Basic Audit Log Patterns (BALP)
1.1.4-current - ci-build
Basic Audit Log Patterns (BALP), published by IHE IT Infrastructure Technical Committee. This guide is not an authorized publication; it is the continuous build for version 1.1.4-current built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/IHE/ITI.BasicAudit/ and changes regularly. See the Directory of published versions
<AuditEvent xmlns="http://hl7.org/fhir">
<id value="ex-auditAuthZconsent-deny"/>
<meta>
<profile
value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.AuthZconsent"/>
<security>
<system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
<code value="HTEST"/>
</security>
</meta>
<text>
<status value="generated"/>
<div xmlns="http://www.w3.org/1999/xhtml"><p class="res-header-id"><b>Generated Narrative: AuditEvent ex-auditAuthZconsent-deny</b></p><a name="ex-auditAuthZconsent-deny"> </a><a name="hcex-auditAuthZconsent-deny"> </a><a name="ex-auditAuthZconsent-deny-en-US"> </a><p><b>type</b>: <a href="http://hl7.org/fhir/R4/codesystem-dicom-dcim.html#dicom-dcim-110113">DICOM 110113</a>: Security Alert</p><p><b>subtype</b>: <a href="CodeSystem-AuthZsubType.html#AuthZsubType-AuthZ-Consent">Authorization subType events AuthZ-Consent</a>: Authorization Decision using Roles and Consent</p><p><b>action</b>: Execute</p><p><b>recorded</b>: 2021-12-27 09:49:00+0000</p><p><b>outcome</b>: Serious failure</p><p><b>outcomeDesc</b>: Consent denied access to this user</p><blockquote><p><b>agent</b></p><p><b>type</b>: <span title="Codes:{http://dicom.nema.org/resources/ontology/DCM 110150}">Application</span></p><p><b>who</b>: <a href="Device-ex-device.html">Device</a></p><p><b>requestor</b>: false</p><h3>Networks</h3><table class="grid"><tr><td style="display: none">-</td><td><b>Address</b></td><td><b>Type</b></td></tr><tr><td style="display: none">*</td><td>2001:0db8:85a3:0000:0000:8a2e:0370:7334</td><td>IP Address</td></tr></table></blockquote><blockquote><p><b>agent</b></p><p><b>type</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ParticipationType IRCP}">information recipient</span></p><p><b>who</b>: <a href="Practitioner-ex-practitioner.html">Practitioner: telecom = JohnMoehrke@gmail.com</a></p><p><b>requestor</b>: true</p><p><b>purposeOfUse</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason PATRQT}">patient requested</span></p></blockquote><blockquote><p><b>agent</b></p><p><b>type</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-RoleClass PROV}">healthcare provider</span></p><p><b>who</b>: <a href="Organization-ex-organization.html">Organization nowhere</a></p><p><b>requestor</b>: false</p></blockquote><blockquote><p><b>agent</b></p><p><b>type</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/extra-security-role-type authserver}">Authorization Server</span></p><p><b>who</b>: <a href="Device-ex-authz.html">Device</a></p><p><b>requestor</b>: false</p></blockquote><h3>Sources</h3><table class="grid"><tr><td style="display: none">-</td><td><b>Site</b></td><td><b>Observer</b></td><td><b>Type</b></td></tr><tr><td style="display: none">*</td><td>server.example.com</td><td><a href="Device-ex-authz.html">Device</a></td><td><a href="http://terminology.hl7.org/6.0.2/CodeSystem-security-source-type.html#security-source-type-6">Audit Event Source Type 6</a>: Security Server</td></tr></table><blockquote><p><b>entity</b></p><p><b>what</b>: <a href="Patient-ex-patient.html">John Schmidt Other, DoB: 1923-07-25</a></p><p><b>type</b>: <a href="http://terminology.hl7.org/6.0.2/CodeSystem-audit-entity-type.html#audit-entity-type-1">Audit event entity type 1</a>: Person</p><p><b>role</b>: <a href="http://terminology.hl7.org/6.0.2/CodeSystem-object-role.html#object-role-1">AuditEventEntityRole 1</a>: Patient</p></blockquote><blockquote><p><b>entity</b></p><p><b>what</b>: <a href="Consent-ex-consent.html">Consent: status = active; scope = Privacy Consent; category = Privacy policy acknowledgment Document</a></p><p><b>type</b>: <a href="http://hl7.org/fhir/R4/codesystem-resource-types.html#resource-types-Consent">ResourceType Consent</a>: Consent</p></blockquote></div>
</text>
<type>
<system value="http://dicom.nema.org/resources/ontology/DCM"/>
<code value="110113"/>
<display value="Security Alert"/>
</type>
<subtype>
<system
value="https://profiles.ihe.net/ITI/BALP/CodeSystem/AuthZsubType"/>
<code value="AuthZ-Consent"/>
</subtype>
<action value="E"/>
<recorded value="2021-12-27T09:49:00.000Z"/>
<outcome value="8"/>
<outcomeDesc value="Consent denied access to this user"/>
<agent>
<type>
<coding>
<system value="http://dicom.nema.org/resources/ontology/DCM"/>
<code value="110150"/>
</coding>
</type>
<who>🔗
<reference value="Device/ex-device"/>
</who>
<requestor value="false"/>
<network>
<address value="2001:0db8:85a3:0000:0000:8a2e:0370:7334"/>
<type value="2"/>
</network>
</agent>
<agent>
<type>
<coding>
<system
value="http://terminology.hl7.org/CodeSystem/v3-ParticipationType"/>
<code value="IRCP"/>
</coding>
</type>
<who>🔗
<reference value="Practitioner/ex-practitioner"/>
</who>
<requestor value="true"/>
<purposeOfUse>
<coding>
<system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
<code value="PATRQT"/>
</coding>
</purposeOfUse>
</agent>
<agent>
<type>
<coding>
<system value="http://terminology.hl7.org/CodeSystem/v3-RoleClass"/>
<code value="PROV"/>
</coding>
</type>
<who>🔗
<reference value="Organization/ex-organization"/>
</who>
<requestor value="false"/>
</agent>
<agent>
<type>
<coding>
<system
value="http://terminology.hl7.org/CodeSystem/extra-security-role-type"/>
<code value="authserver"/>
</coding>
</type>
<who>🔗
<reference value="Device/ex-authz"/>
</who>
<requestor value="false"/>
</agent>
<source>
<site value="server.example.com"/>
<observer>🔗
<reference value="Device/ex-authz"/>
</observer>
<type>
<system
value="http://terminology.hl7.org/CodeSystem/security-source-type"/>
<code value="6"/>
<display value="Security Server"/>
</type>
</source>
<entity>
<what>🔗
<reference value="Patient/ex-patient"/>
</what>
<type>
<system
value="http://terminology.hl7.org/CodeSystem/audit-entity-type"/>
<code value="1"/>
</type>
<role>
<system value="http://terminology.hl7.org/CodeSystem/object-role"/>
<code value="1"/>
<display value="Patient"/>
</role>
</entity>
<entity>
<what>🔗
<reference value="Consent/ex-consent"/>
</what>
<type>
<system value="http://hl7.org/fhir/resource-types"/>
<code value="Consent"/>
</type>
</entity>
</AuditEvent>