Release 5 Preview #3

Auditevent-example-breakglass-start.xml

Security Work GroupMaturity Level: N/AStandards Status: InformativeCompartments: Device, Patient, Practitioner

Raw XML (canonical form + also see XML Format Specification)

Jump past Narrative

Record that a Break-Glass event has started (id = "example-breakglass-start")

<?xml version="1.0" encoding="UTF-8"?>

<AuditEvent xmlns="http://hl7.org/fhir">
  <id value="example-breakglass-start"/> 
  <text> 
    <status value="generated"/> 
    <div xmlns="http://www.w3.org/1999/xhtml">Authorized Break-Glass period has been declared to enable immediate emergent treatment
       condition. This AuditEvent indicates the start of the Break-Glass event. Another would
       indicate the stop of that Break-Glass period, providd there is a session or state that
       can detect the end of the break-glass event.</div> 
  </text> 
  <type> 
    <system value="http://dicom.nema.org/resources/ontology/DCM"/> 
    <code value="110113"/> 
    <display value="Security Alert"/> 
  </type> 
  <subtype> 
    <system value="http://dicom.nema.org/resources/ontology/DCM"/> 
    <code value="110127"/> 
    <display value="Emergency Override Started"/> 
  </subtype> 
  <action value="E"/> 
  <!--   when was the break-glass started   -->
  <recorded value="2013-09-22T00:08:00Z"/> 
  <outcome> 
    <coding> 
      <system value="http://terminology.hl7.org/CodeSystem/audit-event-outcome"/> 
      <code value="0"/> 
      <display value="Success"/> 
    </coding> 
    <text value="Successful  Start of Break-Glass"/> 
  </outcome>  
  <purposeOfEvent> 
    <!--   why was the break-glass declared   -->
    <coding> 
      <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/> 
      <code value="ETREAT"/> 
      <display value="Emergency Treatment"/> 
    </coding> 
  </purposeOfEvent> 
  <agent> 
    <!--   who declared the break-glass   -->
    <who> 
        <reference value="Practitioner/f001"/> 
    </who> 
    <requestor value="true"/> 
    <!--   where was the break-glass emergency declared   -->
    <location> 
      <reference value="Location/1"/> 
    </location> 
    <network> 
      <address value="custodian.net"/> 
      <type value="1"/> 
    </network> 
  </agent> 
  <source> 
    <!--   what system detected this break-glass   -->
    <site value="Watcher"/> 
    <observer> 
      <display value="Watchers Accounting of Disclosures Application"/> 
    </observer> 
    <type> 
      <system value="http://terminology.hl7.org/CodeSystem/security-source-type"/> 
      <code value="4"/> 
      <display value="Application Server"/> 
    </type> 
  </source> 
  <entity> 
    <!--   patient whos data is being accessed   -->
    <what> 
      <reference value="Patient/example"/> 
    </what> 
    <type> 
      <system value="http://terminology.hl7.org/CodeSystem/audit-entity-type"/> 
      <code value="1"/> 
      <display value="Person"/> 
    </type> 
    <role> 
      <system value="http://terminology.hl7.org/CodeSystem/object-role"/> 
      <code value="1"/> 
      <display value="Patient"/> 
    </role> 
  </entity> 
</AuditEvent> 

Usage note: every effort has been made to ensure that the examples are correct and useful, but they are not a normative part of the specification.