Basic Audit Log Patterns (BALP)
1.1.0 - Trial-Implementation International flag

This page is part of the IHE Basic Audit Log Patterns (BALP) (v1.1.0: Trial Implementation) based on FHIR R4. This is the current published version. For a full list of available versions, see the Directory of published versions

Resource Profile: IHE IUA ITI-71 AuditEvent for a successful Get Access Token

Official URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.IUA.71 Version: 1.1.0
Active as of 2022-05-04 Computable Name: AuditIUAgetAccessToken

Defines constraints on the AuditEvent Resource to record when a ITI-71 - Get Access Token succeeds

This AuditEvent is recorded by Authorization Client and/or Authorization Server that are grouped with ATNA Secure Node or Secure Application.

  • User Authenticated event
  • ITI-71 subtype
  • 2 or 3 agents
    • client -
    • auth-server
    • user user
  • 1 entity
    • the access token request

Usage:

  • This Resource Profile is not used by any profiles in this Implementation Guide

Formal Views of Profile Content

Description of Profiles, Differentials, Snapshots and how the different presentations work.

This structure is derived from AuditEvent

Summary

Mandatory: 13 elements (5 nested mandatory elements)
Must-Support: 4 elements
Prohibited: 6 elements

Slices

This structure defines the following Slices:

  • The element AuditEvent.agent is sliced based on the value of pattern:type (Closed)
  • The element AuditEvent.entity is sliced based on the value of pattern:role (Closed)

This structure is derived from AuditEvent

NameFlagsCard.TypeDescription & Constraintsdoco
.. AuditEvent 0..*AuditEventEvent record kept for security purposes
... type 1..1CodingType/identifier of event
Required Pattern: At least the following
.... system1..1uriIdentity of the terminology system
Fixed Value: http://dicom.nema.org/resources/ontology/DCM
.... code1..1codeSymbol in syntax defined by the system
Fixed Value: 110114
.... display1..1stringRepresentation defined by the system
Fixed Value: User Authentication
... subtype 1..1CodingMore specific type/id for the event
Required Pattern: At least the following
.... system1..1uriIdentity of the terminology system
Fixed Value: urn:ihe:event-type-code
.... code1..1codeSymbol in syntax defined by the system
Fixed Value: ITI-71
.... display1..1stringRepresentation defined by the system
Fixed Value: Get Access Token
... action 0..1codeType of action performed during the event
Required Pattern: E
... outcome 0..1codeWhether the event succeeded or failed
Required Pattern: 0
... Slices for agent 2..3BackboneElementActor involved in the event
Slice: Unordered, Closed by pattern:type
.... agent:client 1..1BackboneElementActor involved in the event
..... type 1..1CodeableConceptHow agent participated
Required Pattern: At least the following
...... coding1..*CodingCode defined by a terminology system
Fixed Value: (complex)
....... system1..1uriIdentity of the terminology system
Fixed Value: http://dicom.nema.org/resources/ontology/DCM
....... code1..1codeSymbol in syntax defined by the system
Fixed Value: 110150
....... display1..1stringRepresentation defined by the system
Fixed Value: Application
..... who 1..1Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)Identifier of who
..... media 0..0
..... network 1..1BackboneElementLogical network location for application activity
.... agent:auth-server 1..1BackboneElementActor involved in the event
..... type 1..1CodeableConceptHow agent participated
Required Pattern: At least the following
...... coding1..*CodingCode defined by a terminology system
Fixed Value: (complex)
....... system1..1uriIdentity of the terminology system
Fixed Value: https://profiles.ihe.net/ITI/BALP/CodeSystem/UserAgentTypes
....... code1..1codeSymbol in syntax defined by the system
Fixed Value: AuthzOauthService
..... who 1..1Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)Identifier of who
..... media 0..0
..... network 1..1BackboneElementLogical network location for application activity
.... agent:user 0..1BackboneElementActor involved in the event
..... type 1..1CodeableConceptHow agent participated
Required Pattern: At least the following
...... coding1..*CodingCode defined by a terminology system
Fixed Value: (complex)
....... system1..1uriIdentity of the terminology system
Fixed Value: http://terminology.hl7.org/CodeSystem/v3-ParticipationType
....... code1..1codeSymbol in syntax defined by the system
Fixed Value: IRCP
....... display1..1stringRepresentation defined by the system
Fixed Value: information recipient
..... role S0..*CodeableConceptAgent role in the event
..... who 1..1Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)Identifier of who
..... altId 0..0
..... name S0..1stringHuman friendly name for the agent
..... requestor 1..1booleanWhether user is initiator
Required Pattern: true
..... media 0..0
..... network 0..0
..... purposeOfUse S0..*CodeableConceptReason given for this user
... source S1..1BackboneElementAudit Event Reporter
... Slices for entity 1..1BackboneElementData or objects used
Slice: Unordered, Closed by pattern:role
.... entity:token-request 1..1BackboneElementData or objects used
..... what 0..0
..... type 0..1CodingType of entity involved
Required Pattern: At least the following
...... system1..1uriIdentity of the terminology system
Fixed Value: http://terminology.hl7.org/CodeSystem/audit-entity-type
...... code1..1codeSymbol in syntax defined by the system
Fixed Value: 2
...... display1..1stringRepresentation defined by the system
Fixed Value: System Object
..... role 1..1CodingWhat role the entity played
Required Pattern: At least the following
...... system1..1uriIdentity of the terminology system
Fixed Value: http://terminology.hl7.org/CodeSystem/object-role
...... code1..1codeSymbol in syntax defined by the system
Fixed Value: 24
...... display1..1stringRepresentation defined by the system
Fixed Value: Query
..... query 1..1base64Binarycontains the http request in raw form, without the code_verifier value
.... entity:token-response 0..1BackboneElementData or objects used
..... what 1..1Reference(Resource)holds the token id issued
..... type 0..1CodingType of entity involved
Required Pattern: At least the following
...... system1..1uriIdentity of the terminology system
Fixed Value: http://terminology.hl7.org/CodeSystem/audit-entity-type
...... code1..1codeSymbol in syntax defined by the system
Fixed Value: 2
...... display1..1stringRepresentation defined by the system
Fixed Value: System Object
..... role 1..1CodingWhat role the entity played
Required Pattern: At least the following
...... system1..1uriIdentity of the terminology system
Fixed Value: http://terminology.hl7.org/CodeSystem/object-role
...... code1..1codeSymbol in syntax defined by the system
Fixed Value: 13
...... display1..1stringRepresentation defined by the system
Fixed Value: Security Resource
..... detail 1..*BackboneElementholds the key values from the response

doco Documentation for this format
NameFlagsCard.TypeDescription & Constraintsdoco
.. AuditEvent 0..*AuditEventEvent record kept for security purposes
... id Σ0..1stringLogical id of this artifact
... meta Σ0..1MetaMetadata about the resource
... implicitRules ?!Σ0..1uriA set of rules under which this content was created
... language 0..1codeLanguage of the resource content
Binding: CommonLanguages (preferred): A human language.

Additional BindingsPurpose
AllLanguagesMax Binding
... text 0..1NarrativeText summary of the resource, for human interpretation
... contained 0..*ResourceContained, inline Resources
... extension 0..*ExtensionAdditional content defined by implementations
... modifierExtension ?!0..*ExtensionExtensions that cannot be ignored
... type Σ1..1CodingType/identifier of event
Binding: AuditEventID (extensible): Type of event.


Required Pattern: At least the following
.... id0..1stringUnique id for inter-element referencing
.... extension0..*ExtensionAdditional content defined by implementations
.... system1..1uriIdentity of the terminology system
Fixed Value: http://dicom.nema.org/resources/ontology/DCM
.... version0..1stringVersion of the system - if relevant
.... code1..1codeSymbol in syntax defined by the system
Fixed Value: 110114
.... display1..1stringRepresentation defined by the system
Fixed Value: User Authentication
.... userSelected0..1booleanIf this coding was chosen directly by the user
... subtype Σ1..1CodingMore specific type/id for the event
Binding: AuditEventSub-Type (extensible): Sub-type of event.



Required Pattern: At least the following
.... id0..1stringUnique id for inter-element referencing
.... extension0..*ExtensionAdditional content defined by implementations
.... system1..1uriIdentity of the terminology system
Fixed Value: urn:ihe:event-type-code
.... version0..1stringVersion of the system - if relevant
.... code1..1codeSymbol in syntax defined by the system
Fixed Value: ITI-71
.... display1..1stringRepresentation defined by the system
Fixed Value: Get Access Token
.... userSelected0..1booleanIf this coding was chosen directly by the user
... action Σ0..1codeType of action performed during the event
Binding: AuditEventAction (required): Indicator for type of action performed during the event that generated the event.


Required Pattern: E
... period 0..1PeriodWhen the activity occurred
... recorded Σ1..1instantTime when the event was recorded
... outcome Σ0..1codeWhether the event succeeded or failed
Binding: AuditEventOutcome (required): Indicates whether the event succeeded or failed.


Required Pattern: 0
... outcomeDesc Σ0..1stringDescription of the event outcome
... purposeOfEvent Σ0..*CodeableConceptThe purposeOfUse of the event
Binding: PurposeOfUse (extensible): The reason the activity took place.


... Slices for agent 2..3BackboneElementActor involved in the event
Slice: Unordered, Closed by pattern:type
.... agent:All Slices Content/Rules for all slices
..... id 0..1stringUnique id for inter-element referencing
..... extension 0..*ExtensionAdditional content defined by implementations
..... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored even if unrecognized
..... type 0..1CodeableConceptHow agent participated
Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event.

..... role 0..*CodeableConceptAgent role in the event
Binding: SecurityRoleType (example): What security role enabled the agent to participate in the event.


..... who Σ0..1Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)Identifier of who
..... altId 0..1stringAlternative User identity
..... name 0..1stringHuman friendly name for the agent
..... requestor Σ1..1booleanWhether user is initiator
..... location 0..1Reference(Location)Where
..... policy 0..*uriPolicy that authorized event
..... media 0..1CodingType of media
Binding: MediaTypeCode (extensible): Used when the event is about exporting/importing onto media.

..... network 0..1BackboneElementLogical network location for application activity
...... id 0..1stringUnique id for inter-element referencing
...... extension 0..*ExtensionAdditional content defined by implementations
...... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored even if unrecognized
...... address 0..1stringIdentifier for the network access point of the user device
...... type 0..1codeThe type of network access point
Binding: AuditEventAgentNetworkType (required): The type of network access point of this agent in the audit event.

..... purposeOfUse 0..*CodeableConceptReason given for this user
Binding: PurposeOfUse (extensible): The reason the activity took place.


.... agent:client 1..1BackboneElementActor involved in the event
..... id 0..1stringUnique id for inter-element referencing
..... extension 0..*ExtensionAdditional content defined by implementations
..... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored even if unrecognized
..... type 1..1CodeableConceptHow agent participated
Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event.


Required Pattern: At least the following
...... id0..1stringUnique id for inter-element referencing
...... extension0..*ExtensionAdditional content defined by implementations
...... coding1..*CodingCode defined by a terminology system
Fixed Value: (complex)
....... id0..1stringUnique id for inter-element referencing
....... extension0..*ExtensionAdditional content defined by implementations
....... system1..1uriIdentity of the terminology system
Fixed Value: http://dicom.nema.org/resources/ontology/DCM
....... version0..1stringVersion of the system - if relevant
....... code1..1codeSymbol in syntax defined by the system
Fixed Value: 110150
....... display1..1stringRepresentation defined by the system
Fixed Value: Application
....... userSelected0..1booleanIf this coding was chosen directly by the user
...... text0..1stringPlain text representation of the concept
..... role 0..*CodeableConceptAgent role in the event
Binding: SecurityRoleType (example): What security role enabled the agent to participate in the event.


..... who Σ1..1Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)Identifier of who
..... altId 0..1stringAlternative User identity
..... name 0..1stringHuman friendly name for the agent
..... requestor Σ1..1booleanWhether user is initiator
..... location 0..1Reference(Location)Where
..... policy 0..*uriPolicy that authorized event
..... network 1..1BackboneElementLogical network location for application activity
...... id 0..1stringUnique id for inter-element referencing
...... extension 0..*ExtensionAdditional content defined by implementations
...... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored even if unrecognized
...... address 0..1stringIdentifier for the network access point of the user device
...... type 0..1codeThe type of network access point
Binding: AuditEventAgentNetworkType (required): The type of network access point of this agent in the audit event.

..... purposeOfUse 0..*CodeableConceptReason given for this user
Binding: PurposeOfUse (extensible): The reason the activity took place.


.... agent:auth-server 1..1BackboneElementActor involved in the event
..... id 0..1stringUnique id for inter-element referencing
..... extension 0..*ExtensionAdditional content defined by implementations
..... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored even if unrecognized
..... type 1..1CodeableConceptHow agent participated
Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event.


Required Pattern: At least the following
...... id0..1stringUnique id for inter-element referencing
...... extension0..*ExtensionAdditional content defined by implementations
...... coding1..*CodingCode defined by a terminology system
Fixed Value: (complex)
....... id0..1stringUnique id for inter-element referencing
....... extension0..*ExtensionAdditional content defined by implementations
....... system1..1uriIdentity of the terminology system
Fixed Value: https://profiles.ihe.net/ITI/BALP/CodeSystem/UserAgentTypes
....... version0..1stringVersion of the system - if relevant
....... code1..1codeSymbol in syntax defined by the system
Fixed Value: AuthzOauthService
....... display0..1stringRepresentation defined by the system
....... userSelected0..1booleanIf this coding was chosen directly by the user
...... text0..1stringPlain text representation of the concept
..... role 0..*CodeableConceptAgent role in the event
Binding: SecurityRoleType (example): What security role enabled the agent to participate in the event.


..... who Σ1..1Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)Identifier of who
..... altId 0..1stringAlternative User identity
..... name 0..1stringHuman friendly name for the agent
..... requestor Σ1..1booleanWhether user is initiator
..... location 0..1Reference(Location)Where
..... policy 0..*uriPolicy that authorized event
..... network 1..1BackboneElementLogical network location for application activity
...... id 0..1stringUnique id for inter-element referencing
...... extension 0..*ExtensionAdditional content defined by implementations
...... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored even if unrecognized
...... address 0..1stringIdentifier for the network access point of the user device
...... type 0..1codeThe type of network access point
Binding: AuditEventAgentNetworkType (required): The type of network access point of this agent in the audit event.

..... purposeOfUse 0..*CodeableConceptReason given for this user
Binding: PurposeOfUse (extensible): The reason the activity took place.


.... agent:user 0..1BackboneElementActor involved in the event
..... id 0..1stringUnique id for inter-element referencing
..... extension 0..*ExtensionAdditional content defined by implementations
..... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored even if unrecognized
..... type 1..1CodeableConceptHow agent participated
Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event.


Required Pattern: At least the following
...... id0..1stringUnique id for inter-element referencing
...... extension0..*ExtensionAdditional content defined by implementations
...... coding1..*CodingCode defined by a terminology system
Fixed Value: (complex)
....... id0..1stringUnique id for inter-element referencing
....... extension0..*ExtensionAdditional content defined by implementations
....... system1..1uriIdentity of the terminology system
Fixed Value: http://terminology.hl7.org/CodeSystem/v3-ParticipationType
....... version0..1stringVersion of the system - if relevant
....... code1..1codeSymbol in syntax defined by the system
Fixed Value: IRCP
....... display1..1stringRepresentation defined by the system
Fixed Value: information recipient
....... userSelected0..1booleanIf this coding was chosen directly by the user
...... text0..1stringPlain text representation of the concept
..... role S0..*CodeableConceptAgent role in the event
Binding: SecurityRoleType (example): What security role enabled the agent to participate in the event.


..... who Σ1..1Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)Identifier of who
..... name S0..1stringHuman friendly name for the agent
..... requestor Σ1..1booleanWhether user is initiator
Required Pattern: true
..... location 0..1Reference(Location)Where
..... policy 0..*uriPolicy that authorized event
..... purposeOfUse S0..*CodeableConceptReason given for this user
Binding: PurposeOfUse (extensible): The reason the activity took place.


... source S1..1BackboneElementAudit Event Reporter
.... id 0..1stringUnique id for inter-element referencing
.... extension 0..*ExtensionAdditional content defined by implementations
.... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored even if unrecognized
.... site 0..1stringLogical source location within the enterprise
.... observer Σ1..1Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)The identity of source detecting the event
.... type 0..*CodingThe type of source where event originated
Binding: AuditEventSourceType (extensible): Code specifying the type of system that detected and recorded the event.


... Slices for entity I1..1BackboneElementData or objects used
Slice: Unordered, Closed by pattern:role
.... entity:All Slices Content/Rules for all slices
..... id 0..1stringUnique id for inter-element referencing
..... extension 0..*ExtensionAdditional content defined by implementations
..... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored even if unrecognized
..... what Σ0..1Reference(Resource)Specific instance of resource
..... type 0..1CodingType of entity involved
Binding: AuditEventEntityType (extensible): Code for the entity type involved in the audit event.

..... role 0..1CodingWhat role the entity played
Binding: AuditEventEntityRole (extensible): Code representing the role the entity played in the audit event.

..... lifecycle 0..1CodingLife-cycle stage for the entity
Binding: ObjectLifecycleEvents (extensible): Identifier for the data life-cycle stage for the entity.

..... securityLabel 0..*CodingSecurity labels on the entity
Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System.


..... name ΣI0..1stringDescriptor for entity
..... description 0..1stringDescriptive text
..... query ΣI0..1base64BinaryQuery parameters
..... detail 0..*BackboneElementAdditional Information about the entity
...... id 0..1stringUnique id for inter-element referencing
...... extension 0..*ExtensionAdditional content defined by implementations
...... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored even if unrecognized
...... type 1..1stringName of the property
...... value[x] 1..1Property value
....... valueStringstring
....... valueBase64Binarybase64Binary
.... entity:token-request I1..1BackboneElementData or objects used
..... id 0..1stringUnique id for inter-element referencing
..... extension 0..*ExtensionAdditional content defined by implementations
..... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored even if unrecognized
..... type 0..1CodingType of entity involved
Binding: AuditEventEntityType (extensible): Code for the entity type involved in the audit event.


Required Pattern: At least the following
...... id0..1stringUnique id for inter-element referencing
...... extension0..*ExtensionAdditional content defined by implementations
...... system1..1uriIdentity of the terminology system
Fixed Value: http://terminology.hl7.org/CodeSystem/audit-entity-type
...... version0..1stringVersion of the system - if relevant
...... code1..1codeSymbol in syntax defined by the system
Fixed Value: 2
...... display1..1stringRepresentation defined by the system
Fixed Value: System Object
...... userSelected0..1booleanIf this coding was chosen directly by the user
..... role 1..1CodingWhat role the entity played
Binding: AuditEventEntityRole (extensible): Code representing the role the entity played in the audit event.


Required Pattern: At least the following
...... id0..1stringUnique id for inter-element referencing
...... extension0..*ExtensionAdditional content defined by implementations
...... system1..1uriIdentity of the terminology system
Fixed Value: http://terminology.hl7.org/CodeSystem/object-role
...... version0..1stringVersion of the system - if relevant
...... code1..1codeSymbol in syntax defined by the system
Fixed Value: 24
...... display1..1stringRepresentation defined by the system
Fixed Value: Query
...... userSelected0..1booleanIf this coding was chosen directly by the user
..... lifecycle 0..1CodingLife-cycle stage for the entity
Binding: ObjectLifecycleEvents (extensible): Identifier for the data life-cycle stage for the entity.

..... securityLabel 0..*CodingSecurity labels on the entity
Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System.


..... name ΣI0..1stringDescriptor for entity
..... description 0..1stringDescriptive text
..... query ΣI1..1base64Binarycontains the http request in raw form, without the code_verifier value
..... detail 0..*BackboneElementAdditional Information about the entity
...... id 0..1stringUnique id for inter-element referencing
...... extension 0..*ExtensionAdditional content defined by implementations
...... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored even if unrecognized
...... type 1..1stringName of the property
...... value[x] 1..1Property value
....... valueStringstring
....... valueBase64Binarybase64Binary
.... entity:token-response I0..1BackboneElementData or objects used
..... id 0..1stringUnique id for inter-element referencing
..... extension 0..*ExtensionAdditional content defined by implementations
..... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored even if unrecognized
..... what Σ1..1Reference(Resource)holds the token id issued
..... type 0..1CodingType of entity involved
Binding: AuditEventEntityType (extensible): Code for the entity type involved in the audit event.


Required Pattern: At least the following
...... id0..1stringUnique id for inter-element referencing
...... extension0..*ExtensionAdditional content defined by implementations
...... system1..1uriIdentity of the terminology system
Fixed Value: http://terminology.hl7.org/CodeSystem/audit-entity-type
...... version0..1stringVersion of the system - if relevant
...... code1..1codeSymbol in syntax defined by the system
Fixed Value: 2
...... display1..1stringRepresentation defined by the system
Fixed Value: System Object
...... userSelected0..1booleanIf this coding was chosen directly by the user
..... role 1..1CodingWhat role the entity played
Binding: AuditEventEntityRole (extensible): Code representing the role the entity played in the audit event.


Required Pattern: At least the following
...... id0..1stringUnique id for inter-element referencing
...... extension0..*ExtensionAdditional content defined by implementations
...... system1..1uriIdentity of the terminology system
Fixed Value: http://terminology.hl7.org/CodeSystem/object-role
...... version0..1stringVersion of the system - if relevant
...... code1..1codeSymbol in syntax defined by the system
Fixed Value: 13
...... display1..1stringRepresentation defined by the system
Fixed Value: Security Resource
...... userSelected0..1booleanIf this coding was chosen directly by the user
..... lifecycle 0..1CodingLife-cycle stage for the entity
Binding: ObjectLifecycleEvents (extensible): Identifier for the data life-cycle stage for the entity.

..... securityLabel 0..*CodingSecurity labels on the entity
Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System.


..... name ΣI0..1stringDescriptor for entity
..... description 0..1stringDescriptive text
..... query ΣI0..1base64BinaryQuery parameters
..... detail 1..*BackboneElementholds the key values from the response
...... id 0..1stringUnique id for inter-element referencing
...... extension 0..*ExtensionAdditional content defined by implementations
...... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored even if unrecognized
...... type 1..1stringName of the property
...... value[x] 1..1Property value
....... valueStringstring
....... valueBase64Binarybase64Binary

doco Documentation for this format
NameFlagsCard.TypeDescription & Constraintsdoco
.. AuditEvent 0..*AuditEventEvent record kept for security purposes
... agent:user 0..1BackboneElementActor involved in the event
.... role 0..*CodeableConceptAgent role in the event
Binding: SecurityRoleType (example): What security role enabled the agent to participate in the event.


.... name 0..1stringHuman friendly name for the agent
.... purposeOfUse 0..*CodeableConceptReason given for this user
Binding: PurposeOfUse (extensible): The reason the activity took place.


... source 1..1BackboneElementAudit Event Reporter

doco Documentation for this format

This structure is derived from AuditEvent

Summary

Mandatory: 13 elements (5 nested mandatory elements)
Must-Support: 4 elements
Prohibited: 6 elements

Slices

This structure defines the following Slices:

  • The element AuditEvent.agent is sliced based on the value of pattern:type (Closed)
  • The element AuditEvent.entity is sliced based on the value of pattern:role (Closed)

Differential View

This structure is derived from AuditEvent

NameFlagsCard.TypeDescription & Constraintsdoco
.. AuditEvent 0..*AuditEventEvent record kept for security purposes
... type 1..1CodingType/identifier of event
Required Pattern: At least the following
.... system1..1uriIdentity of the terminology system
Fixed Value: http://dicom.nema.org/resources/ontology/DCM
.... code1..1codeSymbol in syntax defined by the system
Fixed Value: 110114
.... display1..1stringRepresentation defined by the system
Fixed Value: User Authentication
... subtype 1..1CodingMore specific type/id for the event
Required Pattern: At least the following
.... system1..1uriIdentity of the terminology system
Fixed Value: urn:ihe:event-type-code
.... code1..1codeSymbol in syntax defined by the system
Fixed Value: ITI-71
.... display1..1stringRepresentation defined by the system
Fixed Value: Get Access Token
... action 0..1codeType of action performed during the event
Required Pattern: E
... outcome 0..1codeWhether the event succeeded or failed
Required Pattern: 0
... Slices for agent 2..3BackboneElementActor involved in the event
Slice: Unordered, Closed by pattern:type
.... agent:client 1..1BackboneElementActor involved in the event
..... type 1..1CodeableConceptHow agent participated
Required Pattern: At least the following
...... coding1..*CodingCode defined by a terminology system
Fixed Value: (complex)
....... system1..1uriIdentity of the terminology system
Fixed Value: http://dicom.nema.org/resources/ontology/DCM
....... code1..1codeSymbol in syntax defined by the system
Fixed Value: 110150
....... display1..1stringRepresentation defined by the system
Fixed Value: Application
..... who 1..1Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)Identifier of who
..... media 0..0
..... network 1..1BackboneElementLogical network location for application activity
.... agent:auth-server 1..1BackboneElementActor involved in the event
..... type 1..1CodeableConceptHow agent participated
Required Pattern: At least the following
...... coding1..*CodingCode defined by a terminology system
Fixed Value: (complex)
....... system1..1uriIdentity of the terminology system
Fixed Value: https://profiles.ihe.net/ITI/BALP/CodeSystem/UserAgentTypes
....... code1..1codeSymbol in syntax defined by the system
Fixed Value: AuthzOauthService
..... who 1..1Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)Identifier of who
..... media 0..0
..... network 1..1BackboneElementLogical network location for application activity
.... agent:user 0..1BackboneElementActor involved in the event
..... type 1..1CodeableConceptHow agent participated
Required Pattern: At least the following
...... coding1..*CodingCode defined by a terminology system
Fixed Value: (complex)
....... system1..1uriIdentity of the terminology system
Fixed Value: http://terminology.hl7.org/CodeSystem/v3-ParticipationType
....... code1..1codeSymbol in syntax defined by the system
Fixed Value: IRCP
....... display1..1stringRepresentation defined by the system
Fixed Value: information recipient
..... role S0..*CodeableConceptAgent role in the event
..... who 1..1Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)Identifier of who
..... altId 0..0
..... name S0..1stringHuman friendly name for the agent
..... requestor 1..1booleanWhether user is initiator
Required Pattern: true
..... media 0..0
..... network 0..0
..... purposeOfUse S0..*CodeableConceptReason given for this user
... source S1..1BackboneElementAudit Event Reporter
... Slices for entity 1..1BackboneElementData or objects used
Slice: Unordered, Closed by pattern:role
.... entity:token-request 1..1BackboneElementData or objects used
..... what 0..0
..... type 0..1CodingType of entity involved
Required Pattern: At least the following
...... system1..1uriIdentity of the terminology system
Fixed Value: http://terminology.hl7.org/CodeSystem/audit-entity-type
...... code1..1codeSymbol in syntax defined by the system
Fixed Value: 2
...... display1..1stringRepresentation defined by the system
Fixed Value: System Object
..... role 1..1CodingWhat role the entity played
Required Pattern: At least the following
...... system1..1uriIdentity of the terminology system
Fixed Value: http://terminology.hl7.org/CodeSystem/object-role
...... code1..1codeSymbol in syntax defined by the system
Fixed Value: 24
...... display1..1stringRepresentation defined by the system
Fixed Value: Query
..... query 1..1base64Binarycontains the http request in raw form, without the code_verifier value
.... entity:token-response 0..1BackboneElementData or objects used
..... what 1..1Reference(Resource)holds the token id issued
..... type 0..1CodingType of entity involved
Required Pattern: At least the following
...... system1..1uriIdentity of the terminology system
Fixed Value: http://terminology.hl7.org/CodeSystem/audit-entity-type
...... code1..1codeSymbol in syntax defined by the system
Fixed Value: 2
...... display1..1stringRepresentation defined by the system
Fixed Value: System Object
..... role 1..1CodingWhat role the entity played
Required Pattern: At least the following
...... system1..1uriIdentity of the terminology system
Fixed Value: http://terminology.hl7.org/CodeSystem/object-role
...... code1..1codeSymbol in syntax defined by the system
Fixed Value: 13
...... display1..1stringRepresentation defined by the system
Fixed Value: Security Resource
..... detail 1..*BackboneElementholds the key values from the response

doco Documentation for this format

Snapshot View

NameFlagsCard.TypeDescription & Constraintsdoco
.. AuditEvent 0..*AuditEventEvent record kept for security purposes
... id Σ0..1stringLogical id of this artifact
... meta Σ0..1MetaMetadata about the resource
... implicitRules ?!Σ0..1uriA set of rules under which this content was created
... language 0..1codeLanguage of the resource content
Binding: CommonLanguages (preferred): A human language.

Additional BindingsPurpose
AllLanguagesMax Binding
... text 0..1NarrativeText summary of the resource, for human interpretation
... contained 0..*ResourceContained, inline Resources
... extension 0..*ExtensionAdditional content defined by implementations
... modifierExtension ?!0..*ExtensionExtensions that cannot be ignored
... type Σ1..1CodingType/identifier of event
Binding: AuditEventID (extensible): Type of event.


Required Pattern: At least the following
.... id0..1stringUnique id for inter-element referencing
.... extension0..*ExtensionAdditional content defined by implementations
.... system1..1uriIdentity of the terminology system
Fixed Value: http://dicom.nema.org/resources/ontology/DCM
.... version0..1stringVersion of the system - if relevant
.... code1..1codeSymbol in syntax defined by the system
Fixed Value: 110114
.... display1..1stringRepresentation defined by the system
Fixed Value: User Authentication
.... userSelected0..1booleanIf this coding was chosen directly by the user
... subtype Σ1..1CodingMore specific type/id for the event
Binding: AuditEventSub-Type (extensible): Sub-type of event.



Required Pattern: At least the following
.... id0..1stringUnique id for inter-element referencing
.... extension0..*ExtensionAdditional content defined by implementations
.... system1..1uriIdentity of the terminology system
Fixed Value: urn:ihe:event-type-code
.... version0..1stringVersion of the system - if relevant
.... code1..1codeSymbol in syntax defined by the system
Fixed Value: ITI-71
.... display1..1stringRepresentation defined by the system
Fixed Value: Get Access Token
.... userSelected0..1booleanIf this coding was chosen directly by the user
... action Σ0..1codeType of action performed during the event
Binding: AuditEventAction (required): Indicator for type of action performed during the event that generated the event.


Required Pattern: E
... period 0..1PeriodWhen the activity occurred
... recorded Σ1..1instantTime when the event was recorded
... outcome Σ0..1codeWhether the event succeeded or failed
Binding: AuditEventOutcome (required): Indicates whether the event succeeded or failed.


Required Pattern: 0
... outcomeDesc Σ0..1stringDescription of the event outcome
... purposeOfEvent Σ0..*CodeableConceptThe purposeOfUse of the event
Binding: PurposeOfUse (extensible): The reason the activity took place.


... Slices for agent 2..3BackboneElementActor involved in the event
Slice: Unordered, Closed by pattern:type
.... agent:All Slices Content/Rules for all slices
..... id 0..1stringUnique id for inter-element referencing
..... extension 0..*ExtensionAdditional content defined by implementations
..... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored even if unrecognized
..... type 0..1CodeableConceptHow agent participated
Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event.

..... role 0..*CodeableConceptAgent role in the event
Binding: SecurityRoleType (example): What security role enabled the agent to participate in the event.


..... who Σ0..1Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)Identifier of who
..... altId 0..1stringAlternative User identity
..... name 0..1stringHuman friendly name for the agent
..... requestor Σ1..1booleanWhether user is initiator
..... location 0..1Reference(Location)Where
..... policy 0..*uriPolicy that authorized event
..... media 0..1CodingType of media
Binding: MediaTypeCode (extensible): Used when the event is about exporting/importing onto media.

..... network 0..1BackboneElementLogical network location for application activity
...... id 0..1stringUnique id for inter-element referencing
...... extension 0..*ExtensionAdditional content defined by implementations
...... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored even if unrecognized
...... address 0..1stringIdentifier for the network access point of the user device
...... type 0..1codeThe type of network access point
Binding: AuditEventAgentNetworkType (required): The type of network access point of this agent in the audit event.

..... purposeOfUse 0..*CodeableConceptReason given for this user
Binding: PurposeOfUse (extensible): The reason the activity took place.


.... agent:client 1..1BackboneElementActor involved in the event
..... id 0..1stringUnique id for inter-element referencing
..... extension 0..*ExtensionAdditional content defined by implementations
..... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored even if unrecognized
..... type 1..1CodeableConceptHow agent participated
Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event.


Required Pattern: At least the following
...... id0..1stringUnique id for inter-element referencing
...... extension0..*ExtensionAdditional content defined by implementations
...... coding1..*CodingCode defined by a terminology system
Fixed Value: (complex)
....... id0..1stringUnique id for inter-element referencing
....... extension0..*ExtensionAdditional content defined by implementations
....... system1..1uriIdentity of the terminology system
Fixed Value: http://dicom.nema.org/resources/ontology/DCM
....... version0..1stringVersion of the system - if relevant
....... code1..1codeSymbol in syntax defined by the system
Fixed Value: 110150
....... display1..1stringRepresentation defined by the system
Fixed Value: Application
....... userSelected0..1booleanIf this coding was chosen directly by the user
...... text0..1stringPlain text representation of the concept
..... role 0..*CodeableConceptAgent role in the event
Binding: SecurityRoleType (example): What security role enabled the agent to participate in the event.


..... who Σ1..1Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)Identifier of who
..... altId 0..1stringAlternative User identity
..... name 0..1stringHuman friendly name for the agent
..... requestor Σ1..1booleanWhether user is initiator
..... location 0..1Reference(Location)Where
..... policy 0..*uriPolicy that authorized event
..... network 1..1BackboneElementLogical network location for application activity
...... id 0..1stringUnique id for inter-element referencing
...... extension 0..*ExtensionAdditional content defined by implementations
...... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored even if unrecognized
...... address 0..1stringIdentifier for the network access point of the user device
...... type 0..1codeThe type of network access point
Binding: AuditEventAgentNetworkType (required): The type of network access point of this agent in the audit event.

..... purposeOfUse 0..*CodeableConceptReason given for this user
Binding: PurposeOfUse (extensible): The reason the activity took place.


.... agent:auth-server 1..1BackboneElementActor involved in the event
..... id 0..1stringUnique id for inter-element referencing
..... extension 0..*ExtensionAdditional content defined by implementations
..... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored even if unrecognized
..... type 1..1CodeableConceptHow agent participated
Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event.


Required Pattern: At least the following
...... id0..1stringUnique id for inter-element referencing
...... extension0..*ExtensionAdditional content defined by implementations
...... coding1..*CodingCode defined by a terminology system
Fixed Value: (complex)
....... id0..1stringUnique id for inter-element referencing
....... extension0..*ExtensionAdditional content defined by implementations
....... system1..1uriIdentity of the terminology system
Fixed Value: https://profiles.ihe.net/ITI/BALP/CodeSystem/UserAgentTypes
....... version0..1stringVersion of the system - if relevant
....... code1..1codeSymbol in syntax defined by the system
Fixed Value: AuthzOauthService
....... display0..1stringRepresentation defined by the system
....... userSelected0..1booleanIf this coding was chosen directly by the user
...... text0..1stringPlain text representation of the concept
..... role 0..*CodeableConceptAgent role in the event
Binding: SecurityRoleType (example): What security role enabled the agent to participate in the event.


..... who Σ1..1Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)Identifier of who
..... altId 0..1stringAlternative User identity
..... name 0..1stringHuman friendly name for the agent
..... requestor Σ1..1booleanWhether user is initiator
..... location 0..1Reference(Location)Where
..... policy 0..*uriPolicy that authorized event
..... network 1..1BackboneElementLogical network location for application activity
...... id 0..1stringUnique id for inter-element referencing
...... extension 0..*ExtensionAdditional content defined by implementations
...... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored even if unrecognized
...... address 0..1stringIdentifier for the network access point of the user device
...... type 0..1codeThe type of network access point
Binding: AuditEventAgentNetworkType (required): The type of network access point of this agent in the audit event.

..... purposeOfUse 0..*CodeableConceptReason given for this user
Binding: PurposeOfUse (extensible): The reason the activity took place.


.... agent:user 0..1BackboneElementActor involved in the event
..... id 0..1stringUnique id for inter-element referencing
..... extension 0..*ExtensionAdditional content defined by implementations
..... modifierExtension ?!Σ0..*ExtensionExtensions that cannot be ignored even if unrecognized
..... type 1..1CodeableConceptHow agent participated
Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event.


Required Pattern: At least the following
...... id0..1stringUnique id for inter-element referencing
...... extension0..*ExtensionAdditional content defined by implementations
...... coding1..*CodingCode defined by a terminology system
Fixed Value: (complex)
....... id0..1stringUnique id for inter-element referencing
....... extension0..*ExtensionAdditional content defined by implementations
....... system1..1uriIdentity of the terminology system
Fixed Value: http://terminology.hl7.org/CodeSystem/v3-ParticipationType
....... version0..1stringVersion of the system - if relevant
....... code1..1codeSymbol in syntax defined by the system
Fixed Value: IRCP
....... display1..1stringRepresentation defined by the system
Fixed Value: information recipient
....... userSelected0..1booleanIf this coding was chosen directly by the user
...... text0..1stringPlain text representation of the concept
..... role S0..*CodeableConceptAgent role in the event
Binding: SecurityRoleType (example): What security role enabled the agent to participate in the event.


..... who Σ1..1Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)Identifier of who
..... name S0..1stringHuman friendly name for the agent
..... requestor Σ1..1booleanWhether user is initiator
Required Pattern: true
..... location 0..1Reference(Location)Where
..... policy 0..*uriPolicy that authorized event
..... purposeOfUse S0..*CodeableConceptReason given for this user
Binding: PurposeOfUse (extensible): The reason the activity took place.