Basic Audit Log Patterns (BALP)
1.1.4-current - ci-build International flag

Basic Audit Log Patterns (BALP), published by IHE IT Infrastructure Technical Committee. This guide is not an authorized publication; it is the continuous build for version 1.1.4-current built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/IHE/ITI.BasicAudit/ and changes regularly. See the Directory of published versions

: Audit Example of a basic Authorization Deny access - XML Representation

Raw xml | Download



<AuditEvent xmlns="http://hl7.org/fhir">
  <id value="ex-auditAuthZconsent-deny"/>
  <meta>
    <profile
             value="https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.AuthZconsent"/>
    <security>
      <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
      <code value="HTEST"/>
    </security>
  </meta>
  <text>
    <status value="generated"/>
    <div xmlns="http://www.w3.org/1999/xhtml"><p class="res-header-id"><b>Generated Narrative: AuditEvent ex-auditAuthZconsent-deny</b></p><a name="ex-auditAuthZconsent-deny"> </a><a name="hcex-auditAuthZconsent-deny"> </a><a name="ex-auditAuthZconsent-deny-en-US"> </a><p><b>type</b>: <a href="http://hl7.org/fhir/R4/codesystem-dicom-dcim.html#dicom-dcim-110113">DICOM Controlled Terminology Definitions</a> 110113: Security Alert</p><p><b>subtype</b>: <a href="CodeSystem-AuthZsubType.html#AuthZsubType-AuthZ-Consent">Authorization subType events</a> AuthZ-Consent: Authorization Decision using Roles and Consent</p><p><b>action</b>: Execute</p><p><b>recorded</b>: 2021-12-27 09:49:00+0000</p><p><b>outcome</b>: Serious failure</p><p><b>outcomeDesc</b>: Consent denied access to this user</p><blockquote><p><b>agent</b></p><p><b>type</b>: <span title="Codes:{http://dicom.nema.org/resources/ontology/DCM 110150}">Application</span></p><p><b>who</b>: <a href="Device-ex-device.html">Device</a></p><p><b>requestor</b>: false</p><h3>Networks</h3><table class="grid"><tr><td style="display: none">-</td><td><b>Address</b></td><td><b>Type</b></td></tr><tr><td style="display: none">*</td><td>2001:0db8:85a3:0000:0000:8a2e:0370:7334</td><td>IP Address</td></tr></table></blockquote><blockquote><p><b>agent</b></p><p><b>type</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ParticipationType IRCP}">information recipient</span></p><p><b>who</b>: <a href="Practitioner-ex-practitioner.html">Practitioner: telecom = JohnMoehrke@gmail.com</a></p><p><b>requestor</b>: true</p><p><b>purposeOfUse</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-ActReason PATRQT}">patient requested</span></p></blockquote><blockquote><p><b>agent</b></p><p><b>type</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/v3-RoleClass PROV}">healthcare provider</span></p><p><b>who</b>: <a href="Organization-ex-organization.html">Organization nowhere</a></p><p><b>requestor</b>: false</p></blockquote><blockquote><p><b>agent</b></p><p><b>type</b>: <span title="Codes:{http://terminology.hl7.org/CodeSystem/extra-security-role-type authserver}">Authorization Server</span></p><p><b>who</b>: <a href="Device-ex-authz.html">Device</a></p><p><b>requestor</b>: false</p></blockquote><h3>Sources</h3><table class="grid"><tr><td style="display: none">-</td><td><b>Site</b></td><td><b>Observer</b></td><td><b>Type</b></td></tr><tr><td style="display: none">*</td><td>server.example.com</td><td><a href="Device-ex-authz.html">Device</a></td><td><a href="http://terminology.hl7.org/6.0.0/CodeSystem-security-source-type.html#security-source-type-6">Audit Event Source Type</a> 6: Security Server</td></tr></table><blockquote><p><b>entity</b></p><p><b>what</b>: <a href="Patient-ex-patient.html">John Schmidt  Other, DoB: 1923-07-25</a></p><p><b>type</b>: <a href="http://terminology.hl7.org/6.0.0/CodeSystem-audit-entity-type.html#audit-entity-type-1">Audit event entity type</a> 1: Person</p><p><b>role</b>: <a href="http://terminology.hl7.org/6.0.0/CodeSystem-object-role.html#object-role-1">AuditEventEntityRole</a> 1: Patient</p></blockquote><blockquote><p><b>entity</b></p><p><b>what</b>: <a href="Consent-ex-consent.html">Consent: status = active; scope = Privacy Consent; category = Privacy policy acknowledgment Document</a></p><p><b>type</b>: <a href="http://hl7.org/fhir/R4/codesystem-resource-types.html#resource-types-Consent">ResourceType</a> Consent: Consent</p></blockquote></div>
  </text>
  <type>
    <system value="http://dicom.nema.org/resources/ontology/DCM"/>
    <code value="110113"/>
    <display value="Security Alert"/>
  </type>
  <subtype>
    <system
            value="https://profiles.ihe.net/ITI/BALP/CodeSystem/AuthZsubType"/>
    <code value="AuthZ-Consent"/>
  </subtype>
  <action value="E"/>
  <recorded value="2021-12-27T09:49:00.000Z"/>
  <outcome value="8"/>
  <outcomeDesc value="Consent denied access to this user"/>
  <agent>
    <type>
      <coding>
        <system value="http://dicom.nema.org/resources/ontology/DCM"/>
        <code value="110150"/>
      </coding>
    </type>
    <who>🔗 
      <reference value="Device/ex-device"/>
    </who>
    <requestor value="false"/>
    <network>
      <address value="2001:0db8:85a3:0000:0000:8a2e:0370:7334"/>
      <type value="2"/>
    </network>
  </agent>
  <agent>
    <type>
      <coding>
        <system
                value="http://terminology.hl7.org/CodeSystem/v3-ParticipationType"/>
        <code value="IRCP"/>
      </coding>
    </type>
    <who>🔗 
      <reference value="Practitioner/ex-practitioner"/>
    </who>
    <requestor value="true"/>
    <purposeOfUse>
      <coding>
        <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
        <code value="PATRQT"/>
      </coding>
    </purposeOfUse>
  </agent>
  <agent>
    <type>
      <coding>
        <system value="http://terminology.hl7.org/CodeSystem/v3-RoleClass"/>
        <code value="PROV"/>
      </coding>
    </type>
    <who>🔗 
      <reference value="Organization/ex-organization"/>
    </who>
    <requestor value="false"/>
  </agent>
  <agent>
    <type>
      <coding>
        <system
                value="http://terminology.hl7.org/CodeSystem/extra-security-role-type"/>
        <code value="authserver"/>
      </coding>
    </type>
    <who>🔗 
      <reference value="Device/ex-authz"/>
    </who>
    <requestor value="false"/>
  </agent>
  <source>
    <site value="server.example.com"/>
    <observer>🔗 
      <reference value="Device/ex-authz"/>
    </observer>
    <type>
      <system
              value="http://terminology.hl7.org/CodeSystem/security-source-type"/>
      <code value="6"/>
      <display value="Security Server"/>
    </type>
  </source>
  <entity>
    <what>🔗 
      <reference value="Patient/ex-patient"/>
    </what>
    <type>
      <system
              value="http://terminology.hl7.org/CodeSystem/audit-entity-type"/>
      <code value="1"/>
    </type>
    <role>
      <system value="http://terminology.hl7.org/CodeSystem/object-role"/>
      <code value="1"/>
      <display value="Patient"/>
    </role>
  </entity>
  <entity>
    <what>🔗 
      <reference value="Consent/ex-consent"/>
    </what>
    <type>
      <system value="http://hl7.org/fhir/resource-types"/>
      <code value="Consent"/>
    </type>
  </entity>
</AuditEvent>