CH EPR FHIR (R4)
4.0.1-ballot-2 - ballot Switzerland flag

CH EPR FHIR (R4), published by eHealth Suisse. This guide is not an authorized publication; it is the continuous build for version 4.0.1-ballot-2 built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/ehealthsuisse/ch-epr-fhir/ and changes regularly. See the Directory of published versions

Record Audit Event [ITI-20]

Scope

This section describes the national extension for the Swiss EPR of the Send Audit Resource Request Message – RESTful interaction [ITI-20] transaction defined in the RESTful ATNA profile which is currently prepared as IHE Trial Implementation with the working title ”Add RESTful ATNA (Query and Feed)”. The Audit Record Repository SHALL support the ATX: FHIR Feed Option.

Actor Roles

Actor: Any actor or any other application that is grouped with the Secure Node or Secure Application (Audit Creator).
Role: Create an audit record and transmit this record to the Audit Record Repository.
Actor: Audit Record Repository
Role: Receive an audit record from the Audit Record Creator and store this for audit purposes.

Referenced Standards

  1. Add RESTful ATNA (Query and Feed), Rev. 3.3
  2. This RESTful ATNA profile is based on Release 4 of the HL7® FHIR® standard.

Messages

The “Send Audit Resource Request Message – FHIR Feed Interaction” is used for auditing the FHIR Audit Event Resource using the RESTful protocol.

Interaction Diagram for [ITI-20]Secure ApplicationSecure NodeAudit Record ForwarderAudit Record RepositorySend Audit Resource RequestSend Audit Resource ResponseSend Audit Bundle RequestSend Audit Bundle Response

Send Audit Resource Request Message – FHIR Feed Interaction

Trigger Events

This message is sent when an actor that is grouped with Secure Node or Secure Application or an Audit Record Forwarder needs to post a single or multiple AuditEvent Resource to the Audit Record Repository.

Message Semantics

The base profiles for the Swiss AuditEvents in the EPR are:

Audit Example for a Provide Bundle Transaction from source perspective

Expected Actions

Same message semantics and expected actions apply as described in the ITI-20 transaction.

Send Audit Resource Response

CapabilityStatement Resource

The CapabilityStatement resource for the Audit Creator is ATNA Audit Creator.

The CapabilityStatement resource for the Audit Record Repository is ATNA Audit Record Repository.

Security Consideration

TLS SHALL be used.

The actors SHALL support the traceparent header handling, as defined in Appendix: Trace Context.