Basic Audit Log Patterns (BALP), published by IHE IT Infrastructure Technical Committee. This guide is not an authorized publication; it is the continuous build for version 1.1.4-current built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/IHE/ITI.BasicAudit/ and changes regularly. See the Directory of published versions

• Content
• Detailed Descriptions
• Mappings
• Examples
• XML
• JSON
• TTL

Resource Profile: Basic AuditEvent pattern for when an Authorization permit is decided

An AduitEvent recording a permit authorization decision by a Consent Decision Service,

• Given an Authorization Decision resulted in a permit
• And based on a Consent resource (C1)
• And filed by a patient (P1),
• And in response to a request by an organization (Org1)
• And for the purpose of treatment (TREAT).
• And the given request is authorized
• When an AuditEvent is recorded for the activity
• Then that AuditEvent would follow this profile regarding recording the authorization decision
  • Security Alert
  • Authorization Decison by Consent
  • Execute action
  • date/time recorded
  • outcome
    • success when Permit
    • failure when Deny
    • outcomeDesc would explain why a deny
  • recorded by the authorization server
  • Agents
    • client app
    • user
      • user requested purposeOfUse
    • user organization
    • authorization service
  • Entity
    • patient subject
    • consent on file for that patient
    • the token id (JWT ID) issued (if one is issued) should be recorded
    • other data may be recorded that was used in the decision

Usage:

• Examples for this Resource Profile: AuditEvent/ex-auditAuthZconsent-deny and AuditEvent/ex-auditAuthZconsent

Formal Views of Profile Content

Description of Profiles, Differentials, Snapshots and how the different presentations work.

• Differential Table
• Key Elements Table
• Snapshot Table
• Statistics/References
• All

This structure is derived from AuditEvent

Name	Flags	Card.	Type	Description & Constraints
AuditEvent		0..*	AuditEvent	Event record kept for security purposes
modifierExtension		0..0
type		1..1	Coding	Type/identifier of event Required Pattern: At least the following
system		1..1	uri	Identity of the terminology system Fixed Value: http://dicom.nema.org/resources/ontology/DCM
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 110113
subtype		1..*	Coding	More specific type/id for the event Binding: Authorization subType events valueset (required)
action		0..1	code	Type of action performed during the event Required Pattern: E
outcome		1..1	code	Whether the event succeeded or failed
outcomeDesc	S	0..1	string	Description of the event outcome
purposeOfEvent	S	0..*	CodeableConcept	The purposeOfUse of the event
Slices for agent		4..*	BackboneElement	Actor involved in the event Slice: Unordered, Open by value:type
agent:client		1..1	BackboneElement	Actor involved in the event
type		1..1	CodeableConcept	How agent participated Required Pattern: At least the following
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (complex)
system		1..1	uri	Identity of the terminology system Fixed Value: http://dicom.nema.org/resources/ontology/DCM
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 110150
role		0..0
who		1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	Identifier of who
altId		0..0
name		0..0
location		0..0
policy	S	0..*	uri	Policy that authorized event
media		0..0
network		1..1	BackboneElement	Logical network location for application activity
purposeOfUse		0..0
agent:user		1..1	BackboneElement	Actor involved in the event
type		1..1	CodeableConcept	How agent participated Required Pattern: At least the following
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (complex)
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/v3-ParticipationType
code		1..1	code	Symbol in syntax defined by the system Fixed Value: IRCP
role	S	0..*	CodeableConcept	Agent role in the event
who		1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	Identifier of who
altId		0..0
name	S	0..1	string	Human friendly name for the agent
requestor		1..1	boolean	Whether user is initiator Required Pattern: true
location		0..0
policy	S	0..*	uri	Policy that authorized event
media		0..0
network		0..0
purposeOfUse	S	0..*	CodeableConcept	Reason given for this user
agent:userorg		1..1	BackboneElement	Actor involved in the event
type		1..1	CodeableConcept	How agent participated Required Pattern: At least the following
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (complex)
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/v3-RoleClass
code		1..1	code	Symbol in syntax defined by the system Fixed Value: PROV
role		0..0
who	S	1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	Identifier of who
altId		0..0
name		0..0
requestor		1..1	boolean	Whether user is initiator Required Pattern: false
location		0..0
policy		0..0
media		0..0
network		0..0
purposeOfUse	S	0..*	CodeableConcept	Reason given for this user
agent:authorizer	C	1..1	BackboneElement	Actor involved in the event val-audit-source: The Audit Source is this agent too.
type		1..1	CodeableConcept	How agent participated Required Pattern: At least the following
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (complex)
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/extra-security-role-type
code		1..1	code	Symbol in syntax defined by the system Fixed Value: authserver
role		0..0
who		1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	Identifier of who
altId		0..0
name		0..0
requestor		1..1	boolean	Whether user is initiator Required Pattern: false
location		0..0
policy		0..0
media		0..0
network		0..0
purposeOfUse		0..0
Slices for entity		2..*	BackboneElement	Data or objects used Slice: Unordered, Closed by value:type
entity:patient		1..1	BackboneElement	Data or objects used
what		1..1	Reference(Patient)	Specific instance of resource
type		1..1	Coding	Type of entity involved Required Pattern: At least the following
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/audit-entity-type
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 1
role		1..1	Coding	What role the entity played Required Pattern: At least the following
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/object-role
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 1
entity:consent		1..*	BackboneElement	Data or objects used
what	S	1..1	Reference(Resource)	Specific instance of resource
type		1..1	Coding	Type of entity involved Required Pattern: At least the following
system		1..1	uri	Identity of the terminology system Fixed Value: http://hl7.org/fhir/resource-types
code		1..1	code	Symbol in syntax defined by the system Fixed Value: Consent
entity:token		0..1	BackboneElement	Data or objects used
what		1..1	Reference(Resource)	Specific instance of resource
identifier		1..1	Identifier	Logical reference, when literal reference is not known
value		1..1	string	jti (JWT ID)
type		1..1	Coding	Type of entity involved Required Pattern: At least the following
system		1..1	uri	Identity of the terminology system Fixed Value: https://profiles.ihe.net/ITI/BALP/CodeSystem/UserAgentTypes
code		1..1	code	Symbol in syntax defined by the system Fixed Value: UserOauthAgent
Documentation for this format

Terminology Bindings (Differential)

Path	Conformance	ValueSet	URI
AuditEvent.subtype	required	AuthZsubTypeVS (a valid code from Authorization subType events) https://profiles.ihe.net/ITI/BALP/ValueSet/AuthZsubTypeVS from this IG

Constraints

Id	Grade	Path(s)	Details	Requirements
val-audit-source	error	AuditEvent.agent:authorizer	The Audit Source is this agent too. : $this.who = %resource.source.observer

Name	Flags	Card.	Type	Description & Constraints
AuditEvent		0..*	AuditEvent	Event record kept for security purposes
implicitRules	?!Σ	0..1	uri	A set of rules under which this content was created
type	Σ	1..1	Coding	Type/identifier of event Binding: AuditEventID (extensible): Type of event. Required Pattern: At least the following
system		1..1	uri	Identity of the terminology system Fixed Value: http://dicom.nema.org/resources/ontology/DCM
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 110113
subtype	Σ	1..*	Coding	More specific type/id for the event Binding: Authorization subType events valueset (required)
action	Σ	0..1	code	Type of action performed during the event Binding: AuditEventAction (required): Indicator for type of action performed during the event that generated the event. Required Pattern: E
recorded	Σ	1..1	instant	Time when the event was recorded
outcome	Σ	1..1	code	Whether the event succeeded or failed Binding: AuditEventOutcome (required): Indicates whether the event succeeded or failed.
outcomeDesc	SΣ	0..1	string	Description of the event outcome
purposeOfEvent	SΣ	0..*	CodeableConcept	The purposeOfUse of the event Binding: PurposeOfUse (extensible): The reason the activity took place.
Slices for agent		4..*	BackboneElement	Actor involved in the event Slice: Unordered, Open by value:type
agent:All Slices				Content/Rules for all slices
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
requestor	Σ	1..1	boolean	Whether user is initiator
agent:client		1..1	BackboneElement	Actor involved in the event
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	CodeableConcept	How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. Required Pattern: At least the following
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (complex)
system		1..1	uri	Identity of the terminology system Fixed Value: http://dicom.nema.org/resources/ontology/DCM
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 110150
who	Σ	1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	Identifier of who
requestor	Σ	1..1	boolean	Whether user is initiator
policy	S	0..*	uri	Policy that authorized event
network		1..1	BackboneElement	Logical network location for application activity
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
agent:user		1..1	BackboneElement	Actor involved in the event
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	CodeableConcept	How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. Required Pattern: At least the following
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (complex)
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/v3-ParticipationType
code		1..1	code	Symbol in syntax defined by the system Fixed Value: IRCP
role	S	0..*	CodeableConcept	Agent role in the event Binding: SecurityRoleType (example): What security role enabled the agent to participate in the event.
who	Σ	1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	Identifier of who
name	S	0..1	string	Human friendly name for the agent
requestor	Σ	1..1	boolean	Whether user is initiator Required Pattern: true
policy	S	0..*	uri	Policy that authorized event
purposeOfUse	S	0..*	CodeableConcept	Reason given for this user Binding: PurposeOfUse (extensible): The reason the activity took place.
agent:userorg		1..1	BackboneElement	Actor involved in the event
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	CodeableConcept	How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. Required Pattern: At least the following
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (complex)
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/v3-RoleClass
code		1..1	code	Symbol in syntax defined by the system Fixed Value: PROV
who	SΣ	1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	Identifier of who
requestor	Σ	1..1	boolean	Whether user is initiator Required Pattern: false
purposeOfUse	S	0..*	CodeableConcept	Reason given for this user Binding: PurposeOfUse (extensible): The reason the activity took place.
agent:authorizer	C	1..1	BackboneElement	Actor involved in the event val-audit-source: The Audit Source is this agent too.
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	CodeableConcept	How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. Required Pattern: At least the following
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (complex)
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/extra-security-role-type
code		1..1	code	Symbol in syntax defined by the system Fixed Value: authserver
who	Σ	1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	Identifier of who
requestor	Σ	1..1	boolean	Whether user is initiator Required Pattern: false
source		1..1	BackboneElement	Audit Event Reporter
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
observer	Σ	1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	The identity of source detecting the event
Slices for entity	C	2..*	BackboneElement	Data or objects used Slice: Unordered, Closed by value:type sev-1: Either a name or a query (NOT both)
entity:All Slices				Content/Rules for all slices
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
entity:patient	C	1..1	BackboneElement	Data or objects used sev-1: Either a name or a query (NOT both)
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
what	Σ	1..1	Reference(Patient)	Specific instance of resource
type		1..1	Coding	Type of entity involved Binding: AuditEventEntityType (extensible): Code for the entity type involved in the audit event. Required Pattern: At least the following
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/audit-entity-type
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 1
role		1..1	Coding	What role the entity played Binding: AuditEventEntityRole (extensible): Code representing the role the entity played in the audit event. Required Pattern: At least the following
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/object-role
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 1
entity:consent	C	1..*	BackboneElement	Data or objects used sev-1: Either a name or a query (NOT both)
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
what	SΣ	1..1	Reference(Resource)	Specific instance of resource
type		1..1	Coding	Type of entity involved Binding: AuditEventEntityType (extensible): Code for the entity type involved in the audit event. Required Pattern: At least the following
system		1..1	uri	Identity of the terminology system Fixed Value: http://hl7.org/fhir/resource-types
code		1..1	code	Symbol in syntax defined by the system Fixed Value: Consent
entity:token	C	0..1	BackboneElement	Data or objects used sev-1: Either a name or a query (NOT both)
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
what	Σ	1..1	Reference(Resource)	Specific instance of resource
identifier	Σ	1..1	Identifier	Logical reference, when literal reference is not known
use	?!Σ	0..1	code	usual | official | temp | secondary | old (If known) Binding: IdentifierUse (required): Identifies the purpose for this identifier, if known .
value	Σ	1..1	string	jti (JWT ID) Example General: 123456
type		1..1	Coding	Type of entity involved Binding: AuditEventEntityType (extensible): Code for the entity type involved in the audit event. Required Pattern: At least the following
system		1..1	uri	Identity of the terminology system Fixed Value: https://profiles.ihe.net/ITI/BALP/CodeSystem/UserAgentTypes
code		1..1	code	Symbol in syntax defined by the system Fixed Value: UserOauthAgent
Documentation for this format

Terminology Bindings

Path	Conformance	ValueSet / Code	URI
AuditEvent.type	extensible	Pattern: 110113 http://hl7.org/fhir/ValueSet/audit-event-type from the FHIR Standard
AuditEvent.subtype	required	AuthZsubTypeVS (a valid code from Authorization subType events) https://profiles.ihe.net/ITI/BALP/ValueSet/AuthZsubTypeVS from this IG
AuditEvent.action	required	Pattern: E http://hl7.org/fhir/ValueSet/audit-event-action|4.0.1 from the FHIR Standard
AuditEvent.outcome	required	AuditEventOutcome http://hl7.org/fhir/ValueSet/audit-event-outcome|4.0.1 from the FHIR Standard
AuditEvent.purposeOfEvent	extensible	PurposeOfUse http://terminology.hl7.org/ValueSet/v3-PurposeOfUse
AuditEvent.agent:client.type	extensible	Pattern: 110150 http://hl7.org/fhir/ValueSet/participation-role-type from the FHIR Standard
AuditEvent.agent:user.type	extensible	Pattern: IRCP http://hl7.org/fhir/ValueSet/participation-role-type from the FHIR Standard
AuditEvent.agent:user.role	example	SecurityRoleType http://hl7.org/fhir/ValueSet/security-role-type from the FHIR Standard
AuditEvent.agent:user.purposeOfUse	extensible	PurposeOfUse http://terminology.hl7.org/ValueSet/v3-PurposeOfUse
AuditEvent.agent:userorg.type	extensible	Pattern: PROV http://hl7.org/fhir/ValueSet/participation-role-type from the FHIR Standard
AuditEvent.agent:userorg.purposeOfUse	extensible	PurposeOfUse http://terminology.hl7.org/ValueSet/v3-PurposeOfUse
AuditEvent.agent:authorizer.type	extensible	Pattern: authserver http://hl7.org/fhir/ValueSet/participation-role-type from the FHIR Standard
AuditEvent.entity:patient.type	extensible	Pattern: 1 http://hl7.org/fhir/ValueSet/audit-entity-type from the FHIR Standard
AuditEvent.entity:patient.role	extensible	Pattern: 1 http://hl7.org/fhir/ValueSet/object-role from the FHIR Standard
AuditEvent.entity:consent.type	extensible	Pattern: Consent http://hl7.org/fhir/ValueSet/audit-entity-type from the FHIR Standard
AuditEvent.entity:token.what.identifier.use	required	IdentifierUse http://hl7.org/fhir/ValueSet/identifier-use|4.0.1 from the FHIR Standard
AuditEvent.entity:token.type	extensible	Pattern: UserOauthAgent http://hl7.org/fhir/ValueSet/audit-entity-type from the FHIR Standard

Constraints

Id	Grade	Path(s)	Details	Requirements
val-audit-source	error	AuditEvent.agent:authorizer	The Audit Source is this agent too. : $this.who = %resource.source.observer

Name	Flags	Card.	Type	Description & Constraints
AuditEvent		0..*	AuditEvent	Event record kept for security purposes
id	Σ	0..1	id	Logical id of this artifact
meta	Σ	0..1	Meta	Metadata about the resource
implicitRules	?!Σ	0..1	uri	A set of rules under which this content was created
language		0..1	code	Language of the resource content Binding: CommonLanguages (preferred): A human language. Additional Bindings Purpose AllLanguages Max Binding
text		0..1	Narrative	Text summary of the resource, for human interpretation
contained		0..*	Resource	Contained, inline Resources
extension		0..*	Extension	Additional content defined by implementations
type	Σ	1..1	Coding	Type/identifier of event Binding: AuditEventID (extensible): Type of event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://dicom.nema.org/resources/ontology/DCM
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 110113
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
subtype	Σ	1..*	Coding	More specific type/id for the event Binding: Authorization subType events valueset (required)
action	Σ	0..1	code	Type of action performed during the event Binding: AuditEventAction (required): Indicator for type of action performed during the event that generated the event. Required Pattern: E
period		0..1	Period	When the activity occurred
recorded	Σ	1..1	instant	Time when the event was recorded
outcome	Σ	1..1	code	Whether the event succeeded or failed Binding: AuditEventOutcome (required): Indicates whether the event succeeded or failed.
outcomeDesc	SΣ	0..1	string	Description of the event outcome
purposeOfEvent	SΣ	0..*	CodeableConcept	The purposeOfUse of the event Binding: PurposeOfUse (extensible): The reason the activity took place.
Slices for agent		4..*	BackboneElement	Actor involved in the event Slice: Unordered, Open by value:type
agent:All Slices				Content/Rules for all slices
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		0..1	CodeableConcept	How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event.
role		0..*	CodeableConcept	Agent role in the event Binding: SecurityRoleType (example): What security role enabled the agent to participate in the event.
who	Σ	0..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	Identifier of who
altId		0..1	string	Alternative User identity
name		0..1	string	Human friendly name for the agent
requestor	Σ	1..1	boolean	Whether user is initiator
location		0..1	Reference(Location)	Where
policy		0..*	uri	Policy that authorized event
media		0..1	Coding	Type of media Binding: MediaTypeCode (extensible): Used when the event is about exporting/importing onto media.
network		0..1	BackboneElement	Logical network location for application activity
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
address		0..1	string	Identifier for the network access point of the user device
type		0..1	code	The type of network access point Binding: AuditEventAgentNetworkType (required): The type of network access point of this agent in the audit event.
purposeOfUse		0..*	CodeableConcept	Reason given for this user Binding: PurposeOfUse (extensible): The reason the activity took place.
agent:client		1..1	BackboneElement	Actor involved in the event
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	CodeableConcept	How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (complex)
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://dicom.nema.org/resources/ontology/DCM
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 110150
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
text		0..1	string	Plain text representation of the concept
who	Σ	1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	Identifier of who
requestor	Σ	1..1	boolean	Whether user is initiator
policy	S	0..*	uri	Policy that authorized event
network		1..1	BackboneElement	Logical network location for application activity
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
address		0..1	string	Identifier for the network access point of the user device
type		0..1	code	The type of network access point Binding: AuditEventAgentNetworkType (required): The type of network access point of this agent in the audit event.
agent:user		1..1	BackboneElement	Actor involved in the event
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	CodeableConcept	How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (complex)
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/v3-ParticipationType
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: IRCP
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
text		0..1	string	Plain text representation of the concept
role	S	0..*	CodeableConcept	Agent role in the event Binding: SecurityRoleType (example): What security role enabled the agent to participate in the event.
who	Σ	1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	Identifier of who
name	S	0..1	string	Human friendly name for the agent
requestor	Σ	1..1	boolean	Whether user is initiator Required Pattern: true
policy	S	0..*	uri	Policy that authorized event
purposeOfUse	S	0..*	CodeableConcept	Reason given for this user Binding: PurposeOfUse (extensible): The reason the activity took place.
agent:userorg		1..1	BackboneElement	Actor involved in the event
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	CodeableConcept	How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (complex)
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/v3-RoleClass
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: PROV
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
text		0..1	string	Plain text representation of the concept
who	SΣ	1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	Identifier of who
requestor	Σ	1..1	boolean	Whether user is initiator Required Pattern: false
purposeOfUse	S	0..*	CodeableConcept	Reason given for this user Binding: PurposeOfUse (extensible): The reason the activity took place.
agent:authorizer	C	1..1	BackboneElement	Actor involved in the event val-audit-source: The Audit Source is this agent too.
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	CodeableConcept	How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (complex)
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/extra-security-role-type
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: authserver
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
text		0..1	string	Plain text representation of the concept
who	Σ	1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	Identifier of who
requestor	Σ	1..1	boolean	Whether user is initiator Required Pattern: false
source		1..1	BackboneElement	Audit Event Reporter
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
site		0..1	string	Logical source location within the enterprise
observer	Σ	1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	The identity of source detecting the event
type		0..*	Coding	The type of source where event originated Binding: AuditEventSourceType (extensible): Code specifying the type of system that detected and recorded the event.
Slices for entity	C	2..*	BackboneElement	Data or objects used Slice: Unordered, Closed by value:type sev-1: Either a name or a query (NOT both)
entity:All Slices				Content/Rules for all slices
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
what	Σ	0..1	Reference(Resource)	Specific instance of resource
type		0..1	Coding	Type of entity involved Binding: AuditEventEntityType (extensible): Code for the entity type involved in the audit event.
role		0..1	Coding	What role the entity played Binding: AuditEventEntityRole (extensible): Code representing the role the entity played in the audit event.
lifecycle		0..1	Coding	Life-cycle stage for the entity Binding: ObjectLifecycleEvents (extensible): Identifier for the data life-cycle stage for the entity.
securityLabel		0..*	Coding	Security labels on the entity Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System.
name	ΣC	0..1	string	Descriptor for entity
description		0..1	string	Descriptive text
query	ΣC	0..1	base64Binary	Query parameters
detail		0..*	BackboneElement	Additional Information about the entity
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	string	Name of the property
value[x]		1..1		Property value
valueString			string
valueBase64Binary			base64Binary
entity:patient	C	1..1	BackboneElement	Data or objects used sev-1: Either a name or a query (NOT both)
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
what	Σ	1..1	Reference(Patient)	Specific instance of resource
type		1..1	Coding	Type of entity involved Binding: AuditEventEntityType (extensible): Code for the entity type involved in the audit event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/audit-entity-type
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 1
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
role		1..1	Coding	What role the entity played Binding: AuditEventEntityRole (extensible): Code representing the role the entity played in the audit event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/object-role
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 1
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
lifecycle		0..1	Coding	Life-cycle stage for the entity Binding: ObjectLifecycleEvents (extensible): Identifier for the data life-cycle stage for the entity.
securityLabel		0..*	Coding	Security labels on the entity Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System.
name	ΣC	0..1	string	Descriptor for entity
description		0..1	string	Descriptive text
query	ΣC	0..1	base64Binary	Query parameters
detail		0..*	BackboneElement	Additional Information about the entity
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	string	Name of the property
value[x]		1..1		Property value
valueString			string
valueBase64Binary			base64Binary
entity:consent	C	1..*	BackboneElement	Data or objects used sev-1: Either a name or a query (NOT both)
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
what	SΣ	1..1	Reference(Resource)	Specific instance of resource
type		1..1	Coding	Type of entity involved Binding: AuditEventEntityType (extensible): Code for the entity type involved in the audit event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://hl7.org/fhir/resource-types
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: Consent
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
role		0..1	Coding	What role the entity played Binding: AuditEventEntityRole (extensible): Code representing the role the entity played in the audit event.
lifecycle		0..1	Coding	Life-cycle stage for the entity Binding: ObjectLifecycleEvents (extensible): Identifier for the data life-cycle stage for the entity.
securityLabel		0..*	Coding	Security labels on the entity Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System.
name	ΣC	0..1	string	Descriptor for entity
description		0..1	string	Descriptive text
query	ΣC	0..1	base64Binary	Query parameters
detail		0..*	BackboneElement	Additional Information about the entity
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	string	Name of the property
value[x]		1..1		Property value
valueString			string
valueBase64Binary			base64Binary
entity:token	C	0..1	BackboneElement	Data or objects used sev-1: Either a name or a query (NOT both)
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
what	Σ	1..1	Reference(Resource)	Specific instance of resource
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations Slice: Unordered, Open by value:url
reference	ΣC	0..1	string	Literal reference, Relative, internal or absolute URL
type	Σ	0..1	uri	Type the reference refers to (e.g. "Patient") Binding: ResourceType (extensible): Aa resource (or, for logical models, the URI of the logical model).
identifier	Σ	1..1	Identifier	Logical reference, when literal reference is not known
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations Slice: Unordered, Open by value:url
use	?!Σ	0..1	code	usual | official | temp | secondary | old (If known) Binding: IdentifierUse (required): Identifies the purpose for this identifier, if known .
type	Σ	0..1	CodeableConcept	Description of identifier Binding: Identifier Type Codes (extensible): A coded type for an identifier that can be used to determine which identifier to use for a specific purpose.
system	Σ	0..1	uri	The namespace for the identifier value Example General: http://www.acme.com/identifiers/patient
value	Σ	1..1	string	jti (JWT ID) Example General: 123456
period	Σ	0..1	Period	Time period when id is/was valid for use
assigner	Σ	0..1	Reference(Organization)	Organization that issued id (may be just text)
display	Σ	0..1	string	Text alternative for the resource
type		1..1	Coding	Type of entity involved Binding: AuditEventEntityType (extensible): Code for the entity type involved in the audit event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: https://profiles.ihe.net/ITI/BALP/CodeSystem/UserAgentTypes
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: UserOauthAgent
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
role		0..1	Coding	What role the entity played Binding: AuditEventEntityRole (extensible): Code representing the role the entity played in the audit event.
lifecycle		0..1	Coding	Life-cycle stage for the entity Binding: ObjectLifecycleEvents (extensible): Identifier for the data life-cycle stage for the entity.
securityLabel		0..*	Coding	Security labels on the entity Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System.
name	ΣC	0..1	string	Descriptor for entity
description		0..1	string	Descriptive text
query	ΣC	0..1	base64Binary	Query parameters
detail		0..*	BackboneElement	Additional Information about the entity
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	string	Name of the property
value[x]		1..1		Property value
valueString			string
valueBase64Binary			base64Binary
Documentation for this format

Terminology Bindings

Path	Conformance	ValueSet / Code	URI
AuditEvent.language	preferred	CommonLanguages Additional Bindings Purpose AllLanguages Max Binding http://hl7.org/fhir/ValueSet/languages from the FHIR Standard
AuditEvent.type	extensible	Pattern: 110113 http://hl7.org/fhir/ValueSet/audit-event-type from the FHIR Standard
AuditEvent.subtype	required	AuthZsubTypeVS (a valid code from Authorization subType events) https://profiles.ihe.net/ITI/BALP/ValueSet/AuthZsubTypeVS from this IG
AuditEvent.action	required	Pattern: E http://hl7.org/fhir/ValueSet/audit-event-action|4.0.1 from the FHIR Standard
AuditEvent.outcome	required	AuditEventOutcome http://hl7.org/fhir/ValueSet/audit-event-outcome|4.0.1 from the FHIR Standard
AuditEvent.purposeOfEvent	extensible	PurposeOfUse http://terminology.hl7.org/ValueSet/v3-PurposeOfUse
AuditEvent.agent.type	extensible	ParticipationRoleType http://hl7.org/fhir/ValueSet/participation-role-type from the FHIR Standard
AuditEvent.agent.role	example	SecurityRoleType http://hl7.org/fhir/ValueSet/security-role-type from the FHIR Standard
AuditEvent.agent.media	extensible	MediaTypeCode http://hl7.org/fhir/ValueSet/dicm-405-mediatype from the FHIR Standard
AuditEvent.agent.network.type	required	AuditEventAgentNetworkType http://hl7.org/fhir/ValueSet/network-type|4.0.1 from the FHIR Standard
AuditEvent.agent.purposeOfUse	extensible	PurposeOfUse http://terminology.hl7.org/ValueSet/v3-PurposeOfUse
AuditEvent.agent:client.type	extensible	Pattern: 110150 http://hl7.org/fhir/ValueSet/participation-role-type from the FHIR Standard
AuditEvent.agent:client.network.type	required	AuditEventAgentNetworkType http://hl7.org/fhir/ValueSet/network-type|4.0.1 from the FHIR Standard
AuditEvent.agent:user.type	extensible	Pattern: IRCP http://hl7.org/fhir/ValueSet/participation-role-type from the FHIR Standard
AuditEvent.agent:user.role	example	SecurityRoleType http://hl7.org/fhir/ValueSet/security-role-type from the FHIR Standard
AuditEvent.agent:user.network.type	required	AuditEventAgentNetworkType http://hl7.org/fhir/ValueSet/network-type|4.0.1 from the FHIR Standard
AuditEvent.agent:user.purposeOfUse	extensible	PurposeOfUse http://terminology.hl7.org/ValueSet/v3-PurposeOfUse
AuditEvent.agent:userorg.type	extensible	Pattern: PROV http://hl7.org/fhir/ValueSet/participation-role-type from the FHIR Standard
AuditEvent.agent:userorg.network.type	required	AuditEventAgentNetworkType http://hl7.org/fhir/ValueSet/network-type|4.0.1 from the FHIR Standard
AuditEvent.agent:userorg.purposeOfUse	extensible	PurposeOfUse http://terminology.hl7.org/ValueSet/v3-PurposeOfUse
AuditEvent.agent:authorizer.type	extensible	Pattern: authserver http://hl7.org/fhir/ValueSet/participation-role-type from the FHIR Standard
AuditEvent.agent:authorizer.network.type	required	AuditEventAgentNetworkType http://hl7.org/fhir/ValueSet/network-type|4.0.1 from the FHIR Standard
AuditEvent.source.type	extensible	AuditEventSourceType http://hl7.org/fhir/ValueSet/audit-source-type from the FHIR Standard
AuditEvent.entity.type	extensible	AuditEventEntityType http://hl7.org/fhir/ValueSet/audit-entity-type from the FHIR Standard
AuditEvent.entity.role	extensible	AuditEventEntityRole http://hl7.org/fhir/ValueSet/object-role from the FHIR Standard
AuditEvent.entity.lifecycle	extensible	ObjectLifecycleEvents http://hl7.org/fhir/ValueSet/object-lifecycle-events
AuditEvent.entity.securityLabel	extensible	All Security Labels http://hl7.org/fhir/ValueSet/security-labels from the FHIR Standard
AuditEvent.entity:patient.type	extensible	Pattern: 1 http://hl7.org/fhir/ValueSet/audit-entity-type from the FHIR Standard
AuditEvent.entity:patient.role	extensible	Pattern: 1 http://hl7.org/fhir/ValueSet/object-role from the FHIR Standard
AuditEvent.entity:patient.lifecycle	extensible	ObjectLifecycleEvents http://hl7.org/fhir/ValueSet/object-lifecycle-events
AuditEvent.entity:patient.securityLabel	extensible	All Security Labels http://hl7.org/fhir/ValueSet/security-labels from the FHIR Standard
AuditEvent.entity:consent.type	extensible	Pattern: Consent http://hl7.org/fhir/ValueSet/audit-entity-type from the FHIR Standard
AuditEvent.entity:consent.role	extensible	AuditEventEntityRole http://hl7.org/fhir/ValueSet/object-role from the FHIR Standard
AuditEvent.entity:consent.lifecycle	extensible	ObjectLifecycleEvents http://hl7.org/fhir/ValueSet/object-lifecycle-events
AuditEvent.entity:consent.securityLabel	extensible	All Security Labels http://hl7.org/fhir/ValueSet/security-labels from the FHIR Standard
AuditEvent.entity:token.what.type	extensible	ResourceType http://hl7.org/fhir/ValueSet/resource-types from the FHIR Standard
AuditEvent.entity:token.what.identifier.use	required	IdentifierUse http://hl7.org/fhir/ValueSet/identifier-use|4.0.1 from the FHIR Standard
AuditEvent.entity:token.what.identifier.type	extensible	Identifier Type Codes http://hl7.org/fhir/ValueSet/identifier-type from the FHIR Standard
AuditEvent.entity:token.type	extensible	Pattern: UserOauthAgent http://hl7.org/fhir/ValueSet/audit-entity-type from the FHIR Standard
AuditEvent.entity:token.role	extensible	AuditEventEntityRole http://hl7.org/fhir/ValueSet/object-role from the FHIR Standard
AuditEvent.entity:token.lifecycle	extensible	ObjectLifecycleEvents http://hl7.org/fhir/ValueSet/object-lifecycle-events
AuditEvent.entity:token.securityLabel	extensible	All Security Labels http://hl7.org/fhir/ValueSet/security-labels from the FHIR Standard

Constraints

Id	Grade	Path(s)	Details	Requirements
val-audit-source	error	AuditEvent.agent:authorizer	The Audit Source is this agent too. : $this.who = %resource.source.observer

This structure is derived from AuditEvent

Summary

Mandatory: 22 elements(4 nested mandatory elements)
Must-Support: 10 elements
Prohibited: 26 elements

Slices

This structure defines the following Slices:

• The element 1 is sliced based on the value of AuditEvent.agent
• The element 1 is sliced based on the value of AuditEvent.entity (Closed)

Differential View

This structure is derived from AuditEvent

Name	Flags	Card.	Type	Description & Constraints
AuditEvent		0..*	AuditEvent	Event record kept for security purposes
modifierExtension		0..0
type		1..1	Coding	Type/identifier of event Required Pattern: At least the following
system		1..1	uri	Identity of the terminology system Fixed Value: http://dicom.nema.org/resources/ontology/DCM
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 110113
subtype		1..*	Coding	More specific type/id for the event Binding: Authorization subType events valueset (required)
action		0..1	code	Type of action performed during the event Required Pattern: E
outcome		1..1	code	Whether the event succeeded or failed
outcomeDesc	S	0..1	string	Description of the event outcome
purposeOfEvent	S	0..*	CodeableConcept	The purposeOfUse of the event
Slices for agent		4..*	BackboneElement	Actor involved in the event Slice: Unordered, Open by value:type
agent:client		1..1	BackboneElement	Actor involved in the event
type		1..1	CodeableConcept	How agent participated Required Pattern: At least the following
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (complex)
system		1..1	uri	Identity of the terminology system Fixed Value: http://dicom.nema.org/resources/ontology/DCM
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 110150
role		0..0
who		1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	Identifier of who
altId		0..0
name		0..0
location		0..0
policy	S	0..*	uri	Policy that authorized event
media		0..0
network		1..1	BackboneElement	Logical network location for application activity
purposeOfUse		0..0
agent:user		1..1	BackboneElement	Actor involved in the event
type		1..1	CodeableConcept	How agent participated Required Pattern: At least the following
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (complex)
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/v3-ParticipationType
code		1..1	code	Symbol in syntax defined by the system Fixed Value: IRCP
role	S	0..*	CodeableConcept	Agent role in the event
who		1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	Identifier of who
altId		0..0
name	S	0..1	string	Human friendly name for the agent
requestor		1..1	boolean	Whether user is initiator Required Pattern: true
location		0..0
policy	S	0..*	uri	Policy that authorized event
media		0..0
network		0..0
purposeOfUse	S	0..*	CodeableConcept	Reason given for this user
agent:userorg		1..1	BackboneElement	Actor involved in the event
type		1..1	CodeableConcept	How agent participated Required Pattern: At least the following
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (complex)
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/v3-RoleClass
code		1..1	code	Symbol in syntax defined by the system Fixed Value: PROV
role		0..0
who	S	1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	Identifier of who
altId		0..0
name		0..0
requestor		1..1	boolean	Whether user is initiator Required Pattern: false
location		0..0
policy		0..0
media		0..0
network		0..0
purposeOfUse	S	0..*	CodeableConcept	Reason given for this user
agent:authorizer	C	1..1	BackboneElement	Actor involved in the event val-audit-source: The Audit Source is this agent too.
type		1..1	CodeableConcept	How agent participated Required Pattern: At least the following
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (complex)
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/extra-security-role-type
code		1..1	code	Symbol in syntax defined by the system Fixed Value: authserver
role		0..0
who		1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	Identifier of who
altId		0..0
name		0..0
requestor		1..1	boolean	Whether user is initiator Required Pattern: false
location		0..0
policy		0..0
media		0..0
network		0..0
purposeOfUse		0..0
Slices for entity		2..*	BackboneElement	Data or objects used Slice: Unordered, Closed by value:type
entity:patient		1..1	BackboneElement	Data or objects used
what		1..1	Reference(Patient)	Specific instance of resource
type		1..1	Coding	Type of entity involved Required Pattern: At least the following
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/audit-entity-type
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 1
role		1..1	Coding	What role the entity played Required Pattern: At least the following
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/object-role
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 1
entity:consent		1..*	BackboneElement	Data or objects used
what	S	1..1	Reference(Resource)	Specific instance of resource
type		1..1	Coding	Type of entity involved Required Pattern: At least the following
system		1..1	uri	Identity of the terminology system Fixed Value: http://hl7.org/fhir/resource-types
code		1..1	code	Symbol in syntax defined by the system Fixed Value: Consent
entity:token		0..1	BackboneElement	Data or objects used
what		1..1	Reference(Resource)	Specific instance of resource
identifier		1..1	Identifier	Logical reference, when literal reference is not known
value		1..1	string	jti (JWT ID)
type		1..1	Coding	Type of entity involved Required Pattern: At least the following
system		1..1	uri	Identity of the terminology system Fixed Value: https://profiles.ihe.net/ITI/BALP/CodeSystem/UserAgentTypes
code		1..1	code	Symbol in syntax defined by the system Fixed Value: UserOauthAgent
Documentation for this format

Terminology Bindings (Differential)

Path	Conformance	ValueSet	URI
AuditEvent.subtype	required	AuthZsubTypeVS (a valid code from Authorization subType events) https://profiles.ihe.net/ITI/BALP/ValueSet/AuthZsubTypeVS from this IG

Constraints

Id	Grade	Path(s)	Details	Requirements
val-audit-source	error	AuditEvent.agent:authorizer	The Audit Source is this agent too. : $this.who = %resource.source.observer

Key Elements View

Name	Flags	Card.	Type	Description & Constraints
AuditEvent		0..*	AuditEvent	Event record kept for security purposes
implicitRules	?!Σ	0..1	uri	A set of rules under which this content was created
type	Σ	1..1	Coding	Type/identifier of event Binding: AuditEventID (extensible): Type of event. Required Pattern: At least the following
system		1..1	uri	Identity of the terminology system Fixed Value: http://dicom.nema.org/resources/ontology/DCM
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 110113
subtype	Σ	1..*	Coding	More specific type/id for the event Binding: Authorization subType events valueset (required)
action	Σ	0..1	code	Type of action performed during the event Binding: AuditEventAction (required): Indicator for type of action performed during the event that generated the event. Required Pattern: E
recorded	Σ	1..1	instant	Time when the event was recorded
outcome	Σ	1..1	code	Whether the event succeeded or failed Binding: AuditEventOutcome (required): Indicates whether the event succeeded or failed.
outcomeDesc	SΣ	0..1	string	Description of the event outcome
purposeOfEvent	SΣ	0..*	CodeableConcept	The purposeOfUse of the event Binding: PurposeOfUse (extensible): The reason the activity took place.
Slices for agent		4..*	BackboneElement	Actor involved in the event Slice: Unordered, Open by value:type
agent:All Slices				Content/Rules for all slices
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
requestor	Σ	1..1	boolean	Whether user is initiator
agent:client		1..1	BackboneElement	Actor involved in the event
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	CodeableConcept	How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. Required Pattern: At least the following
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (complex)
system		1..1	uri	Identity of the terminology system Fixed Value: http://dicom.nema.org/resources/ontology/DCM
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 110150
who	Σ	1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	Identifier of who
requestor	Σ	1..1	boolean	Whether user is initiator
policy	S	0..*	uri	Policy that authorized event
network		1..1	BackboneElement	Logical network location for application activity
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
agent:user		1..1	BackboneElement	Actor involved in the event
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	CodeableConcept	How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. Required Pattern: At least the following
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (complex)
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/v3-ParticipationType
code		1..1	code	Symbol in syntax defined by the system Fixed Value: IRCP
role	S	0..*	CodeableConcept	Agent role in the event Binding: SecurityRoleType (example): What security role enabled the agent to participate in the event.
who	Σ	1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	Identifier of who
name	S	0..1	string	Human friendly name for the agent
requestor	Σ	1..1	boolean	Whether user is initiator Required Pattern: true
policy	S	0..*	uri	Policy that authorized event
purposeOfUse	S	0..*	CodeableConcept	Reason given for this user Binding: PurposeOfUse (extensible): The reason the activity took place.
agent:userorg		1..1	BackboneElement	Actor involved in the event
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	CodeableConcept	How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. Required Pattern: At least the following
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (complex)
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/v3-RoleClass
code		1..1	code	Symbol in syntax defined by the system Fixed Value: PROV
who	SΣ	1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	Identifier of who
requestor	Σ	1..1	boolean	Whether user is initiator Required Pattern: false
purposeOfUse	S	0..*	CodeableConcept	Reason given for this user Binding: PurposeOfUse (extensible): The reason the activity took place.
agent:authorizer	C	1..1	BackboneElement	Actor involved in the event val-audit-source: The Audit Source is this agent too.
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	CodeableConcept	How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. Required Pattern: At least the following
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (complex)
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/extra-security-role-type
code		1..1	code	Symbol in syntax defined by the system Fixed Value: authserver
who	Σ	1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	Identifier of who
requestor	Σ	1..1	boolean	Whether user is initiator Required Pattern: false
source		1..1	BackboneElement	Audit Event Reporter
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
observer	Σ	1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	The identity of source detecting the event
Slices for entity	C	2..*	BackboneElement	Data or objects used Slice: Unordered, Closed by value:type sev-1: Either a name or a query (NOT both)
entity:All Slices				Content/Rules for all slices
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
entity:patient	C	1..1	BackboneElement	Data or objects used sev-1: Either a name or a query (NOT both)
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
what	Σ	1..1	Reference(Patient)	Specific instance of resource
type		1..1	Coding	Type of entity involved Binding: AuditEventEntityType (extensible): Code for the entity type involved in the audit event. Required Pattern: At least the following
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/audit-entity-type
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 1
role		1..1	Coding	What role the entity played Binding: AuditEventEntityRole (extensible): Code representing the role the entity played in the audit event. Required Pattern: At least the following
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/object-role
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 1
entity:consent	C	1..*	BackboneElement	Data or objects used sev-1: Either a name or a query (NOT both)
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
what	SΣ	1..1	Reference(Resource)	Specific instance of resource
type		1..1	Coding	Type of entity involved Binding: AuditEventEntityType (extensible): Code for the entity type involved in the audit event. Required Pattern: At least the following
system		1..1	uri	Identity of the terminology system Fixed Value: http://hl7.org/fhir/resource-types
code		1..1	code	Symbol in syntax defined by the system Fixed Value: Consent
entity:token	C	0..1	BackboneElement	Data or objects used sev-1: Either a name or a query (NOT both)
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
what	Σ	1..1	Reference(Resource)	Specific instance of resource
identifier	Σ	1..1	Identifier	Logical reference, when literal reference is not known
use	?!Σ	0..1	code	usual | official | temp | secondary | old (If known) Binding: IdentifierUse (required): Identifies the purpose for this identifier, if known .
value	Σ	1..1	string	jti (JWT ID) Example General: 123456
type		1..1	Coding	Type of entity involved Binding: AuditEventEntityType (extensible): Code for the entity type involved in the audit event. Required Pattern: At least the following
system		1..1	uri	Identity of the terminology system Fixed Value: https://profiles.ihe.net/ITI/BALP/CodeSystem/UserAgentTypes
code		1..1	code	Symbol in syntax defined by the system Fixed Value: UserOauthAgent
Documentation for this format

Terminology Bindings

Path	Conformance	ValueSet / Code	URI
AuditEvent.type	extensible	Pattern: 110113 http://hl7.org/fhir/ValueSet/audit-event-type from the FHIR Standard
AuditEvent.subtype	required	AuthZsubTypeVS (a valid code from Authorization subType events) https://profiles.ihe.net/ITI/BALP/ValueSet/AuthZsubTypeVS from this IG
AuditEvent.action	required	Pattern: E http://hl7.org/fhir/ValueSet/audit-event-action|4.0.1 from the FHIR Standard
AuditEvent.outcome	required	AuditEventOutcome http://hl7.org/fhir/ValueSet/audit-event-outcome|4.0.1 from the FHIR Standard
AuditEvent.purposeOfEvent	extensible	PurposeOfUse http://terminology.hl7.org/ValueSet/v3-PurposeOfUse
AuditEvent.agent:client.type	extensible	Pattern: 110150 http://hl7.org/fhir/ValueSet/participation-role-type from the FHIR Standard
AuditEvent.agent:user.type	extensible	Pattern: IRCP http://hl7.org/fhir/ValueSet/participation-role-type from the FHIR Standard
AuditEvent.agent:user.role	example	SecurityRoleType http://hl7.org/fhir/ValueSet/security-role-type from the FHIR Standard
AuditEvent.agent:user.purposeOfUse	extensible	PurposeOfUse http://terminology.hl7.org/ValueSet/v3-PurposeOfUse
AuditEvent.agent:userorg.type	extensible	Pattern: PROV http://hl7.org/fhir/ValueSet/participation-role-type from the FHIR Standard
AuditEvent.agent:userorg.purposeOfUse	extensible	PurposeOfUse http://terminology.hl7.org/ValueSet/v3-PurposeOfUse
AuditEvent.agent:authorizer.type	extensible	Pattern: authserver http://hl7.org/fhir/ValueSet/participation-role-type from the FHIR Standard
AuditEvent.entity:patient.type	extensible	Pattern: 1 http://hl7.org/fhir/ValueSet/audit-entity-type from the FHIR Standard
AuditEvent.entity:patient.role	extensible	Pattern: 1 http://hl7.org/fhir/ValueSet/object-role from the FHIR Standard
AuditEvent.entity:consent.type	extensible	Pattern: Consent http://hl7.org/fhir/ValueSet/audit-entity-type from the FHIR Standard
AuditEvent.entity:token.what.identifier.use	required	IdentifierUse http://hl7.org/fhir/ValueSet/identifier-use|4.0.1 from the FHIR Standard
AuditEvent.entity:token.type	extensible	Pattern: UserOauthAgent http://hl7.org/fhir/ValueSet/audit-entity-type from the FHIR Standard

Constraints

Id	Grade	Path(s)	Details	Requirements
val-audit-source	error	AuditEvent.agent:authorizer	The Audit Source is this agent too. : $this.who = %resource.source.observer

Snapshot View

Name	Flags	Card.	Type	Description & Constraints
AuditEvent		0..*	AuditEvent	Event record kept for security purposes
id	Σ	0..1	id	Logical id of this artifact
meta	Σ	0..1	Meta	Metadata about the resource
implicitRules	?!Σ	0..1	uri	A set of rules under which this content was created
language		0..1	code	Language of the resource content Binding: CommonLanguages (preferred): A human language. Additional Bindings Purpose AllLanguages Max Binding
text		0..1	Narrative	Text summary of the resource, for human interpretation
contained		0..*	Resource	Contained, inline Resources
extension		0..*	Extension	Additional content defined by implementations
type	Σ	1..1	Coding	Type/identifier of event Binding: AuditEventID (extensible): Type of event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://dicom.nema.org/resources/ontology/DCM
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 110113
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
subtype	Σ	1..*	Coding	More specific type/id for the event Binding: Authorization subType events valueset (required)
action	Σ	0..1	code	Type of action performed during the event Binding: AuditEventAction (required): Indicator for type of action performed during the event that generated the event. Required Pattern: E
period		0..1	Period	When the activity occurred
recorded	Σ	1..1	instant	Time when the event was recorded
outcome	Σ	1..1	code	Whether the event succeeded or failed Binding: AuditEventOutcome (required): Indicates whether the event succeeded or failed.
outcomeDesc	SΣ	0..1	string	Description of the event outcome
purposeOfEvent	SΣ	0..*	CodeableConcept	The purposeOfUse of the event Binding: PurposeOfUse (extensible): The reason the activity took place.
Slices for agent		4..*	BackboneElement	Actor involved in the event Slice: Unordered, Open by value:type
agent:All Slices				Content/Rules for all slices
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		0..1	CodeableConcept	How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event.
role		0..*	CodeableConcept	Agent role in the event Binding: SecurityRoleType (example): What security role enabled the agent to participate in the event.
who	Σ	0..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	Identifier of who
altId		0..1	string	Alternative User identity
name		0..1	string	Human friendly name for the agent
requestor	Σ	1..1	boolean	Whether user is initiator
location		0..1	Reference(Location)	Where
policy		0..*	uri	Policy that authorized event
media		0..1	Coding	Type of media Binding: MediaTypeCode (extensible): Used when the event is about exporting/importing onto media.
network		0..1	BackboneElement	Logical network location for application activity
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
address		0..1	string	Identifier for the network access point of the user device
type		0..1	code	The type of network access point Binding: AuditEventAgentNetworkType (required): The type of network access point of this agent in the audit event.
purposeOfUse		0..*	CodeableConcept	Reason given for this user Binding: PurposeOfUse (extensible): The reason the activity took place.
agent:client		1..1	BackboneElement	Actor involved in the event
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	CodeableConcept	How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (complex)
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://dicom.nema.org/resources/ontology/DCM
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 110150
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
text		0..1	string	Plain text representation of the concept
who	Σ	1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	Identifier of who
requestor	Σ	1..1	boolean	Whether user is initiator
policy	S	0..*	uri	Policy that authorized event
network		1..1	BackboneElement	Logical network location for application activity
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
address		0..1	string	Identifier for the network access point of the user device
type		0..1	code	The type of network access point Binding: AuditEventAgentNetworkType (required): The type of network access point of this agent in the audit event.
agent:user		1..1	BackboneElement	Actor involved in the event
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	CodeableConcept	How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (complex)
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/v3-ParticipationType
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: IRCP
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
text		0..1	string	Plain text representation of the concept
role	S	0..*	CodeableConcept	Agent role in the event Binding: SecurityRoleType (example): What security role enabled the agent to participate in the event.
who	Σ	1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	Identifier of who
name	S	0..1	string	Human friendly name for the agent
requestor	Σ	1..1	boolean	Whether user is initiator Required Pattern: true
policy	S	0..*	uri	Policy that authorized event
purposeOfUse	S	0..*	CodeableConcept	Reason given for this user Binding: PurposeOfUse (extensible): The reason the activity took place.
agent:userorg		1..1	BackboneElement	Actor involved in the event
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	CodeableConcept	How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (complex)
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/v3-RoleClass
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: PROV
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
text		0..1	string	Plain text representation of the concept
who	SΣ	1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	Identifier of who
requestor	Σ	1..1	boolean	Whether user is initiator Required Pattern: false
purposeOfUse	S	0..*	CodeableConcept	Reason given for this user Binding: PurposeOfUse (extensible): The reason the activity took place.
agent:authorizer	C	1..1	BackboneElement	Actor involved in the event val-audit-source: The Audit Source is this agent too.
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	CodeableConcept	How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
coding		1..*	Coding	Code defined by a terminology system Fixed Value: (complex)
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/extra-security-role-type
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: authserver
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
text		0..1	string	Plain text representation of the concept
who	Σ	1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	Identifier of who
requestor	Σ	1..1	boolean	Whether user is initiator Required Pattern: false
source		1..1	BackboneElement	Audit Event Reporter
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
site		0..1	string	Logical source location within the enterprise
observer	Σ	1..1	Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson)	The identity of source detecting the event
type		0..*	Coding	The type of source where event originated Binding: AuditEventSourceType (extensible): Code specifying the type of system that detected and recorded the event.
Slices for entity	C	2..*	BackboneElement	Data or objects used Slice: Unordered, Closed by value:type sev-1: Either a name or a query (NOT both)
entity:All Slices				Content/Rules for all slices
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
what	Σ	0..1	Reference(Resource)	Specific instance of resource
type		0..1	Coding	Type of entity involved Binding: AuditEventEntityType (extensible): Code for the entity type involved in the audit event.
role		0..1	Coding	What role the entity played Binding: AuditEventEntityRole (extensible): Code representing the role the entity played in the audit event.
lifecycle		0..1	Coding	Life-cycle stage for the entity Binding: ObjectLifecycleEvents (extensible): Identifier for the data life-cycle stage for the entity.
securityLabel		0..*	Coding	Security labels on the entity Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System.
name	ΣC	0..1	string	Descriptor for entity
description		0..1	string	Descriptive text
query	ΣC	0..1	base64Binary	Query parameters
detail		0..*	BackboneElement	Additional Information about the entity
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	string	Name of the property
value[x]		1..1		Property value
valueString			string
valueBase64Binary			base64Binary
entity:patient	C	1..1	BackboneElement	Data or objects used sev-1: Either a name or a query (NOT both)
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
what	Σ	1..1	Reference(Patient)	Specific instance of resource
type		1..1	Coding	Type of entity involved Binding: AuditEventEntityType (extensible): Code for the entity type involved in the audit event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/audit-entity-type
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 1
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
role		1..1	Coding	What role the entity played Binding: AuditEventEntityRole (extensible): Code representing the role the entity played in the audit event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://terminology.hl7.org/CodeSystem/object-role
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: 1
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
lifecycle		0..1	Coding	Life-cycle stage for the entity Binding: ObjectLifecycleEvents (extensible): Identifier for the data life-cycle stage for the entity.
securityLabel		0..*	Coding	Security labels on the entity Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System.
name	ΣC	0..1	string	Descriptor for entity
description		0..1	string	Descriptive text
query	ΣC	0..1	base64Binary	Query parameters
detail		0..*	BackboneElement	Additional Information about the entity
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	string	Name of the property
value[x]		1..1		Property value
valueString			string
valueBase64Binary			base64Binary
entity:consent	C	1..*	BackboneElement	Data or objects used sev-1: Either a name or a query (NOT both)
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
what	SΣ	1..1	Reference(Resource)	Specific instance of resource
type		1..1	Coding	Type of entity involved Binding: AuditEventEntityType (extensible): Code for the entity type involved in the audit event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: http://hl7.org/fhir/resource-types
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: Consent
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
role		0..1	Coding	What role the entity played Binding: AuditEventEntityRole (extensible): Code representing the role the entity played in the audit event.
lifecycle		0..1	Coding	Life-cycle stage for the entity Binding: ObjectLifecycleEvents (extensible): Identifier for the data life-cycle stage for the entity.
securityLabel		0..*	Coding	Security labels on the entity Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System.
name	ΣC	0..1	string	Descriptor for entity
description		0..1	string	Descriptive text
query	ΣC	0..1	base64Binary	Query parameters
detail		0..*	BackboneElement	Additional Information about the entity
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	string	Name of the property
value[x]		1..1		Property value
valueString			string
valueBase64Binary			base64Binary
entity:token	C	0..1	BackboneElement	Data or objects used sev-1: Either a name or a query (NOT both)
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
what	Σ	1..1	Reference(Resource)	Specific instance of resource
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations Slice: Unordered, Open by value:url
reference	ΣC	0..1	string	Literal reference, Relative, internal or absolute URL
type	Σ	0..1	uri	Type the reference refers to (e.g. "Patient") Binding: ResourceType (extensible): Aa resource (or, for logical models, the URI of the logical model).
identifier	Σ	1..1	Identifier	Logical reference, when literal reference is not known
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations Slice: Unordered, Open by value:url
use	?!Σ	0..1	code	usual | official | temp | secondary | old (If known) Binding: IdentifierUse (required): Identifies the purpose for this identifier, if known .
type	Σ	0..1	CodeableConcept	Description of identifier Binding: Identifier Type Codes (extensible): A coded type for an identifier that can be used to determine which identifier to use for a specific purpose.
system	Σ	0..1	uri	The namespace for the identifier value Example General: http://www.acme.com/identifiers/patient
value	Σ	1..1	string	jti (JWT ID) Example General: 123456
period	Σ	0..1	Period	Time period when id is/was valid for use
assigner	Σ	0..1	Reference(Organization)	Organization that issued id (may be just text)
display	Σ	0..1	string	Text alternative for the resource
type		1..1	Coding	Type of entity involved Binding: AuditEventEntityType (extensible): Code for the entity type involved in the audit event. Required Pattern: At least the following
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
system		1..1	uri	Identity of the terminology system Fixed Value: https://profiles.ihe.net/ITI/BALP/CodeSystem/UserAgentTypes
version		0..1	string	Version of the system - if relevant
code		1..1	code	Symbol in syntax defined by the system Fixed Value: UserOauthAgent
display		0..1	string	Representation defined by the system
userSelected		0..1	boolean	If this coding was chosen directly by the user
role		0..1	Coding	What role the entity played Binding: AuditEventEntityRole (extensible): Code representing the role the entity played in the audit event.
lifecycle		0..1	Coding	Life-cycle stage for the entity Binding: ObjectLifecycleEvents (extensible): Identifier for the data life-cycle stage for the entity.
securityLabel		0..*	Coding	Security labels on the entity Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System.
name	ΣC	0..1	string	Descriptor for entity
description		0..1	string	Descriptive text
query	ΣC	0..1	base64Binary	Query parameters
detail		0..*	BackboneElement	Additional Information about the entity
id		0..1	string	Unique id for inter-element referencing
extension		0..*	Extension	Additional content defined by implementations
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized
type		1..1	string	Name of the property
value[x]		1..1		Property value
valueString			string
valueBase64Binary			base64Binary
Documentation for this format

Terminology Bindings

Path	Conformance	ValueSet / Code	URI
AuditEvent.language	preferred	CommonLanguages Additional Bindings Purpose AllLanguages Max Binding http://hl7.org/fhir/ValueSet/languages from the FHIR Standard
AuditEvent.type	extensible	Pattern: 110113 http://hl7.org/fhir/ValueSet/audit-event-type from the FHIR Standard
AuditEvent.subtype	required	AuthZsubTypeVS (a valid code from Authorization subType events) https://profiles.ihe.net/ITI/BALP/ValueSet/AuthZsubTypeVS from this IG
AuditEvent.action	required	Pattern: E http://hl7.org/fhir/ValueSet/audit-event-action|4.0.1 from the FHIR Standard
AuditEvent.outcome	required	AuditEventOutcome http://hl7.org/fhir/ValueSet/audit-event-outcome|4.0.1 from the FHIR Standard
AuditEvent.purposeOfEvent	extensible	PurposeOfUse http://terminology.hl7.org/ValueSet/v3-PurposeOfUse
AuditEvent.agent.type	extensible	ParticipationRoleType http://hl7.org/fhir/ValueSet/participation-role-type from the FHIR Standard
AuditEvent.agent.role	example	SecurityRoleType http://hl7.org/fhir/ValueSet/security-role-type from the FHIR Standard
AuditEvent.agent.media	extensible	MediaTypeCode http://hl7.org/fhir/ValueSet/dicm-405-mediatype from the FHIR Standard
AuditEvent.agent.network.type	required	AuditEventAgentNetworkType http://hl7.org/fhir/ValueSet/network-type|4.0.1 from the FHIR Standard
AuditEvent.agent.purposeOfUse	extensible	PurposeOfUse http://terminology.hl7.org/ValueSet/v3-PurposeOfUse
AuditEvent.agent:client.type	extensible	Pattern: 110150 http://hl7.org/fhir/ValueSet/participation-role-type from the FHIR Standard
AuditEvent.agent:client.network.type	required	AuditEventAgentNetworkType http://hl7.org/fhir/ValueSet/network-type|4.0.1 from the FHIR Standard
AuditEvent.agent:user.type	extensible	Pattern: IRCP http://hl7.org/fhir/ValueSet/participation-role-type from the FHIR Standard
AuditEvent.agent:user.role	example	SecurityRoleType http://hl7.org/fhir/ValueSet/security-role-type from the FHIR Standard
AuditEvent.agent:user.network.type	required	AuditEventAgentNetworkType http://hl7.org/fhir/ValueSet/network-type|4.0.1 from the FHIR Standard
AuditEvent.agent:user.purposeOfUse	extensible	PurposeOfUse http://terminology.hl7.org/ValueSet/v3-PurposeOfUse
AuditEvent.agent:userorg.type	extensible	Pattern: PROV http://hl7.org/fhir/ValueSet/participation-role-type from the FHIR Standard
AuditEvent.agent:userorg.network.type	required	AuditEventAgentNetworkType http://hl7.org/fhir/ValueSet/network-type|4.0.1 from the FHIR Standard
AuditEvent.agent:userorg.purposeOfUse	extensible	PurposeOfUse http://terminology.hl7.org/ValueSet/v3-PurposeOfUse
AuditEvent.agent:authorizer.type	extensible	Pattern: authserver http://hl7.org/fhir/ValueSet/participation-role-type from the FHIR Standard
AuditEvent.agent:authorizer.network.type	required	AuditEventAgentNetworkType http://hl7.org/fhir/ValueSet/network-type|4.0.1 from the FHIR Standard
AuditEvent.source.type	extensible	AuditEventSourceType http://hl7.org/fhir/ValueSet/audit-source-type from the FHIR Standard
AuditEvent.entity.type	extensible	AuditEventEntityType http://hl7.org/fhir/ValueSet/audit-entity-type from the FHIR Standard
AuditEvent.entity.role	extensible	AuditEventEntityRole http://hl7.org/fhir/ValueSet/object-role from the FHIR Standard
AuditEvent.entity.lifecycle	extensible	ObjectLifecycleEvents http://hl7.org/fhir/ValueSet/object-lifecycle-events
AuditEvent.entity.securityLabel	extensible	All Security Labels http://hl7.org/fhir/ValueSet/security-labels from the FHIR Standard
AuditEvent.entity:patient.type	extensible	Pattern: 1 http://hl7.org/fhir/ValueSet/audit-entity-type from the FHIR Standard
AuditEvent.entity:patient.role	extensible	Pattern: 1 http://hl7.org/fhir/ValueSet/object-role from the FHIR Standard
AuditEvent.entity:patient.lifecycle	extensible	ObjectLifecycleEvents http://hl7.org/fhir/ValueSet/object-lifecycle-events
AuditEvent.entity:patient.securityLabel	extensible	All Security Labels http://hl7.org/fhir/ValueSet/security-labels from the FHIR Standard
AuditEvent.entity:consent.type	extensible	Pattern: Consent http://hl7.org/fhir/ValueSet/audit-entity-type from the FHIR Standard
AuditEvent.entity:consent.role	extensible	AuditEventEntityRole http://hl7.org/fhir/ValueSet/object-role from the FHIR Standard
AuditEvent.entity:consent.lifecycle	extensible	ObjectLifecycleEvents http://hl7.org/fhir/ValueSet/object-lifecycle-events
AuditEvent.entity:consent.securityLabel	extensible	All Security Labels http://hl7.org/fhir/ValueSet/security-labels from the FHIR Standard
AuditEvent.entity:token.what.type	extensible	ResourceType http://hl7.org/fhir/ValueSet/resource-types from the FHIR Standard
AuditEvent.entity:token.what.identifier.use	required	IdentifierUse http://hl7.org/fhir/ValueSet/identifier-use|4.0.1 from the FHIR Standard
AuditEvent.entity:token.what.identifier.type	extensible	Identifier Type Codes http://hl7.org/fhir/ValueSet/identifier-type from the FHIR Standard
AuditEvent.entity:token.type	extensible	Pattern: UserOauthAgent http://hl7.org/fhir/ValueSet/audit-entity-type from the FHIR Standard
AuditEvent.entity:token.role	extensible	AuditEventEntityRole http://hl7.org/fhir/ValueSet/object-role from the FHIR Standard
AuditEvent.entity:token.lifecycle	extensible	ObjectLifecycleEvents http://hl7.org/fhir/ValueSet/object-lifecycle-events
AuditEvent.entity:token.securityLabel	extensible	All Security Labels http://hl7.org/fhir/ValueSet/security-labels from the FHIR Standard

Constraints

Id	Grade	Path(s)	Details	Requirements
val-audit-source	error	AuditEvent.agent:authorizer	The Audit Source is this agent too. : $this.who = %resource.source.observer

This structure is derived from AuditEvent

Summary

Mandatory: 22 elements(4 nested mandatory elements)
Must-Support: 10 elements
Prohibited: 26 elements

Slices

This structure defines the following Slices:

• The element 1 is sliced based on the value of AuditEvent.agent
• The element 1 is sliced based on the value of AuditEvent.entity (Closed)