IHE ITI TF Vol2

3.54 Document Metadata Publish [ITI-54]

This section corresponds to transaction [ITI-54] of the IHE IT Infrastructure Technical Framework. Transaction [ITI-54] is used by the Document Metadata Notification Broker and Document Metadata Publisher Actors.

3.54.1 Scope

This transaction delivers information from the Document Metadata Publisher to the Document Metadata Notification Broker about an event which may have a subscription. The WS Brokered Notification Publisher Registration requirements are out of scope for this transaction.

3.54.2 Use Case Roles

Actor: Document Metadata Notification Broker

Role: Receives and processes information about events for which there may be a subscription.

Actor: Document Metadata Publisher

Role: Publishes information to the Document Metadata Notification Broker when applicable events occur for which a subscription may exist.

3.54.3 Referenced Standards

3.54.4 Messages

Figure 3.54.4-1: Document Metadata Publish Sequence

3.54.4.1 Notify Message

3.54.4.1.1 Trigger

When an event occurs for which a subscription may exist, the Document Metadata Publisher will trigger a Notification message to the Document Metadata Notification Broker. Events that could trigger a notification are publication of or update to a DocumentEntry or SubmissionSet.

3.54.4.1.2 Message Semantics

The Document Metadata Publisher shall use a Notify message to communicate published objects to the Document Metadata Notification Broker Actor.

This message shall have one <NotificationMessage> element.

This element SHALL have two child elements:

<ProducerReference> that identifies the source of the data published. This element conveys the value of the SubmissionSet.sourceId attribute. This attribute shall contain a URI, for example “urn:oid:1.2.3.4.5”.
<Message> that identifies published objects. This element shall have a single child element <lcm:SubmitObjectsRequest> that has only one child element <rim:RegistryObjectList>. This element conveys a list of SubmissionSet, Folder, and DocumentEntry objects.

Note: SubmissionSet objects are constructed from <rim:RegistryObject> elements and must include the <rim:Classification> .

Note that there is no subscription information in the Notify message in the Publish transaction.

3.54.4.1.3 Expected Actions

The Notify message shall comply with the requirements in the WS-BaseNotification standard.

The Document Metadata Notification Broker shall evaluate the Publish transaction, and if there are matching subscriptions, it shall send the corresponding Notification transaction to the appropriate Document Metadata Notification Recipients.

3.54.4.1.4 Example

<?xml version="1.0" encoding="UTF-8"?>

<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"

xmlns:a="http://www.w3.org/2005/08/addressing"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

xmlns:wsnt="http://docs.oasis-open.org/wsn/b-2"

xmlns:ihe="urn:ihe:iti:pub-sub:2008"

xmlns:rim="urn:oasis:names:tc:ebxml-regrep:xsd:rim:3.0"

xsi:schemaLocation="http://www.w3.org/2003/05/soap-envelope http://www.w3.org/2003/05/soap-envelope http://www.w3.org/2005/08/addressing http://www.w3.org/2005/08/addressing/ws-addr.xsd http://docs.oasis-open.org/wsn/b-2 http://docs.oasis-open.org/wsn/b-2.xsd urn:ihe:iti:pub-sub:2008 ../schema/IHE/XDS.b_PublishSubscribe.xsd urn:oasis:names:tc:ebxml-regrep:xsd:rim:3.0 ../schema/ebRS/rim.xsd">

<s:Header>

<a:Action>http://docs.oasis-open.org/wsn/bw-2/NotificationConsumer/Notify</a:Action>

<a:MessageID>382dcdca-8e87-9fdf-8446-48fd83bca93b</a:MessageID>

<a:To>https://NotificationBroker/xdsBpublish</a:To>

</s:Header>

<s:Body>

<wsnt:Notify>

<wsnt:NotificationMessage>

<wsnt:ProducerReference>

<a:Address>urn:oid:1.2.3.4.5</a:Address>

</wsnt:ProducerReference>

<wsnt:Message>

<lcm:SubmitObjectsRequest>

<rim:RegistryObjectList>

<rim:ExtrinsicObject id="Document01" mimeType="text/xml" objectType="urn:uuid:7edca82f-054d-47f2-a032-9b2a5b5186c1">

…

</rim:ExtrinsicObject>

<rim:RegistryPackage objectType="urn:oasis:names:tc:ebxml-regrep:ObjectType:RegistryObject:RegistryPackage" id="Submission01">
                                <rim:Classification classificationNode="urn:uuid:a54d6aa5-d40d-43f9-88c5-b4633d873bdd" classifiedObject="Submission01" objectType="urn:oasis:names:tc:ebxml-regrep:ObjectType:RegistryObject:Classification" id="classification01"/>
                            </rim:RegistryPackage>
                            <rim:RegistryPackage objectType="urn:oasis:names:tc:ebxml-regrep:ObjectType:RegistryObject:RegistryPackage" id="Folder01">
                                <rim:Classification classificationNode="urn:uuid:d9d542f3-6cc4-48b6-8870-ea235fbc94c2" classifiedObject="Folder01" objectType="urn:oasis:names:tc:ebxml-regrep:ObjectType:RegistryObject:Classification" id="classification02"/>
                            </rim:RegistryPackage>

</rim:RegistryObjectList>

</lcm:SubmitObjectsRequest>

</wsnt:Message>

</wsnt:NotificationMessage>

</wsnt:Notify>

</s:Body>

</s:Envelope>

3.54.5 Security Considerations

The risk assessment for the Document Metadata Publish transaction is described in Table 1:26.5-1: DSUB risk assessment (see Section 1:26.5 DSUB Security Considerations). . The derived mitigations are as follows:

The Document Metadata Publisher and the Document Metadata Notification Broker shall be grouped with a Secure Node or Secure Application in the Audit Trail and Node Authentication (ATNA) Profile.
The use of encrypted TLS is recommended when the transmission is not otherwise secured (e.g., transmission over a secure network)

3.54.5.1 Audit Record Considerations

The Document Metadata Publish Transaction is an Export event, as defined in ITI TF-2: Table 3.20.4.1.1.1-1. The actors involved in the transaction shall create audit data in conformance with DICOM Part 15 “Data Export”/”Data Import”, with the following exceptions.

3.54.5.1.1 Document Metadata Publisher Audit Message:

	Field Name	Opt	Value Constraints
Event AuditMessage/ EventIdentification	EventID	M	EV(110106, DCM, “Export”)
	EventActionCode	M	“R” (Read)
	EventDateTime	M	not specialized
	EventOutcomeIndicator	M	not specialized
	EventTypeCode	M	EV(“ITI-54”, “IHE Transactions”, “Document Metadata Publish”)
Source (Document Metadata Publisher) (1)
Human Requestor (0..n)
Destination (Document Metadata Notification Broker) (1)
Audit Source (Document Metadata Publisher) (1)
Patient (0..1)
DocumentEntry/SubmissionSet (1..n)

Where:

Source AuditMessage/ ActiveParticipant	UserID	U	not specialized
	AlternativeUserID	M	the process ID as used within the local operating system in the local system logs.
	UserName	U	not specialized
	UserIsRequestor	U	not specialized
	RoleIDCode	M	EV(110153, DCM, "Source Role ID")
	NetworkAccessPointTypeCode	M	“1” for machine (DNS) name, “2” for IP address
	NetworkAccessPointID	M	The machine name or IP address

Human Requestor (if known) AuditMessage/ ActiveParticipant	UserID	M	Identity of the human that initiated the transaction.
	AlternativeUserID	U	not specialized
	UserName	U	not specialized
	UserIsRequestor	U	not specialized
	RoleIDCode	U	Access Control role(s) the user holds that allows this transaction.
	NetworkAccessPointTypeCode	U	not specialized
	NetworkAccessPointID	U	not specialized

Destination AuditMessage/ ActiveParticipant	UserID	M	SOAP endpoint URI
	AlternativeUserID	U	not specialized
	UserName	U	not specialized
	UserIsRequestor	U	not specialized
	RoleIDCode	M	EV(110152, DCM, "Destination Role ID")
	NetworkAccessPointTypeCode	M	“1” for machine (DNS) name, “2” for IP address
	NetworkAccessPointID	M	The machine name or IP address

Audit Source

AuditMessage/
AuditSourceIdentification

AuditSourceID

not specialized

AuditEnterpriseSiteID

not specialized

AuditSourceTypeCode

not specialized

Patient (if-known) (AuditMessage/ ParticipantObjectIdentification)	ParticipantObjectTypeCode	M	“1” (Person)
	ParticipantObjectTypeCodeRole	M	“1” (Patient)
	ParticipantObjectDataLifeCycle	U	not specialized
	ParticipantObjectIDTypeCode	M	not specialized
	ParticipantObjectSensitivity	U	not specialized
	ParticipantObjectID	M	The patient ID in HL7 CX format.
	ParticipantObjectName	U	not specialized
	ParticipantObjectQuery	U	not specialized
	ParticipantObjectDetail	U	not specialized

DocumentEntry SubmissionSet (AuditMessage/ ParticipantObjectIdentification)	ParticipantObjectTypeCode	M	“2” (System)
	ParticipantObjectTypeCodeRole	M	“3” (report)
	ParticipantObjectDataLifeCycle	U	not specialized
	ParticipantObjectIDTypeCode	M	The Document Metadata Publisher shall include one of the following values, depending on the specific object in the message: EV("urn:uuid:7edca82f-054d-47f2-a032-9b2a5b5186c1”, “IHE XDS Metadata”, “document entry object type”) EV(“urn:uuid:34268e47-fdf5-41a6-ba33-82133c465248”, “IHE XDS Metadata”, “on-demand document entry object type”) EV(urn:uuid:a54d6aa5-d40d-43f9-88c5-b4633d873bdd”, “IHE XDS Metadata”, ”submission set classification node”)
	ParticipantObjectSensitivity	U	not specialized
	ParticipantObjectID	M	The value of the object's EntryUUID attribute.
	ParticipantObjectName	U	not specialized
	ParticipantObjectQuery	U	not specialized
	ParticipantObjectDetail	C	This element is required, if known: Type: “urn:ihe:iti:xca:2010:homeCommunityId” (literal string) Value: value of the homeCommunityId

3.54.5.1.2 Document Metadata Notification Broker audit message:

	Field Name	Opt	Value Constraints
Event AuditMessage/ EventIdentification	EventID	M	EV(110107, DCM, “Import”)
	EventActionCode	M	“C” (Create)
	EventDateTime	M	not specialized
	EventOutcomeIndicator	M	not specialized
	EventTypeCode	M	EV(“ITI-54”, “IHE Transactions”, “Document Metadata Publish”)
Source (Document Metadata Publisher) (1)
Destination (Document Metadata Notification Broker) (1)
Audit Source (Document Metadata Notification Broker) (1)
DocumentEntry/SubmissionSet (1..n)

Where:

Source AuditMessage/ ActiveParticipant	UserID	U	not specialized
	AlternativeUserID	U	not specialized
	UserName	U	not specialized
	UserIsRequestor	U	not specialized
	RoleIDCode	M	EV(110153, DCM, "Source Role ID")
	NetworkAccessPointTypeCode	M	“1” for machine (DNS) name, “2” for IP address
	NetworkAccessPointID	M	The machine name or IP address

Destination AuditMessage/ ActiveParticipant	UserID	M	SOAP endpoint URI
	AlternativeUserID	M	the process ID as used within the local operating system in the local system logs.
	UserName	U	not specialized
	UserIsRequestor	U	not specialized
	RoleIDCode	M	EV(110152, DCM, "Destination Role ID")
	NetworkAccessPointTypeCode	M	“1” for machine (DNS) name, “2” for IP address
	NetworkAccessPointID	M	The machine name or IP address

Audit Source

AuditMessage/
AuditSourceIdentification

AuditSourceID

not specialized

AuditEnterpriseSiteID

not specialized

AuditSourceTypeCode

not specialized

DocumentEntry SubmissionSet (AuditMessage/ ParticipantObjectIdentification)	ParticipantObjectTypeCode	M	“2” (System)
	ParticipantObjectTypeCodeRole	M	“3” (report)
	ParticipantObjectDataLifeCycle	U	not specialized
	ParticipantObjectIDTypeCode	M	The Document Metadata Notification Broker shall include one of the following values, depending on the specific object in the message: EV("urn:uuid:7edca82f-054d-47f2-a032-9b2a5b5186c1”, “IHE XDS Metadata”, “document entry object type”) EV(“urn:uuid:34268e47-fdf5-41a6-ba33-82133c465248”, “IHE XDS Metadata”, “on-demand document entry object type”) EV(urn:uuid:a54d6aa5-d40d-43f9-88c5-b4633d873bdd”, “IHE XDS Metadata”, ”submission set classification node”)
	ParticipantObjectSensitivity	U	not specialized
	ParticipantObjectID	M	The value of the object's EntryUUID attribute.
	ParticipantObjectName	U	not specialized
	ParticipantObjectQuery	U	not specialized
	ParticipantObjectDetail	C	This element is required, if known: Type: “urn:ihe:iti:xca:2010:homeCommunityId” (literal string) Value: value of the homeCommunityId