Basic Audit Log Patterns (BALP)
1.1.4-current - ci-build
Basic Audit Log Patterns (BALP), published by IHE IT Infrastructure Technical Committee. This guide is not an authorized publication; it is the continuous build for version 1.1.4-current built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/IHE/ITI.BasicAudit/ and changes regularly. See the Directory of published versions
Active as of 2022-10-28 |
{
"resourceType" : "CapabilityStatement",
"id" : "IHE.BALP.ATNA.AuditRecordRepository",
"text" : {
"status" : "extensions",
"div" : "<div xmlns=\"http://www.w3.org/1999/xhtml\"><p class=\"res-header-id\"><b>Generated Narrative: CapabilityStatement IHE.BALP.ATNA.AuditRecordRepository</b></p><a name=\"IHE.BALP.ATNA.AuditRecordRepository\"> </a><a name=\"hcIHE.BALP.ATNA.AuditRecordRepository\"> </a><a name=\"IHE.BALP.ATNA.AuditRecordRepository-en-US\"> </a><h2 id=\"title\">IHE ATNA Audit Record Repository supporting BALP Content</h2><ul><li>Implementation Guide Version: 1.1.4-current </li><li>FHIR Version: 4.0.1 </li><li>Supported Formats: <code>application/fhir+xml</code>, <code>application/fhir+json</code></li><li>Supported Patch Formats: </li><li>Published on: 2022-10-28 </li><li>Published by: IHE IT Infrastructure Technical Committee </li></ul><blockquote class=\"impl-note\"><p><strong>Note to Implementers: FHIR Capabilities</strong></p><p>Any FHIR capability may be 'allowed' by the system unless explicitly marked as 'SHALL NOT'. A few items are marked as MAY in the Implementation Guide to highlight their potential relevance to the use case.</p></blockquote><h2 id=\"rest\">FHIR RESTful Capabilities</h2><div class=\"panel panel-default\"><div class=\"panel-heading\"><h3 id=\"mode1\" class=\"panel-title\">Mode: <code>server</code></h3></div><div class=\"panel-body\"><div class=\"lead\"><em>Security</em></div><blockquote><div><p><a href=\"https://profiles.ihe.net/ITI/TF/Volume1/ch-9.html\">ATNA</a> required, encouraged <a href=\"https://profiles.ihe.net/ITI/IUA/index.html\">IHE-IUA</a> or SMART-on-FHIR</p>\n</div></blockquote><div class=\"lead\"><em>Summary of System-wide Interactions</em></div></div></div><h3 id=\"resourcesCap1\">Capabilities by Resource/Profile</h3><h4 id=\"resourcesSummary1\">Summary</h4><p>The summary table lists the resources that are part of this configuration, and for each resource it lists:</p><ul><li>The relevant profiles (if any)</li><li>The interactions supported by each resource (<b><span class=\"bg-info\">R</span></b>ead, <b><span class=\"bg-info\">S</span></b>earch, <b><span class=\"bg-info\">U</span></b>pdate, and <b><span class=\"bg-info\">C</span></b>reate, are always shown, while <b><span class=\"bg-info\">VR</span></b>ead, <b><span class=\"bg-info\">P</span></b>atch, <b><span class=\"bg-info\">D</span></b>elete, <b><span class=\"bg-info\">H</span></b>istory on <b><span class=\"bg-info\">I</span></b>nstance, or <b><span class=\"bg-info\">H</span></b>istory on <b><span class=\"bg-info\">T</span></b>ype are only present if at least one of the resources has support for them.</li><li><span>The required, recommended, and some optional search parameters (if any). </span></li><li>The linked resources enabled for <code>_include</code></li><li>The other resources enabled for <code>_revinclude</code></li><li>The operations on the resource (if any)</li></ul><div class=\"table-responsive\"><table class=\"table table-condensed table-hover\"><thead><tr><th><b>Resource Type</b></th><th><b>Profile</b></th><th class=\"text-center\"><b title=\"GET a resource (read interaction)\">R</b></th><th class=\"text-center\"><b title=\"GET all set of resources of the type (search interaction)\">S</b></th><th class=\"text-center\"><b title=\"PUT a new resource version (update interaction)\">U</b></th><th class=\"text-center\"><b title=\"POST a new resource (create interaction)\">C</b></th><th><b title=\"Required and recommended search parameters\">Searches</b></th><th><code><b>_include</b></code></th><th><code><b>_revinclude</b></code></th><th><b>Operations</b></th></tr></thead><tbody><tr><td><a href=\"#AuditEvent1-1\">AuditEvent</a></td><td>Supported Profiles<br/>\u00a0\u00a0<a href=\"StructureDefinition-IHE.BasicAudit.Create.html\">Basic AuditEvent for a successful Create not related to a Patient</a><br/>\u00a0\u00a0<a href=\"StructureDefinition-IHE.BasicAudit.Read.html\">Basic AuditEvent for a successful Read</a><br/>\u00a0\u00a0<a href=\"StructureDefinition-IHE.BasicAudit.Update.html\">Basic AuditEvent for a successful Update</a><br/>\u00a0\u00a0<a href=\"StructureDefinition-IHE.BasicAudit.Delete.html\">Basic AuditEvent for a successful Delete</a><br/>\u00a0\u00a0<a href=\"StructureDefinition-IHE.BasicAudit.Query.html\">Basic AuditEvent for a successful Query</a><br/>\u00a0\u00a0<a href=\"StructureDefinition-IHE.BasicAudit.PatientCreate.html\">Basic AuditEvent for a successful Create with known Patient subject</a><br/>\u00a0\u00a0<a href=\"StructureDefinition-IHE.BasicAudit.PatientRead.html\">Basic AuditEvent for a successful Read with a Patient</a><br/>\u00a0\u00a0<a href=\"StructureDefinition-IHE.BasicAudit.PatientUpdate.html\">Basic AuditEvent for a successful Update with a Patient subject</a><br/>\u00a0\u00a0<a href=\"StructureDefinition-IHE.BasicAudit.PatientDelete.html\">Basic AuditEvent for a successful Delete with Patient</a><br/>\u00a0\u00a0<a href=\"StructureDefinition-IHE.BasicAudit.PatientQuery.html\">Basic AuditEvent for a successful Query with Patient</a><br/>\u00a0\u00a0<a href=\"StructureDefinition-IHE.IUA.71.html\">IHE IUA ITI-71 AuditEvent for a successful Get Access Token</a><br/>\u00a0\u00a0<a href=\"StructureDefinition-IHE.BasicAudit.OAUTHaccessTokenUse.Comprehensive.html\">Basic AuditEvent pattern for when an activity was authorized by an IUA access token</a><br/>\u00a0\u00a0<a href=\"StructureDefinition-IHE.BasicAudit.OAUTHaccessTokenUse.Minimal.html\">Basic AuditEvent pattern for oAuth Opaque</a><br/>\u00a0\u00a0<a href=\"StructureDefinition-IHE.BasicAudit.OAUTHaccessTokenUse.Opaque.html\">Basic AuditEvent pattern for oAuth Opaque</a><br/>\u00a0\u00a0<a href=\"StructureDefinition-IHE.BasicAudit.SAMLaccessTokenUse.Comprehensive.html\">Basic AuditEvent pattern for when an activity was authorized by an SAML access token Comprehensive</a><br/>\u00a0\u00a0<a href=\"StructureDefinition-IHE.BasicAudit.SAMLaccessTokenUse.Minimal.html\">Basic AuditEvent pattern for when an activity was authorized by an SAML access token Minimal</a><br/>\u00a0\u00a0<a href=\"StructureDefinition-IHE.BasicAudit.AuthZconsent.html\">Basic AuditEvent pattern for when an Authorization permit is decided</a><br/>\u00a0\u00a0<a href=\"StructureDefinition-IHE.BasicAudit.PrivacyDisclosure.Recipient.html\">Audit Event for a Privacy Disclosure as recorded by a Recipient</a><br/>\u00a0\u00a0<a href=\"StructureDefinition-IHE.BasicAudit.PrivacyDisclosure.Source.html\">Audit Event for Privacy Disclosure at Source</a></td><td class=\"text-center\">y</td><td class=\"text-center\">y</td><td class=\"text-center\"></td><td class=\"text-center\">y</td><td>_id, _lastUpdated, date, address, agent.identifier, patient.identifier, entity.identifier, entity-type, entity-role, source.identifier, type, subtype, outcome</td><td/><td/><td/></tr></tbody></table></div><hr/><div class=\"panel panel-default\"><div class=\"panel-heading\"><h4 id=\"AuditEvent1-1\" class=\"panel-title\"><span style=\"float: right;\">Resource Conformance: supported </span>AuditEvent</h4></div><div class=\"panel-body\"><div class=\"container\"><div class=\"row\"><div class=\"col-lg-4\"><span class=\"lead\">Core FHIR Resource</span><br/><a href=\"http://hl7.org/fhir/R4/auditevent.html\">AuditEvent</a></div><div class=\"col-lg-4\"><span class=\"lead\">Reference Policy</span><br/></div><div class=\"col-lg-4\"><span class=\"lead\">Interaction summary</span><br/><ul><li>Supports <code>search-type</code>, <code>read</code>, <code>create</code>.</li></ul></div></div><p/><div class=\"row\"><div class=\"col-6\"><span class=\"lead\">Supported Profiles</span><p><a href=\"StructureDefinition-IHE.BasicAudit.Create.html\">Basic AuditEvent for a successful Create not related to a Patient</a><br/><a href=\"StructureDefinition-IHE.BasicAudit.Read.html\">Basic AuditEvent for a successful Read</a><br/><a href=\"StructureDefinition-IHE.BasicAudit.Update.html\">Basic AuditEvent for a successful Update</a><br/><a href=\"StructureDefinition-IHE.BasicAudit.Delete.html\">Basic AuditEvent for a successful Delete</a><br/><a href=\"StructureDefinition-IHE.BasicAudit.Query.html\">Basic AuditEvent for a successful Query</a><br/><a href=\"StructureDefinition-IHE.BasicAudit.PatientCreate.html\">Basic AuditEvent for a successful Create with known Patient subject</a><br/><a href=\"StructureDefinition-IHE.BasicAudit.PatientRead.html\">Basic AuditEvent for a successful Read with a Patient</a><br/><a href=\"StructureDefinition-IHE.BasicAudit.PatientUpdate.html\">Basic AuditEvent for a successful Update with a Patient subject</a><br/><a href=\"StructureDefinition-IHE.BasicAudit.PatientDelete.html\">Basic AuditEvent for a successful Delete with Patient</a><br/><a href=\"StructureDefinition-IHE.BasicAudit.PatientQuery.html\">Basic AuditEvent for a successful Query with Patient</a><br/><a href=\"StructureDefinition-IHE.IUA.71.html\">IHE IUA ITI-71 AuditEvent for a successful Get Access Token</a><br/><a href=\"StructureDefinition-IHE.BasicAudit.OAUTHaccessTokenUse.Comprehensive.html\">Basic AuditEvent pattern for when an activity was authorized by an IUA access token</a><br/><a href=\"StructureDefinition-IHE.BasicAudit.OAUTHaccessTokenUse.Minimal.html\">Basic AuditEvent pattern for oAuth Opaque</a><br/><a href=\"StructureDefinition-IHE.BasicAudit.OAUTHaccessTokenUse.Opaque.html\">Basic AuditEvent pattern for oAuth Opaque</a><br/><a href=\"StructureDefinition-IHE.BasicAudit.SAMLaccessTokenUse.Comprehensive.html\">Basic AuditEvent pattern for when an activity was authorized by an SAML access token Comprehensive</a><br/><a href=\"StructureDefinition-IHE.BasicAudit.SAMLaccessTokenUse.Minimal.html\">Basic AuditEvent pattern for when an activity was authorized by an SAML access token Minimal</a><br/><a href=\"StructureDefinition-IHE.BasicAudit.AuthZconsent.html\">Basic AuditEvent pattern for when an Authorization permit is decided</a><br/><a href=\"StructureDefinition-IHE.BasicAudit.PrivacyDisclosure.Recipient.html\">Audit Event for a Privacy Disclosure as recorded by a Recipient</a><br/><a href=\"StructureDefinition-IHE.BasicAudit.PrivacyDisclosure.Source.html\">Audit Event for Privacy Disclosure at Source</a></p></div></div><p/><div class=\"row\"><div class=\"col-12\"><span class=\"lead\">Documentation</span><blockquote><div><p>For Retrieve ATNA Audit Event [ITI-81] and the FHIR Record Audit Event [ITI-20]. Note that all BALP Content profiles are listed here.</p>\n</div></blockquote></div></div><div class=\"row\"><div class=\"col-lg-7\"><span class=\"lead\">Search Parameters</span><table class=\"table table-condensed table-hover\"><thead><tr><th>Conformance</th><th>Parameter</th><th>Type</th><th>Documentation</th></tr></thead><tbody><tr><td><b>SHALL</b></td><td>_id</td><td><code>token</code></td><td><div/></td></tr><tr><td><b>SHALL</b></td><td>_lastUpdated</td><td><code>date</code></td><td><div/></td></tr><tr><td><b>SHALL</b></td><td>date</td><td><code>date</code></td><td><div/></td></tr><tr><td><b>SHALL</b></td><td>address</td><td><code>string</code></td><td><div/></td></tr><tr><td><b>SHALL</b></td><td>agent.identifier</td><td><code>token</code></td><td><div/></td></tr><tr><td><b>SHALL</b></td><td>patient.identifier</td><td><code>token</code></td><td><div/></td></tr><tr><td><b>SHALL</b></td><td>entity.identifier</td><td><code>token</code></td><td><div/></td></tr><tr><td><b>SHALL</b></td><td>entity-type</td><td><code>token</code></td><td><div/></td></tr><tr><td><b>SHALL</b></td><td>entity-role</td><td><code>token</code></td><td><div/></td></tr><tr><td><b>SHALL</b></td><td>source.identifier</td><td><code>token</code></td><td><div/></td></tr><tr><td><b>SHALL</b></td><td>type</td><td><code>token</code></td><td><div/></td></tr><tr><td><b>SHALL</b></td><td>subtype</td><td><code>token</code></td><td><div/></td></tr><tr><td><b>SHALL</b></td><td>outcome</td><td><code>token</code></td><td><div/></td></tr></tbody></table></div><div class=\"col-lg-5\">\u00a0</div></div></div></div></div></div>"
},
"url" : "https://profiles.ihe.net/ITI/BALP/CapabilityStatement/IHE.BALP.ATNA.AuditRecordRepository",
"version" : "1.1.4-current",
"name" : "IHE_BALP_ATNA_AuditRecordRepository",
"title" : "IHE ATNA Audit Record Repository supporting BALP Content",
"status" : "active",
"experimental" : false,
"date" : "2022-10-28",
"publisher" : "IHE IT Infrastructure Technical Committee",
"contact" : [
{
"name" : "IHE IT Infrastructure Technical Committee",
"telecom" : [
{
"system" : "url",
"value" : "https://www.ihe.net/ihe_domains/it_infrastructure/"
},
{
"system" : "email",
"value" : "iti@ihe.net"
}
]
},
{
"name" : "IHE IT Infrastructure Technical Committee",
"telecom" : [
{
"system" : "email",
"value" : "iti@ihe.net"
}
]
}
],
"description" : "CapabilityStatement for [ATNA](https://profiles.ihe.net/ITI/TF/Volume1/ch-9.html) Audit Record Repository Actor with the ATNA ATX:FHIR Feed Option and Retrieve Audit Message Option defined in [RESTful-ATNA Supplement](https://www.ihe.net/uploadedFiles/Documents/ITI/IHE_ITI_Suppl_RESTful-ATNA.pdf) that also has support for BALP Content.\n\nThis Actor is derived off of the ATNA Audit Record Repository actor that is not yet defined fully in an IG. This CapabilityStatement does not represent a formal Actor, but rather a system that has grouped ATNA and BALP.",
"jurisdiction" : [
{
"coding" : [
{
"system" : "http://unstats.un.org/unsd/methods/m49/m49.htm",
"code" : "001"
}
]
}
],
"kind" : "requirements",
"fhirVersion" : "4.0.1",
"format" : [
"application/fhir+xml",
"application/fhir+json"
],
"rest" : [
{
"mode" : "server",
"security" : {
"description" : "[ATNA](https://profiles.ihe.net/ITI/TF/Volume1/ch-9.html) required, encouraged [IHE-IUA](https://profiles.ihe.net/ITI/IUA/index.html) or SMART-on-FHIR"
},
"resource" : [
{
"type" : "AuditEvent",
"supportedProfile" : [
🔗 "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Create"🔗 ,
"https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Read"🔗 ,
"https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Update"🔗 ,
"https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Delete"🔗 ,
"https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Query"🔗 ,
"https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientCreate"🔗 ,
"https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientRead"🔗 ,
"https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientUpdate"🔗 ,
"https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientDelete"🔗 ,
"https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientQuery"🔗 ,
"https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.IUA.71"🔗 ,
"https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.OAUTHaccessTokenUse.Comprehensive"🔗 ,
"https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.OAUTHaccessTokenUse.Minimal"🔗 ,
"https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.OAUTHaccessTokenUse.Opaque"🔗 ,
"https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.SAMLaccessTokenUse.Comprehensive"🔗 ,
"https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.SAMLaccessTokenUse.Minimal"🔗 ,
"https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.AuthZconsent"🔗 ,
"https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PrivacyDisclosure.Recipient"🔗 ,
"https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PrivacyDisclosure.Source"
],
"documentation" : "For Retrieve ATNA Audit Event [ITI-81] and the FHIR Record Audit Event [ITI-20]. Note that all BALP Content profiles are listed here.",
"interaction" : [
{
"code" : "search-type"
},
{
"code" : "read"
},
{
"code" : "create"
}
],
"searchParam" : [
{
"name" : "_id",
"type" : "token"
},
{
"name" : "_lastUpdated",
"type" : "date"
},
{
"name" : "date",
"type" : "date"
},
{
"name" : "address",
"type" : "string"
},
{
"name" : "agent.identifier",
"type" : "token"
},
{
"name" : "patient.identifier",
"type" : "token"
},
{
"name" : "entity.identifier",
"type" : "token"
},
{
"name" : "entity-type",
"type" : "token"
},
{
"name" : "entity-role",
"type" : "token"
},
{
"name" : "source.identifier",
"type" : "token"
},
{
"name" : "type",
"type" : "token"
},
{
"name" : "subtype",
"type" : "token"
},
{
"name" : "outcome",
"type" : "token"
}
]
}
]
}
]
}