This profile is based on the IHE Basic Audit Log Patterns (BALP) profile for when an Authorization decision is made based on a Consent record. The differences are that the relevant participant references use US Core profiles where needed.

When to Create This Event

A FAST Consent Audit Event SHALL be created by the system that evaluates a Consent resource to determine whether a request to access patient information should be permitted or denied.^§AE1 This system is acting as a Policy Decision Point (PDP) in the access control framework.

The event SHALL be created regardless of whether the authorization decision was a permit or a deny.^§AE2 Both outcomes represent a completed consent evaluation and must be recorded to give patients a complete picture of how their consent has been used. The event is persisted by POSTing it to the AuditEvent endpoint of the consent administration service or another ATNA-compliant audit repository.

This profile applies exclusively to authorization decision events — cases where a Consent resource was consulted to make an access control decision. It does not apply to disclosure events (cases where health information was actually shared following a permit decision). For disclosure events, use IHE Basic Audit Log Patterns (BALP) patterns directly, without this profile.

Mandatory and Must Support Data Elements

The following data elements must always be present or must be supported if the data is present in the sending system Must Support. They are presented below in a simple human-readable explanation. Profile specific guidance and examples are provided as well. The Formal Views below provides the formal summary, definitions, and terminology requirements.

Each Audit Event Must Have:

1. a type from the IHE BALP audit event type code system
2. a subtype of AuthZ-Consent (from the IHE BALP AuthZsubType code system) indicating this is a consent-based authorization event
3. an action fixed to E ("Execute")
4. an outcome code indicating whether the authorization succeeded or failed (see Meaning of Outcome below)
5. a recorded instant (.recorded) capturing when the audit event was created
6. a source identifying the system that generated the audit event
7. agents representing the:
   1. client application
   2. user
   3. user organization
   4. authorizer
8. entities representing the:
   1. patient whose consent was consulted
   2. the Consent resource that was consulted

Meaning of Outcome

The AuditEvent.outcome element records whether the audited system operation completed successfully, not whether data was ultimately shared with the requesting party. Specifically:

• 0 (Success) — the authorization evaluation completed without error. This does NOT mean that data was shared; a successful outcome may reflect either a permit decision (data sharing allowed) or a deny decision (data sharing refused). Both outcomes are valid results of a successful consent evaluation.
• 4 (Minor failure) or 8 (Serious failure) — the authorization evaluation itself encountered an error and could not be completed (for example, the Consent resource was unreachable or malformed).

To determine whether a consent permit or deny decision was made, examine the AuditEvent.purposeOfEvent and the content of the entity elements rather than relying on outcome alone.

Referencing External Participants

Since a FHIR reference can contain a RESTful id to a patient, organization, practitioner, or related person, and those RESTful ids may not be useful once an Audit Event instance has propogated to other consent servers, this guide requires that an external identifier for those participants SHALL be populated.^§AE3 The RESTful id can also be sent but it is not necessary since the mandatory identifier conveys the identity of the participant. The FHIR additionalIdentifier extension is also included in the Reference to allow for multiple identifiers for participants to be conveyed.

• Key Elements Table
• Differential Table
• Snapshot Table
• Statistics/References
• All

Name	Flags	Card.	Type	Description & Constraints    Filter: Bindings Constraints Obligations
AuditEvent		0..*	AuthZconsent	Event record kept for security purposes
implicitRules	?!Σ	0..1	uri	A set of rules under which this content was created
type	Σ	1..1	Coding	Type/identifier of event Binding: AuditEventID (extensible): Type of event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://dicom.nema.org/resources/ontology/DCM
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 110113
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
subtype	Σ	1..*	Coding	More specific type/id for the event Binding: Authorization subType events valueset (required)
action	Σ	0..1	code	Type of action performed during the event Binding: AuditEventAction (required): Indicator for type of action performed during the event that generated the event. Required Pattern: E
recorded	Σ	1..1	instant	Time when the event was recorded
outcome	Σ	1..1	code	Whether the event succeeded or failed Binding: AuditEventOutcome (required): Indicates whether the event succeeded or failed.
outcomeDesc	SΣ	0..1	string	Description of the event outcome
purposeOfEvent	SΣ	0..*	CodeableConcept	The purposeOfUse of the event Binding: PurposeOfUse (3.1.0) (extensible): The reason the activity took place.
Slices for agent		4..*	BackboneElement	Actor involved in the event Slice: Unordered, Open by value:type
agent:All Slices				Content/Rules for all slices
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
who	Σ	0..1	FASTReference(US Core Organization Profile | US Core Patient Profile | US Core Practitioner Profile | US Core RelatedPerson Profile | US Core PractitionerRole Profile)	Identifier of who
requestor	Σ	1..1	boolean	Whether user is initiator
agent:client		1..1	BackboneElement	Actor involved in the event
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	CodeableConcept	How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (Complex)
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://dicom.nema.org/resources/ontology/DCM
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 110150
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
text		0..1	string	Plain text representation of the concept
who	Σ	1..1	FASTReference(US Core Organization Profile | US Core Patient Profile | US Core Practitioner Profile | US Core RelatedPerson Profile | US Core PractitionerRole Profile)	Identifier of who
requestor	Σ	1..1	boolean	Whether user is initiator
policy	S	0..*	uri	Policy that authorized event
network		1..1	BackboneElement	Logical network location for application activity
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
agent:user		1..1	BackboneElement	Actor involved in the event
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	CodeableConcept	How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (Complex)
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/v3-ParticipationType
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: IRCP
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
text		0..1	string	Plain text representation of the concept
role	S	0..*	CodeableConcept	Agent role in the event Binding: SecurityRoleType (example): What security role enabled the agent to participate in the event.
who	Σ	1..1	FASTReference(US Core Organization Profile | US Core Patient Profile | US Core Practitioner Profile | US Core RelatedPerson Profile | US Core PractitionerRole Profile)	Identifier of who
name	S	0..1	string	Human friendly name for the agent
requestor	Σ	1..1	boolean	Whether user is initiator Required Pattern: true
policy	S	0..*	uri	Policy that authorized event
purposeOfUse	S	0..*	CodeableConcept	Reason given for this user Binding: PurposeOfUse (3.1.0) (extensible): The reason the activity took place.
agent:userorg		1..1	BackboneElement	Actor involved in the event
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	CodeableConcept	How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (Complex)
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/v3-RoleClass
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: PROV
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
text		0..1	string	Plain text representation of the concept
who	SΣ	1..1	FASTReference(US Core Organization Profile | US Core Patient Profile | US Core Practitioner Profile | US Core RelatedPerson Profile | US Core PractitionerRole Profile)	Identifier of who
requestor	Σ	1..1	boolean	Whether user is initiator Required Pattern: false
purposeOfUse	S	0..*	CodeableConcept	Reason given for this user Binding: PurposeOfUse (3.1.0) (extensible): The reason the activity took place.
agent:authorizer	C	1..1	BackboneElement	Actor involved in the event Constraints: val-audit-source
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	CodeableConcept	How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (Complex)
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/extra-security-role-type
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: authserver
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
text		0..1	string	Plain text representation of the concept
who	Σ	1..1	FASTReference(US Core Organization Profile | US Core Patient Profile | US Core Practitioner Profile | US Core RelatedPerson Profile | US Core PractitionerRole Profile)	Identifier of who
requestor	Σ	1..1	boolean	Whether user is initiator Required Pattern: false
source		1..1	BackboneElement	Audit Event Reporter
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
observer	Σ	1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	The identity of source detecting the event
Slices for entity	C	2..*	BackboneElement	Data or objects used Slice: Unordered, Closed by value:type Constraints: sev-1
entity:All Slices				Content/Rules for all slices
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
entity:patient	C	1..1	BackboneElement	Data or objects used Constraints: sev-1
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
what	Σ	1..1	FASTReference(US Core Patient Profile)	Specific instance of resource
type		1..1	Coding	Type of entity involved Binding: AuditEventEntityType (extensible): Code for the entity type involved in the audit event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/audit-entity-type
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 1
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
role		1..1	Coding	What role the entity played Binding: AuditEventEntityRole (extensible): Code representing the role the entity played in the audit event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/object-role
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 1
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
entity:consent	C	1..*	BackboneElement	Data or objects used Constraints: sev-1
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
what	SΣ	1..1	Reference(FASTConsent)	Specific instance of resource
type		1..1	Coding	Type of entity involved Binding: AuditEventEntityType (extensible): Code for the entity type involved in the audit event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://hl7.org/fhir/resource-types
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: Consent
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
entity:token	C	0..1	BackboneElement	Data or objects used Constraints: sev-1
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
what	Σ	1..1	Reference(Resource)	Specific instance of resource
identifier	Σ	1..1	Identifier	Logical reference, when literal reference is not known
use	?!Σ	0..1	code	usual | official | temp | secondary | old (If known) Binding: IdentifierUse (required): Identifies the purpose for this identifier, if known .
value	Σ	1..1	string	jti (JWT ID) Example General: 123456
type		1..1	Coding	Type of entity involved Binding: AuditEventEntityType (extensible): Code for the entity type involved in the audit event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: https://profiles.ihe.net/ITI/BALP/CodeSystem/UserAgentTypes
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: UserOauthAgent
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
Documentation for this format

Terminology Bindings

Path	Status	Usage	ValueSet	Version	Source
AuditEvent.type	Base	extensible	Audit Event ID	📍4.0.1	FHIR Std.
AuditEvent.subtype	Base	required	Authorization subType events valueset	📦1.1.4	Basic Audit Log Patterns v1.1
AuditEvent.action	Base	required	AuditEventAction	📍4.0.1	FHIR Std.
AuditEvent.outcome	Base	required	AuditEventOutcome	📍4.0.1	FHIR Std.
AuditEvent.purposeOfEvent	Base	extensible	PurposeOfUse	📍3.1.0	THO v7.1
AuditEvent.agent:client.​type	Base	extensible	ParticipationRoleType	📍4.0.1	FHIR Std.
AuditEvent.agent:user.​type	Base	extensible	ParticipationRoleType	📍4.0.1	FHIR Std.
AuditEvent.agent:user.​role	Base	example	SecurityRoleType	📍4.0.1	FHIR Std.
AuditEvent.agent:user.​purposeOfUse	Base	extensible	PurposeOfUse	📍3.1.0	THO v7.1
AuditEvent.agent:userorg.​type	Base	extensible	ParticipationRoleType	📍4.0.1	FHIR Std.
AuditEvent.agent:userorg.​purposeOfUse	Base	extensible	PurposeOfUse	📍3.1.0	THO v7.1
AuditEvent.agent:authorizer.​type	Base	extensible	ParticipationRoleType	📍4.0.1	FHIR Std.
AuditEvent.entity:patient.​type	Base	extensible	Audit event entity type	📍4.0.1	FHIR Std.
AuditEvent.entity:patient.​role	Base	extensible	AuditEventEntityRole	📍4.0.1	FHIR Std.
AuditEvent.entity:consent.​type	Base	extensible	Audit event entity type	📍4.0.1	FHIR Std.
AuditEvent.entity:token.​what.identifier.use	Base	required	IdentifierUse	📍4.0.1	FHIR Std.
AuditEvent.entity:token.​type	Base	extensible	Audit event entity type	📍4.0.1	FHIR Std.

Constraints

Id	Grade	Path(s)	Description	Expression
dom-2	error	AuditEvent	If the resource is contained in another resource, it SHALL NOT contain nested Resources	contained.contained.empty()
dom-3	error	AuditEvent	If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource	contained.where((('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(canonical) = '#').exists()).not()).trace('unmatched', id).empty()
dom-4	error	AuditEvent	If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated	contained.meta.versionId.empty() and contained.meta.lastUpdated.empty()
dom-5	error	AuditEvent	If a resource is contained in another resource, it SHALL NOT have a security label	contained.meta.security.empty()
dom-6	best practice	AuditEvent	A resource should have narrative for robust management	text.`div`.exists()
ele-1	error	**ALL** elements	All FHIR elements must have a @value or children	hasValue() or (children().count() > id.count())
ext-1	error	**ALL** extensions	Must have either extensions or value[x], not both	extension.exists() != value.exists()
sev-1	error	AuditEvent.entity, AuditEvent.entity:patient, AuditEvent.entity:consent, AuditEvent.entity:token	Either a name or a query (NOT both)	name.empty() or query.empty()
val-audit-source	error	AuditEvent.agent:authorizer	The Audit Source is this agent too.	$this.who = %resource.source.observer

Name	Flags	Card.	Type	Description & Constraints    Filter: Bindings Constraints Obligations
AuditEvent		0..*	AuthZconsent	Event record kept for security purposes
agent		4..*	BackboneElement	Actor involved in the event
who		0..1	FASTReference(US Core Organization Profile | US Core Patient Profile | US Core Practitioner Profile | US Core RelatedPerson Profile | US Core PractitionerRole Profile)	Identifier of who
Slices for agent				Content/Rules for all slices
agent:client		1..1	BackboneElement	Actor involved in the event
who		1..1	FASTReference(US Core Organization Profile | US Core Patient Profile | US Core Practitioner Profile | US Core RelatedPerson Profile | US Core PractitionerRole Profile)	Identifier of who
agent:user		1..1	BackboneElement	Actor involved in the event
who		1..1	FASTReference(US Core Organization Profile | US Core Patient Profile | US Core Practitioner Profile | US Core RelatedPerson Profile | US Core PractitionerRole Profile)	Identifier of who
agent:userorg		1..1	BackboneElement	Actor involved in the event
who		1..1	FASTReference(US Core Organization Profile | US Core Patient Profile | US Core Practitioner Profile | US Core RelatedPerson Profile | US Core PractitionerRole Profile)	Identifier of who
agent:authorizer		1..1	BackboneElement	Actor involved in the event
who		1..1	FASTReference(US Core Organization Profile | US Core Patient Profile | US Core Practitioner Profile | US Core RelatedPerson Profile | US Core PractitionerRole Profile)	Identifier of who
Slices for entity				Content/Rules for all slices
entity:patient		1..1	BackboneElement	Data or objects used
what		1..1	FASTReference(US Core Patient Profile)	Specific instance of resource
entity:consent		1..*	BackboneElement	Data or objects used
what		1..1	Reference(FASTConsent)	Specific instance of resource
Documentation for this format

Name	Flags	Card.	Type	Description & Constraints    Filter: Bindings Constraints Obligations
AuditEvent		0..*	AuthZconsent	Event record kept for security purposes
id	Σ	0..1	id	Logical id of this artifact
meta	Σ	0..1	Meta	Metadata about the resource
implicitRules	?!Σ	0..1	uri	A set of rules under which this content was created
language		0..1	code	Language of the resource content Binding: CommonLanguages (preferred): A human language. Additional Bindings Purpose AllLanguages Max Binding
text		0..1	Narrative	Text summary of the resource, for human interpretation This profile does not constrain the narrative in regard to content, language, or traceability to data elements
contained		0..*	Resource	Contained, inline Resources
extension		0..*	Extension	Additional content defined by implementations
type	Σ	1..1	Coding	Type/identifier of event Binding: AuditEventID (extensible): Type of event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://dicom.nema.org/resources/ontology/DCM
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 110113
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
subtype	Σ	1..*	Coding	More specific type/id for the event Binding: Authorization subType events valueset (required)
action	Σ	0..1	code	Type of action performed during the event Binding: AuditEventAction (required): Indicator for type of action performed during the event that generated the event. Required Pattern: E
period		0..1	Period	When the activity occurred
recorded	Σ	1..1	instant	Time when the event was recorded
outcome	Σ	1..1	code	Whether the event succeeded or failed Binding: AuditEventOutcome (required): Indicates whether the event succeeded or failed.
outcomeDesc	SΣ	0..1	string	Description of the event outcome
purposeOfEvent	SΣ	0..*	CodeableConcept	The purposeOfUse of the event Binding: PurposeOfUse (3.1.0) (extensible): The reason the activity took place.
Slices for agent		4..*	BackboneElement	Actor involved in the event Slice: Unordered, Open by value:type
agent:All Slices				Content/Rules for all slices
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		0..1	CodeableConcept	How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event.
role		0..*	CodeableConcept	Agent role in the event Binding: SecurityRoleType (example): What security role enabled the agent to participate in the event.
who	Σ	0..1	FASTReference(US Core Organization Profile | US Core Patient Profile | US Core Practitioner Profile | US Core RelatedPerson Profile | US Core PractitionerRole Profile)	Identifier of who
altId		0..1	string	Alternative User identity
name		0..1	string	Human friendly name for the agent
requestor	Σ	1..1	boolean	Whether user is initiator
location		0..1	Reference(Location)	Where
policy		0..*	uri	Policy that authorized event
media		0..1	Coding	Type of media Binding: MediaTypeCode (extensible): Used when the event is about exporting/importing onto media.
network		0..1	BackboneElement	Logical network location for application activity
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
address		0..1	string	Identifier for the network access point of the user device
type		0..1	code	The type of network access point Binding: AuditEventAgentNetworkType (required): The type of network access point of this agent in the audit event.
purposeOfUse		0..*	CodeableConcept	Reason given for this user Binding: PurposeOfUse (3.1.0) (extensible): The reason the activity took place.
agent:client		1..1	BackboneElement	Actor involved in the event
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	CodeableConcept	How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (Complex)
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://dicom.nema.org/resources/ontology/DCM
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 110150
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
text		0..1	string	Plain text representation of the concept
who	Σ	1..1	FASTReference(US Core Organization Profile | US Core Patient Profile | US Core Practitioner Profile | US Core RelatedPerson Profile | US Core PractitionerRole Profile)	Identifier of who
requestor	Σ	1..1	boolean	Whether user is initiator
policy	S	0..*	uri	Policy that authorized event
network		1..1	BackboneElement	Logical network location for application activity
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
address		0..1	string	Identifier for the network access point of the user device
type		0..1	code	The type of network access point Binding: AuditEventAgentNetworkType (required): The type of network access point of this agent in the audit event.
agent:user		1..1	BackboneElement	Actor involved in the event
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	CodeableConcept	How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (Complex)
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/v3-ParticipationType
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: IRCP
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
text		0..1	string	Plain text representation of the concept
role	S	0..*	CodeableConcept	Agent role in the event Binding: SecurityRoleType (example): What security role enabled the agent to participate in the event.
who	Σ	1..1	FASTReference(US Core Organization Profile | US Core Patient Profile | US Core Practitioner Profile | US Core RelatedPerson Profile | US Core PractitionerRole Profile)	Identifier of who
name	S	0..1	string	Human friendly name for the agent
requestor	Σ	1..1	boolean	Whether user is initiator Required Pattern: true
policy	S	0..*	uri	Policy that authorized event
purposeOfUse	S	0..*	CodeableConcept	Reason given for this user Binding: PurposeOfUse (3.1.0) (extensible): The reason the activity took place.
agent:userorg		1..1	BackboneElement	Actor involved in the event
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	CodeableConcept	How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (Complex)
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/v3-RoleClass
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: PROV
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
text		0..1	string	Plain text representation of the concept
who	SΣ	1..1	FASTReference(US Core Organization Profile | US Core Patient Profile | US Core Practitioner Profile | US Core RelatedPerson Profile | US Core PractitionerRole Profile)	Identifier of who
requestor	Σ	1..1	boolean	Whether user is initiator Required Pattern: false
purposeOfUse	S	0..*	CodeableConcept	Reason given for this user Binding: PurposeOfUse (3.1.0) (extensible): The reason the activity took place.
agent:authorizer	C	1..1	BackboneElement	Actor involved in the event Constraints: val-audit-source
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	CodeableConcept	How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (Complex)
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/extra-security-role-type
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: authserver
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
text		0..1	string	Plain text representation of the concept
who	Σ	1..1	FASTReference(US Core Organization Profile | US Core Patient Profile | US Core Practitioner Profile | US Core RelatedPerson Profile | US Core PractitionerRole Profile)	Identifier of who
requestor	Σ	1..1	boolean	Whether user is initiator Required Pattern: false
source		1..1	BackboneElement	Audit Event Reporter
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
site		0..1	string	Logical source location within the enterprise
observer	Σ	1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	The identity of source detecting the event
type		0..*	Coding	The type of source where event originated Binding: AuditEventSourceType (extensible): Code specifying the type of system that detected and recorded the event.
Slices for entity	C	2..*	BackboneElement	Data or objects used Slice: Unordered, Closed by value:type Constraints: sev-1
entity:All Slices				Content/Rules for all slices
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
what	Σ	0..1	Reference(Resource)	Specific instance of resource
type		0..1	Coding	Type of entity involved Binding: AuditEventEntityType (extensible): Code for the entity type involved in the audit event.
role		0..1	Coding	What role the entity played Binding: AuditEventEntityRole (extensible): Code representing the role the entity played in the audit event.
lifecycle		0..1	Coding	Life-cycle stage for the entity Binding: ObjectLifecycleEvents (extensible): Identifier for the data life-cycle stage for the entity.
securityLabel		0..*	Coding	Security labels on the entity Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System.
name	ΣC	0..1	string	Descriptor for entity
description		0..1	string	Descriptive text
query	ΣC	0..1	base64Binary	Query parameters
detail		0..*	BackboneElement	Additional Information about the entity
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	string	Name of the property
value[x]		1..1		Property value
valueString			string
valueBase64Binary			base64Binary
entity:patient	C	1..1	BackboneElement	Data or objects used Constraints: sev-1
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
what	Σ	1..1	FASTReference(US Core Patient Profile)	Specific instance of resource
type		1..1	Coding	Type of entity involved Binding: AuditEventEntityType (extensible): Code for the entity type involved in the audit event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/audit-entity-type
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 1
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
role		1..1	Coding	What role the entity played Binding: AuditEventEntityRole (extensible): Code representing the role the entity played in the audit event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/object-role
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 1
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
lifecycle		0..1	Coding	Life-cycle stage for the entity Binding: ObjectLifecycleEvents (extensible): Identifier for the data life-cycle stage for the entity.
securityLabel		0..*	Coding	Security labels on the entity Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System.
name	ΣC	0..1	string	Descriptor for entity
description		0..1	string	Descriptive text
query	ΣC	0..1	base64Binary	Query parameters
detail		0..*	BackboneElement	Additional Information about the entity
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	string	Name of the property
value[x]		1..1		Property value
valueString			string
valueBase64Binary			base64Binary
entity:consent	C	1..*	BackboneElement	Data or objects used Constraints: sev-1
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
what	SΣ	1..1	Reference(FASTConsent)	Specific instance of resource
type		1..1	Coding	Type of entity involved Binding: AuditEventEntityType (extensible): Code for the entity type involved in the audit event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://hl7.org/fhir/resource-types
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: Consent
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
role		0..1	Coding	What role the entity played Binding: AuditEventEntityRole (extensible): Code representing the role the entity played in the audit event.
lifecycle		0..1	Coding	Life-cycle stage for the entity Binding: ObjectLifecycleEvents (extensible): Identifier for the data life-cycle stage for the entity.
securityLabel		0..*	Coding	Security labels on the entity Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System.
name	ΣC	0..1	string	Descriptor for entity
description		0..1	string	Descriptive text
query	ΣC	0..1	base64Binary	Query parameters
detail		0..*	BackboneElement	Additional Information about the entity
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	string	Name of the property
value[x]		1..1		Property value
valueString			string
valueBase64Binary			base64Binary
entity:token	C	0..1	BackboneElement	Data or objects used Constraints: sev-1
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
what	Σ	1..1	Reference(Resource)	Specific instance of resource
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations Slice: Unordered, Open by value:url
reference	ΣC	0..1	string	Literal reference, Relative, internal or absolute URL
type	Σ	0..1	uri	Type the reference refers to (e.g. "Patient") Binding: ResourceType (extensible): Aa resource (or, for logical models, the URI of the logical model).
identifier	Σ	1..1	Identifier	Logical reference, when literal reference is not known
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations Slice: Unordered, Open by value:url
use	?!Σ	0..1	code	usual | official | temp | secondary | old (If known) Binding: IdentifierUse (required): Identifies the purpose for this identifier, if known .
type	Σ	0..1	CodeableConcept	Description of identifier Binding: Identifier Type Codes (extensible): A coded type for an identifier that can be used to determine which identifier to use for a specific purpose.
system	Σ	0..1	uri	The namespace for the identifier value Example General: http://www.acme.com/identifiers/patient
value	Σ	1..1	string	jti (JWT ID) Example General: 123456
period	Σ	0..1	Period	Time period when id is/was valid for use
assigner	Σ	0..1	Reference(Organization)	Organization that issued id (may be just text)
display	Σ	0..1	string	Text alternative for the resource
type		1..1	Coding	Type of entity involved Binding: AuditEventEntityType (extensible): Code for the entity type involved in the audit event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: https://profiles.ihe.net/ITI/BALP/CodeSystem/UserAgentTypes
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: UserOauthAgent
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
role		0..1	Coding	What role the entity played Binding: AuditEventEntityRole (extensible): Code representing the role the entity played in the audit event.
lifecycle		0..1	Coding	Life-cycle stage for the entity Binding: ObjectLifecycleEvents (extensible): Identifier for the data life-cycle stage for the entity.
securityLabel		0..*	Coding	Security labels on the entity Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System.
name	ΣC	0..1	string	Descriptor for entity
description		0..1	string	Descriptive text
query	ΣC	0..1	base64Binary	Query parameters
detail		0..*	BackboneElement	Additional Information about the entity
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	string	Name of the property
value[x]		1..1		Property value
valueString			string
valueBase64Binary			base64Binary
Documentation for this format

Terminology Bindings

Path	Status	Usage	ValueSet	Version	Source
AuditEvent.language	Base	preferred	Common Languages	📍4.0.1	FHIR Std.
AuditEvent.type	Base	extensible	Audit Event ID	📍4.0.1	FHIR Std.
AuditEvent.subtype	Base	required	Authorization subType events valueset	📦1.1.4	Basic Audit Log Patterns v1.1
AuditEvent.action	Base	required	AuditEventAction	📍4.0.1	FHIR Std.
AuditEvent.outcome	Base	required	AuditEventOutcome	📍4.0.1	FHIR Std.
AuditEvent.purposeOfEvent	Base	extensible	PurposeOfUse	📍3.1.0	THO v7.1
AuditEvent.agent.type	Base	extensible	ParticipationRoleType	📍4.0.1	FHIR Std.
AuditEvent.agent.role	Base	example	SecurityRoleType	📍4.0.1	FHIR Std.
AuditEvent.agent.media	Base	extensible	Media Type Code	📍4.0.1	FHIR Std.
AuditEvent.agent.network.​type	Base	required	AuditEventAgentNetworkType	📍4.0.1	FHIR Std.
AuditEvent.agent.purposeOfUse	Base	extensible	PurposeOfUse	📍3.1.0	THO v7.1
AuditEvent.agent:client.​type	Base	extensible	ParticipationRoleType	📍4.0.1	FHIR Std.
AuditEvent.agent:client.​network.type	Base	required	AuditEventAgentNetworkType	📍4.0.1	FHIR Std.
AuditEvent.agent:user.​type	Base	extensible	ParticipationRoleType	📍4.0.1	FHIR Std.
AuditEvent.agent:user.​role	Base	example	SecurityRoleType	📍4.0.1	FHIR Std.
AuditEvent.agent:user.​network.type	Base	required	AuditEventAgentNetworkType	📍4.0.1	FHIR Std.
AuditEvent.agent:user.​purposeOfUse	Base	extensible	PurposeOfUse	📍3.1.0	THO v7.1
AuditEvent.agent:userorg.​type	Base	extensible	ParticipationRoleType	📍4.0.1	FHIR Std.
AuditEvent.agent:userorg.​network.type	Base	required	AuditEventAgentNetworkType	📍4.0.1	FHIR Std.
AuditEvent.agent:userorg.​purposeOfUse	Base	extensible	PurposeOfUse	📍3.1.0	THO v7.1
AuditEvent.agent:authorizer.​type	Base	extensible	ParticipationRoleType	📍4.0.1	FHIR Std.
AuditEvent.agent:authorizer.​network.type	Base	required	AuditEventAgentNetworkType	📍4.0.1	FHIR Std.
AuditEvent.source.type	Base	extensible	Audit Event Source Type	📍4.0.1	FHIR Std.
AuditEvent.entity.type	Base	extensible	Audit event entity type	📍4.0.1	FHIR Std.
AuditEvent.entity.role	Base	extensible	AuditEventEntityRole	📍4.0.1	FHIR Std.
AuditEvent.entity.lifecycle	Base	extensible	ObjectLifecycleEvents	📍4.0.1	FHIR Std.
AuditEvent.entity.securityLabel	Base	extensible	SecurityLabels	📍4.0.1	FHIR Std.
AuditEvent.entity:patient.​type	Base	extensible	Audit event entity type	📍4.0.1	FHIR Std.
AuditEvent.entity:patient.​role	Base	extensible	AuditEventEntityRole	📍4.0.1	FHIR Std.
AuditEvent.entity:patient.​lifecycle	Base	extensible	ObjectLifecycleEvents	📍4.0.1	FHIR Std.
AuditEvent.entity:patient.​securityLabel	Base	extensible	SecurityLabels	📍4.0.1	FHIR Std.
AuditEvent.entity:consent.​type	Base	extensible	Audit event entity type	📍4.0.1	FHIR Std.
AuditEvent.entity:consent.​role	Base	extensible	AuditEventEntityRole	📍4.0.1	FHIR Std.
AuditEvent.entity:consent.​lifecycle	Base	extensible	ObjectLifecycleEvents	📍4.0.1	FHIR Std.
AuditEvent.entity:consent.​securityLabel	Base	extensible	SecurityLabels	📍4.0.1	FHIR Std.
AuditEvent.entity:token.​what.type	Base	extensible	ResourceType	📍4.0.1	FHIR Std.
AuditEvent.entity:token.​what.identifier.use	Base	required	IdentifierUse	📍4.0.1	FHIR Std.
AuditEvent.entity:token.​what.identifier.type	Base	extensible	IdentifierType	📍4.0.1	FHIR Std.
AuditEvent.entity:token.​type	Base	extensible	Audit event entity type	📍4.0.1	FHIR Std.
AuditEvent.entity:token.​role	Base	extensible	AuditEventEntityRole	📍4.0.1	FHIR Std.
AuditEvent.entity:token.​lifecycle	Base	extensible	ObjectLifecycleEvents	📍4.0.1	FHIR Std.
AuditEvent.entity:token.​securityLabel	Base	extensible	SecurityLabels	📍4.0.1	FHIR Std.

Constraints

Id	Grade	Path(s)	Description	Expression
dom-2	error	AuditEvent	If the resource is contained in another resource, it SHALL NOT contain nested Resources	contained.contained.empty()
dom-3	error	AuditEvent	If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource	contained.where((('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(canonical) = '#').exists()).not()).trace('unmatched', id).empty()
dom-4	error	AuditEvent	If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated	contained.meta.versionId.empty() and contained.meta.lastUpdated.empty()
dom-5	error	AuditEvent	If a resource is contained in another resource, it SHALL NOT have a security label	contained.meta.security.empty()
dom-6	best practice	AuditEvent	A resource should have narrative for robust management	text.`div`.exists()
ele-1	error	**ALL** elements	All FHIR elements must have a @value or children	hasValue() or (children().count() > id.count())
ext-1	error	**ALL** extensions	Must have either extensions or value[x], not both	extension.exists() != value.exists()
sev-1	error	AuditEvent.entity, AuditEvent.entity:patient, AuditEvent.entity:consent, AuditEvent.entity:token	Either a name or a query (NOT both)	name.empty() or query.empty()
val-audit-source	error	AuditEvent.agent:authorizer	The Audit Source is this agent too.	$this.who = %resource.source.observer