CH EPR FHIR (R4)
5.0.0-ci-build - ci-build Switzerland flag

CH EPR FHIR (R4), published by eHealth Suisse. This guide is not an authorized publication; it is the continuous build for version 5.0.0-ci-build built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/ehealthsuisse/ch-epr-fhir/ and changes regularly. See the Directory of published versions

Trace Context

Trace Context header

For all transaction described in this implementation guide, the HTTP traceparent header is specified. This header is defined in the W3C Trace Context Recommendation.

The header value is made of four parts separated by dashes: the version, trace-id, parent-id and trace-flags. For example:

GET /request HTTP/1.1
traceparent: 00-0af7651916cd43dd8448eb211c80319c-b7ad6b7169203331-00
  • The version is currently set to 00.
  • The trace-id is a unique identifier for this transaction instance (i.e. an HTTP request and its response). It is a 16-byte array encoded as 32 hexadecimal characters, all lowercase.
  • The parent-id is a unique identifier for this message. It is an 8-byte array, encoded as 16 hexadecimal characters, all lowercase.
  • The trace-flags is used to communicate tracing flags with the consumer. This implementation guide specifies no requirements for this field, it is recommended using the value 00.

Each actor shall support the traceparent header. Grouped actors shall use the same trace-id value to correlate IHE transactions.

Actors of all transactions SHALL support the W3C Trace Context Recommendation and SHOULD send the HTTP header traceparent in requests.

Moreover, when serving incoming requests, each actor SHALL:

  • Accept the HTTP header traceparent if it is contained in the incoming request and is a valid value, otherwise generate it.
  • Send the HTTP header traceparent in all requests induced by the incoming request, with the same value of the field trace-id as for the incoming request.

This allows all actors to correlate transactions that are related because they all stem from the same initial action, and facilitates logging, tracing and auditing. It also links transactions to their audit events, through the whole traceparent value. For example: when receiving a Find Document References [ITI-67] request, a Document Responder actor (with the Option Federated Cross Community Access) will need to query all other communities. For each of these queries, the Document Recipient actor sets the traceparent header with the same trace-id value and generate a new parent-id value.

Audit event requirements

The traceparent header value of a transaction SHALL be added to the generated Audit Event: for the client, the header value of the request; for the responder, the header value of the response. It is described as an AuditEvent.entity, with the type and role element as demonstrated below.

{
  "resourceType" : "AuditEvent",
  /* Rest of the AuditEvent */
  "entity" : [
    {
      "what" : {
        "identifier" : {
          "value" : "00-0af7651916cd43dd8448eb211c80319c-b7ad6b7169203331-00"
        }
      },
      "type" : {
        "system" : "http://terminology.hl7.org/CodeSystem/audit-entity-type",
        "code" : "4",
        "display" : "Other"
      },
      "role" : {
        "system" : "http://terminology.hl7.org/CodeSystem/object-role",
        "code" : "26",
        "display" : "Processing Element"
      }
    }
  ]
}