CH EPR mHealth (R4)
0.2.0 - DSTU 1 Informative Ballot

CH EPR mHealth (R4), published by eHealth Suisse. This is not an authorized publication; it is the continuous build for version 0.2.0). This version is based on the current content of https://github.com/ehealthsuisse/ch-epr-mhealth/ and changes regularly. See the Directory of published versions

Record Audit Event [ITI-20]

Scope

This section describes the national extension for the Swiss EPR of the Send Audit Resource Request Message – RESTful interaction [ITI-20] transaction defined in the RESTful ATNA profile which is currently prepared as IHE Trial Implementation with the working title ”Add RESTful ATNA (Query and Feed)”. The Audit Record Repository SHALL support the ATX: FHIR Feed Option.

Actor Roles

Actor: Any actor or any other application that is grouped with the Secure Node or Secure Application.
Role: Create an audit record and transmit this record to the Audit Record Repository.
Actor: Audit Record Repository
Role: Receive an audit record from the Audit Record Creator and store this for audit purposes.

Referenced Standards

Add RESTful ATNA (Query and Feed), Rev. 3.2 – Trial Implementation, August 28, 2020
This RESTful ATNA profile is based on Release 4 of the HL7® FHIR® standard.

Messages

The “Send Audit Resource Request Message – FHIR Feed Interaction” is used for auditing the FHIR Audit Event Resource using the RESTful protocol.

Interaction Diagram for [ITI-20]Secure ApplicationSecure NodeAudit Record ForwarderSecure ApplicationSecure NodeAudit Record ForwarderAudit RecordRepositoryAudit RecordRepositorySend Audit Resource RequestSend Audit Resource ResponseSend Audit Bundle RequestSend Audit Bundle Response

Trigger Events

This message is sent when an actor that is grouped with Secure Node or Secure Application or an Audit Record Forwarder needs to post a single or multiple AuditEvent Resource to the Audit Record Repository.

Message Semantics

Expected Actions

Same message semantics and expected actions apply as described in the ITI-20 transaction.

Security Consideration

TLS SHALL be used.