policy that authorized event | |||||
| media | 0..1 | Coding | Type of media Binding: MediaTypeCode (extensible): Used when the event is about exporting/importing onto media. | |||||
| network | 0..1 | BackboneElement | Logical network location for application activity | |||||
| id | 0..1 | string | Unique id for inter-element referencing | |||||
| extension | 0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| address | 0..1 | string | Identifier for the network access point of the user device | |||||
| type | 0..1 | code | The type of network access point Binding: AuditEventAgentNetworkType (required): The type of network access point of this agent in the audit event. | |||||
| purposeOfUse | 0..* | CodeableConcept | Reason given for this user Binding: PurposeOfUse (extensible): The reason the activity took place. | |||||
| agent:user | 1..* | BackboneElement | Actor involved in the event | |||||
| id | 0..1 | string | Unique id for inter-element referencing | |||||
| Slices for extension | 0..* | Extension | Extension Slice: Unordered, Open by value:url | |||||
| assuranceLevel | S | 0..* | CodeableConcept | AuditEvent.agent Assurance Level URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-assuranceLevel Binding: SecurityTrustAssuranceObservationValue (preferred) | ||||
| otherId | S | 0..* | Identifier | AuditEvent.agent other identifiers URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-otherId | ||||
| modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| type | 1..1 | CodeableConcept | How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. Required Pattern: At least the following | |||||
| id | 0..1 | string | Unique id for inter-element referencing | |||||
| extension | 0..* | Extension | Additional content defined by implementations | |||||
| coding | 1..* | Coding | Code defined by a terminology system Fixed Value: (complex) | |||||
| id | 0..1 | string | Unique id for inter-element referencing | |||||
| extension | 0..* | Extension | Additional content defined by implementations | |||||
| system | 1..1 | uri | Identity of the terminology system Fixed Value: https://profiles.ihe.net/ITI/BALP/CodeSystem/UserAgentTypes | |||||
| version | 0..1 | string | Version of the system - if relevant | |||||
| code | 1..1 | code | Symbol in syntax defined by the system Fixed Value: UserSamlAgent | |||||
| display | 0..1 | string | Representation defined by the system | |||||
| userSelected | 0..1 | boolean | If this coding was chosen directly by the user | |||||
| text | 0..1 | string | Plain text representation of the concept | |||||
| role | 0..* | CodeableConcept | Agent role in the event Binding: SecurityRoleType (example): What security role enabled the agent to participate in the event. | |||||
| who | Σ | 1..1 | Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson) | Identifier of who | ||||
| id | 0..1 | string | Unique id for inter-element referencing | |||||
| extension | 0..* | Extension | Additional content defined by implementations Slice: Unordered, Open by value:url | |||||
| reference | ΣC | 0..1 | string | Literal reference, Relative, internal or absolute URL | ||||
| type | Σ | 0..1 | uri | Type the reference refers to (e.g. "Patient") Binding: ResourceType (extensible): Aa resource (or, for logical models, the URI of the logical model). | ||||
| identifier | Σ | 0..1 | Identifier | Logical reference, when literal reference is not known | ||||
| id | 0..1 | string | Unique id for inter-element referencing | |||||
| extension | 0..* | Extension | Additional content defined by implementations Slice: Unordered, Open by value:url | |||||
| use | ?!Σ | 0..1 | code | usual | official | temp | secondary | old (If known) Binding: IdentifierUse (required): Identifies the purpose for this identifier, if known . | ||||
| type | Σ | 0..1 | CodeableConcept | Description of identifier Binding: Identifier Type Codes (extensible): A coded type for an identifier that can be used to determine which identifier to use for a specific purpose. | ||||
| system | SΣ | 0..1 | uri | SAML Issuer Example General: http://www.acme.com/identifiers/patient | ||||
| value | SΣ | 1..1 | string | SAML Subject.NameID Example General: 123456 | ||||
| period | Σ | 0..1 | Period | Time period when id is/was valid for use | ||||
| assigner | Σ | 0..1 | Reference(Organization) | Organization that issued id (may be just text) | ||||
| display | Σ | 0..1 | string | Text alternative for the resource | ||||
| altId | 0..1 | string | Alternative User identity | |||||
| name | 0..1 | string | Human friendly name for the agent | |||||
| requestor | Σ | 1..1 | boolean | Whether user is initiator Required Pattern: true | ||||
| location | 0..1 | Reference(Location) | Where | |||||
| policy | S | 1..1 | uri | SAML token ID | ||||
| purposeOfUse | S | 0..* | CodeableConcept | SAML subject:purposeofuse Binding: PurposeOfUse (extensible): The reason the activity took place. | ||||
| source | 1..1 | BackboneElement | Audit Event Reporter | |||||
| id | 0..1 | string | Unique id for inter-element referencing | |||||
| extension | 0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| site | 0..1 | string | Logical source location within the enterprise | |||||
| observer | Σ | 1..1 | Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson) | The identity of source detecting the event | ||||
| type | 0..* | Coding | The type of source where event originated Binding: AuditEventSourceType (extensible): Code specifying the type of system that detected and recorded the event. | |||||
| entity | C | 0..* | BackboneElement | Data or objects used | ||||
| id | 0..1 | string | Unique id for inter-element referencing | |||||
| extension | 0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| what | Σ | 0..1 | Reference(Resource) | Specific instance of resource | ||||
| type | 0..1 | Coding | Type of entity involved Binding: AuditEventEntityType (extensible): Code for the entity type involved in the audit event. | |||||
| role | 0..1 | Coding | What role the entity played Binding: AuditEventEntityRole (extensible): Code representing the role the entity played in the audit event. | |||||
| lifecycle | 0..1 | Coding | Life-cycle stage for the entity Binding: ObjectLifecycleEvents (extensible): Identifier for the data life-cycle stage for the entity. | |||||
| securityLabel | 0..* | Coding | Security labels on the entity Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System. | |||||
| name | ΣC | 0..1 | string | Descriptor for entity | ||||
| description | 0..1 | string | Descriptive text | |||||
| query | ΣC | 0..1 | base64Binary | Query parameters | ||||
| detail | 0..* | BackboneElement | Additional Information about the entity | |||||
| id | 0..1 | string | Unique id for inter-element referencing | |||||
| extension | 0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| type | 1..1 | string | Name of the property | |||||
| value[x] | 1..1 | Property value | ||||||
| valueString | string | |||||||
| valueBase64Binary | base64Binary | |||||||
| Documentation for this format | ||||||||
| Path | Conformance | ValueSet / Code | URI | |||
| AuditEvent.language | preferred | CommonLanguages
http://hl7.org/fhir/ValueSet/languagesfrom the FHIR Standard | ||||
| AuditEvent.type | extensible | AuditEventIDhttp://hl7.org/fhir/ValueSet/audit-event-typefrom the FHIR Standard | ||||
| AuditEvent.subtype | extensible | AuditEventSub-Typehttp://hl7.org/fhir/ValueSet/audit-event-sub-typefrom the FHIR Standard | ||||
| AuditEvent.action | required | AuditEventActionhttp://hl7.org/fhir/ValueSet/audit-event-action|4.0.1from the FHIR Standard | ||||
| AuditEvent.outcome | required | AuditEventOutcomehttp://hl7.org/fhir/ValueSet/audit-event-outcome|4.0.1from the FHIR Standard | ||||
| AuditEvent.purposeOfEvent | extensible | PurposeOfUsehttp://terminology.hl7.org/ValueSet/v3-PurposeOfUse | ||||
| AuditEvent.agent.type | extensible | ParticipationRoleTypehttp://hl7.org/fhir/ValueSet/participation-role-typefrom the FHIR Standard | ||||
| AuditEvent.agent.role | example | SecurityRoleTypehttp://hl7.org/fhir/ValueSet/security-role-typefrom the FHIR Standard | ||||
| AuditEvent.agent.media | extensible | MediaTypeCodehttp://hl7.org/fhir/ValueSet/dicm-405-mediatypefrom the FHIR Standard | ||||
| AuditEvent.agent.network.type | required | AuditEventAgentNetworkTypehttp://hl7.org/fhir/ValueSet/network-type|4.0.1from the FHIR Standard | ||||
| AuditEvent.agent.purposeOfUse | extensible | PurposeOfUsehttp://terminology.hl7.org/ValueSet/v3-PurposeOfUse | ||||
| AuditEvent.agent:user.type | extensible | Pattern: UserSamlAgenthttp://hl7.org/fhir/ValueSet/participation-role-typefrom the FHIR Standard | ||||
| AuditEvent.agent:user.role | example | SecurityRoleTypehttp://hl7.org/fhir/ValueSet/security-role-typefrom the FHIR Standard | ||||
| AuditEvent.agent:user.who.type | extensible | ResourceTypehttp://hl7.org/fhir/ValueSet/resource-types | ||||
| AuditEvent.agent:user.who.identifier.use | required | IdentifierUsehttp://hl7.org/fhir/ValueSet/identifier-use|4.0.1from the FHIR Standard | ||||
| AuditEvent.agent:user.who.identifier.type | extensible | Identifier Type Codeshttp://hl7.org/fhir/ValueSet/identifier-typefrom the FHIR Standard | ||||
| AuditEvent.agent:user.network.type | required | AuditEventAgentNetworkTypehttp://hl7.org/fhir/ValueSet/network-type|4.0.1from the FHIR Standard | ||||
| AuditEvent.agent:user.purposeOfUse | extensible | PurposeOfUsehttp://terminology.hl7.org/ValueSet/v3-PurposeOfUse | ||||
| AuditEvent.source.type | extensible | AuditEventSourceTypehttp://hl7.org/fhir/ValueSet/audit-source-typefrom the FHIR Standard | ||||
| AuditEvent.entity.type | extensible | AuditEventEntityTypehttp://hl7.org/fhir/ValueSet/audit-entity-typefrom the FHIR Standard | ||||
| AuditEvent.entity.role | extensible | AuditEventEntityRolehttp://hl7.org/fhir/ValueSet/object-rolefrom the FHIR Standard | ||||
| AuditEvent.entity.lifecycle | extensible | ObjectLifecycleEventshttp://hl7.org/fhir/ValueSet/object-lifecycle-eventsfrom the FHIR Standard | ||||
| AuditEvent.entity.securityLabel | extensible | All Security Labelshttp://hl7.org/fhir/ValueSet/security-labelsfrom the FHIR Standard |
This structure is derived from AuditEvent
Summary
Mandatory: 4 elements (1 nested mandatory element)
Must-Support: 8 elements
Prohibited: 2 elements
Extensions
This structure refers to these extensions:
Slices
This structure defines the following Slices:
Other representations of profile: CSV, Excel, Schematron
IG © 2022+ IHE IT Infrastructure Technical Committee. Package ihe.iti.balp#1.1.3 based on FHIR 4.0.1. Generated 2024-02-14
Links: Table of Contents |
QA Report
| New Issue | Issues
Version History |
|
Propose a change