Basic Audit Log Patterns (BALP)
1.1.4-current - ci-build International flag

Basic Audit Log Patterns (BALP), published by IHE IT Infrastructure Technical Committee. This guide is not an authorized publication; it is the continuous build for version 1.1.4-current built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/qligier/ITI.BasicAudit/ and changes regularly. See the Directory of published versions

Resource Profile: SAMLaccessTokenUseComprehensive - Detailed Descriptions

Active as of 2024-10-25

Definitions for the IHE.BasicAudit.SAMLaccessTokenUse.Comprehensive resource profile.

Guidance on how to interpret the contents of this table can be found here

0. AuditEvent
2. AuditEvent.agent
SlicingThis element introduces a set of slices on AuditEvent.agent. The slices areUnordered and Open, and can be differentiated using the following discriminators:
  • pattern @ type
  • 4. AuditEvent.agent.extension
    SlicingThis element introduces a set of slices on AuditEvent.agent.extension. The slices areUnordered and Open, and can be differentiated using the following discriminators:
    • value @ url
    • 6. AuditEvent.agent.extension:assuranceLevel
      Slice NameassuranceLevel
      Control0..*
      TypeExtension(AuditEvent.agent Assurance Level) (Extension Type: CodeableConcept)
      Must Supporttrue
      8. AuditEvent.agent.extension:otherId
      Slice NameotherId
      Control0..*
      TypeExtension(AuditEvent.agent other identifiers) (Extension Type: Identifier)
      Must Supporttrue
      10. AuditEvent.agent:user
      Slice Nameuser
      Control1..*
      12. AuditEvent.agent:user.extension
      SlicingThis element introduces a set of slices on AuditEvent.agent.extension. The slices areUnordered and Open, and can be differentiated using the following discriminators:
      • value @ url
      • value @ value.ofType(Identifier).type
      • 14. AuditEvent.agent:user.extension:assuranceLevel
        Slice NameassuranceLevel
        Control0..*
        TypeExtension(AuditEvent.agent Assurance Level) (Extension Type: CodeableConcept)
        Must Supporttrue
        16. AuditEvent.agent:user.extension:otherId
        Slice NameotherId
        Control0..*
        TypeExtension(AuditEvent.agent other identifiers) (Extension Type: Identifier)
        Must Supporttrue
        18. AuditEvent.agent:user.extension:otherId/subject-id
        Slice NameotherId/subject-id
        Control0..*
        20. AuditEvent.agent:user.extension:otherId/subject-id.value[x]
        [x] NoteSeeChoice of Data Typesfor further information about how to use [x]
        22. AuditEvent.agent:user.extension:otherId/subject-id.value[x].type
        Pattern Value{
          "coding" : [{
            "system" : "https://profiles.ihe.net/ITI/BALP/CodeSystem/OtherIdentifierTypes",
            "code" : "SAML-subject-id"
          }]
        }
        24. AuditEvent.agent:user.extension:otherId/subject-id.value[x].value
        ShortSAML Attribute subject-id
        Control1..?
        Must Supporttrue
        26. AuditEvent.agent:user.extension:otherId/npi
        Slice NameotherId/npi
        Control0..*
        28. AuditEvent.agent:user.extension:otherId/npi.value[x]
        [x] NoteSeeChoice of Data Typesfor further information about how to use [x]
        30. AuditEvent.agent:user.extension:otherId/npi.value[x].type
        Pattern Value{
          "coding" : [{
            "system" : "http://terminology.hl7.org/CodeSystem/v2-0203",
            "code" : "NPI"
          }]
        }
        32. AuditEvent.agent:user.extension:otherId/npi.value[x].value
        ShortSAML Attribute npi
        Control1..?
        Must Supporttrue
        34. AuditEvent.agent:user.extension:otherId/provider-id
        Slice NameotherId/provider-id
        Control0..*
        36. AuditEvent.agent:user.extension:otherId/provider-id.value[x]
        [x] NoteSeeChoice of Data Typesfor further information about how to use [x]
        38. AuditEvent.agent:user.extension:otherId/provider-id.value[x].type
        Pattern Value{
          "coding" : [{
            "system" : "http://terminology.hl7.org/CodeSystem/v2-0203",
            "code" : "PRN"
          }]
        }
        40. AuditEvent.agent:user.extension:otherId/provider-id.value[x].value
        ShortSAML Attribute provider-identifier
        Control1..?
        Must Supporttrue
        42. AuditEvent.agent:user.type
        Control1..?
        Pattern Value{
          "coding" : [{
            "system" : "https://profiles.ihe.net/ITI/BALP/CodeSystem/UserAgentTypes",
            "code" : "UserSamlAgent"
          }]
        }
        44. AuditEvent.agent:user.role
        ShortSAML subject:role(s)
        Must Supporttrue
        46. AuditEvent.agent:user.who
        Control1..?
        48. AuditEvent.agent:user.who.identifier
        NoteThis is a business identifier, not a resource identifier (see discussion)
        50. AuditEvent.agent:user.who.identifier.system
        ShortSAML Issuer
        Must Supporttrue
        52. AuditEvent.agent:user.who.identifier.value
        ShortSAML Subject.NameID
        Control1..?
        Must Supporttrue
        54. AuditEvent.agent:user.altId
        Control0..0
        56. AuditEvent.agent:user.requestor
        Pattern Valuetrue
        58. AuditEvent.agent:user.policy
        ShortSAML token ID
        Control1..1
        Must Supporttrue
        60. AuditEvent.agent:user.media
        Control0..0
        62. AuditEvent.agent:user.network
        Control0..0
        64. AuditEvent.agent:user.purposeOfUse
        ShortSAML subject:purposeofuse
        Must Supporttrue
        66. AuditEvent.agent:userorg
        Slice Nameuserorg
        Control0..*
        68. AuditEvent.agent:userorg.extension:assuranceLevel
        Slice NameassuranceLevel
        Control0..*
        TypeExtension(AuditEvent.agent Assurance Level) (Extension Type: CodeableConcept)
        Must Supporttrue
        70. AuditEvent.agent:userorg.extension:otherId
        Slice NameotherId
        Control0..*
        TypeExtension(AuditEvent.agent other identifiers) (Extension Type: Identifier)
        Must Supporttrue
        72. AuditEvent.agent:userorg.type
        Control1..?
        Pattern Value{
          "coding" : [{
            "system" : "http://terminology.hl7.org/CodeSystem/v3-RoleClass",
            "code" : "PROV"
          }]
        }
        74. AuditEvent.agent:userorg.role
        Control0..0
        76. AuditEvent.agent:userorg.who
        78. AuditEvent.agent:userorg.who.identifier
        NoteThis is a business identifier, not a resource identifier (see discussion)
        80. AuditEvent.agent:userorg.who.identifier.value
        ShortSAML Attribute urn:oasis:names:tc:xspa:1.0:subject:organization-id
        Control1..?
        Must Supporttrue
        82. AuditEvent.agent:userorg.who.display
        ShortSAML Attribute urn:oasis:names:tc:xspa:1.0:subject:organization
        Control1..?
        Must Supporttrue
        84. AuditEvent.agent:userorg.altId
        Control0..0
        86. AuditEvent.agent:userorg.name
        Control0..0
        88. AuditEvent.agent:userorg.requestor
        Pattern Valuefalse
        90. AuditEvent.agent:userorg.location
        Control0..0
        92. AuditEvent.agent:userorg.policy
        Control0..0
        94. AuditEvent.agent:userorg.media
        Control0..0
        96. AuditEvent.agent:userorg.network
        Control0..0
        98. AuditEvent.agent:userorg.purposeOfUse
        Control0..0
        100. AuditEvent.agent:homeCommunityId
        Slice NamehomeCommunityId
        Control0..*
        102. AuditEvent.agent:homeCommunityId.extension:assuranceLevel
        Slice NameassuranceLevel
        Control0..*
        TypeExtension(AuditEvent.agent Assurance Level) (Extension Type: CodeableConcept)
        Must Supporttrue
        104. AuditEvent.agent:homeCommunityId.extension:otherId
        Slice NameotherId
        Control0..*
        TypeExtension(AuditEvent.agent other identifiers) (Extension Type: Identifier)
        Must Supporttrue
        106. AuditEvent.agent:homeCommunityId.type
        Control1..?
        Pattern Value{
          "coding" : [{
            "system" : "urn:ihe:iti:xca:2010",
            "code" : "homeCommunityId"
          }]
        }
        108. AuditEvent.agent:homeCommunityId.role
        Control0..0
        110. AuditEvent.agent:homeCommunityId.who
        112. AuditEvent.agent:homeCommunityId.who.identifier
        ShorthomeCommunityId
        NoteThis is a business identifier, not a resource identifier (see discussion)
        Control1..?
        Must Supporttrue
        114. AuditEvent.agent:homeCommunityId.altId
        Control0..0
        116. AuditEvent.agent:homeCommunityId.name
        Control0..0
        118. AuditEvent.agent:homeCommunityId.requestor
        Pattern Valuefalse
        120. AuditEvent.agent:homeCommunityId.location
        Control0..0
        122. AuditEvent.agent:homeCommunityId.policy
        Control0..0
        124. AuditEvent.agent:homeCommunityId.media
        Control0..0
        126. AuditEvent.agent:homeCommunityId.network
        Control0..0
        128. AuditEvent.agent:homeCommunityId.purposeOfUse
        Control0..0
        130. AuditEvent.entity
        SlicingThis element introduces a set of slices on AuditEvent.entity. The slices areUnordered and Open, and can be differentiated using the following discriminators:
        • pattern @ type
        • 132. AuditEvent.entity:consent
          Slice Nameconsent
          Control0..*
          134. AuditEvent.entity:consent.what
          136. AuditEvent.entity:consent.what.identifier
          ShortBPPC Patient Privacy Policy Acknowledgement Document unique id
          NoteThis is a business identifier, not a resource identifier (see discussion)
          Must Supporttrue
          138. AuditEvent.entity:consent.type
          Control1..?
          Pattern Value{
            "system" : "http://hl7.org/fhir/resource-types",
            "code" : "Consent"
          }
          140. AuditEvent.entity:consent.detail
          SlicingThis element introduces a set of slices on AuditEvent.entity.detail. The slices areUnordered and Open, and can be differentiated using the following discriminators:
          • pattern @ type
          • 142. AuditEvent.entity:consent.detail:acp
            Slice Nameacp
            ShortHome Community ID where the Consent is.
            Control0..1
            144. AuditEvent.entity:consent.detail:acp.type
            Pattern Valueurn:ihe:iti:xua:2012:acp
            146. AuditEvent.entity:consent.detail:acp.value[x]
            Typestring
            [x] NoteSeeChoice of Data Typesfor further information about how to use [x]
            Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
            148. AuditEvent.entity:consent.detail:patient-id
            Slice Namepatient-id
            ShortThe Patient Identity where the Consent is.
            Control0..1
            150. AuditEvent.entity:consent.detail:patient-id.type
            Pattern Valueurn:oasis:names:tc:xacml:2.0:resource:resource-id
            152. AuditEvent.entity:consent.detail:patient-id.value[x]
            Typestring
            [x] NoteSeeChoice of Data Typesfor further information about how to use [x]
            Primitive ValueThis primitive element may be present, or absent, or replaced by an extension

            Guidance on how to interpret the contents of this table can be found here

            0. AuditEvent
            Definition

            A record of an event made for purposes of maintaining a security log. Typical uses include detection of intrusion attempts and monitoring for inappropriate usage.

            ShortEvent record kept for security purposes
            Comments

            Based on IHE-ATNA.

            Control0..*
            Is Modifierfalse
            Summaryfalse
            Invariantsdom-2: If the resource is contained in another resource, it SHALL NOT contain nested Resources (contained.contained.empty())
            dom-3: If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource (contained.where((('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(canonical) = '#').exists()).not()).trace('unmatched', id).empty())
            dom-4: If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated (contained.meta.versionId.empty() and contained.meta.lastUpdated.empty())
            dom-5: If a resource is contained in another resource, it SHALL NOT have a security label (contained.meta.security.empty())
            dom-6: A resource should have narrative for robust management (text.`div`.exists())
            2. AuditEvent.implicitRules
            Definition

            A reference to a set of rules that were followed when the resource was constructed, and which must be understood when processing the content. Often, this is a reference to an implementation guide that defines the special rules along with other profiles etc.

            ShortA set of rules under which this content was created
            Comments

            Asserting this rule set restricts the content to be only understood by a limited set of trading partners. This inherently limits the usefulness of the data in the long term. However, the existing health eco-system is highly fractured, and not yet ready to define, collect, and exchange data in a generally computable sense. Wherever possible, implementers and/or specification writers should avoid using this element. Often, when used, the URL is a reference to an implementation guide that defines these special rules as part of it's narrative along with other profiles, value sets, etc.

            Control0..1
            Typeuri
            Is Modifiertrue because This element is labeled as a modifier because the implicit rules may provide additional knowledge about the resource that modifies it's meaning or interpretation
            Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
            Summarytrue
            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
            4. AuditEvent.modifierExtension
            Definition

            May be used to represent additional information that is not part of the basic definition of the resource and that modifies the understanding of the element that contains it and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer is allowed to define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.

            Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).

            ShortExtensions that cannot be ignored
            Comments

            There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

            Control0..*
            TypeExtension
            Is Modifiertrue because Modifier extensions are expected to modify the meaning or interpretation of the resource that contains them
            Summaryfalse
            Requirements

            Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.

            Alternate Namesextensions, user content
            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
            ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
            6. AuditEvent.type
            Definition

            Identifier for a family of the event. For example, a menu item, program, rule, policy, function code, application name or URL. It identifies the performed function.

            ShortType/identifier of event
            Control1..1
            BindingUnless not suitable, these codes SHALL be taken from AuditEventIDhttp://hl7.org/fhir/ValueSet/audit-event-type
            (extensible to http://hl7.org/fhir/ValueSet/audit-event-type)

            Type of event.

            TypeCoding
            Is Modifierfalse
            Summarytrue
            Requirements

            This identifies the performed function. For "Execute" Event Action Code audit records, this identifies the application function performed.

            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
            8. AuditEvent.recorded
            Definition

            The time when the event was recorded.

            ShortTime when the event was recorded
            Comments

            In a distributed system, some sort of common time base (e.g. an NTP [RFC1305] server) is a good implementation tactic.

            Control1..1
            Typeinstant
            Is Modifierfalse
            Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
            Summarytrue
            Requirements

            This ties an event to a specific date and time. Security audits typically require a consistent time base (e.g. UTC), to eliminate time-zone issues arising from geographical distribution.

            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
            10. AuditEvent.agent
            Definition

            An actor taking an active role in the event or activity that is logged.

            ShortActor involved in the event
            Comments

            Several agents may be associated (i.e. have some responsibility for an activity) with an event or activity.

            For example, an activity may be initiated by one user for other users or involve more than one user. However, only one user may be the initiator/requestor for the activity.

            Control1..*
            TypeBackboneElement
            Is Modifierfalse
            Summaryfalse
            Requirements

            An agent can be a person, an organization, software, device, or other actors that may be ascribed responsibility.

            Alternate NamesActiveParticipant
            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
            SlicingThis element introduces a set of slices on AuditEvent.agent. The slices areUnordered and Open, and can be differentiated using the following discriminators:
            • pattern @ type
            • 12. AuditEvent.agent.extension
              Definition

              An Extension


              May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.

              ShortExtensionAdditional content defined by implementations
              Comments

              There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

              Control0..*
              TypeExtension
              Is Modifierfalse
              Summaryfalse
              Alternate Namesextensions, user content
              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
              ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
              SlicingThis element introduces a set of slices on AuditEvent.agent.extension. The slices areUnordered and Open, and can be differentiated using the following discriminators:
              • value @ url
              • 14. AuditEvent.agent.extension:assuranceLevel
                Slice NameassuranceLevel
                Definition

                The assuranceLevel element carries various types of Assurance level. May be an Identity Assurance (IAL), an Authentication Assurance Level (AAL), a Federation Assurance Level (FAL), or other.

                In SAML this is defined to be carried in the saml:AuthnContextClassRef, but may be carried elsewhere based on the use-case and profiling of SAML.

                The Vocabulary is not defined here. Some sources of vocabulary:

                ShortAuditEvent.agent Assurance Level
                Control0..*
                This element is affected by the following invariants: ele-1
                TypeExtension(AuditEvent.agent Assurance Level) (Extension Type: CodeableConcept)
                Is Modifierfalse
                Must Supporttrue
                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                16. AuditEvent.agent.extension:otherId
                Slice NameotherId
                Definition

                Carries other identifiers are known for an agent.

                ShortAuditEvent.agent other identifiers
                Control0..*
                This element is affected by the following invariants: ele-1
                TypeExtension(AuditEvent.agent other identifiers) (Extension Type: Identifier)
                Is Modifierfalse
                Must Supporttrue
                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                18. AuditEvent.agent.modifierExtension
                Definition

                May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.

                Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).

                ShortExtensions that cannot be ignored even if unrecognized
                Comments

                There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                Control0..*
                TypeExtension
                Is Modifiertrue because Modifier extensions are expected to modify the meaning or interpretation of the element that contains them
                Summarytrue
                Requirements

                Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.

                Alternate Namesextensions, user content, modifiers
                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                20. AuditEvent.agent.requestor
                Definition

                Indicator that the user is or is not the requestor, or initiator, for the event being audited.

                ShortWhether user is initiator
                Comments

                There can only be one initiator. If the initiator is not clear, then do not choose any one agent as the initiator.

                Control1..1
                Typeboolean
                Is Modifierfalse
                Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                Summarytrue
                Requirements

                This value is used to distinguish between requestor-users and recipient-users. For example, one person may initiate a report-output to be sent to another user.

                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                22. AuditEvent.agent:user
                Slice Nameuser
                Definition

                An actor taking an active role in the event or activity that is logged.

                ShortActor involved in the event
                Comments

                Several agents may be associated (i.e. have some responsibility for an activity) with an event or activity.

                For example, an activity may be initiated by one user for other users or involve more than one user. However, only one user may be the initiator/requestor for the activity.

                Control1..*
                TypeBackboneElement
                Is Modifierfalse
                Summaryfalse
                Requirements

                An agent can be a person, an organization, software, device, or other actors that may be ascribed responsibility.

                Alternate NamesActiveParticipant
                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                24. AuditEvent.agent:user.extension
                Definition

                An Extension


                May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.

                ShortExtensionAdditional content defined by implementations
                Comments

                There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                Control0..*
                TypeExtension
                Is Modifierfalse
                Summaryfalse
                Alternate Namesextensions, user content
                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                SlicingThis element introduces a set of slices on AuditEvent.agent.extension. The slices areUnordered and Open, and can be differentiated using the following discriminators:
                • value @ url
                • value @ value.ofType(Identifier).type
                • 26. AuditEvent.agent:user.extension:assuranceLevel
                  Slice NameassuranceLevel
                  Definition

                  The assuranceLevel element carries various types of Assurance level. May be an Identity Assurance (IAL), an Authentication Assurance Level (AAL), a Federation Assurance Level (FAL), or other.

                  In SAML this is defined to be carried in the saml:AuthnContextClassRef, but may be carried elsewhere based on the use-case and profiling of SAML.

                  The Vocabulary is not defined here. Some sources of vocabulary:

                  ShortAuditEvent.agent Assurance Level
                  Control0..*
                  This element is affected by the following invariants: ele-1
                  TypeExtension(AuditEvent.agent Assurance Level) (Extension Type: CodeableConcept)
                  Is Modifierfalse
                  Must Supporttrue
                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                  ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                  ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                  28. AuditEvent.agent:user.extension:otherId
                  Slice NameotherId
                  Definition

                  Carries other identifiers are known for an agent.

                  ShortAuditEvent.agent other identifiers
                  Control0..*
                  This element is affected by the following invariants: ele-1
                  TypeExtension(AuditEvent.agent other identifiers) (Extension Type: Identifier)
                  Is Modifierfalse
                  Must Supporttrue
                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                  ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                  ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                  30. AuditEvent.agent:user.extension:otherId/subject-id
                  Slice NameotherId/subject-id
                  Definition

                  Carries other identifiers are known for an agent.

                  ShortAuditEvent.agent other identifiers
                  Control0..*
                  This element is affected by the following invariants: ele-1
                  TypeExtension(AuditEvent.agent other identifiers) (Extension Type: Identifier)
                  Is Modifierfalse
                  Must Supporttrue
                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                  ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                  ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                  32. AuditEvent.agent:user.extension:otherId/subject-id.extension
                  Definition

                  An Extension


                  May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.

                  ShortExtensionAdditional content defined by implementations
                  Comments

                  There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                  Control0..0*
                  TypeExtension
                  Is Modifierfalse
                  Summaryfalse
                  Alternate Namesextensions, user content
                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                  ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                  SlicingThis element introduces a set of slices on AuditEvent.agent.extension.extension. The slices areUnordered and Open, and can be differentiated using the following discriminators:
                  • value @ url
                  • 34. AuditEvent.agent:user.extension:otherId/subject-id.url
                    Definition

                    Source of the definition for the extension code - a logical name or a URL.

                    Shortidentifies the meaning of the extension
                    Comments

                    The definition may point directly to a computable or human-readable definition of the extensibility codes, or it may be a logical URI as declared in some other specification. The definition SHALL be a URI for the Structure Definition defining the extension.

                    Control1..1
                    Typeuri
                    Is Modifierfalse
                    XML FormatIn the XML format, this property is represented as an attribute.
                    Summaryfalse
                    Fixed Valuehttps://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-otherId
                    36. AuditEvent.agent:user.extension:otherId/subject-id.value[x]
                    Definition

                    Value of extension - must be one of a constrained set of the data types (see Extensibility for a list).

                    ShortValue of extension
                    Control10..1
                    TypeIdentifier, date, Meta, Address, Attachment, integer, Count, DataRequirement, Dosage, uuid, Coding, SampledData, id, positiveInt, Distance, Period, Duration, canonical, Range, RelatedArtifact, base64Binary, UsageContext, Timing, decimal, CodeableConcept, ParameterDefinition, dateTime, code, string, Contributor, oid, instant, ContactPoint, HumanName, Money, markdown, Ratio, Age, Reference, TriggerDefinition, Quantity, uri, url, Annotation, ContactDetail, boolean, Expression, Signature, unsignedInt, time
                    [x] NoteSeeChoice of Data Typesfor further information about how to use [x]
                    Is Modifierfalse
                    Summaryfalse
                    Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                    38. AuditEvent.agent:user.extension:otherId/subject-id.value[x].use
                    Definition

                    The purpose of this identifier.

                    Shortusual | official | temp | secondary | old (If known)
                    Comments

                    Applications can assume that an identifier is permanent unless it explicitly says that it is temporary.

                    Control0..1
                    BindingThe codes SHALL be taken from IdentifierUsehttp://hl7.org/fhir/ValueSet/identifier-use|4.0.1
                    (required to http://hl7.org/fhir/ValueSet/identifier-use|4.0.1)

                    Identifies the purpose for this identifier, if known .

                    Typecode
                    Is Modifiertrue because This is labeled as "Is Modifier" because applications should not mistake a temporary id for a permanent one.
                    Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                    Summarytrue
                    Requirements

                    Allows the appropriate identifier for a particular context of use to be selected from among a set of identifiers.

                    Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                    40. AuditEvent.agent:user.extension:otherId/subject-id.value[x].type
                    Definition

                    A coded type for the identifier that can be used to determine which identifier to use for a specific purpose.

                    ShortDescription of identifier
                    Comments

                    This element deals only with general categories of identifiers. It SHOULD not be used for codes that correspond 1..1 with the Identifier.system. Some identifiers may fall into multiple categories due to common usage. Where the system is known, a type is unnecessary because the type is always part of the system definition. However systems often need to handle identifiers where the system is not known. There is not a 1:1 relationship between type and system, since many different systems have the same type.

                    Control0..1
                    BindingUnless not suitable, these codes SHALL be taken from Identifier Type Codeshttp://hl7.org/fhir/ValueSet/identifier-type
                    (extensible to http://hl7.org/fhir/ValueSet/identifier-type)

                    A coded type for an identifier that can be used to determine which identifier to use for a specific purpose.

                    TypeCodeableConcept
                    Is Modifierfalse
                    Summarytrue
                    Requirements

                    Allows users to make use of identifiers when the identifier system is not known.

                    Pattern Value{
                      "coding" : [{
                        "system" : "https://profiles.ihe.net/ITI/BALP/CodeSystem/OtherIdentifierTypes",
                        "code" : "SAML-subject-id"
                      }]
                    }
                    Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                    42. AuditEvent.agent:user.extension:otherId/subject-id.value[x].value
                    Definition

                    The portion of the identifier typically relevant to the user and which is unique within the context of the system.

                    ShortSAML Attribute subject-idThe value that is unique
                    Comments

                    If the value is a full URI, then the system SHALL be urn:ietf:rfc:3986. The value's primary purpose is computational mapping. As a result, it may be normalized for comparison purposes (e.g. removing non-significant whitespace, dashes, etc.) A value formatted for human display can be conveyed using the Rendered Value extension. Identifier.value is to be treated as case sensitive unless knowledge of the Identifier.system allows the processer to be confident that non-case-sensitive processing is safe.

                    Control10..1
                    Typestring
                    Is Modifierfalse
                    Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                    Must Supporttrue
                    Summarytrue
                    Example<br/><b>General</b>:123456
                    Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                    44. AuditEvent.agent:user.extension:otherId/npi
                    Slice NameotherId/npi
                    Definition

                    Carries other identifiers are known for an agent.

                    ShortAuditEvent.agent other identifiers
                    Control0..*
                    This element is affected by the following invariants: ele-1
                    TypeExtension(AuditEvent.agent other identifiers) (Extension Type: Identifier)
                    Is Modifierfalse
                    Must Supporttrue
                    Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                    ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                    ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                    46. AuditEvent.agent:user.extension:otherId/npi.extension
                    Definition

                    An Extension


                    May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.

                    ShortExtensionAdditional content defined by implementations
                    Comments

                    There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                    Control0..0*
                    TypeExtension
                    Is Modifierfalse
                    Summaryfalse
                    Alternate Namesextensions, user content
                    Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                    ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                    SlicingThis element introduces a set of slices on AuditEvent.agent.extension.extension. The slices areUnordered and Open, and can be differentiated using the following discriminators:
                    • value @ url
                    • 48. AuditEvent.agent:user.extension:otherId/npi.url
                      Definition

                      Source of the definition for the extension code - a logical name or a URL.

                      Shortidentifies the meaning of the extension
                      Comments

                      The definition may point directly to a computable or human-readable definition of the extensibility codes, or it may be a logical URI as declared in some other specification. The definition SHALL be a URI for the Structure Definition defining the extension.

                      Control1..1
                      Typeuri
                      Is Modifierfalse
                      XML FormatIn the XML format, this property is represented as an attribute.
                      Summaryfalse
                      Fixed Valuehttps://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-otherId
                      50. AuditEvent.agent:user.extension:otherId/npi.value[x]
                      Definition

                      Value of extension - must be one of a constrained set of the data types (see Extensibility for a list).

                      ShortValue of extension
                      Control10..1
                      TypeIdentifier, date, Meta, Address, Attachment, integer, Count, DataRequirement, Dosage, uuid, Coding, SampledData, id, positiveInt, Distance, Period, Duration, canonical, Range, RelatedArtifact, base64Binary, UsageContext, Timing, decimal, CodeableConcept, ParameterDefinition, dateTime, code, string, Contributor, oid, instant, ContactPoint, HumanName, Money, markdown, Ratio, Age, Reference, TriggerDefinition, Quantity, uri, url, Annotation, ContactDetail, boolean, Expression, Signature, unsignedInt, time
                      [x] NoteSeeChoice of Data Typesfor further information about how to use [x]
                      Is Modifierfalse
                      Summaryfalse
                      Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                      52. AuditEvent.agent:user.extension:otherId/npi.value[x].use
                      Definition

                      The purpose of this identifier.

                      Shortusual | official | temp | secondary | old (If known)
                      Comments

                      Applications can assume that an identifier is permanent unless it explicitly says that it is temporary.

                      Control0..1
                      BindingThe codes SHALL be taken from IdentifierUsehttp://hl7.org/fhir/ValueSet/identifier-use|4.0.1
                      (required to http://hl7.org/fhir/ValueSet/identifier-use|4.0.1)

                      Identifies the purpose for this identifier, if known .

                      Typecode
                      Is Modifiertrue because This is labeled as "Is Modifier" because applications should not mistake a temporary id for a permanent one.
                      Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                      Summarytrue
                      Requirements

                      Allows the appropriate identifier for a particular context of use to be selected from among a set of identifiers.

                      Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                      54. AuditEvent.agent:user.extension:otherId/npi.value[x].type
                      Definition

                      A coded type for the identifier that can be used to determine which identifier to use for a specific purpose.

                      ShortDescription of identifier
                      Comments

                      This element deals only with general categories of identifiers. It SHOULD not be used for codes that correspond 1..1 with the Identifier.system. Some identifiers may fall into multiple categories due to common usage. Where the system is known, a type is unnecessary because the type is always part of the system definition. However systems often need to handle identifiers where the system is not known. There is not a 1:1 relationship between type and system, since many different systems have the same type.

                      Control0..1
                      BindingUnless not suitable, these codes SHALL be taken from Identifier Type Codeshttp://hl7.org/fhir/ValueSet/identifier-type
                      (extensible to http://hl7.org/fhir/ValueSet/identifier-type)

                      A coded type for an identifier that can be used to determine which identifier to use for a specific purpose.

                      TypeCodeableConcept
                      Is Modifierfalse
                      Summarytrue
                      Requirements

                      Allows users to make use of identifiers when the identifier system is not known.

                      Pattern Value{
                        "coding" : [{
                          "system" : "http://terminology.hl7.org/CodeSystem/v2-0203",
                          "code" : "NPI"
                        }]
                      }
                      Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                      56. AuditEvent.agent:user.extension:otherId/npi.value[x].value
                      Definition

                      The portion of the identifier typically relevant to the user and which is unique within the context of the system.

                      ShortSAML Attribute npiThe value that is unique
                      Comments

                      If the value is a full URI, then the system SHALL be urn:ietf:rfc:3986. The value's primary purpose is computational mapping. As a result, it may be normalized for comparison purposes (e.g. removing non-significant whitespace, dashes, etc.) A value formatted for human display can be conveyed using the Rendered Value extension. Identifier.value is to be treated as case sensitive unless knowledge of the Identifier.system allows the processer to be confident that non-case-sensitive processing is safe.

                      Control10..1
                      Typestring
                      Is Modifierfalse
                      Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                      Must Supporttrue
                      Summarytrue
                      Example<br/><b>General</b>:123456
                      Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                      58. AuditEvent.agent:user.extension:otherId/provider-id
                      Slice NameotherId/provider-id
                      Definition

                      Carries other identifiers are known for an agent.

                      ShortAuditEvent.agent other identifiers
                      Control0..*
                      This element is affected by the following invariants: ele-1
                      TypeExtension(AuditEvent.agent other identifiers) (Extension Type: Identifier)
                      Is Modifierfalse
                      Must Supporttrue
                      Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                      ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                      ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                      60. AuditEvent.agent:user.extension:otherId/provider-id.extension
                      Definition

                      An Extension


                      May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.

                      ShortExtensionAdditional content defined by implementations
                      Comments

                      There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                      Control0..0*
                      TypeExtension
                      Is Modifierfalse
                      Summaryfalse
                      Alternate Namesextensions, user content
                      Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                      ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                      SlicingThis element introduces a set of slices on AuditEvent.agent.extension.extension. The slices areUnordered and Open, and can be differentiated using the following discriminators:
                      • value @ url
                      • 62. AuditEvent.agent:user.extension:otherId/provider-id.url
                        Definition

                        Source of the definition for the extension code - a logical name or a URL.

                        Shortidentifies the meaning of the extension
                        Comments

                        The definition may point directly to a computable or human-readable definition of the extensibility codes, or it may be a logical URI as declared in some other specification. The definition SHALL be a URI for the Structure Definition defining the extension.

                        Control1..1
                        Typeuri
                        Is Modifierfalse
                        XML FormatIn the XML format, this property is represented as an attribute.
                        Summaryfalse
                        Fixed Valuehttps://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-otherId
                        64. AuditEvent.agent:user.extension:otherId/provider-id.value[x]
                        Definition

                        Value of extension - must be one of a constrained set of the data types (see Extensibility for a list).

                        ShortValue of extension
                        Control10..1
                        TypeIdentifier, date, Meta, Address, Attachment, integer, Count, DataRequirement, Dosage, uuid, Coding, SampledData, id, positiveInt, Distance, Period, Duration, canonical, Range, RelatedArtifact, base64Binary, UsageContext, Timing, decimal, CodeableConcept, ParameterDefinition, dateTime, code, string, Contributor, oid, instant, ContactPoint, HumanName, Money, markdown, Ratio, Age, Reference, TriggerDefinition, Quantity, uri, url, Annotation, ContactDetail, boolean, Expression, Signature, unsignedInt, time
                        [x] NoteSeeChoice of Data Typesfor further information about how to use [x]
                        Is Modifierfalse
                        Summaryfalse
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        66. AuditEvent.agent:user.extension:otherId/provider-id.value[x].use
                        Definition

                        The purpose of this identifier.

                        Shortusual | official | temp | secondary | old (If known)
                        Comments

                        Applications can assume that an identifier is permanent unless it explicitly says that it is temporary.

                        Control0..1
                        BindingThe codes SHALL be taken from IdentifierUsehttp://hl7.org/fhir/ValueSet/identifier-use|4.0.1
                        (required to http://hl7.org/fhir/ValueSet/identifier-use|4.0.1)

                        Identifies the purpose for this identifier, if known .

                        Typecode
                        Is Modifiertrue because This is labeled as "Is Modifier" because applications should not mistake a temporary id for a permanent one.
                        Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                        Summarytrue
                        Requirements

                        Allows the appropriate identifier for a particular context of use to be selected from among a set of identifiers.

                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        68. AuditEvent.agent:user.extension:otherId/provider-id.value[x].type
                        Definition

                        A coded type for the identifier that can be used to determine which identifier to use for a specific purpose.

                        ShortDescription of identifier
                        Comments

                        This element deals only with general categories of identifiers. It SHOULD not be used for codes that correspond 1..1 with the Identifier.system. Some identifiers may fall into multiple categories due to common usage. Where the system is known, a type is unnecessary because the type is always part of the system definition. However systems often need to handle identifiers where the system is not known. There is not a 1:1 relationship between type and system, since many different systems have the same type.

                        Control0..1
                        BindingUnless not suitable, these codes SHALL be taken from Identifier Type Codeshttp://hl7.org/fhir/ValueSet/identifier-type
                        (extensible to http://hl7.org/fhir/ValueSet/identifier-type)

                        A coded type for an identifier that can be used to determine which identifier to use for a specific purpose.

                        TypeCodeableConcept
                        Is Modifierfalse
                        Summarytrue
                        Requirements

                        Allows users to make use of identifiers when the identifier system is not known.

                        Pattern Value{
                          "coding" : [{
                            "system" : "http://terminology.hl7.org/CodeSystem/v2-0203",
                            "code" : "PRN"
                          }]
                        }
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        70. AuditEvent.agent:user.extension:otherId/provider-id.value[x].value
                        Definition

                        The portion of the identifier typically relevant to the user and which is unique within the context of the system.

                        ShortSAML Attribute provider-identifierThe value that is unique
                        Comments

                        If the value is a full URI, then the system SHALL be urn:ietf:rfc:3986. The value's primary purpose is computational mapping. As a result, it may be normalized for comparison purposes (e.g. removing non-significant whitespace, dashes, etc.) A value formatted for human display can be conveyed using the Rendered Value extension. Identifier.value is to be treated as case sensitive unless knowledge of the Identifier.system allows the processer to be confident that non-case-sensitive processing is safe.

                        Control10..1
                        Typestring
                        Is Modifierfalse
                        Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                        Must Supporttrue
                        Summarytrue
                        Example<br/><b>General</b>:123456
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        72. AuditEvent.agent:user.modifierExtension
                        Definition

                        May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.

                        Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).

                        ShortExtensions that cannot be ignored even if unrecognized
                        Comments

                        There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                        Control0..*
                        TypeExtension
                        Is Modifiertrue because Modifier extensions are expected to modify the meaning or interpretation of the element that contains them
                        Summarytrue
                        Requirements

                        Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.

                        Alternate Namesextensions, user content, modifiers
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                        74. AuditEvent.agent:user.type
                        Definition

                        Specification of the participation type the user plays when performing the event.

                        ShortHow agent participated
                        Control10..1
                        BindingUnless not suitable, these codes SHALL be taken from ParticipationRoleTypehttp://hl7.org/fhir/ValueSet/participation-role-type
                        (extensible to http://hl7.org/fhir/ValueSet/participation-role-type)

                        The Participation type of the agent to the event.

                        TypeCodeableConcept
                        Is Modifierfalse
                        Summaryfalse
                        Pattern Value{
                          "coding" : [{
                            "system" : "https://profiles.ihe.net/ITI/BALP/CodeSystem/UserAgentTypes",
                            "code" : "UserSamlAgent"
                          }]
                        }
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        76. AuditEvent.agent:user.role
                        Definition

                        The security role that the user was acting under, that come from local codes defined by the access control security system (e.g. RBAC, ABAC) used in the local context.

                        ShortSAML subject:role(s)Agent role in the event
                        Comments

                        Should be roles relevant to the event. Should not be an exhaustive list of roles.

                        Control0..*
                        BindingFor example codes, see SecurityRoleTypehttp://hl7.org/fhir/ValueSet/security-role-type
                        (example to http://hl7.org/fhir/ValueSet/security-role-type)

                        What security role enabled the agent to participate in the event.

                        TypeCodeableConcept
                        Is Modifierfalse
                        Must Supporttrue
                        Summaryfalse
                        Requirements

                        This value ties an audited event to a user's role(s). It is an optional value that might be used to group events for analysis by user functional role categories.

                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        78. AuditEvent.agent:user.who
                        Definition

                        Reference to who this agent is that was involved in the event.

                        ShortIdentifier of who
                        Comments

                        Where a User ID is available it will go into who.identifier.

                        Control10..1
                        TypeReference(PractitionerRole, Practitioner, Organization, Device, Patient, RelatedPerson)
                        Is Modifierfalse
                        Summarytrue
                        Requirements

                        This field ties an audit event to a specific resource or identifier.

                        Alternate NamesuserId
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        80. AuditEvent.agent:user.who.identifier
                        Definition

                        An identifier for the target resource. This is used when there is no way to reference the other resource directly, either because the entity it represents is not available through a FHIR server, or because there is no way for the author of the resource to convert a known identifier to an actual location. There is no requirement that a Reference.identifier point to something that is actually exposed as a FHIR instance, but it SHALL point to a business concept that would be expected to be exposed as a FHIR instance, and that instance would need to be of a FHIR resource type allowed by the reference.

                        ShortLogical reference, when literal reference is not known
                        Comments

                        When an identifier is provided in place of a reference, any system processing the reference will only be able to resolve the identifier to a reference if it understands the business context in which the identifier is used. Sometimes this is global (e.g. a national identifier) but often it is not. For this reason, none of the useful mechanisms described for working with references (e.g. chaining, includes) are possible, nor should servers be expected to be able resolve the reference. Servers may accept an identifier based reference untouched, resolve it, and/or reject it - see CapabilityStatement.rest.resource.referencePolicy.

                        When both an identifier and a literal reference are provided, the literal reference is preferred. Applications processing the resource are allowed - but not required - to check that the identifier matches the literal reference

                        Applications converting a logical reference to a literal reference may choose to leave the logical reference present, or remove it.

                        Reference is intended to point to a structure that can potentially be expressed as a FHIR resource, though there is no need for it to exist as an actual FHIR resource instance - except in as much as an application wishes to actual find the target of the reference. The content referred to be the identifier must meet the logical constraints implied by any limitations on what resource types are permitted for the reference. For example, it would not be legitimate to send the identifier for a drug prescription if the type were Reference(Observation|DiagnosticReport). One of the use-cases for Reference.identifier is the situation where no FHIR representation exists (where the type is Reference (Any).

                        NoteThis is a business identifier, not a resource identifier (see discussion)
                        Control0..1
                        TypeIdentifier
                        Is Modifierfalse
                        Summarytrue
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        82. AuditEvent.agent:user.who.identifier.use
                        Definition

                        The purpose of this identifier.

                        Shortusual | official | temp | secondary | old (If known)
                        Comments

                        Applications can assume that an identifier is permanent unless it explicitly says that it is temporary.

                        Control0..1
                        BindingThe codes SHALL be taken from IdentifierUsehttp://hl7.org/fhir/ValueSet/identifier-use|4.0.1
                        (required to http://hl7.org/fhir/ValueSet/identifier-use|4.0.1)

                        Identifies the purpose for this identifier, if known .

                        Typecode
                        Is Modifiertrue because This is labeled as "Is Modifier" because applications should not mistake a temporary id for a permanent one.
                        Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                        Summarytrue
                        Requirements

                        Allows the appropriate identifier for a particular context of use to be selected from among a set of identifiers.

                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        84. AuditEvent.agent:user.who.identifier.system
                        Definition

                        Establishes the namespace for the value - that is, a URL that describes a set values that are unique.

                        ShortSAML IssuerThe namespace for the identifier value
                        Comments

                        Identifier.system is always case sensitive.

                        Control0..1
                        Typeuri
                        Is Modifierfalse
                        Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                        Must Supporttrue
                        Summarytrue
                        Requirements

                        There are many sets of identifiers. To perform matching of two identifiers, we need to know what set we're dealing with. The system identifies a particular set of unique identifiers.

                        Example<br/><b>General</b>:http://www.acme.com/identifiers/patient
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        86. AuditEvent.agent:user.who.identifier.value
                        Definition

                        The portion of the identifier typically relevant to the user and which is unique within the context of the system.

                        ShortSAML Subject.NameIDThe value that is unique
                        Comments

                        If the value is a full URI, then the system SHALL be urn:ietf:rfc:3986. The value's primary purpose is computational mapping. As a result, it may be normalized for comparison purposes (e.g. removing non-significant whitespace, dashes, etc.) A value formatted for human display can be conveyed using the Rendered Value extension. Identifier.value is to be treated as case sensitive unless knowledge of the Identifier.system allows the processer to be confident that non-case-sensitive processing is safe.

                        Control10..1
                        Typestring
                        Is Modifierfalse
                        Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                        Must Supporttrue
                        Summarytrue
                        Example<br/><b>General</b>:123456
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        88. AuditEvent.agent:user.altId
                        Definition

                        Alternative agent Identifier. For a human, this should be a user identifier text string from authentication system. This identifier would be one known to a common authentication system (e.g. single sign-on), if available.

                        ShortAlternative User identity
                        Control0..01
                        Typestring
                        Is Modifierfalse
                        Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                        Summaryfalse
                        Requirements

                        In some situations, a human user may authenticate with one identity but, to access a specific application system, may use a synonymous identify. For example, some "single sign on" implementations will do this. The alternative identifier would then be the original identify used for authentication, and the User ID is the one known to and used by the application.

                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        90. AuditEvent.agent:user.requestor
                        Definition

                        Indicator that the user is or is not the requestor, or initiator, for the event being audited.

                        ShortWhether user is initiator
                        Comments

                        There can only be one initiator. If the initiator is not clear, then do not choose any one agent as the initiator.

                        Control1..1
                        Typeboolean
                        Is Modifierfalse
                        Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                        Summarytrue
                        Requirements

                        This value is used to distinguish between requestor-users and recipient-users. For example, one person may initiate a report-output to be sent to another user.

                        Pattern Valuetrue
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        92. AuditEvent.agent:user.policy
                        Definition

                        The policy or plan that authorized the activity being recorded. Typically, a single activity may have multiple applicable policies, such as patient consent, guarantor funding, etc. The policy would also indicate the security token used.

                        ShortSAML token IDPolicy that authorized event
                        Comments

                        For example: Where an OAuth token authorizes, the unique identifier from the OAuth token is placed into the policy element Where a policy engine (e.g. XACML) holds policy logic, the unique policy identifier is placed into the policy element.

                        Control10..1*
                        Typeuri
                        Is Modifierfalse
                        Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                        Must Supporttrue
                        Summaryfalse
                        Requirements

                        This value is used retrospectively to determine the authorization policies.

                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        94. AuditEvent.agent:user.media
                        Definition

                        Type of media involved. Used when the event is about exporting/importing onto media.

                        ShortType of media
                        Control0..01
                        BindingUnless not suitable, these codes SHALL be taken from MediaTypeCodehttp://hl7.org/fhir/ValueSet/dicm-405-mediatype
                        (extensible to http://hl7.org/fhir/ValueSet/dicm-405-mediatype)

                        Used when the event is about exporting/importing onto media.

                        TypeCoding
                        Is Modifierfalse
                        Summaryfalse
                        Requirements

                        Usually, this is used instead of specifying a network address. This field is not used for Media Id (i.e. the serial number of a CD).

                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        96. AuditEvent.agent:user.network
                        Definition

                        Logical network location for application activity, if the activity has a network location.

                        ShortLogical network location for application activity
                        Control0..01
                        TypeBackboneElement
                        Is Modifierfalse
                        Summaryfalse
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        99. AuditEvent.agent:user.purposeOfUse
                        Definition

                        The reason (purpose of use), specific to this agent, that was used during the event being recorded.

                        ShortSAML subject:purposeofuseReason given for this user
                        Comments

                        Use AuditEvent.agent.purposeOfUse when you know that is specific to the agent, otherwise use AuditEvent.purposeOfEvent. For example, during a machine-to-machine transfer it might not be obvious to the audit system who caused the event, but it does know why.

                        Control0..*
                        BindingUnless not suitable, these codes SHALL be taken from PurposeOfUsehttp://terminology.hl7.org/ValueSet/v3-PurposeOfUse
                        (extensible to http://terminology.hl7.org/ValueSet/v3-PurposeOfUse)

                        The reason the activity took place.

                        TypeCodeableConcept
                        Is Modifierfalse
                        Must Supporttrue
                        Summaryfalse
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        101. AuditEvent.agent:userorg
                        Slice Nameuserorg
                        Definition

                        An actor taking an active role in the event or activity that is logged.

                        ShortActor involved in the event
                        Comments

                        Several agents may be associated (i.e. have some responsibility for an activity) with an event or activity.

                        For example, an activity may be initiated by one user for other users or involve more than one user. However, only one user may be the initiator/requestor for the activity.

                        Control01..*
                        TypeBackboneElement
                        Is Modifierfalse
                        Summaryfalse
                        Requirements

                        An agent can be a person, an organization, software, device, or other actors that may be ascribed responsibility.

                        Alternate NamesActiveParticipant
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        103. AuditEvent.agent:userorg.extension:assuranceLevel
                        Slice NameassuranceLevel
                        Definition

                        The assuranceLevel element carries various types of Assurance level. May be an Identity Assurance (IAL), an Authentication Assurance Level (AAL), a Federation Assurance Level (FAL), or other.

                        In SAML this is defined to be carried in the saml:AuthnContextClassRef, but may be carried elsewhere based on the use-case and profiling of SAML.

                        The Vocabulary is not defined here. Some sources of vocabulary:

                        ShortAuditEvent.agent Assurance Level
                        Control0..*
                        This element is affected by the following invariants: ele-1
                        TypeExtension(AuditEvent.agent Assurance Level) (Extension Type: CodeableConcept)
                        Is Modifierfalse
                        Must Supporttrue
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                        ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                        105. AuditEvent.agent:userorg.extension:otherId
                        Slice NameotherId
                        Definition

                        Carries other identifiers are known for an agent.

                        ShortAuditEvent.agent other identifiers
                        Control0..*
                        This element is affected by the following invariants: ele-1
                        TypeExtension(AuditEvent.agent other identifiers) (Extension Type: Identifier)
                        Is Modifierfalse
                        Must Supporttrue
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                        ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                        107. AuditEvent.agent:userorg.modifierExtension
                        Definition

                        May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.

                        Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).

                        ShortExtensions that cannot be ignored even if unrecognized
                        Comments

                        There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                        Control0..*
                        TypeExtension
                        Is Modifiertrue because Modifier extensions are expected to modify the meaning or interpretation of the element that contains them
                        Summarytrue
                        Requirements

                        Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.

                        Alternate Namesextensions, user content, modifiers
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                        109. AuditEvent.agent:userorg.type
                        Definition

                        Specification of the participation type the user plays when performing the event.

                        ShortHow agent participated
                        Control10..1
                        BindingUnless not suitable, these codes SHALL be taken from ParticipationRoleTypehttp://hl7.org/fhir/ValueSet/participation-role-type
                        (extensible to http://hl7.org/fhir/ValueSet/participation-role-type)

                        The Participation type of the agent to the event.

                        TypeCodeableConcept
                        Is Modifierfalse
                        Summaryfalse
                        Pattern Value{
                          "coding" : [{
                            "system" : "http://terminology.hl7.org/CodeSystem/v3-RoleClass",
                            "code" : "PROV"
                          }]
                        }
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        111. AuditEvent.agent:userorg.role
                        Definition

                        The security role that the user was acting under, that come from local codes defined by the access control security system (e.g. RBAC, ABAC) used in the local context.

                        ShortAgent role in the event
                        Comments

                        Should be roles relevant to the event. Should not be an exhaustive list of roles.

                        Control0..0*
                        BindingFor example codes, see SecurityRoleTypehttp://hl7.org/fhir/ValueSet/security-role-type
                        (example to http://hl7.org/fhir/ValueSet/security-role-type)

                        What security role enabled the agent to participate in the event.

                        TypeCodeableConcept
                        Is Modifierfalse
                        Summaryfalse
                        Requirements

                        This value ties an audited event to a user's role(s). It is an optional value that might be used to group events for analysis by user functional role categories.

                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        113. AuditEvent.agent:userorg.who
                        Definition

                        Reference to who this agent is that was involved in the event.

                        ShortIdentifier of who
                        Comments

                        Where a User ID is available it will go into who.identifier.

                        Control0..1
                        TypeReference(PractitionerRole, Practitioner, Organization, Device, Patient, RelatedPerson)
                        Is Modifierfalse
                        Summarytrue
                        Requirements

                        This field ties an audit event to a specific resource or identifier.

                        Alternate NamesuserId
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        115. AuditEvent.agent:userorg.who.identifier
                        Definition

                        An identifier for the target resource. This is used when there is no way to reference the other resource directly, either because the entity it represents is not available through a FHIR server, or because there is no way for the author of the resource to convert a known identifier to an actual location. There is no requirement that a Reference.identifier point to something that is actually exposed as a FHIR instance, but it SHALL point to a business concept that would be expected to be exposed as a FHIR instance, and that instance would need to be of a FHIR resource type allowed by the reference.

                        ShortLogical reference, when literal reference is not known
                        Comments

                        When an identifier is provided in place of a reference, any system processing the reference will only be able to resolve the identifier to a reference if it understands the business context in which the identifier is used. Sometimes this is global (e.g. a national identifier) but often it is not. For this reason, none of the useful mechanisms described for working with references (e.g. chaining, includes) are possible, nor should servers be expected to be able resolve the reference. Servers may accept an identifier based reference untouched, resolve it, and/or reject it - see CapabilityStatement.rest.resource.referencePolicy.

                        When both an identifier and a literal reference are provided, the literal reference is preferred. Applications processing the resource are allowed - but not required - to check that the identifier matches the literal reference

                        Applications converting a logical reference to a literal reference may choose to leave the logical reference present, or remove it.

                        Reference is intended to point to a structure that can potentially be expressed as a FHIR resource, though there is no need for it to exist as an actual FHIR resource instance - except in as much as an application wishes to actual find the target of the reference. The content referred to be the identifier must meet the logical constraints implied by any limitations on what resource types are permitted for the reference. For example, it would not be legitimate to send the identifier for a drug prescription if the type were Reference(Observation|DiagnosticReport). One of the use-cases for Reference.identifier is the situation where no FHIR representation exists (where the type is Reference (Any).

                        NoteThis is a business identifier, not a resource identifier (see discussion)
                        Control0..1
                        TypeIdentifier
                        Is Modifierfalse
                        Summarytrue
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        117. AuditEvent.agent:userorg.who.identifier.use
                        Definition

                        The purpose of this identifier.

                        Shortusual | official | temp | secondary | old (If known)
                        Comments

                        Applications can assume that an identifier is permanent unless it explicitly says that it is temporary.

                        Control0..1
                        BindingThe codes SHALL be taken from IdentifierUsehttp://hl7.org/fhir/ValueSet/identifier-use|4.0.1
                        (required to http://hl7.org/fhir/ValueSet/identifier-use|4.0.1)

                        Identifies the purpose for this identifier, if known .

                        Typecode
                        Is Modifiertrue because This is labeled as "Is Modifier" because applications should not mistake a temporary id for a permanent one.
                        Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                        Summarytrue
                        Requirements

                        Allows the appropriate identifier for a particular context of use to be selected from among a set of identifiers.

                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        119. AuditEvent.agent:userorg.who.identifier.value
                        Definition

                        The portion of the identifier typically relevant to the user and which is unique within the context of the system.

                        ShortSAML Attribute urn:oasis:names:tc:xspa:1.0:subject:organization-idThe value that is unique
                        Comments

                        If the value is a full URI, then the system SHALL be urn:ietf:rfc:3986. The value's primary purpose is computational mapping. As a result, it may be normalized for comparison purposes (e.g. removing non-significant whitespace, dashes, etc.) A value formatted for human display can be conveyed using the Rendered Value extension. Identifier.value is to be treated as case sensitive unless knowledge of the Identifier.system allows the processer to be confident that non-case-sensitive processing is safe.

                        Control10..1
                        Typestring
                        Is Modifierfalse
                        Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                        Must Supporttrue
                        Summarytrue
                        Example<br/><b>General</b>:123456
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        121. AuditEvent.agent:userorg.who.display
                        Definition

                        Plain text narrative that identifies the resource in addition to the resource reference.

                        ShortSAML Attribute urn:oasis:names:tc:xspa:1.0:subject:organizationText alternative for the resource
                        Comments

                        This is generally not the same as the Resource.text of the referenced resource. The purpose is to identify what's being referenced, not to fully describe it.

                        Control10..1
                        Typestring
                        Is Modifierfalse
                        Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                        Must Supporttrue
                        Summarytrue
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        123. AuditEvent.agent:userorg.altId
                        Definition

                        Alternative agent Identifier. For a human, this should be a user identifier text string from authentication system. This identifier would be one known to a common authentication system (e.g. single sign-on), if available.

                        ShortAlternative User identity
                        Control0..01
                        Typestring
                        Is Modifierfalse
                        Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                        Summaryfalse
                        Requirements

                        In some situations, a human user may authenticate with one identity but, to access a specific application system, may use a synonymous identify. For example, some "single sign on" implementations will do this. The alternative identifier would then be the original identify used for authentication, and the User ID is the one known to and used by the application.

                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        125. AuditEvent.agent:userorg.name
                        Definition

                        Human-meaningful name for the agent.

                        ShortHuman friendly name for the agent
                        Control0..01
                        Typestring
                        Is Modifierfalse
                        Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                        Summaryfalse
                        Requirements

                        The User ID and Authorization User ID may be internal or otherwise obscure values. This field assists the auditor in identifying the actual user.

                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        127. AuditEvent.agent:userorg.requestor
                        Definition

                        Indicator that the user is or is not the requestor, or initiator, for the event being audited.

                        ShortWhether user is initiator
                        Comments

                        There can only be one initiator. If the initiator is not clear, then do not choose any one agent as the initiator.

                        Control1..1
                        Typeboolean
                        Is Modifierfalse
                        Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                        Summarytrue
                        Requirements

                        This value is used to distinguish between requestor-users and recipient-users. For example, one person may initiate a report-output to be sent to another user.

                        Pattern Valuefalse
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        129. AuditEvent.agent:userorg.location
                        Definition

                        Where the event occurred.

                        ShortWhere
                        Control0..01
                        TypeReference(Location)
                        Is Modifierfalse
                        Summaryfalse
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        131. AuditEvent.agent:userorg.policy
                        Definition

                        The policy or plan that authorized the activity being recorded. Typically, a single activity may have multiple applicable policies, such as patient consent, guarantor funding, etc. The policy would also indicate the security token used.

                        ShortPolicy that authorized event
                        Comments

                        For example: Where an OAuth token authorizes, the unique identifier from the OAuth token is placed into the policy element Where a policy engine (e.g. XACML) holds policy logic, the unique policy identifier is placed into the policy element.

                        Control0..0*
                        Typeuri
                        Is Modifierfalse
                        Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                        Summaryfalse
                        Requirements

                        This value is used retrospectively to determine the authorization policies.

                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        133. AuditEvent.agent:userorg.media
                        Definition

                        Type of media involved. Used when the event is about exporting/importing onto media.

                        ShortType of media
                        Control0..01
                        BindingUnless not suitable, these codes SHALL be taken from MediaTypeCodehttp://hl7.org/fhir/ValueSet/dicm-405-mediatype
                        (extensible to http://hl7.org/fhir/ValueSet/dicm-405-mediatype)

                        Used when the event is about exporting/importing onto media.

                        TypeCoding
                        Is Modifierfalse
                        Summaryfalse
                        Requirements

                        Usually, this is used instead of specifying a network address. This field is not used for Media Id (i.e. the serial number of a CD).

                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        135. AuditEvent.agent:userorg.network
                        Definition

                        Logical network location for application activity, if the activity has a network location.

                        ShortLogical network location for application activity
                        Control0..01
                        TypeBackboneElement
                        Is Modifierfalse
                        Summaryfalse
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        138. AuditEvent.agent:userorg.purposeOfUse
                        Definition

                        The reason (purpose of use), specific to this agent, that was used during the event being recorded.

                        ShortReason given for this user
                        Comments

                        Use AuditEvent.agent.purposeOfUse when you know that is specific to the agent, otherwise use AuditEvent.purposeOfEvent. For example, during a machine-to-machine transfer it might not be obvious to the audit system who caused the event, but it does know why.

                        Control0..0*
                        BindingUnless not suitable, these codes SHALL be taken from PurposeOfUsehttp://terminology.hl7.org/ValueSet/v3-PurposeOfUse
                        (extensible to http://terminology.hl7.org/ValueSet/v3-PurposeOfUse)

                        The reason the activity took place.

                        TypeCodeableConcept
                        Is Modifierfalse
                        Summaryfalse
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        140. AuditEvent.agent:homeCommunityId
                        Slice NamehomeCommunityId
                        Definition

                        An actor taking an active role in the event or activity that is logged.

                        ShortActor involved in the event
                        Comments

                        Several agents may be associated (i.e. have some responsibility for an activity) with an event or activity.

                        For example, an activity may be initiated by one user for other users or involve more than one user. However, only one user may be the initiator/requestor for the activity.

                        Control01..*
                        TypeBackboneElement
                        Is Modifierfalse
                        Summaryfalse
                        Requirements

                        An agent can be a person, an organization, software, device, or other actors that may be ascribed responsibility.

                        Alternate NamesActiveParticipant
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        142. AuditEvent.agent:homeCommunityId.extension:assuranceLevel
                        Slice NameassuranceLevel
                        Definition

                        The assuranceLevel element carries various types of Assurance level. May be an Identity Assurance (IAL), an Authentication Assurance Level (AAL), a Federation Assurance Level (FAL), or other.

                        In SAML this is defined to be carried in the saml:AuthnContextClassRef, but may be carried elsewhere based on the use-case and profiling of SAML.

                        The Vocabulary is not defined here. Some sources of vocabulary:

                        ShortAuditEvent.agent Assurance Level
                        Control0..*
                        This element is affected by the following invariants: ele-1
                        TypeExtension(AuditEvent.agent Assurance Level) (Extension Type: CodeableConcept)
                        Is Modifierfalse
                        Must Supporttrue
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                        ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                        144. AuditEvent.agent:homeCommunityId.extension:otherId
                        Slice NameotherId
                        Definition

                        Carries other identifiers are known for an agent.

                        ShortAuditEvent.agent other identifiers
                        Control0..*
                        This element is affected by the following invariants: ele-1
                        TypeExtension(AuditEvent.agent other identifiers) (Extension Type: Identifier)
                        Is Modifierfalse
                        Must Supporttrue
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                        ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                        146. AuditEvent.agent:homeCommunityId.modifierExtension
                        Definition

                        May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.

                        Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).

                        ShortExtensions that cannot be ignored even if unrecognized
                        Comments

                        There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                        Control0..*
                        TypeExtension
                        Is Modifiertrue because Modifier extensions are expected to modify the meaning or interpretation of the element that contains them
                        Summarytrue
                        Requirements

                        Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.

                        Alternate Namesextensions, user content, modifiers
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                        148. AuditEvent.agent:homeCommunityId.type
                        Definition

                        Specification of the participation type the user plays when performing the event.

                        ShortHow agent participated
                        Control10..1
                        BindingUnless not suitable, these codes SHALL be taken from ParticipationRoleTypehttp://hl7.org/fhir/ValueSet/participation-role-type
                        (extensible to http://hl7.org/fhir/ValueSet/participation-role-type)

                        The Participation type of the agent to the event.

                        TypeCodeableConcept
                        Is Modifierfalse
                        Summaryfalse
                        Pattern Value{
                          "coding" : [{
                            "system" : "urn:ihe:iti:xca:2010",
                            "code" : "homeCommunityId"
                          }]
                        }
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        150. AuditEvent.agent:homeCommunityId.role
                        Definition

                        The security role that the user was acting under, that come from local codes defined by the access control security system (e.g. RBAC, ABAC) used in the local context.

                        ShortAgent role in the event
                        Comments

                        Should be roles relevant to the event. Should not be an exhaustive list of roles.

                        Control0..0*
                        BindingFor example codes, see SecurityRoleTypehttp://hl7.org/fhir/ValueSet/security-role-type
                        (example to http://hl7.org/fhir/ValueSet/security-role-type)

                        What security role enabled the agent to participate in the event.

                        TypeCodeableConcept
                        Is Modifierfalse
                        Summaryfalse
                        Requirements

                        This value ties an audited event to a user's role(s). It is an optional value that might be used to group events for analysis by user functional role categories.

                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        152. AuditEvent.agent:homeCommunityId.who
                        Definition

                        Reference to who this agent is that was involved in the event.

                        ShortIdentifier of who
                        Comments

                        Where a User ID is available it will go into who.identifier.

                        Control0..1
                        TypeReference(PractitionerRole, Practitioner, Organization, Device, Patient, RelatedPerson)
                        Is Modifierfalse
                        Summarytrue
                        Requirements

                        This field ties an audit event to a specific resource or identifier.

                        Alternate NamesuserId
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        154. AuditEvent.agent:homeCommunityId.who.identifier
                        Definition

                        An identifier for the target resource. This is used when there is no way to reference the other resource directly, either because the entity it represents is not available through a FHIR server, or because there is no way for the author of the resource to convert a known identifier to an actual location. There is no requirement that a Reference.identifier point to something that is actually exposed as a FHIR instance, but it SHALL point to a business concept that would be expected to be exposed as a FHIR instance, and that instance would need to be of a FHIR resource type allowed by the reference.

                        ShorthomeCommunityIdLogical reference, when literal reference is not known
                        Comments

                        When an identifier is provided in place of a reference, any system processing the reference will only be able to resolve the identifier to a reference if it understands the business context in which the identifier is used. Sometimes this is global (e.g. a national identifier) but often it is not. For this reason, none of the useful mechanisms described for working with references (e.g. chaining, includes) are possible, nor should servers be expected to be able resolve the reference. Servers may accept an identifier based reference untouched, resolve it, and/or reject it - see CapabilityStatement.rest.resource.referencePolicy.

                        When both an identifier and a literal reference are provided, the literal reference is preferred. Applications processing the resource are allowed - but not required - to check that the identifier matches the literal reference

                        Applications converting a logical reference to a literal reference may choose to leave the logical reference present, or remove it.

                        Reference is intended to point to a structure that can potentially be expressed as a FHIR resource, though there is no need for it to exist as an actual FHIR resource instance - except in as much as an application wishes to actual find the target of the reference. The content referred to be the identifier must meet the logical constraints implied by any limitations on what resource types are permitted for the reference. For example, it would not be legitimate to send the identifier for a drug prescription if the type were Reference(Observation|DiagnosticReport). One of the use-cases for Reference.identifier is the situation where no FHIR representation exists (where the type is Reference (Any).

                        NoteThis is a business identifier, not a resource identifier (see discussion)
                        Control10..1
                        TypeIdentifier
                        Is Modifierfalse
                        Must Supporttrue
                        Summarytrue
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        156. AuditEvent.agent:homeCommunityId.altId
                        Definition

                        Alternative agent Identifier. For a human, this should be a user identifier text string from authentication system. This identifier would be one known to a common authentication system (e.g. single sign-on), if available.

                        ShortAlternative User identity
                        Control0..01
                        Typestring
                        Is Modifierfalse
                        Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                        Summaryfalse
                        Requirements

                        In some situations, a human user may authenticate with one identity but, to access a specific application system, may use a synonymous identify. For example, some "single sign on" implementations will do this. The alternative identifier would then be the original identify used for authentication, and the User ID is the one known to and used by the application.

                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        158. AuditEvent.agent:homeCommunityId.name
                        Definition

                        Human-meaningful name for the agent.

                        ShortHuman friendly name for the agent
                        Control0..01
                        Typestring
                        Is Modifierfalse
                        Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                        Summaryfalse
                        Requirements

                        The User ID and Authorization User ID may be internal or otherwise obscure values. This field assists the auditor in identifying the actual user.

                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        160. AuditEvent.agent:homeCommunityId.requestor
                        Definition

                        Indicator that the user is or is not the requestor, or initiator, for the event being audited.

                        ShortWhether user is initiator
                        Comments

                        There can only be one initiator. If the initiator is not clear, then do not choose any one agent as the initiator.

                        Control1..1
                        Typeboolean
                        Is Modifierfalse
                        Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                        Summarytrue
                        Requirements

                        This value is used to distinguish between requestor-users and recipient-users. For example, one person may initiate a report-output to be sent to another user.

                        Pattern Valuefalse
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        162. AuditEvent.agent:homeCommunityId.location
                        Definition

                        Where the event occurred.

                        ShortWhere
                        Control0..01
                        TypeReference(Location)
                        Is Modifierfalse
                        Summaryfalse
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        164. AuditEvent.agent:homeCommunityId.policy
                        Definition

                        The policy or plan that authorized the activity being recorded. Typically, a single activity may have multiple applicable policies, such as patient consent, guarantor funding, etc. The policy would also indicate the security token used.

                        ShortPolicy that authorized event
                        Comments

                        For example: Where an OAuth token authorizes, the unique identifier from the OAuth token is placed into the policy element Where a policy engine (e.g. XACML) holds policy logic, the unique policy identifier is placed into the policy element.

                        Control0..0*
                        Typeuri
                        Is Modifierfalse
                        Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                        Summaryfalse
                        Requirements

                        This value is used retrospectively to determine the authorization policies.

                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        166. AuditEvent.agent:homeCommunityId.media
                        Definition

                        Type of media involved. Used when the event is about exporting/importing onto media.

                        ShortType of media
                        Control0..01
                        BindingUnless not suitable, these codes SHALL be taken from MediaTypeCodehttp://hl7.org/fhir/ValueSet/dicm-405-mediatype
                        (extensible to http://hl7.org/fhir/ValueSet/dicm-405-mediatype)

                        Used when the event is about exporting/importing onto media.

                        TypeCoding
                        Is Modifierfalse
                        Summaryfalse
                        Requirements

                        Usually, this is used instead of specifying a network address. This field is not used for Media Id (i.e. the serial number of a CD).

                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        168. AuditEvent.agent:homeCommunityId.network
                        Definition

                        Logical network location for application activity, if the activity has a network location.

                        ShortLogical network location for application activity
                        Control0..01
                        TypeBackboneElement
                        Is Modifierfalse
                        Summaryfalse
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        171. AuditEvent.agent:homeCommunityId.purposeOfUse
                        Definition

                        The reason (purpose of use), specific to this agent, that was used during the event being recorded.

                        ShortReason given for this user
                        Comments

                        Use AuditEvent.agent.purposeOfUse when you know that is specific to the agent, otherwise use AuditEvent.purposeOfEvent. For example, during a machine-to-machine transfer it might not be obvious to the audit system who caused the event, but it does know why.

                        Control0..0*
                        BindingUnless not suitable, these codes SHALL be taken from PurposeOfUsehttp://terminology.hl7.org/ValueSet/v3-PurposeOfUse
                        (extensible to http://terminology.hl7.org/ValueSet/v3-PurposeOfUse)

                        The reason the activity took place.

                        TypeCodeableConcept
                        Is Modifierfalse
                        Summaryfalse
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        173. AuditEvent.source
                        Definition

                        The system that is reporting the event.

                        ShortAudit Event Reporter
                        Comments

                        Since multi-tier, distributed, or composite applications make source identification ambiguous, this collection of fields may repeat for each application or process actively involved in the event. For example, multiple value-sets can identify participating web servers, application processes, and database server threads in an n-tier distributed application. Passive event participants (e.g. low-level network transports) need not be identified.

                        Control1..1
                        TypeBackboneElement
                        Is Modifierfalse
                        Summaryfalse
                        Requirements

                        The event is reported by one source.

                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        175. AuditEvent.source.modifierExtension
                        Definition

                        May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.

                        Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).

                        ShortExtensions that cannot be ignored even if unrecognized
                        Comments

                        There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                        Control0..*
                        TypeExtension
                        Is Modifiertrue because Modifier extensions are expected to modify the meaning or interpretation of the element that contains them
                        Summarytrue
                        Requirements

                        Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.

                        Alternate Namesextensions, user content, modifiers
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                        177. AuditEvent.source.observer
                        Definition

                        Identifier of the source where the event was detected.

                        ShortThe identity of source detecting the event
                        Control1..1
                        TypeReference(PractitionerRole, Practitioner, Organization, Device, Patient, RelatedPerson)
                        Is Modifierfalse
                        Summarytrue
                        Requirements

                        This field ties the event to a specific source system. It may be used to group events for analysis according to where the event was detected.

                        Alternate NamesSourceId
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        179. AuditEvent.entity
                        Definition

                        Specific instances of data or objects that have been accessed.

                        ShortData or objects used
                        Comments

                        Required unless the values for event identification, agent identification, and audit source identification are sufficient to document the entire auditable event. Because events may have more than one entity, this group can be a repeating set of values.

                        Control0..*
                        TypeBackboneElement
                        Is Modifierfalse
                        Summaryfalse
                        Requirements

                        The event may have other entities involved.

                        Alternate NamesParticipantObject
                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                        sev-1: Either a name or a query (NOT both) (name.empty() or query.empty())
                        sev-1: Either a name or a query (NOT both) (name.empty() or query.empty())
                        SlicingThis element introduces a set of slices on AuditEvent.entity. The slices areUnordered and Open, and can be differentiated using the following discriminators:
                        • pattern @ type
                        • 181. AuditEvent.entity.modifierExtension
                          Definition

                          May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.

                          Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).

                          ShortExtensions that cannot be ignored even if unrecognized
                          Comments

                          There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                          Control0..*
                          TypeExtension
                          Is Modifiertrue because Modifier extensions are expected to modify the meaning or interpretation of the element that contains them
                          Summarytrue
                          Requirements

                          Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.

                          Alternate Namesextensions, user content, modifiers
                          Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                          ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                          183. AuditEvent.entity:consent
                          Slice Nameconsent
                          Definition

                          Specific instances of data or objects that have been accessed.

                          ShortData or objects used
                          Comments

                          Required unless the values for event identification, agent identification, and audit source identification are sufficient to document the entire auditable event. Because events may have more than one entity, this group can be a repeating set of values.

                          Control0..*
                          TypeBackboneElement
                          Is Modifierfalse
                          Summaryfalse
                          Requirements

                          The event may have other entities involved.

                          Alternate NamesParticipantObject
                          Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                          sev-1: Either a name or a query (NOT both) (name.empty() or query.empty())
                          sev-1: Either a name or a query (NOT both) (name.empty() or query.empty())
                          185. AuditEvent.entity:consent.modifierExtension
                          Definition

                          May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.

                          Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).

                          ShortExtensions that cannot be ignored even if unrecognized
                          Comments

                          There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                          Control0..*
                          TypeExtension
                          Is Modifiertrue because Modifier extensions are expected to modify the meaning or interpretation of the element that contains them
                          Summarytrue
                          Requirements

                          Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.

                          Alternate Namesextensions, user content, modifiers
                          Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                          ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                          187. AuditEvent.entity:consent.what
                          Definition

                          Identifies a specific instance of the entity. The reference should be version specific.

                          ShortSpecific instance of resource
                          Control0..1
                          TypeReference(Resource)
                          Is Modifierfalse
                          Summarytrue
                          Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                          189. AuditEvent.entity:consent.what.identifier
                          Definition

                          An identifier for the target resource. This is used when there is no way to reference the other resource directly, either because the entity it represents is not available through a FHIR server, or because there is no way for the author of the resource to convert a known identifier to an actual location. There is no requirement that a Reference.identifier point to something that is actually exposed as a FHIR instance, but it SHALL point to a business concept that would be expected to be exposed as a FHIR instance, and that instance would need to be of a FHIR resource type allowed by the reference.

                          ShortBPPC Patient Privacy Policy Acknowledgement Document unique idLogical reference, when literal reference is not known
                          Comments

                          When an identifier is provided in place of a reference, any system processing the reference will only be able to resolve the identifier to a reference if it understands the business context in which the identifier is used. Sometimes this is global (e.g. a national identifier) but often it is not. For this reason, none of the useful mechanisms described for working with references (e.g. chaining, includes) are possible, nor should servers be expected to be able resolve the reference. Servers may accept an identifier based reference untouched, resolve it, and/or reject it - see CapabilityStatement.rest.resource.referencePolicy.

                          When both an identifier and a literal reference are provided, the literal reference is preferred. Applications processing the resource are allowed - but not required - to check that the identifier matches the literal reference

                          Applications converting a logical reference to a literal reference may choose to leave the logical reference present, or remove it.

                          Reference is intended to point to a structure that can potentially be expressed as a FHIR resource, though there is no need for it to exist as an actual FHIR resource instance - except in as much as an application wishes to actual find the target of the reference. The content referred to be the identifier must meet the logical constraints implied by any limitations on what resource types are permitted for the reference. For example, it would not be legitimate to send the identifier for a drug prescription if the type were Reference(Observation|DiagnosticReport). One of the use-cases for Reference.identifier is the situation where no FHIR representation exists (where the type is Reference (Any).

                          NoteThis is a business identifier, not a resource identifier (see discussion)
                          Control0..1
                          TypeIdentifier
                          Is Modifierfalse
                          Must Supporttrue
                          Summarytrue
                          Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                          191. AuditEvent.entity:consent.type
                          Definition

                          The type of the object that was involved in this audit event.

                          ShortType of entity involved
                          Comments

                          This value is distinct from the user's role or any user relationship to the entity.

                          Control10..1
                          BindingUnless not suitable, these codes SHALL be taken from AuditEventEntityTypehttp://hl7.org/fhir/ValueSet/audit-entity-type
                          (extensible to http://hl7.org/fhir/ValueSet/audit-entity-type)

                          Code for the entity type involved in the audit event.

                          TypeCoding
                          Is Modifierfalse
                          Summaryfalse
                          Requirements

                          To describe the object being acted upon. In addition to queries on the subject of the action in an auditable event, it is also important to be able to query on the object type for the action.

                          Pattern Value{
                            "system" : "http://hl7.org/fhir/resource-types",
                            "code" : "Consent"
                          }
                          Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                          193. AuditEvent.entity:consent.detail
                          Definition

                          Tagged value pairs for conveying additional information about the entity.

                          ShortAdditional Information about the entity
                          Control0..*
                          TypeBackboneElement
                          Is Modifierfalse
                          Summaryfalse
                          Requirements

                          Implementation-defined data about specific details of the object accessed or used.

                          Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                          SlicingThis element introduces a set of slices on AuditEvent.entity.detail. The slices areUnordered and Open, and can be differentiated using the following discriminators:
                          • pattern @ type
                          • 195. AuditEvent.entity:consent.detail.modifierExtension
                            Definition

                            May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.

                            Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).

                            ShortExtensions that cannot be ignored even if unrecognized
                            Comments

                            There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                            Control0..*
                            TypeExtension
                            Is Modifiertrue because Modifier extensions are expected to modify the meaning or interpretation of the element that contains them
                            Summarytrue
                            Requirements

                            Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.

                            Alternate Namesextensions, user content, modifiers
                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                            ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                            197. AuditEvent.entity:consent.detail.type
                            Definition

                            The type of extra detail provided in the value.

                            ShortName of the property
                            Control1..1
                            Typestring
                            Is Modifierfalse
                            Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                            Summaryfalse
                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                            199. AuditEvent.entity:consent.detail.value[x]
                            Definition

                            The value of the extra detail.

                            ShortProperty value
                            Comments

                            The value can be string when known to be a string, else base64 encoding should be used to protect binary or undefined content. The meaning and secondary-encoding of the content of base64 encoded blob is specific to the AuditEvent.type, AuditEvent.subtype, AuditEvent.entity.type, and AuditEvent.entity.role. The base64 is a general-use and safe container for event specific data blobs regardless of the encoding used by the transaction being recorded. An AuditEvent consuming application must understand the event it is consuming and the formats used by the event. For example if auditing an Oracle network database access, the Oracle formats must be understood as they will be simply encoded in the base64binary blob.

                            Control1..1
                            TypeChoice of: string, base64Binary
                            [x] NoteSeeChoice of Data Typesfor further information about how to use [x]
                            Is Modifierfalse
                            Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                            Summaryfalse
                            Requirements

                            Should not duplicate the entity value unless absolutely necessary.

                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                            201. AuditEvent.entity:consent.detail:acp
                            Slice Nameacp
                            Definition

                            Tagged value pairs for conveying additional information about the entity.

                            ShortHome Community ID where the Consent is.Additional Information about the entity
                            Control0..1*
                            TypeBackboneElement
                            Is Modifierfalse
                            Summaryfalse
                            Requirements

                            Implementation-defined data about specific details of the object accessed or used.

                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                            203. AuditEvent.entity:consent.detail:acp.modifierExtension
                            Definition

                            May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.

                            Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).

                            ShortExtensions that cannot be ignored even if unrecognized
                            Comments

                            There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                            Control0..*
                            TypeExtension
                            Is Modifiertrue because Modifier extensions are expected to modify the meaning or interpretation of the element that contains them
                            Summarytrue
                            Requirements

                            Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.

                            Alternate Namesextensions, user content, modifiers
                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                            ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                            205. AuditEvent.entity:consent.detail:acp.type
                            Definition

                            The type of extra detail provided in the value.

                            ShortName of the property
                            Control1..1
                            Typestring
                            Is Modifierfalse
                            Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                            Summaryfalse
                            Pattern Valueurn:ihe:iti:xua:2012:acp
                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                            207. AuditEvent.entity:consent.detail:acp.value[x]
                            Definition

                            The value of the extra detail.

                            ShortProperty value
                            Comments

                            The value can be string when known to be a string, else base64 encoding should be used to protect binary or undefined content. The meaning and secondary-encoding of the content of base64 encoded blob is specific to the AuditEvent.type, AuditEvent.subtype, AuditEvent.entity.type, and AuditEvent.entity.role. The base64 is a general-use and safe container for event specific data blobs regardless of the encoding used by the transaction being recorded. An AuditEvent consuming application must understand the event it is consuming and the formats used by the event. For example if auditing an Oracle network database access, the Oracle formats must be understood as they will be simply encoded in the base64binary blob.

                            Control1..1
                            Typestring, base64Binary
                            [x] NoteSeeChoice of Data Typesfor further information about how to use [x]
                            Is Modifierfalse
                            Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                            Summaryfalse
                            Requirements

                            Should not duplicate the entity value unless absolutely necessary.

                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                            209. AuditEvent.entity:consent.detail:patient-id
                            Slice Namepatient-id
                            Definition

                            Tagged value pairs for conveying additional information about the entity.

                            ShortThe Patient Identity where the Consent is.Additional Information about the entity
                            Control0..1*
                            TypeBackboneElement
                            Is Modifierfalse
                            Summaryfalse
                            Requirements

                            Implementation-defined data about specific details of the object accessed or used.

                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                            211. AuditEvent.entity:consent.detail:patient-id.modifierExtension
                            Definition

                            May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.

                            Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).

                            ShortExtensions that cannot be ignored even if unrecognized
                            Comments

                            There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                            Control0..*
                            TypeExtension
                            Is Modifiertrue because Modifier extensions are expected to modify the meaning or interpretation of the element that contains them
                            Summarytrue
                            Requirements

                            Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.

                            Alternate Namesextensions, user content, modifiers
                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                            ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                            213. AuditEvent.entity:consent.detail:patient-id.type
                            Definition

                            The type of extra detail provided in the value.

                            ShortName of the property
                            Control1..1
                            Typestring
                            Is Modifierfalse
                            Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                            Summaryfalse
                            Pattern Valueurn:oasis:names:tc:xacml:2.0:resource:resource-id
                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                            215. AuditEvent.entity:consent.detail:patient-id.value[x]
                            Definition

                            The value of the extra detail.

                            ShortProperty value
                            Comments

                            The value can be string when known to be a string, else base64 encoding should be used to protect binary or undefined content. The meaning and secondary-encoding of the content of base64 encoded blob is specific to the AuditEvent.type, AuditEvent.subtype, AuditEvent.entity.type, and AuditEvent.entity.role. The base64 is a general-use and safe container for event specific data blobs regardless of the encoding used by the transaction being recorded. An AuditEvent consuming application must understand the event it is consuming and the formats used by the event. For example if auditing an Oracle network database access, the Oracle formats must be understood as they will be simply encoded in the base64binary blob.

                            Control1..1
                            Typestring, base64Binary
                            [x] NoteSeeChoice of Data Typesfor further information about how to use [x]
                            Is Modifierfalse
                            Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                            Summaryfalse
                            Requirements

                            Should not duplicate the entity value unless absolutely necessary.

                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))

                            Guidance on how to interpret the contents of this table can be found here

                            0. AuditEvent
                            Definition

                            A record of an event made for purposes of maintaining a security log. Typical uses include detection of intrusion attempts and monitoring for inappropriate usage.

                            ShortEvent record kept for security purposes
                            Comments

                            Based on IHE-ATNA.

                            Control0..*
                            Is Modifierfalse
                            Summaryfalse
                            Invariantsdom-2: If the resource is contained in another resource, it SHALL NOT contain nested Resources (contained.contained.empty())
                            dom-3: If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource (contained.where((('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(canonical) = '#').exists()).not()).trace('unmatched', id).empty())
                            dom-4: If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated (contained.meta.versionId.empty() and contained.meta.lastUpdated.empty())
                            dom-5: If a resource is contained in another resource, it SHALL NOT have a security label (contained.meta.security.empty())
                            dom-6: A resource should have narrative for robust management (text.`div`.exists())
                            2. AuditEvent.id
                            Definition

                            The logical id of the resource, as used in the URL for the resource. Once assigned, this value never changes.

                            ShortLogical id of this artifact
                            Comments

                            The only time that a resource does not have an id is when it is being submitted to the server using a create operation.

                            Control0..1
                            Typeid
                            Is Modifierfalse
                            Summarytrue
                            4. AuditEvent.meta
                            Definition

                            The metadata about the resource. This is content that is maintained by the infrastructure. Changes to the content might not always be associated with version changes to the resource.

                            ShortMetadata about the resource
                            Control0..1
                            TypeMeta
                            Is Modifierfalse
                            Summarytrue
                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                            6. AuditEvent.implicitRules
                            Definition

                            A reference to a set of rules that were followed when the resource was constructed, and which must be understood when processing the content. Often, this is a reference to an implementation guide that defines the special rules along with other profiles etc.

                            ShortA set of rules under which this content was created
                            Comments

                            Asserting this rule set restricts the content to be only understood by a limited set of trading partners. This inherently limits the usefulness of the data in the long term. However, the existing health eco-system is highly fractured, and not yet ready to define, collect, and exchange data in a generally computable sense. Wherever possible, implementers and/or specification writers should avoid using this element. Often, when used, the URL is a reference to an implementation guide that defines these special rules as part of it's narrative along with other profiles, value sets, etc.

                            Control0..1
                            Typeuri
                            Is Modifiertrue because This element is labeled as a modifier because the implicit rules may provide additional knowledge about the resource that modifies it's meaning or interpretation
                            Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                            Summarytrue
                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                            8. AuditEvent.language
                            Definition

                            The base language in which the resource is written.

                            ShortLanguage of the resource content
                            Comments

                            Language is provided to support indexing and accessibility (typically, services such as text to speech use the language tag). The html language tag in the narrative applies to the narrative. The language tag on the resource may be used to specify the language of other presentations generated from the data in the resource. Not all the content has to be in the base language. The Resource.language should not be assumed to apply to the narrative automatically. If a language is specified, it should it also be specified on the div element in the html (see rules in HTML5 for information about the relationship between xml:lang and the html lang attribute).

                            Control0..1
                            BindingThe codes SHOULD be taken from CommonLanguages
                            (preferred to http://hl7.org/fhir/ValueSet/languages)

                            A human language.

                            Additional BindingsPurpose
                            AllLanguagesMax Binding
                            Typecode
                            Is Modifierfalse
                            Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                            Summaryfalse
                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                            10. AuditEvent.text
                            Definition

                            A human-readable narrative that contains a summary of the resource and can be used to represent the content of the resource to a human. The narrative need not encode all the structured data, but is required to contain sufficient detail to make it "clinically safe" for a human to just read the narrative. Resource definitions may define what content should be represented in the narrative to ensure clinical safety.

                            ShortText summary of the resource, for human interpretation
                            Comments

                            Contained resources do not have narrative. Resources that are not contained SHOULD have a narrative. In some cases, a resource may only have text with little or no additional discrete data (as long as all minOccurs=1 elements are satisfied). This may be necessary for data from legacy systems where information is captured as a "text blob" or where text is additionally entered raw or narrated and encoded information is added later.

                            Control0..1
                            TypeNarrative
                            Is Modifierfalse
                            Summaryfalse
                            Alternate Namesnarrative, html, xhtml, display
                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                            12. AuditEvent.contained
                            Definition

                            These resources do not have an independent existence apart from the resource that contains them - they cannot be identified independently, and nor can they have their own independent transaction scope.

                            ShortContained, inline Resources
                            Comments

                            This should never be done when the content can be identified properly, as once identification is lost, it is extremely difficult (and context dependent) to restore it again. Contained resources may have profiles and tags In their meta elements, but SHALL NOT have security labels.

                            Control0..*
                            TypeResource
                            Is Modifierfalse
                            Summaryfalse
                            Alternate Namesinline resources, anonymous resources, contained resources
                            14. AuditEvent.extension
                            Definition

                            May be used to represent additional information that is not part of the basic definition of the resource. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.

                            ShortAdditional content defined by implementations
                            Comments

                            There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                            Control0..*
                            TypeExtension
                            Is Modifierfalse
                            Summaryfalse
                            Alternate Namesextensions, user content
                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                            ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                            16. AuditEvent.modifierExtension
                            Definition

                            May be used to represent additional information that is not part of the basic definition of the resource and that modifies the understanding of the element that contains it and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer is allowed to define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.

                            Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).

                            ShortExtensions that cannot be ignored
                            Comments

                            There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                            Control0..*
                            TypeExtension
                            Is Modifiertrue because Modifier extensions are expected to modify the meaning or interpretation of the resource that contains them
                            Summaryfalse
                            Requirements

                            Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.

                            Alternate Namesextensions, user content
                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                            ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                            18. AuditEvent.type
                            Definition

                            Identifier for a family of the event. For example, a menu item, program, rule, policy, function code, application name or URL. It identifies the performed function.

                            ShortType/identifier of event
                            Control1..1
                            BindingUnless not suitable, these codes SHALL be taken from AuditEventID
                            (extensible to http://hl7.org/fhir/ValueSet/audit-event-type)

                            Type of event.

                            TypeCoding
                            Is Modifierfalse
                            Summarytrue
                            Requirements

                            This identifies the performed function. For "Execute" Event Action Code audit records, this identifies the application function performed.

                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                            20. AuditEvent.subtype
                            Definition

                            Identifier for the category of event.

                            ShortMore specific type/id for the event
                            Control0..*
                            BindingUnless not suitable, these codes SHALL be taken from AuditEventSub-Type
                            (extensible to http://hl7.org/fhir/ValueSet/audit-event-sub-type)

                            Sub-type of event.

                            TypeCoding
                            Is Modifierfalse
                            Summarytrue
                            Requirements

                            This field enables queries of messages by implementation-defined event categories.

                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                            22. AuditEvent.action
                            Definition

                            Indicator for type of action performed during the event that generated the audit.

                            ShortType of action performed during the event
                            Control0..1
                            BindingThe codes SHALL be taken from AuditEventAction
                            (required to http://hl7.org/fhir/ValueSet/audit-event-action|4.0.1)

                            Indicator for type of action performed during the event that generated the event.

                            Typecode
                            Is Modifierfalse
                            Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                            Summarytrue
                            Requirements

                            This broadly indicates what kind of action was done on the AuditEvent.entity by the AuditEvent.agent.

                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                            24. AuditEvent.period
                            Definition

                            The period during which the activity occurred.

                            ShortWhen the activity occurred
                            Comments

                            The period can be a little arbitrary; where possible, the time should correspond to human assessment of the activity time.

                            Control0..1
                            TypePeriod
                            Is Modifierfalse
                            Summaryfalse
                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                            26. AuditEvent.recorded
                            Definition

                            The time when the event was recorded.

                            ShortTime when the event was recorded
                            Comments

                            In a distributed system, some sort of common time base (e.g. an NTP [RFC1305] server) is a good implementation tactic.

                            Control1..1
                            Typeinstant
                            Is Modifierfalse
                            Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                            Summarytrue
                            Requirements

                            This ties an event to a specific date and time. Security audits typically require a consistent time base (e.g. UTC), to eliminate time-zone issues arising from geographical distribution.

                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                            28. AuditEvent.outcome
                            Definition

                            Indicates whether the event succeeded or failed.

                            ShortWhether the event succeeded or failed
                            Comments

                            In some cases a "success" may be partial, for example, an incomplete or interrupted transfer of a radiological study. For the purpose of establishing accountability, these distinctions are not relevant.

                            Control0..1
                            BindingThe codes SHALL be taken from AuditEventOutcome
                            (required to http://hl7.org/fhir/ValueSet/audit-event-outcome|4.0.1)

                            Indicates whether the event succeeded or failed.

                            Typecode
                            Is Modifierfalse
                            Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                            Summarytrue
                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                            30. AuditEvent.outcomeDesc
                            Definition

                            A free text description of the outcome of the event.

                            ShortDescription of the event outcome
                            Control0..1
                            Typestring
                            Is Modifierfalse
                            Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                            Summarytrue
                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                            32. AuditEvent.purposeOfEvent
                            Definition

                            The purposeOfUse (reason) that was used during the event being recorded.

                            ShortThe purposeOfUse of the event
                            Comments

                            Use AuditEvent.agent.purposeOfUse when you know that it is specific to the agent, otherwise use AuditEvent.purposeOfEvent. For example, during a machine-to-machine transfer it might not be obvious to the audit system who caused the event, but it does know why.

                            Control0..*
                            BindingUnless not suitable, these codes SHALL be taken from PurposeOfUse
                            (extensible to http://terminology.hl7.org/ValueSet/v3-PurposeOfUse)

                            The reason the activity took place.

                            TypeCodeableConcept
                            Is Modifierfalse
                            Summarytrue
                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                            34. AuditEvent.agent
                            Definition

                            An actor taking an active role in the event or activity that is logged.

                            ShortActor involved in the event
                            Comments

                            Several agents may be associated (i.e. have some responsibility for an activity) with an event or activity.

                            For example, an activity may be initiated by one user for other users or involve more than one user. However, only one user may be the initiator/requestor for the activity.

                            Control1..*
                            TypeBackboneElement
                            Is Modifierfalse
                            Summaryfalse
                            Requirements

                            An agent can be a person, an organization, software, device, or other actors that may be ascribed responsibility.

                            Alternate NamesActiveParticipant
                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                            SlicingThis element introduces a set of slices on AuditEvent.agent. The slices areUnordered and Open, and can be differentiated using the following discriminators:
                            • pattern @ type
                            • 36. AuditEvent.agent.id
                              Definition

                              Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.

                              ShortUnique id for inter-element referencing
                              Control0..1
                              Typestring
                              Is Modifierfalse
                              XML FormatIn the XML format, this property is represented as an attribute.
                              Summaryfalse
                              38. AuditEvent.agent.extension
                              Definition

                              An Extension

                              ShortExtension
                              Control0..*
                              TypeExtension
                              Is Modifierfalse
                              Summaryfalse
                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                              ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                              SlicingThis element introduces a set of slices on AuditEvent.agent.extension. The slices areUnordered and Open, and can be differentiated using the following discriminators:
                              • value @ url
                              • 40. AuditEvent.agent.extension:assuranceLevel
                                Slice NameassuranceLevel
                                Definition

                                The assuranceLevel element carries various types of Assurance level. May be an Identity Assurance (IAL), an Authentication Assurance Level (AAL), a Federation Assurance Level (FAL), or other.

                                In SAML this is defined to be carried in the saml:AuthnContextClassRef, but may be carried elsewhere based on the use-case and profiling of SAML.

                                The Vocabulary is not defined here. Some sources of vocabulary:

                                ShortAuditEvent.agent Assurance Level
                                Control0..*
                                This element is affected by the following invariants: ele-1
                                TypeExtension(AuditEvent.agent Assurance Level) (Extension Type: CodeableConcept)
                                Is Modifierfalse
                                Must Supporttrue
                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                42. AuditEvent.agent.extension:otherId
                                Slice NameotherId
                                Definition

                                Carries other identifiers are known for an agent.

                                ShortAuditEvent.agent other identifiers
                                Control0..*
                                This element is affected by the following invariants: ele-1
                                TypeExtension(AuditEvent.agent other identifiers) (Extension Type: Identifier)
                                Is Modifierfalse
                                Must Supporttrue
                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                44. AuditEvent.agent.modifierExtension
                                Definition

                                May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.

                                Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).

                                ShortExtensions that cannot be ignored even if unrecognized
                                Comments

                                There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                                Control0..*
                                TypeExtension
                                Is Modifiertrue because Modifier extensions are expected to modify the meaning or interpretation of the element that contains them
                                Summarytrue
                                Requirements

                                Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.

                                Alternate Namesextensions, user content, modifiers
                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                46. AuditEvent.agent.type
                                Definition

                                Specification of the participation type the user plays when performing the event.

                                ShortHow agent participated
                                Control0..1
                                BindingUnless not suitable, these codes SHALL be taken from ParticipationRoleType
                                (extensible to http://hl7.org/fhir/ValueSet/participation-role-type)

                                The Participation type of the agent to the event.

                                TypeCodeableConcept
                                Is Modifierfalse
                                Summaryfalse
                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                48. AuditEvent.agent.role
                                Definition

                                The security role that the user was acting under, that come from local codes defined by the access control security system (e.g. RBAC, ABAC) used in the local context.

                                ShortAgent role in the event
                                Comments

                                Should be roles relevant to the event. Should not be an exhaustive list of roles.

                                Control0..*
                                BindingFor example codes, see SecurityRoleType
                                (example to http://hl7.org/fhir/ValueSet/security-role-type)

                                What security role enabled the agent to participate in the event.

                                TypeCodeableConcept
                                Is Modifierfalse
                                Summaryfalse
                                Requirements

                                This value ties an audited event to a user's role(s). It is an optional value that might be used to group events for analysis by user functional role categories.

                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                50. AuditEvent.agent.who
                                Definition

                                Reference to who this agent is that was involved in the event.

                                ShortIdentifier of who
                                Comments

                                Where a User ID is available it will go into who.identifier.

                                Control0..1
                                TypeReference(PractitionerRole, Practitioner, Organization, Device, Patient, RelatedPerson)
                                Is Modifierfalse
                                Summarytrue
                                Requirements

                                This field ties an audit event to a specific resource or identifier.

                                Alternate NamesuserId
                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                52. AuditEvent.agent.altId
                                Definition

                                Alternative agent Identifier. For a human, this should be a user identifier text string from authentication system. This identifier would be one known to a common authentication system (e.g. single sign-on), if available.

                                ShortAlternative User identity
                                Control0..1
                                Typestring
                                Is Modifierfalse
                                Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                Summaryfalse
                                Requirements

                                In some situations, a human user may authenticate with one identity but, to access a specific application system, may use a synonymous identify. For example, some "single sign on" implementations will do this. The alternative identifier would then be the original identify used for authentication, and the User ID is the one known to and used by the application.

                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                54. AuditEvent.agent.name
                                Definition

                                Human-meaningful name for the agent.

                                ShortHuman friendly name for the agent
                                Control0..1
                                Typestring
                                Is Modifierfalse
                                Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                Summaryfalse
                                Requirements

                                The User ID and Authorization User ID may be internal or otherwise obscure values. This field assists the auditor in identifying the actual user.

                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                56. AuditEvent.agent.requestor
                                Definition

                                Indicator that the user is or is not the requestor, or initiator, for the event being audited.

                                ShortWhether user is initiator
                                Comments

                                There can only be one initiator. If the initiator is not clear, then do not choose any one agent as the initiator.

                                Control1..1
                                Typeboolean
                                Is Modifierfalse
                                Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                Summarytrue
                                Requirements

                                This value is used to distinguish between requestor-users and recipient-users. For example, one person may initiate a report-output to be sent to another user.

                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                58. AuditEvent.agent.location
                                Definition

                                Where the event occurred.

                                ShortWhere
                                Control0..1
                                TypeReference(Location)
                                Is Modifierfalse
                                Summaryfalse
                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                60. AuditEvent.agent.policy
                                Definition

                                The policy or plan that authorized the activity being recorded. Typically, a single activity may have multiple applicable policies, such as patient consent, guarantor funding, etc. The policy would also indicate the security token used.

                                ShortPolicy that authorized event
                                Comments

                                For example: Where an OAuth token authorizes, the unique identifier from the OAuth token is placed into the policy element Where a policy engine (e.g. XACML) holds policy logic, the unique policy identifier is placed into the policy element.

                                Control0..*
                                Typeuri
                                Is Modifierfalse
                                Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                Summaryfalse
                                Requirements

                                This value is used retrospectively to determine the authorization policies.

                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                62. AuditEvent.agent.media
                                Definition

                                Type of media involved. Used when the event is about exporting/importing onto media.

                                ShortType of media
                                Control0..1
                                BindingUnless not suitable, these codes SHALL be taken from MediaTypeCode
                                (extensible to http://hl7.org/fhir/ValueSet/dicm-405-mediatype)

                                Used when the event is about exporting/importing onto media.

                                TypeCoding
                                Is Modifierfalse
                                Summaryfalse
                                Requirements

                                Usually, this is used instead of specifying a network address. This field is not used for Media Id (i.e. the serial number of a CD).

                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                64. AuditEvent.agent.network
                                Definition

                                Logical network location for application activity, if the activity has a network location.

                                ShortLogical network location for application activity
                                Control0..1
                                TypeBackboneElement
                                Is Modifierfalse
                                Summaryfalse
                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                66. AuditEvent.agent.network.id
                                Definition

                                Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.

                                ShortUnique id for inter-element referencing
                                Control0..1
                                Typestring
                                Is Modifierfalse
                                XML FormatIn the XML format, this property is represented as an attribute.
                                Summaryfalse
                                68. AuditEvent.agent.network.extension
                                Definition

                                May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.

                                ShortAdditional content defined by implementations
                                Comments

                                There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                                Control0..*
                                TypeExtension
                                Is Modifierfalse
                                Summaryfalse
                                Alternate Namesextensions, user content
                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                70. AuditEvent.agent.network.modifierExtension
                                Definition

                                May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.

                                Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).

                                ShortExtensions that cannot be ignored even if unrecognized
                                Comments

                                There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                                Control0..*
                                TypeExtension
                                Is Modifiertrue because Modifier extensions are expected to modify the meaning or interpretation of the element that contains them
                                Summarytrue
                                Requirements

                                Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.

                                Alternate Namesextensions, user content, modifiers
                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                72. AuditEvent.agent.network.address
                                Definition

                                An identifier for the network access point of the user device for the audit event.

                                ShortIdentifier for the network access point of the user device
                                Comments

                                This could be a device id, IP address or some other identifier associated with a device.

                                Control0..1
                                Typestring
                                Is Modifierfalse
                                Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                Summaryfalse
                                Requirements

                                This datum identifies the user's network access point, which may be distinct from the server that performed the action. It is an optional value that may be used to group events recorded on separate servers for analysis of a specific network access point's data access across all servers.

                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                74. AuditEvent.agent.network.type
                                Definition

                                An identifier for the type of network access point that originated the audit event.

                                ShortThe type of network access point
                                Control0..1
                                BindingThe codes SHALL be taken from AuditEventAgentNetworkType
                                (required to http://hl7.org/fhir/ValueSet/network-type|4.0.1)

                                The type of network access point of this agent in the audit event.

                                Typecode
                                Is Modifierfalse
                                Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                Summaryfalse
                                Requirements

                                This datum identifies the type of network access point identifier of the user device for the audit event. It is an optional value that may be used to group events recorded on separate servers for analysis of access according to a network access point's type.

                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                76. AuditEvent.agent.purposeOfUse
                                Definition

                                The reason (purpose of use), specific to this agent, that was used during the event being recorded.

                                ShortReason given for this user
                                Comments

                                Use AuditEvent.agent.purposeOfUse when you know that is specific to the agent, otherwise use AuditEvent.purposeOfEvent. For example, during a machine-to-machine transfer it might not be obvious to the audit system who caused the event, but it does know why.

                                Control0..*
                                BindingUnless not suitable, these codes SHALL be taken from PurposeOfUse
                                (extensible to http://terminology.hl7.org/ValueSet/v3-PurposeOfUse)

                                The reason the activity took place.

                                TypeCodeableConcept
                                Is Modifierfalse
                                Summaryfalse
                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                78. AuditEvent.agent:user
                                Slice Nameuser
                                Definition

                                An actor taking an active role in the event or activity that is logged.

                                ShortActor involved in the event
                                Comments

                                Several agents may be associated (i.e. have some responsibility for an activity) with an event or activity.

                                For example, an activity may be initiated by one user for other users or involve more than one user. However, only one user may be the initiator/requestor for the activity.

                                Control1..*
                                TypeBackboneElement
                                Is Modifierfalse
                                Summaryfalse
                                Requirements

                                An agent can be a person, an organization, software, device, or other actors that may be ascribed responsibility.

                                Alternate NamesActiveParticipant
                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                80. AuditEvent.agent:user.id
                                Definition

                                Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.

                                ShortUnique id for inter-element referencing
                                Control0..1
                                Typestring
                                Is Modifierfalse
                                XML FormatIn the XML format, this property is represented as an attribute.
                                Summaryfalse
                                82. AuditEvent.agent:user.extension
                                Definition

                                An Extension

                                ShortExtension
                                Control0..*
                                TypeExtension
                                Is Modifierfalse
                                Summaryfalse
                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                SlicingThis element introduces a set of slices on AuditEvent.agent.extension. The slices areUnordered and Open, and can be differentiated using the following discriminators:
                                • value @ url
                                • value @ value.ofType(Identifier).type
                                • 84. AuditEvent.agent:user.extension:assuranceLevel
                                  Slice NameassuranceLevel
                                  Definition

                                  The assuranceLevel element carries various types of Assurance level. May be an Identity Assurance (IAL), an Authentication Assurance Level (AAL), a Federation Assurance Level (FAL), or other.

                                  In SAML this is defined to be carried in the saml:AuthnContextClassRef, but may be carried elsewhere based on the use-case and profiling of SAML.

                                  The Vocabulary is not defined here. Some sources of vocabulary:

                                  ShortAuditEvent.agent Assurance Level
                                  Control0..*
                                  This element is affected by the following invariants: ele-1
                                  TypeExtension(AuditEvent.agent Assurance Level) (Extension Type: CodeableConcept)
                                  Is Modifierfalse
                                  Must Supporttrue
                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                  ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                  86. AuditEvent.agent:user.extension:otherId
                                  Slice NameotherId
                                  Definition

                                  Carries other identifiers are known for an agent.

                                  ShortAuditEvent.agent other identifiers
                                  Control0..*
                                  This element is affected by the following invariants: ele-1
                                  TypeExtension(AuditEvent.agent other identifiers) (Extension Type: Identifier)
                                  Is Modifierfalse
                                  Must Supporttrue
                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                  ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                  88. AuditEvent.agent:user.extension:otherId/subject-id
                                  Slice NameotherId/subject-id
                                  Definition

                                  Carries other identifiers are known for an agent.

                                  ShortAuditEvent.agent other identifiers
                                  Control0..*
                                  This element is affected by the following invariants: ele-1
                                  TypeExtension(AuditEvent.agent other identifiers) (Extension Type: Identifier)
                                  Is Modifierfalse
                                  Must Supporttrue
                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                  ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                  90. AuditEvent.agent:user.extension:otherId/subject-id.id
                                  Definition

                                  Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.

                                  ShortUnique id for inter-element referencing
                                  Control0..1
                                  Typestring
                                  Is Modifierfalse
                                  XML FormatIn the XML format, this property is represented as an attribute.
                                  Summaryfalse
                                  92. AuditEvent.agent:user.extension:otherId/subject-id.extension
                                  Definition

                                  An Extension

                                  ShortExtension
                                  Control0..0
                                  TypeExtension
                                  Is Modifierfalse
                                  Summaryfalse
                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                  ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                  SlicingThis element introduces a set of slices on AuditEvent.agent.extension.extension. The slices areUnordered and Open, and can be differentiated using the following discriminators:
                                  • value @ url
                                  • 94. AuditEvent.agent:user.extension:otherId/subject-id.url
                                    Definition

                                    Source of the definition for the extension code - a logical name or a URL.

                                    Shortidentifies the meaning of the extension
                                    Comments

                                    The definition may point directly to a computable or human-readable definition of the extensibility codes, or it may be a logical URI as declared in some other specification. The definition SHALL be a URI for the Structure Definition defining the extension.

                                    Control1..1
                                    Typeuri
                                    Is Modifierfalse
                                    XML FormatIn the XML format, this property is represented as an attribute.
                                    Summaryfalse
                                    Fixed Valuehttps://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-otherId
                                    96. AuditEvent.agent:user.extension:otherId/subject-id.value[x]
                                    Definition

                                    Value of extension - must be one of a constrained set of the data types (see Extensibility for a list).

                                    ShortValue of extension
                                    Control1..1
                                    TypeIdentifier
                                    [x] NoteSeeChoice of Data Typesfor further information about how to use [x]
                                    Is Modifierfalse
                                    Summaryfalse
                                    Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                    98. AuditEvent.agent:user.extension:otherId/subject-id.value[x].id
                                    Definition

                                    Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.

                                    ShortUnique id for inter-element referencing
                                    Control0..1
                                    Typestring
                                    Is Modifierfalse
                                    XML FormatIn the XML format, this property is represented as an attribute.
                                    Summaryfalse
                                    100. AuditEvent.agent:user.extension:otherId/subject-id.value[x].extension
                                    Definition

                                    May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.

                                    ShortAdditional content defined by implementations
                                    Comments

                                    There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                                    Control0..*
                                    TypeExtension
                                    Is Modifierfalse
                                    Summaryfalse
                                    Alternate Namesextensions, user content
                                    Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                    ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                    SlicingThis element introduces a set of slices on AuditEvent.agent.extension.value[x].extension. The slices areUnordered and Open, and can be differentiated using the following discriminators:
                                    • value @ url
                                    • 102. AuditEvent.agent:user.extension:otherId/subject-id.value[x].use
                                      Definition

                                      The purpose of this identifier.

                                      Shortusual | official | temp | secondary | old (If known)
                                      Comments

                                      Applications can assume that an identifier is permanent unless it explicitly says that it is temporary.

                                      Control0..1
                                      BindingThe codes SHALL be taken from IdentifierUse
                                      (required to http://hl7.org/fhir/ValueSet/identifier-use|4.0.1)

                                      Identifies the purpose for this identifier, if known .

                                      Typecode
                                      Is Modifiertrue because This is labeled as "Is Modifier" because applications should not mistake a temporary id for a permanent one.
                                      Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                      Summarytrue
                                      Requirements

                                      Allows the appropriate identifier for a particular context of use to be selected from among a set of identifiers.

                                      Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                      104. AuditEvent.agent:user.extension:otherId/subject-id.value[x].type
                                      Definition

                                      A coded type for the identifier that can be used to determine which identifier to use for a specific purpose.

                                      ShortDescription of identifier
                                      Comments

                                      This element deals only with general categories of identifiers. It SHOULD not be used for codes that correspond 1..1 with the Identifier.system. Some identifiers may fall into multiple categories due to common usage. Where the system is known, a type is unnecessary because the type is always part of the system definition. However systems often need to handle identifiers where the system is not known. There is not a 1:1 relationship between type and system, since many different systems have the same type.

                                      Control0..1
                                      BindingUnless not suitable, these codes SHALL be taken from Identifier Type Codes
                                      (extensible to http://hl7.org/fhir/ValueSet/identifier-type)

                                      A coded type for an identifier that can be used to determine which identifier to use for a specific purpose.

                                      TypeCodeableConcept
                                      Is Modifierfalse
                                      Summarytrue
                                      Requirements

                                      Allows users to make use of identifiers when the identifier system is not known.

                                      Pattern Value{
                                        "coding" : [{
                                          "system" : "https://profiles.ihe.net/ITI/BALP/CodeSystem/OtherIdentifierTypes",
                                          "code" : "SAML-subject-id"
                                        }]
                                      }
                                      Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                      106. AuditEvent.agent:user.extension:otherId/subject-id.value[x].system
                                      Definition

                                      Establishes the namespace for the value - that is, a URL that describes a set values that are unique.

                                      ShortThe namespace for the identifier value
                                      Comments

                                      Identifier.system is always case sensitive.

                                      Control0..1
                                      Typeuri
                                      Is Modifierfalse
                                      Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                      Summarytrue
                                      Requirements

                                      There are many sets of identifiers. To perform matching of two identifiers, we need to know what set we're dealing with. The system identifies a particular set of unique identifiers.

                                      Example<br/><b>General</b>:http://www.acme.com/identifiers/patient
                                      Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                      108. AuditEvent.agent:user.extension:otherId/subject-id.value[x].value
                                      Definition

                                      The portion of the identifier typically relevant to the user and which is unique within the context of the system.

                                      ShortSAML Attribute subject-id
                                      Comments

                                      If the value is a full URI, then the system SHALL be urn:ietf:rfc:3986. The value's primary purpose is computational mapping. As a result, it may be normalized for comparison purposes (e.g. removing non-significant whitespace, dashes, etc.) A value formatted for human display can be conveyed using the Rendered Value extension. Identifier.value is to be treated as case sensitive unless knowledge of the Identifier.system allows the processer to be confident that non-case-sensitive processing is safe.

                                      Control1..1
                                      Typestring
                                      Is Modifierfalse
                                      Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                      Must Supporttrue
                                      Summarytrue
                                      Example<br/><b>General</b>:123456
                                      Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                      110. AuditEvent.agent:user.extension:otherId/subject-id.value[x].period
                                      Definition

                                      Time period during which identifier is/was valid for use.

                                      ShortTime period when id is/was valid for use
                                      Control0..1
                                      TypePeriod
                                      Is Modifierfalse
                                      Summarytrue
                                      Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                      112. AuditEvent.agent:user.extension:otherId/subject-id.value[x].assigner
                                      Definition

                                      Organization that issued/manages the identifier.

                                      ShortOrganization that issued id (may be just text)
                                      Comments

                                      The Identifier.assigner may omit the .reference element and only contain a .display element reflecting the name or other textual information about the assigning organization.

                                      Control0..1
                                      TypeReference(Organization)
                                      Is Modifierfalse
                                      Summarytrue
                                      Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                      114. AuditEvent.agent:user.extension:otherId/npi
                                      Slice NameotherId/npi
                                      Definition

                                      Carries other identifiers are known for an agent.

                                      ShortAuditEvent.agent other identifiers
                                      Control0..*
                                      This element is affected by the following invariants: ele-1
                                      TypeExtension(AuditEvent.agent other identifiers) (Extension Type: Identifier)
                                      Is Modifierfalse
                                      Must Supporttrue
                                      Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                      ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                      116. AuditEvent.agent:user.extension:otherId/npi.id
                                      Definition

                                      Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.

                                      ShortUnique id for inter-element referencing
                                      Control0..1
                                      Typestring
                                      Is Modifierfalse
                                      XML FormatIn the XML format, this property is represented as an attribute.
                                      Summaryfalse
                                      118. AuditEvent.agent:user.extension:otherId/npi.extension
                                      Definition

                                      An Extension

                                      ShortExtension
                                      Control0..0
                                      TypeExtension
                                      Is Modifierfalse
                                      Summaryfalse
                                      Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                      ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                      SlicingThis element introduces a set of slices on AuditEvent.agent.extension.extension. The slices areUnordered and Open, and can be differentiated using the following discriminators:
                                      • value @ url
                                      • 120. AuditEvent.agent:user.extension:otherId/npi.url
                                        Definition

                                        Source of the definition for the extension code - a logical name or a URL.

                                        Shortidentifies the meaning of the extension
                                        Comments

                                        The definition may point directly to a computable or human-readable definition of the extensibility codes, or it may be a logical URI as declared in some other specification. The definition SHALL be a URI for the Structure Definition defining the extension.

                                        Control1..1
                                        Typeuri
                                        Is Modifierfalse
                                        XML FormatIn the XML format, this property is represented as an attribute.
                                        Summaryfalse
                                        Fixed Valuehttps://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-otherId
                                        122. AuditEvent.agent:user.extension:otherId/npi.value[x]
                                        Definition

                                        Value of extension - must be one of a constrained set of the data types (see Extensibility for a list).

                                        ShortValue of extension
                                        Control1..1
                                        TypeIdentifier
                                        [x] NoteSeeChoice of Data Typesfor further information about how to use [x]
                                        Is Modifierfalse
                                        Summaryfalse
                                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                        124. AuditEvent.agent:user.extension:otherId/npi.value[x].id
                                        Definition

                                        Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.

                                        ShortUnique id for inter-element referencing
                                        Control0..1
                                        Typestring
                                        Is Modifierfalse
                                        XML FormatIn the XML format, this property is represented as an attribute.
                                        Summaryfalse
                                        126. AuditEvent.agent:user.extension:otherId/npi.value[x].extension
                                        Definition

                                        May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.

                                        ShortAdditional content defined by implementations
                                        Comments

                                        There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                                        Control0..*
                                        TypeExtension
                                        Is Modifierfalse
                                        Summaryfalse
                                        Alternate Namesextensions, user content
                                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                        ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                        SlicingThis element introduces a set of slices on AuditEvent.agent.extension.value[x].extension. The slices areUnordered and Open, and can be differentiated using the following discriminators:
                                        • value @ url
                                        • 128. AuditEvent.agent:user.extension:otherId/npi.value[x].use
                                          Definition

                                          The purpose of this identifier.

                                          Shortusual | official | temp | secondary | old (If known)
                                          Comments

                                          Applications can assume that an identifier is permanent unless it explicitly says that it is temporary.

                                          Control0..1
                                          BindingThe codes SHALL be taken from IdentifierUse
                                          (required to http://hl7.org/fhir/ValueSet/identifier-use|4.0.1)

                                          Identifies the purpose for this identifier, if known .

                                          Typecode
                                          Is Modifiertrue because This is labeled as "Is Modifier" because applications should not mistake a temporary id for a permanent one.
                                          Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                          Summarytrue
                                          Requirements

                                          Allows the appropriate identifier for a particular context of use to be selected from among a set of identifiers.

                                          Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                          130. AuditEvent.agent:user.extension:otherId/npi.value[x].type
                                          Definition

                                          A coded type for the identifier that can be used to determine which identifier to use for a specific purpose.

                                          ShortDescription of identifier
                                          Comments

                                          This element deals only with general categories of identifiers. It SHOULD not be used for codes that correspond 1..1 with the Identifier.system. Some identifiers may fall into multiple categories due to common usage. Where the system is known, a type is unnecessary because the type is always part of the system definition. However systems often need to handle identifiers where the system is not known. There is not a 1:1 relationship between type and system, since many different systems have the same type.

                                          Control0..1
                                          BindingUnless not suitable, these codes SHALL be taken from Identifier Type Codes
                                          (extensible to http://hl7.org/fhir/ValueSet/identifier-type)

                                          A coded type for an identifier that can be used to determine which identifier to use for a specific purpose.

                                          TypeCodeableConcept
                                          Is Modifierfalse
                                          Summarytrue
                                          Requirements

                                          Allows users to make use of identifiers when the identifier system is not known.

                                          Pattern Value{
                                            "coding" : [{
                                              "system" : "http://terminology.hl7.org/CodeSystem/v2-0203",
                                              "code" : "NPI"
                                            }]
                                          }
                                          Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                          132. AuditEvent.agent:user.extension:otherId/npi.value[x].system
                                          Definition

                                          Establishes the namespace for the value - that is, a URL that describes a set values that are unique.

                                          ShortThe namespace for the identifier value
                                          Comments

                                          Identifier.system is always case sensitive.

                                          Control0..1
                                          Typeuri
                                          Is Modifierfalse
                                          Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                          Summarytrue
                                          Requirements

                                          There are many sets of identifiers. To perform matching of two identifiers, we need to know what set we're dealing with. The system identifies a particular set of unique identifiers.

                                          Example<br/><b>General</b>:http://www.acme.com/identifiers/patient
                                          Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                          134. AuditEvent.agent:user.extension:otherId/npi.value[x].value
                                          Definition

                                          The portion of the identifier typically relevant to the user and which is unique within the context of the system.

                                          ShortSAML Attribute npi
                                          Comments

                                          If the value is a full URI, then the system SHALL be urn:ietf:rfc:3986. The value's primary purpose is computational mapping. As a result, it may be normalized for comparison purposes (e.g. removing non-significant whitespace, dashes, etc.) A value formatted for human display can be conveyed using the Rendered Value extension. Identifier.value is to be treated as case sensitive unless knowledge of the Identifier.system allows the processer to be confident that non-case-sensitive processing is safe.

                                          Control1..1
                                          Typestring
                                          Is Modifierfalse
                                          Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                          Must Supporttrue
                                          Summarytrue
                                          Example<br/><b>General</b>:123456
                                          Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                          136. AuditEvent.agent:user.extension:otherId/npi.value[x].period
                                          Definition

                                          Time period during which identifier is/was valid for use.

                                          ShortTime period when id is/was valid for use
                                          Control0..1
                                          TypePeriod
                                          Is Modifierfalse
                                          Summarytrue
                                          Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                          138. AuditEvent.agent:user.extension:otherId/npi.value[x].assigner
                                          Definition

                                          Organization that issued/manages the identifier.

                                          ShortOrganization that issued id (may be just text)
                                          Comments

                                          The Identifier.assigner may omit the .reference element and only contain a .display element reflecting the name or other textual information about the assigning organization.

                                          Control0..1
                                          TypeReference(Organization)
                                          Is Modifierfalse
                                          Summarytrue
                                          Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                          140. AuditEvent.agent:user.extension:otherId/provider-id
                                          Slice NameotherId/provider-id
                                          Definition

                                          Carries other identifiers are known for an agent.

                                          ShortAuditEvent.agent other identifiers
                                          Control0..*
                                          This element is affected by the following invariants: ele-1
                                          TypeExtension(AuditEvent.agent other identifiers) (Extension Type: Identifier)
                                          Is Modifierfalse
                                          Must Supporttrue
                                          Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                          ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                          142. AuditEvent.agent:user.extension:otherId/provider-id.id
                                          Definition

                                          Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.

                                          ShortUnique id for inter-element referencing
                                          Control0..1
                                          Typestring
                                          Is Modifierfalse
                                          XML FormatIn the XML format, this property is represented as an attribute.
                                          Summaryfalse
                                          144. AuditEvent.agent:user.extension:otherId/provider-id.extension
                                          Definition

                                          An Extension

                                          ShortExtension
                                          Control0..0
                                          TypeExtension
                                          Is Modifierfalse
                                          Summaryfalse
                                          Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                          ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                          SlicingThis element introduces a set of slices on AuditEvent.agent.extension.extension. The slices areUnordered and Open, and can be differentiated using the following discriminators:
                                          • value @ url
                                          • 146. AuditEvent.agent:user.extension:otherId/provider-id.url
                                            Definition

                                            Source of the definition for the extension code - a logical name or a URL.

                                            Shortidentifies the meaning of the extension
                                            Comments

                                            The definition may point directly to a computable or human-readable definition of the extensibility codes, or it may be a logical URI as declared in some other specification. The definition SHALL be a URI for the Structure Definition defining the extension.

                                            Control1..1
                                            Typeuri
                                            Is Modifierfalse
                                            XML FormatIn the XML format, this property is represented as an attribute.
                                            Summaryfalse
                                            Fixed Valuehttps://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-otherId
                                            148. AuditEvent.agent:user.extension:otherId/provider-id.value[x]
                                            Definition

                                            Value of extension - must be one of a constrained set of the data types (see Extensibility for a list).

                                            ShortValue of extension
                                            Control1..1
                                            TypeIdentifier
                                            [x] NoteSeeChoice of Data Typesfor further information about how to use [x]
                                            Is Modifierfalse
                                            Summaryfalse
                                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                            150. AuditEvent.agent:user.extension:otherId/provider-id.value[x].id
                                            Definition

                                            Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.

                                            ShortUnique id for inter-element referencing
                                            Control0..1
                                            Typestring
                                            Is Modifierfalse
                                            XML FormatIn the XML format, this property is represented as an attribute.
                                            Summaryfalse
                                            152. AuditEvent.agent:user.extension:otherId/provider-id.value[x].extension
                                            Definition

                                            May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.

                                            ShortAdditional content defined by implementations
                                            Comments

                                            There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                                            Control0..*
                                            TypeExtension
                                            Is Modifierfalse
                                            Summaryfalse
                                            Alternate Namesextensions, user content
                                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                            ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                            SlicingThis element introduces a set of slices on AuditEvent.agent.extension.value[x].extension. The slices areUnordered and Open, and can be differentiated using the following discriminators:
                                            • value @ url
                                            • 154. AuditEvent.agent:user.extension:otherId/provider-id.value[x].use
                                              Definition

                                              The purpose of this identifier.

                                              Shortusual | official | temp | secondary | old (If known)
                                              Comments

                                              Applications can assume that an identifier is permanent unless it explicitly says that it is temporary.

                                              Control0..1
                                              BindingThe codes SHALL be taken from IdentifierUse
                                              (required to http://hl7.org/fhir/ValueSet/identifier-use|4.0.1)

                                              Identifies the purpose for this identifier, if known .

                                              Typecode
                                              Is Modifiertrue because This is labeled as "Is Modifier" because applications should not mistake a temporary id for a permanent one.
                                              Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                              Summarytrue
                                              Requirements

                                              Allows the appropriate identifier for a particular context of use to be selected from among a set of identifiers.

                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                              156. AuditEvent.agent:user.extension:otherId/provider-id.value[x].type
                                              Definition

                                              A coded type for the identifier that can be used to determine which identifier to use for a specific purpose.

                                              ShortDescription of identifier
                                              Comments

                                              This element deals only with general categories of identifiers. It SHOULD not be used for codes that correspond 1..1 with the Identifier.system. Some identifiers may fall into multiple categories due to common usage. Where the system is known, a type is unnecessary because the type is always part of the system definition. However systems often need to handle identifiers where the system is not known. There is not a 1:1 relationship between type and system, since many different systems have the same type.

                                              Control0..1
                                              BindingUnless not suitable, these codes SHALL be taken from Identifier Type Codes
                                              (extensible to http://hl7.org/fhir/ValueSet/identifier-type)

                                              A coded type for an identifier that can be used to determine which identifier to use for a specific purpose.

                                              TypeCodeableConcept
                                              Is Modifierfalse
                                              Summarytrue
                                              Requirements

                                              Allows users to make use of identifiers when the identifier system is not known.

                                              Pattern Value{
                                                "coding" : [{
                                                  "system" : "http://terminology.hl7.org/CodeSystem/v2-0203",
                                                  "code" : "PRN"
                                                }]
                                              }
                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                              158. AuditEvent.agent:user.extension:otherId/provider-id.value[x].system
                                              Definition

                                              Establishes the namespace for the value - that is, a URL that describes a set values that are unique.

                                              ShortThe namespace for the identifier value
                                              Comments

                                              Identifier.system is always case sensitive.

                                              Control0..1
                                              Typeuri
                                              Is Modifierfalse
                                              Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                              Summarytrue
                                              Requirements

                                              There are many sets of identifiers. To perform matching of two identifiers, we need to know what set we're dealing with. The system identifies a particular set of unique identifiers.

                                              Example<br/><b>General</b>:http://www.acme.com/identifiers/patient
                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                              160. AuditEvent.agent:user.extension:otherId/provider-id.value[x].value
                                              Definition

                                              The portion of the identifier typically relevant to the user and which is unique within the context of the system.

                                              ShortSAML Attribute provider-identifier
                                              Comments

                                              If the value is a full URI, then the system SHALL be urn:ietf:rfc:3986. The value's primary purpose is computational mapping. As a result, it may be normalized for comparison purposes (e.g. removing non-significant whitespace, dashes, etc.) A value formatted for human display can be conveyed using the Rendered Value extension. Identifier.value is to be treated as case sensitive unless knowledge of the Identifier.system allows the processer to be confident that non-case-sensitive processing is safe.

                                              Control1..1
                                              Typestring
                                              Is Modifierfalse
                                              Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                              Must Supporttrue
                                              Summarytrue
                                              Example<br/><b>General</b>:123456
                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                              162. AuditEvent.agent:user.extension:otherId/provider-id.value[x].period
                                              Definition

                                              Time period during which identifier is/was valid for use.

                                              ShortTime period when id is/was valid for use
                                              Control0..1
                                              TypePeriod
                                              Is Modifierfalse
                                              Summarytrue
                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                              164. AuditEvent.agent:user.extension:otherId/provider-id.value[x].assigner
                                              Definition

                                              Organization that issued/manages the identifier.

                                              ShortOrganization that issued id (may be just text)
                                              Comments

                                              The Identifier.assigner may omit the .reference element and only contain a .display element reflecting the name or other textual information about the assigning organization.

                                              Control0..1
                                              TypeReference(Organization)
                                              Is Modifierfalse
                                              Summarytrue
                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                              166. AuditEvent.agent:user.modifierExtension
                                              Definition

                                              May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.

                                              Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).

                                              ShortExtensions that cannot be ignored even if unrecognized
                                              Comments

                                              There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                                              Control0..*
                                              TypeExtension
                                              Is Modifiertrue because Modifier extensions are expected to modify the meaning or interpretation of the element that contains them
                                              Summarytrue
                                              Requirements

                                              Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.

                                              Alternate Namesextensions, user content, modifiers
                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                              ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                              168. AuditEvent.agent:user.type
                                              Definition

                                              Specification of the participation type the user plays when performing the event.

                                              ShortHow agent participated
                                              Control1..1
                                              BindingUnless not suitable, these codes SHALL be taken from ParticipationRoleType
                                              (extensible to http://hl7.org/fhir/ValueSet/participation-role-type)

                                              The Participation type of the agent to the event.

                                              TypeCodeableConcept
                                              Is Modifierfalse
                                              Summaryfalse
                                              Pattern Value{
                                                "coding" : [{
                                                  "system" : "https://profiles.ihe.net/ITI/BALP/CodeSystem/UserAgentTypes",
                                                  "code" : "UserSamlAgent"
                                                }]
                                              }
                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                              170. AuditEvent.agent:user.role
                                              Definition

                                              The security role that the user was acting under, that come from local codes defined by the access control security system (e.g. RBAC, ABAC) used in the local context.

                                              ShortSAML subject:role(s)
                                              Comments

                                              Should be roles relevant to the event. Should not be an exhaustive list of roles.

                                              Control0..*
                                              BindingFor example codes, see SecurityRoleType
                                              (example to http://hl7.org/fhir/ValueSet/security-role-type)

                                              What security role enabled the agent to participate in the event.

                                              TypeCodeableConcept
                                              Is Modifierfalse
                                              Must Supporttrue
                                              Summaryfalse
                                              Requirements

                                              This value ties an audited event to a user's role(s). It is an optional value that might be used to group events for analysis by user functional role categories.

                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                              172. AuditEvent.agent:user.who
                                              Definition

                                              Reference to who this agent is that was involved in the event.

                                              ShortIdentifier of who
                                              Comments

                                              Where a User ID is available it will go into who.identifier.

                                              Control1..1
                                              TypeReference(PractitionerRole, Practitioner, Organization, Device, Patient, RelatedPerson)
                                              Is Modifierfalse
                                              Summarytrue
                                              Requirements

                                              This field ties an audit event to a specific resource or identifier.

                                              Alternate NamesuserId
                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                              174. AuditEvent.agent:user.who.id
                                              Definition

                                              Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.

                                              ShortUnique id for inter-element referencing
                                              Control0..1
                                              Typestring
                                              Is Modifierfalse
                                              XML FormatIn the XML format, this property is represented as an attribute.
                                              Summaryfalse
                                              176. AuditEvent.agent:user.who.extension
                                              Definition

                                              May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.

                                              ShortAdditional content defined by implementations
                                              Comments

                                              There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                                              Control0..*
                                              TypeExtension
                                              Is Modifierfalse
                                              Summaryfalse
                                              Alternate Namesextensions, user content
                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                              ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                              SlicingThis element introduces a set of slices on AuditEvent.agent.who.extension. The slices areUnordered and Open, and can be differentiated using the following discriminators:
                                              • value @ url
                                              • 178. AuditEvent.agent:user.who.reference
                                                Definition

                                                A reference to a location at which the other resource is found. The reference may be a relative reference, in which case it is relative to the service base URL, or an absolute URL that resolves to the location where the resource is found. The reference may be version specific or not. If the reference is not to a FHIR RESTful server, then it should be assumed to be version specific. Internal fragment references (start with '#') refer to contained resources.

                                                ShortLiteral reference, Relative, internal or absolute URL
                                                Comments

                                                Using absolute URLs provides a stable scalable approach suitable for a cloud/web context, while using relative/logical references provides a flexible approach suitable for use when trading across closed eco-system boundaries. Absolute URLs do not need to point to a FHIR RESTful server, though this is the preferred approach. If the URL conforms to the structure "/[type]/[id]" then it should be assumed that the reference is to a FHIR RESTful server.

                                                Control0..1
                                                This element is affected by the following invariants: ref-1
                                                Typestring
                                                Is Modifierfalse
                                                Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                Summarytrue
                                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                180. AuditEvent.agent:user.who.type
                                                Definition

                                                The expected type of the target of the reference. If both Reference.type and Reference.reference are populated and Reference.reference is a FHIR URL, both SHALL be consistent.

                                                The type is the Canonical URL of Resource Definition that is the type this reference refers to. References are URLs that are relative to http://hl7.org/fhir/StructureDefinition/ e.g. "Patient" is a reference to http://hl7.org/fhir/StructureDefinition/Patient. Absolute URLs are only allowed for logical models (and can only be used in references in logical models, not resources).

                                                ShortType the reference refers to (e.g. "Patient")
                                                Comments

                                                This element is used to indicate the type of the target of the reference. This may be used which ever of the other elements are populated (or not). In some cases, the type of the target may be determined by inspection of the reference (e.g. a RESTful URL) or by resolving the target of the reference; if both the type and a reference is provided, the reference SHALL resolve to a resource of the same type as that specified.

                                                Control0..1
                                                BindingUnless not suitable, these codes SHALL be taken from ResourceType
                                                (extensible to http://hl7.org/fhir/ValueSet/resource-types)

                                                Aa resource (or, for logical models, the URI of the logical model).

                                                Typeuri
                                                Is Modifierfalse
                                                Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                Summarytrue
                                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                182. AuditEvent.agent:user.who.identifier
                                                Definition

                                                An identifier for the target resource. This is used when there is no way to reference the other resource directly, either because the entity it represents is not available through a FHIR server, or because there is no way for the author of the resource to convert a known identifier to an actual location. There is no requirement that a Reference.identifier point to something that is actually exposed as a FHIR instance, but it SHALL point to a business concept that would be expected to be exposed as a FHIR instance, and that instance would need to be of a FHIR resource type allowed by the reference.

                                                ShortLogical reference, when literal reference is not known
                                                Comments

                                                When an identifier is provided in place of a reference, any system processing the reference will only be able to resolve the identifier to a reference if it understands the business context in which the identifier is used. Sometimes this is global (e.g. a national identifier) but often it is not. For this reason, none of the useful mechanisms described for working with references (e.g. chaining, includes) are possible, nor should servers be expected to be able resolve the reference. Servers may accept an identifier based reference untouched, resolve it, and/or reject it - see CapabilityStatement.rest.resource.referencePolicy.

                                                When both an identifier and a literal reference are provided, the literal reference is preferred. Applications processing the resource are allowed - but not required - to check that the identifier matches the literal reference

                                                Applications converting a logical reference to a literal reference may choose to leave the logical reference present, or remove it.

                                                Reference is intended to point to a structure that can potentially be expressed as a FHIR resource, though there is no need for it to exist as an actual FHIR resource instance - except in as much as an application wishes to actual find the target of the reference. The content referred to be the identifier must meet the logical constraints implied by any limitations on what resource types are permitted for the reference. For example, it would not be legitimate to send the identifier for a drug prescription if the type were Reference(Observation|DiagnosticReport). One of the use-cases for Reference.identifier is the situation where no FHIR representation exists (where the type is Reference (Any).

                                                NoteThis is a business identifier, not a resource identifier (see discussion)
                                                Control0..1
                                                TypeIdentifier
                                                Is Modifierfalse
                                                Summarytrue
                                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                184. AuditEvent.agent:user.who.identifier.id
                                                Definition

                                                Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.

                                                ShortUnique id for inter-element referencing
                                                Control0..1
                                                Typestring
                                                Is Modifierfalse
                                                XML FormatIn the XML format, this property is represented as an attribute.
                                                Summaryfalse
                                                186. AuditEvent.agent:user.who.identifier.extension
                                                Definition

                                                May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.

                                                ShortAdditional content defined by implementations
                                                Comments

                                                There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                                                Control0..*
                                                TypeExtension
                                                Is Modifierfalse
                                                Summaryfalse
                                                Alternate Namesextensions, user content
                                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                                SlicingThis element introduces a set of slices on AuditEvent.agent.who.identifier.extension. The slices areUnordered and Open, and can be differentiated using the following discriminators:
                                                • value @ url
                                                • 188. AuditEvent.agent:user.who.identifier.use
                                                  Definition

                                                  The purpose of this identifier.

                                                  Shortusual | official | temp | secondary | old (If known)
                                                  Comments

                                                  Applications can assume that an identifier is permanent unless it explicitly says that it is temporary.

                                                  Control0..1
                                                  BindingThe codes SHALL be taken from IdentifierUse
                                                  (required to http://hl7.org/fhir/ValueSet/identifier-use|4.0.1)

                                                  Identifies the purpose for this identifier, if known .

                                                  Typecode
                                                  Is Modifiertrue because This is labeled as "Is Modifier" because applications should not mistake a temporary id for a permanent one.
                                                  Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                  Summarytrue
                                                  Requirements

                                                  Allows the appropriate identifier for a particular context of use to be selected from among a set of identifiers.

                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                  190. AuditEvent.agent:user.who.identifier.type
                                                  Definition

                                                  A coded type for the identifier that can be used to determine which identifier to use for a specific purpose.

                                                  ShortDescription of identifier
                                                  Comments

                                                  This element deals only with general categories of identifiers. It SHOULD not be used for codes that correspond 1..1 with the Identifier.system. Some identifiers may fall into multiple categories due to common usage. Where the system is known, a type is unnecessary because the type is always part of the system definition. However systems often need to handle identifiers where the system is not known. There is not a 1:1 relationship between type and system, since many different systems have the same type.

                                                  Control0..1
                                                  BindingUnless not suitable, these codes SHALL be taken from Identifier Type Codes
                                                  (extensible to http://hl7.org/fhir/ValueSet/identifier-type)

                                                  A coded type for an identifier that can be used to determine which identifier to use for a specific purpose.

                                                  TypeCodeableConcept
                                                  Is Modifierfalse
                                                  Summarytrue
                                                  Requirements

                                                  Allows users to make use of identifiers when the identifier system is not known.

                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                  192. AuditEvent.agent:user.who.identifier.system
                                                  Definition

                                                  Establishes the namespace for the value - that is, a URL that describes a set values that are unique.

                                                  ShortSAML Issuer
                                                  Comments

                                                  Identifier.system is always case sensitive.

                                                  Control0..1
                                                  Typeuri
                                                  Is Modifierfalse
                                                  Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                  Must Supporttrue
                                                  Summarytrue
                                                  Requirements

                                                  There are many sets of identifiers. To perform matching of two identifiers, we need to know what set we're dealing with. The system identifies a particular set of unique identifiers.

                                                  Example<br/><b>General</b>:http://www.acme.com/identifiers/patient
                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                  194. AuditEvent.agent:user.who.identifier.value
                                                  Definition

                                                  The portion of the identifier typically relevant to the user and which is unique within the context of the system.

                                                  ShortSAML Subject.NameID
                                                  Comments

                                                  If the value is a full URI, then the system SHALL be urn:ietf:rfc:3986. The value's primary purpose is computational mapping. As a result, it may be normalized for comparison purposes (e.g. removing non-significant whitespace, dashes, etc.) A value formatted for human display can be conveyed using the Rendered Value extension. Identifier.value is to be treated as case sensitive unless knowledge of the Identifier.system allows the processer to be confident that non-case-sensitive processing is safe.

                                                  Control1..1
                                                  Typestring
                                                  Is Modifierfalse
                                                  Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                  Must Supporttrue
                                                  Summarytrue
                                                  Example<br/><b>General</b>:123456
                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                  196. AuditEvent.agent:user.who.identifier.period
                                                  Definition

                                                  Time period during which identifier is/was valid for use.

                                                  ShortTime period when id is/was valid for use
                                                  Control0..1
                                                  TypePeriod
                                                  Is Modifierfalse
                                                  Summarytrue
                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                  198. AuditEvent.agent:user.who.identifier.assigner
                                                  Definition

                                                  Organization that issued/manages the identifier.

                                                  ShortOrganization that issued id (may be just text)
                                                  Comments

                                                  The Identifier.assigner may omit the .reference element and only contain a .display element reflecting the name or other textual information about the assigning organization.

                                                  Control0..1
                                                  TypeReference(Organization)
                                                  Is Modifierfalse
                                                  Summarytrue
                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                  200. AuditEvent.agent:user.who.display
                                                  Definition

                                                  Plain text narrative that identifies the resource in addition to the resource reference.

                                                  ShortText alternative for the resource
                                                  Comments

                                                  This is generally not the same as the Resource.text of the referenced resource. The purpose is to identify what's being referenced, not to fully describe it.

                                                  Control0..1
                                                  Typestring
                                                  Is Modifierfalse
                                                  Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                  Summarytrue
                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                  202. AuditEvent.agent:user.altId
                                                  Definition

                                                  Alternative agent Identifier. For a human, this should be a user identifier text string from authentication system. This identifier would be one known to a common authentication system (e.g. single sign-on), if available.

                                                  ShortAlternative User identity
                                                  Control0..0
                                                  Typestring
                                                  Is Modifierfalse
                                                  Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                  Summaryfalse
                                                  Requirements

                                                  In some situations, a human user may authenticate with one identity but, to access a specific application system, may use a synonymous identify. For example, some "single sign on" implementations will do this. The alternative identifier would then be the original identify used for authentication, and the User ID is the one known to and used by the application.

                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                  204. AuditEvent.agent:user.name
                                                  Definition

                                                  Human-meaningful name for the agent.

                                                  ShortHuman friendly name for the agent
                                                  Control0..1
                                                  Typestring
                                                  Is Modifierfalse
                                                  Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                  Summaryfalse
                                                  Requirements

                                                  The User ID and Authorization User ID may be internal or otherwise obscure values. This field assists the auditor in identifying the actual user.

                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                  206. AuditEvent.agent:user.requestor
                                                  Definition

                                                  Indicator that the user is or is not the requestor, or initiator, for the event being audited.

                                                  ShortWhether user is initiator
                                                  Comments

                                                  There can only be one initiator. If the initiator is not clear, then do not choose any one agent as the initiator.

                                                  Control1..1
                                                  Typeboolean
                                                  Is Modifierfalse
                                                  Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                  Summarytrue
                                                  Requirements

                                                  This value is used to distinguish between requestor-users and recipient-users. For example, one person may initiate a report-output to be sent to another user.

                                                  Pattern Valuetrue
                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                  208. AuditEvent.agent:user.location
                                                  Definition

                                                  Where the event occurred.

                                                  ShortWhere
                                                  Control0..1
                                                  TypeReference(Location)
                                                  Is Modifierfalse
                                                  Summaryfalse
                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                  210. AuditEvent.agent:user.policy
                                                  Definition

                                                  The policy or plan that authorized the activity being recorded. Typically, a single activity may have multiple applicable policies, such as patient consent, guarantor funding, etc. The policy would also indicate the security token used.

                                                  ShortSAML token ID
                                                  Comments

                                                  For example: Where an OAuth token authorizes, the unique identifier from the OAuth token is placed into the policy element Where a policy engine (e.g. XACML) holds policy logic, the unique policy identifier is placed into the policy element.

                                                  Control1..1
                                                  Typeuri
                                                  Is Modifierfalse
                                                  Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                  Must Supporttrue
                                                  Summaryfalse
                                                  Requirements

                                                  This value is used retrospectively to determine the authorization policies.

                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                  212. AuditEvent.agent:user.media
                                                  Definition

                                                  Type of media involved. Used when the event is about exporting/importing onto media.

                                                  ShortType of media
                                                  Control0..0
                                                  BindingUnless not suitable, these codes SHALL be taken from MediaTypeCode
                                                  (extensible to http://hl7.org/fhir/ValueSet/dicm-405-mediatype)

                                                  Used when the event is about exporting/importing onto media.

                                                  TypeCoding
                                                  Is Modifierfalse
                                                  Summaryfalse
                                                  Requirements

                                                  Usually, this is used instead of specifying a network address. This field is not used for Media Id (i.e. the serial number of a CD).

                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                  214. AuditEvent.agent:user.network
                                                  Definition

                                                  Logical network location for application activity, if the activity has a network location.

                                                  ShortLogical network location for application activity
                                                  Control0..0
                                                  TypeBackboneElement
                                                  Is Modifierfalse
                                                  Summaryfalse
                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                  221. AuditEvent.agent:user.purposeOfUse
                                                  Definition

                                                  The reason (purpose of use), specific to this agent, that was used during the event being recorded.

                                                  ShortSAML subject:purposeofuse
                                                  Comments

                                                  Use AuditEvent.agent.purposeOfUse when you know that is specific to the agent, otherwise use AuditEvent.purposeOfEvent. For example, during a machine-to-machine transfer it might not be obvious to the audit system who caused the event, but it does know why.

                                                  Control0..*
                                                  BindingUnless not suitable, these codes SHALL be taken from PurposeOfUse
                                                  (extensible to http://terminology.hl7.org/ValueSet/v3-PurposeOfUse)

                                                  The reason the activity took place.

                                                  TypeCodeableConcept
                                                  Is Modifierfalse
                                                  Must Supporttrue
                                                  Summaryfalse
                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                  223. AuditEvent.agent:userorg
                                                  Slice Nameuserorg
                                                  Definition

                                                  An actor taking an active role in the event or activity that is logged.

                                                  ShortActor involved in the event
                                                  Comments

                                                  Several agents may be associated (i.e. have some responsibility for an activity) with an event or activity.

                                                  For example, an activity may be initiated by one user for other users or involve more than one user. However, only one user may be the initiator/requestor for the activity.

                                                  Control0..*
                                                  TypeBackboneElement
                                                  Is Modifierfalse
                                                  Summaryfalse
                                                  Requirements

                                                  An agent can be a person, an organization, software, device, or other actors that may be ascribed responsibility.

                                                  Alternate NamesActiveParticipant
                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                  225. AuditEvent.agent:userorg.id
                                                  Definition

                                                  Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.

                                                  ShortUnique id for inter-element referencing
                                                  Control0..1
                                                  Typestring
                                                  Is Modifierfalse
                                                  XML FormatIn the XML format, this property is represented as an attribute.
                                                  Summaryfalse
                                                  227. AuditEvent.agent:userorg.extension
                                                  Definition

                                                  An Extension

                                                  ShortExtension
                                                  Control0..*
                                                  TypeExtension
                                                  Is Modifierfalse
                                                  Summaryfalse
                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                  ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                                  SlicingThis element introduces a set of slices on AuditEvent.agent.extension. The slices areUnordered and Open, and can be differentiated using the following discriminators:
                                                  • value @ url
                                                  • 229. AuditEvent.agent:userorg.extension:assuranceLevel
                                                    Slice NameassuranceLevel
                                                    Definition

                                                    The assuranceLevel element carries various types of Assurance level. May be an Identity Assurance (IAL), an Authentication Assurance Level (AAL), a Federation Assurance Level (FAL), or other.

                                                    In SAML this is defined to be carried in the saml:AuthnContextClassRef, but may be carried elsewhere based on the use-case and profiling of SAML.

                                                    The Vocabulary is not defined here. Some sources of vocabulary:

                                                    ShortAuditEvent.agent Assurance Level
                                                    Control0..*
                                                    This element is affected by the following invariants: ele-1
                                                    TypeExtension(AuditEvent.agent Assurance Level) (Extension Type: CodeableConcept)
                                                    Is Modifierfalse
                                                    Must Supporttrue
                                                    Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                    ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                                    231. AuditEvent.agent:userorg.extension:otherId
                                                    Slice NameotherId
                                                    Definition

                                                    Carries other identifiers are known for an agent.

                                                    ShortAuditEvent.agent other identifiers
                                                    Control0..*
                                                    This element is affected by the following invariants: ele-1
                                                    TypeExtension(AuditEvent.agent other identifiers) (Extension Type: Identifier)
                                                    Is Modifierfalse
                                                    Must Supporttrue
                                                    Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                    ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                                    233. AuditEvent.agent:userorg.modifierExtension
                                                    Definition

                                                    May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.

                                                    Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).

                                                    ShortExtensions that cannot be ignored even if unrecognized
                                                    Comments

                                                    There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                                                    Control0..*
                                                    TypeExtension
                                                    Is Modifiertrue because Modifier extensions are expected to modify the meaning or interpretation of the element that contains them
                                                    Summarytrue
                                                    Requirements

                                                    Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.

                                                    Alternate Namesextensions, user content, modifiers
                                                    Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                    ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                                    235. AuditEvent.agent:userorg.type
                                                    Definition

                                                    Specification of the participation type the user plays when performing the event.

                                                    ShortHow agent participated
                                                    Control1..1
                                                    BindingUnless not suitable, these codes SHALL be taken from ParticipationRoleType
                                                    (extensible to http://hl7.org/fhir/ValueSet/participation-role-type)

                                                    The Participation type of the agent to the event.

                                                    TypeCodeableConcept
                                                    Is Modifierfalse
                                                    Summaryfalse
                                                    Pattern Value{
                                                      "coding" : [{
                                                        "system" : "http://terminology.hl7.org/CodeSystem/v3-RoleClass",
                                                        "code" : "PROV"
                                                      }]
                                                    }
                                                    Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                    237. AuditEvent.agent:userorg.role
                                                    Definition

                                                    The security role that the user was acting under, that come from local codes defined by the access control security system (e.g. RBAC, ABAC) used in the local context.

                                                    ShortAgent role in the event
                                                    Comments

                                                    Should be roles relevant to the event. Should not be an exhaustive list of roles.

                                                    Control0..0
                                                    BindingFor example codes, see SecurityRoleType
                                                    (example to http://hl7.org/fhir/ValueSet/security-role-type)

                                                    What security role enabled the agent to participate in the event.

                                                    TypeCodeableConcept
                                                    Is Modifierfalse
                                                    Summaryfalse
                                                    Requirements

                                                    This value ties an audited event to a user's role(s). It is an optional value that might be used to group events for analysis by user functional role categories.

                                                    Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                    239. AuditEvent.agent:userorg.who
                                                    Definition

                                                    Reference to who this agent is that was involved in the event.

                                                    ShortIdentifier of who
                                                    Comments

                                                    Where a User ID is available it will go into who.identifier.

                                                    Control0..1
                                                    TypeReference(PractitionerRole, Practitioner, Organization, Device, Patient, RelatedPerson)
                                                    Is Modifierfalse
                                                    Summarytrue
                                                    Requirements

                                                    This field ties an audit event to a specific resource or identifier.

                                                    Alternate NamesuserId
                                                    Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                    241. AuditEvent.agent:userorg.who.id
                                                    Definition

                                                    Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.

                                                    ShortUnique id for inter-element referencing
                                                    Control0..1
                                                    Typestring
                                                    Is Modifierfalse
                                                    XML FormatIn the XML format, this property is represented as an attribute.
                                                    Summaryfalse
                                                    243. AuditEvent.agent:userorg.who.extension
                                                    Definition

                                                    May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.

                                                    ShortAdditional content defined by implementations
                                                    Comments

                                                    There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                                                    Control0..*
                                                    TypeExtension
                                                    Is Modifierfalse
                                                    Summaryfalse
                                                    Alternate Namesextensions, user content
                                                    Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                    ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                                    SlicingThis element introduces a set of slices on AuditEvent.agent.who.extension. The slices areUnordered and Open, and can be differentiated using the following discriminators:
                                                    • value @ url
                                                    • 245. AuditEvent.agent:userorg.who.reference
                                                      Definition

                                                      A reference to a location at which the other resource is found. The reference may be a relative reference, in which case it is relative to the service base URL, or an absolute URL that resolves to the location where the resource is found. The reference may be version specific or not. If the reference is not to a FHIR RESTful server, then it should be assumed to be version specific. Internal fragment references (start with '#') refer to contained resources.

                                                      ShortLiteral reference, Relative, internal or absolute URL
                                                      Comments

                                                      Using absolute URLs provides a stable scalable approach suitable for a cloud/web context, while using relative/logical references provides a flexible approach suitable for use when trading across closed eco-system boundaries. Absolute URLs do not need to point to a FHIR RESTful server, though this is the preferred approach. If the URL conforms to the structure "/[type]/[id]" then it should be assumed that the reference is to a FHIR RESTful server.

                                                      Control0..1
                                                      This element is affected by the following invariants: ref-1
                                                      Typestring
                                                      Is Modifierfalse
                                                      Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                      Summarytrue
                                                      Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                      247. AuditEvent.agent:userorg.who.type
                                                      Definition

                                                      The expected type of the target of the reference. If both Reference.type and Reference.reference are populated and Reference.reference is a FHIR URL, both SHALL be consistent.

                                                      The type is the Canonical URL of Resource Definition that is the type this reference refers to. References are URLs that are relative to http://hl7.org/fhir/StructureDefinition/ e.g. "Patient" is a reference to http://hl7.org/fhir/StructureDefinition/Patient. Absolute URLs are only allowed for logical models (and can only be used in references in logical models, not resources).

                                                      ShortType the reference refers to (e.g. "Patient")
                                                      Comments

                                                      This element is used to indicate the type of the target of the reference. This may be used which ever of the other elements are populated (or not). In some cases, the type of the target may be determined by inspection of the reference (e.g. a RESTful URL) or by resolving the target of the reference; if both the type and a reference is provided, the reference SHALL resolve to a resource of the same type as that specified.

                                                      Control0..1
                                                      BindingUnless not suitable, these codes SHALL be taken from ResourceType
                                                      (extensible to http://hl7.org/fhir/ValueSet/resource-types)

                                                      Aa resource (or, for logical models, the URI of the logical model).

                                                      Typeuri
                                                      Is Modifierfalse
                                                      Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                      Summarytrue
                                                      Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                      249. AuditEvent.agent:userorg.who.identifier
                                                      Definition

                                                      An identifier for the target resource. This is used when there is no way to reference the other resource directly, either because the entity it represents is not available through a FHIR server, or because there is no way for the author of the resource to convert a known identifier to an actual location. There is no requirement that a Reference.identifier point to something that is actually exposed as a FHIR instance, but it SHALL point to a business concept that would be expected to be exposed as a FHIR instance, and that instance would need to be of a FHIR resource type allowed by the reference.

                                                      ShortLogical reference, when literal reference is not known
                                                      Comments

                                                      When an identifier is provided in place of a reference, any system processing the reference will only be able to resolve the identifier to a reference if it understands the business context in which the identifier is used. Sometimes this is global (e.g. a national identifier) but often it is not. For this reason, none of the useful mechanisms described for working with references (e.g. chaining, includes) are possible, nor should servers be expected to be able resolve the reference. Servers may accept an identifier based reference untouched, resolve it, and/or reject it - see CapabilityStatement.rest.resource.referencePolicy.

                                                      When both an identifier and a literal reference are provided, the literal reference is preferred. Applications processing the resource are allowed - but not required - to check that the identifier matches the literal reference

                                                      Applications converting a logical reference to a literal reference may choose to leave the logical reference present, or remove it.

                                                      Reference is intended to point to a structure that can potentially be expressed as a FHIR resource, though there is no need for it to exist as an actual FHIR resource instance - except in as much as an application wishes to actual find the target of the reference. The content referred to be the identifier must meet the logical constraints implied by any limitations on what resource types are permitted for the reference. For example, it would not be legitimate to send the identifier for a drug prescription if the type were Reference(Observation|DiagnosticReport). One of the use-cases for Reference.identifier is the situation where no FHIR representation exists (where the type is Reference (Any).

                                                      NoteThis is a business identifier, not a resource identifier (see discussion)
                                                      Control0..1
                                                      TypeIdentifier
                                                      Is Modifierfalse
                                                      Summarytrue
                                                      Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                      251. AuditEvent.agent:userorg.who.identifier.id
                                                      Definition

                                                      Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.

                                                      ShortUnique id for inter-element referencing
                                                      Control0..1
                                                      Typestring
                                                      Is Modifierfalse
                                                      XML FormatIn the XML format, this property is represented as an attribute.
                                                      Summaryfalse
                                                      253. AuditEvent.agent:userorg.who.identifier.extension
                                                      Definition

                                                      May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.

                                                      ShortAdditional content defined by implementations
                                                      Comments

                                                      There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                                                      Control0..*
                                                      TypeExtension
                                                      Is Modifierfalse
                                                      Summaryfalse
                                                      Alternate Namesextensions, user content
                                                      Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                      ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                                      SlicingThis element introduces a set of slices on AuditEvent.agent.who.identifier.extension. The slices areUnordered and Open, and can be differentiated using the following discriminators:
                                                      • value @ url
                                                      • 255. AuditEvent.agent:userorg.who.identifier.use
                                                        Definition

                                                        The purpose of this identifier.

                                                        Shortusual | official | temp | secondary | old (If known)
                                                        Comments

                                                        Applications can assume that an identifier is permanent unless it explicitly says that it is temporary.

                                                        Control0..1
                                                        BindingThe codes SHALL be taken from IdentifierUse
                                                        (required to http://hl7.org/fhir/ValueSet/identifier-use|4.0.1)

                                                        Identifies the purpose for this identifier, if known .

                                                        Typecode
                                                        Is Modifiertrue because This is labeled as "Is Modifier" because applications should not mistake a temporary id for a permanent one.
                                                        Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                        Summarytrue
                                                        Requirements

                                                        Allows the appropriate identifier for a particular context of use to be selected from among a set of identifiers.

                                                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                        257. AuditEvent.agent:userorg.who.identifier.type
                                                        Definition

                                                        A coded type for the identifier that can be used to determine which identifier to use for a specific purpose.

                                                        ShortDescription of identifier
                                                        Comments

                                                        This element deals only with general categories of identifiers. It SHOULD not be used for codes that correspond 1..1 with the Identifier.system. Some identifiers may fall into multiple categories due to common usage. Where the system is known, a type is unnecessary because the type is always part of the system definition. However systems often need to handle identifiers where the system is not known. There is not a 1:1 relationship between type and system, since many different systems have the same type.

                                                        Control0..1
                                                        BindingUnless not suitable, these codes SHALL be taken from Identifier Type Codes
                                                        (extensible to http://hl7.org/fhir/ValueSet/identifier-type)

                                                        A coded type for an identifier that can be used to determine which identifier to use for a specific purpose.

                                                        TypeCodeableConcept
                                                        Is Modifierfalse
                                                        Summarytrue
                                                        Requirements

                                                        Allows users to make use of identifiers when the identifier system is not known.

                                                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                        259. AuditEvent.agent:userorg.who.identifier.system
                                                        Definition

                                                        Establishes the namespace for the value - that is, a URL that describes a set values that are unique.

                                                        ShortThe namespace for the identifier value
                                                        Comments

                                                        Identifier.system is always case sensitive.

                                                        Control0..1
                                                        Typeuri
                                                        Is Modifierfalse
                                                        Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                        Summarytrue
                                                        Requirements

                                                        There are many sets of identifiers. To perform matching of two identifiers, we need to know what set we're dealing with. The system identifies a particular set of unique identifiers.

                                                        Example<br/><b>General</b>:http://www.acme.com/identifiers/patient
                                                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                        261. AuditEvent.agent:userorg.who.identifier.value
                                                        Definition

                                                        The portion of the identifier typically relevant to the user and which is unique within the context of the system.

                                                        ShortSAML Attribute urn:oasis:names:tc:xspa:1.0:subject:organization-id
                                                        Comments

                                                        If the value is a full URI, then the system SHALL be urn:ietf:rfc:3986. The value's primary purpose is computational mapping. As a result, it may be normalized for comparison purposes (e.g. removing non-significant whitespace, dashes, etc.) A value formatted for human display can be conveyed using the Rendered Value extension. Identifier.value is to be treated as case sensitive unless knowledge of the Identifier.system allows the processer to be confident that non-case-sensitive processing is safe.

                                                        Control1..1
                                                        Typestring
                                                        Is Modifierfalse
                                                        Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                        Must Supporttrue
                                                        Summarytrue
                                                        Example<br/><b>General</b>:123456
                                                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                        263. AuditEvent.agent:userorg.who.identifier.period
                                                        Definition

                                                        Time period during which identifier is/was valid for use.

                                                        ShortTime period when id is/was valid for use
                                                        Control0..1
                                                        TypePeriod
                                                        Is Modifierfalse
                                                        Summarytrue
                                                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                        265. AuditEvent.agent:userorg.who.identifier.assigner
                                                        Definition

                                                        Organization that issued/manages the identifier.

                                                        ShortOrganization that issued id (may be just text)
                                                        Comments

                                                        The Identifier.assigner may omit the .reference element and only contain a .display element reflecting the name or other textual information about the assigning organization.

                                                        Control0..1
                                                        TypeReference(Organization)
                                                        Is Modifierfalse
                                                        Summarytrue
                                                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                        267. AuditEvent.agent:userorg.who.display
                                                        Definition

                                                        Plain text narrative that identifies the resource in addition to the resource reference.

                                                        ShortSAML Attribute urn:oasis:names:tc:xspa:1.0:subject:organization
                                                        Comments

                                                        This is generally not the same as the Resource.text of the referenced resource. The purpose is to identify what's being referenced, not to fully describe it.

                                                        Control1..1
                                                        Typestring
                                                        Is Modifierfalse
                                                        Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                        Must Supporttrue
                                                        Summarytrue
                                                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                        269. AuditEvent.agent:userorg.altId
                                                        Definition

                                                        Alternative agent Identifier. For a human, this should be a user identifier text string from authentication system. This identifier would be one known to a common authentication system (e.g. single sign-on), if available.

                                                        ShortAlternative User identity
                                                        Control0..0
                                                        Typestring
                                                        Is Modifierfalse
                                                        Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                        Summaryfalse
                                                        Requirements

                                                        In some situations, a human user may authenticate with one identity but, to access a specific application system, may use a synonymous identify. For example, some "single sign on" implementations will do this. The alternative identifier would then be the original identify used for authentication, and the User ID is the one known to and used by the application.

                                                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                        271. AuditEvent.agent:userorg.name
                                                        Definition

                                                        Human-meaningful name for the agent.

                                                        ShortHuman friendly name for the agent
                                                        Control0..0
                                                        Typestring
                                                        Is Modifierfalse
                                                        Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                        Summaryfalse
                                                        Requirements

                                                        The User ID and Authorization User ID may be internal or otherwise obscure values. This field assists the auditor in identifying the actual user.

                                                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                        273. AuditEvent.agent:userorg.requestor
                                                        Definition

                                                        Indicator that the user is or is not the requestor, or initiator, for the event being audited.

                                                        ShortWhether user is initiator
                                                        Comments

                                                        There can only be one initiator. If the initiator is not clear, then do not choose any one agent as the initiator.

                                                        Control1..1
                                                        Typeboolean
                                                        Is Modifierfalse
                                                        Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                        Summarytrue
                                                        Requirements

                                                        This value is used to distinguish between requestor-users and recipient-users. For example, one person may initiate a report-output to be sent to another user.

                                                        Pattern Valuefalse
                                                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                        275. AuditEvent.agent:userorg.location
                                                        Definition

                                                        Where the event occurred.

                                                        ShortWhere
                                                        Control0..0
                                                        TypeReference(Location)
                                                        Is Modifierfalse
                                                        Summaryfalse
                                                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                        277. AuditEvent.agent:userorg.policy
                                                        Definition

                                                        The policy or plan that authorized the activity being recorded. Typically, a single activity may have multiple applicable policies, such as patient consent, guarantor funding, etc. The policy would also indicate the security token used.

                                                        ShortPolicy that authorized event
                                                        Comments

                                                        For example: Where an OAuth token authorizes, the unique identifier from the OAuth token is placed into the policy element Where a policy engine (e.g. XACML) holds policy logic, the unique policy identifier is placed into the policy element.

                                                        Control0..0
                                                        Typeuri
                                                        Is Modifierfalse
                                                        Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                        Summaryfalse
                                                        Requirements

                                                        This value is used retrospectively to determine the authorization policies.

                                                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                        279. AuditEvent.agent:userorg.media
                                                        Definition

                                                        Type of media involved. Used when the event is about exporting/importing onto media.

                                                        ShortType of media
                                                        Control0..0
                                                        BindingUnless not suitable, these codes SHALL be taken from MediaTypeCode
                                                        (extensible to http://hl7.org/fhir/ValueSet/dicm-405-mediatype)

                                                        Used when the event is about exporting/importing onto media.

                                                        TypeCoding
                                                        Is Modifierfalse
                                                        Summaryfalse
                                                        Requirements

                                                        Usually, this is used instead of specifying a network address. This field is not used for Media Id (i.e. the serial number of a CD).

                                                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                        281. AuditEvent.agent:userorg.network
                                                        Definition

                                                        Logical network location for application activity, if the activity has a network location.

                                                        ShortLogical network location for application activity
                                                        Control0..0
                                                        TypeBackboneElement
                                                        Is Modifierfalse
                                                        Summaryfalse
                                                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                        288. AuditEvent.agent:userorg.purposeOfUse
                                                        Definition

                                                        The reason (purpose of use), specific to this agent, that was used during the event being recorded.

                                                        ShortReason given for this user
                                                        Comments

                                                        Use AuditEvent.agent.purposeOfUse when you know that is specific to the agent, otherwise use AuditEvent.purposeOfEvent. For example, during a machine-to-machine transfer it might not be obvious to the audit system who caused the event, but it does know why.

                                                        Control0..0
                                                        BindingUnless not suitable, these codes SHALL be taken from PurposeOfUse
                                                        (extensible to http://terminology.hl7.org/ValueSet/v3-PurposeOfUse)

                                                        The reason the activity took place.

                                                        TypeCodeableConcept
                                                        Is Modifierfalse
                                                        Summaryfalse
                                                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                        290. AuditEvent.agent:homeCommunityId
                                                        Slice NamehomeCommunityId
                                                        Definition

                                                        An actor taking an active role in the event or activity that is logged.

                                                        ShortActor involved in the event
                                                        Comments

                                                        Several agents may be associated (i.e. have some responsibility for an activity) with an event or activity.

                                                        For example, an activity may be initiated by one user for other users or involve more than one user. However, only one user may be the initiator/requestor for the activity.

                                                        Control0..*
                                                        TypeBackboneElement
                                                        Is Modifierfalse
                                                        Summaryfalse
                                                        Requirements

                                                        An agent can be a person, an organization, software, device, or other actors that may be ascribed responsibility.

                                                        Alternate NamesActiveParticipant
                                                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                        292. AuditEvent.agent:homeCommunityId.id
                                                        Definition

                                                        Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.

                                                        ShortUnique id for inter-element referencing
                                                        Control0..1
                                                        Typestring
                                                        Is Modifierfalse
                                                        XML FormatIn the XML format, this property is represented as an attribute.
                                                        Summaryfalse
                                                        294. AuditEvent.agent:homeCommunityId.extension
                                                        Definition

                                                        An Extension

                                                        ShortExtension
                                                        Control0..*
                                                        TypeExtension
                                                        Is Modifierfalse
                                                        Summaryfalse
                                                        Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                        ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                                        SlicingThis element introduces a set of slices on AuditEvent.agent.extension. The slices areUnordered and Open, and can be differentiated using the following discriminators:
                                                        • value @ url
                                                        • 296. AuditEvent.agent:homeCommunityId.extension:assuranceLevel
                                                          Slice NameassuranceLevel
                                                          Definition

                                                          The assuranceLevel element carries various types of Assurance level. May be an Identity Assurance (IAL), an Authentication Assurance Level (AAL), a Federation Assurance Level (FAL), or other.

                                                          In SAML this is defined to be carried in the saml:AuthnContextClassRef, but may be carried elsewhere based on the use-case and profiling of SAML.

                                                          The Vocabulary is not defined here. Some sources of vocabulary:

                                                          ShortAuditEvent.agent Assurance Level
                                                          Control0..*
                                                          This element is affected by the following invariants: ele-1
                                                          TypeExtension(AuditEvent.agent Assurance Level) (Extension Type: CodeableConcept)
                                                          Is Modifierfalse
                                                          Must Supporttrue
                                                          Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                          ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                                          298. AuditEvent.agent:homeCommunityId.extension:otherId
                                                          Slice NameotherId
                                                          Definition

                                                          Carries other identifiers are known for an agent.

                                                          ShortAuditEvent.agent other identifiers
                                                          Control0..*
                                                          This element is affected by the following invariants: ele-1
                                                          TypeExtension(AuditEvent.agent other identifiers) (Extension Type: Identifier)
                                                          Is Modifierfalse
                                                          Must Supporttrue
                                                          Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                          ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                                          300. AuditEvent.agent:homeCommunityId.modifierExtension
                                                          Definition

                                                          May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.

                                                          Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).

                                                          ShortExtensions that cannot be ignored even if unrecognized
                                                          Comments

                                                          There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                                                          Control0..*
                                                          TypeExtension
                                                          Is Modifiertrue because Modifier extensions are expected to modify the meaning or interpretation of the element that contains them
                                                          Summarytrue
                                                          Requirements

                                                          Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.

                                                          Alternate Namesextensions, user content, modifiers
                                                          Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                          ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                                          302. AuditEvent.agent:homeCommunityId.type
                                                          Definition

                                                          Specification of the participation type the user plays when performing the event.

                                                          ShortHow agent participated
                                                          Control1..1
                                                          BindingUnless not suitable, these codes SHALL be taken from ParticipationRoleType
                                                          (extensible to http://hl7.org/fhir/ValueSet/participation-role-type)

                                                          The Participation type of the agent to the event.

                                                          TypeCodeableConcept
                                                          Is Modifierfalse
                                                          Summaryfalse
                                                          Pattern Value{
                                                            "coding" : [{
                                                              "system" : "urn:ihe:iti:xca:2010",
                                                              "code" : "homeCommunityId"
                                                            }]
                                                          }
                                                          Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                          304. AuditEvent.agent:homeCommunityId.role
                                                          Definition

                                                          The security role that the user was acting under, that come from local codes defined by the access control security system (e.g. RBAC, ABAC) used in the local context.

                                                          ShortAgent role in the event
                                                          Comments

                                                          Should be roles relevant to the event. Should not be an exhaustive list of roles.

                                                          Control0..0
                                                          BindingFor example codes, see SecurityRoleType
                                                          (example to http://hl7.org/fhir/ValueSet/security-role-type)

                                                          What security role enabled the agent to participate in the event.

                                                          TypeCodeableConcept
                                                          Is Modifierfalse
                                                          Summaryfalse
                                                          Requirements

                                                          This value ties an audited event to a user's role(s). It is an optional value that might be used to group events for analysis by user functional role categories.

                                                          Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                          306. AuditEvent.agent:homeCommunityId.who
                                                          Definition

                                                          Reference to who this agent is that was involved in the event.

                                                          ShortIdentifier of who
                                                          Comments

                                                          Where a User ID is available it will go into who.identifier.

                                                          Control0..1
                                                          TypeReference(PractitionerRole, Practitioner, Organization, Device, Patient, RelatedPerson)
                                                          Is Modifierfalse
                                                          Summarytrue
                                                          Requirements

                                                          This field ties an audit event to a specific resource or identifier.

                                                          Alternate NamesuserId
                                                          Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                          308. AuditEvent.agent:homeCommunityId.who.id
                                                          Definition

                                                          Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.

                                                          ShortUnique id for inter-element referencing
                                                          Control0..1
                                                          Typestring
                                                          Is Modifierfalse
                                                          XML FormatIn the XML format, this property is represented as an attribute.
                                                          Summaryfalse
                                                          310. AuditEvent.agent:homeCommunityId.who.extension
                                                          Definition

                                                          May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.

                                                          ShortAdditional content defined by implementations
                                                          Comments

                                                          There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                                                          Control0..*
                                                          TypeExtension
                                                          Is Modifierfalse
                                                          Summaryfalse
                                                          Alternate Namesextensions, user content
                                                          Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                          ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                                          SlicingThis element introduces a set of slices on AuditEvent.agent.who.extension. The slices areUnordered and Open, and can be differentiated using the following discriminators:
                                                          • value @ url
                                                          • 312. AuditEvent.agent:homeCommunityId.who.reference
                                                            Definition

                                                            A reference to a location at which the other resource is found. The reference may be a relative reference, in which case it is relative to the service base URL, or an absolute URL that resolves to the location where the resource is found. The reference may be version specific or not. If the reference is not to a FHIR RESTful server, then it should be assumed to be version specific. Internal fragment references (start with '#') refer to contained resources.

                                                            ShortLiteral reference, Relative, internal or absolute URL
                                                            Comments

                                                            Using absolute URLs provides a stable scalable approach suitable for a cloud/web context, while using relative/logical references provides a flexible approach suitable for use when trading across closed eco-system boundaries. Absolute URLs do not need to point to a FHIR RESTful server, though this is the preferred approach. If the URL conforms to the structure "/[type]/[id]" then it should be assumed that the reference is to a FHIR RESTful server.

                                                            Control0..1
                                                            This element is affected by the following invariants: ref-1
                                                            Typestring
                                                            Is Modifierfalse
                                                            Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                            Summarytrue
                                                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                            314. AuditEvent.agent:homeCommunityId.who.type
                                                            Definition

                                                            The expected type of the target of the reference. If both Reference.type and Reference.reference are populated and Reference.reference is a FHIR URL, both SHALL be consistent.

                                                            The type is the Canonical URL of Resource Definition that is the type this reference refers to. References are URLs that are relative to http://hl7.org/fhir/StructureDefinition/ e.g. "Patient" is a reference to http://hl7.org/fhir/StructureDefinition/Patient. Absolute URLs are only allowed for logical models (and can only be used in references in logical models, not resources).

                                                            ShortType the reference refers to (e.g. "Patient")
                                                            Comments

                                                            This element is used to indicate the type of the target of the reference. This may be used which ever of the other elements are populated (or not). In some cases, the type of the target may be determined by inspection of the reference (e.g. a RESTful URL) or by resolving the target of the reference; if both the type and a reference is provided, the reference SHALL resolve to a resource of the same type as that specified.

                                                            Control0..1
                                                            BindingUnless not suitable, these codes SHALL be taken from ResourceType
                                                            (extensible to http://hl7.org/fhir/ValueSet/resource-types)

                                                            Aa resource (or, for logical models, the URI of the logical model).

                                                            Typeuri
                                                            Is Modifierfalse
                                                            Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                            Summarytrue
                                                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                            316. AuditEvent.agent:homeCommunityId.who.identifier
                                                            Definition

                                                            An identifier for the target resource. This is used when there is no way to reference the other resource directly, either because the entity it represents is not available through a FHIR server, or because there is no way for the author of the resource to convert a known identifier to an actual location. There is no requirement that a Reference.identifier point to something that is actually exposed as a FHIR instance, but it SHALL point to a business concept that would be expected to be exposed as a FHIR instance, and that instance would need to be of a FHIR resource type allowed by the reference.

                                                            ShorthomeCommunityId
                                                            Comments

                                                            When an identifier is provided in place of a reference, any system processing the reference will only be able to resolve the identifier to a reference if it understands the business context in which the identifier is used. Sometimes this is global (e.g. a national identifier) but often it is not. For this reason, none of the useful mechanisms described for working with references (e.g. chaining, includes) are possible, nor should servers be expected to be able resolve the reference. Servers may accept an identifier based reference untouched, resolve it, and/or reject it - see CapabilityStatement.rest.resource.referencePolicy.

                                                            When both an identifier and a literal reference are provided, the literal reference is preferred. Applications processing the resource are allowed - but not required - to check that the identifier matches the literal reference

                                                            Applications converting a logical reference to a literal reference may choose to leave the logical reference present, or remove it.

                                                            Reference is intended to point to a structure that can potentially be expressed as a FHIR resource, though there is no need for it to exist as an actual FHIR resource instance - except in as much as an application wishes to actual find the target of the reference. The content referred to be the identifier must meet the logical constraints implied by any limitations on what resource types are permitted for the reference. For example, it would not be legitimate to send the identifier for a drug prescription if the type were Reference(Observation|DiagnosticReport). One of the use-cases for Reference.identifier is the situation where no FHIR representation exists (where the type is Reference (Any).

                                                            NoteThis is a business identifier, not a resource identifier (see discussion)
                                                            Control1..1
                                                            TypeIdentifier
                                                            Is Modifierfalse
                                                            Must Supporttrue
                                                            Summarytrue
                                                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                            318. AuditEvent.agent:homeCommunityId.who.display
                                                            Definition

                                                            Plain text narrative that identifies the resource in addition to the resource reference.

                                                            ShortText alternative for the resource
                                                            Comments

                                                            This is generally not the same as the Resource.text of the referenced resource. The purpose is to identify what's being referenced, not to fully describe it.

                                                            Control0..1
                                                            Typestring
                                                            Is Modifierfalse
                                                            Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                            Summarytrue
                                                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                            320. AuditEvent.agent:homeCommunityId.altId
                                                            Definition

                                                            Alternative agent Identifier. For a human, this should be a user identifier text string from authentication system. This identifier would be one known to a common authentication system (e.g. single sign-on), if available.

                                                            ShortAlternative User identity
                                                            Control0..0
                                                            Typestring
                                                            Is Modifierfalse
                                                            Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                            Summaryfalse
                                                            Requirements

                                                            In some situations, a human user may authenticate with one identity but, to access a specific application system, may use a synonymous identify. For example, some "single sign on" implementations will do this. The alternative identifier would then be the original identify used for authentication, and the User ID is the one known to and used by the application.

                                                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                            322. AuditEvent.agent:homeCommunityId.name
                                                            Definition

                                                            Human-meaningful name for the agent.

                                                            ShortHuman friendly name for the agent
                                                            Control0..0
                                                            Typestring
                                                            Is Modifierfalse
                                                            Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                            Summaryfalse
                                                            Requirements

                                                            The User ID and Authorization User ID may be internal or otherwise obscure values. This field assists the auditor in identifying the actual user.

                                                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                            324. AuditEvent.agent:homeCommunityId.requestor
                                                            Definition

                                                            Indicator that the user is or is not the requestor, or initiator, for the event being audited.

                                                            ShortWhether user is initiator
                                                            Comments

                                                            There can only be one initiator. If the initiator is not clear, then do not choose any one agent as the initiator.

                                                            Control1..1
                                                            Typeboolean
                                                            Is Modifierfalse
                                                            Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                            Summarytrue
                                                            Requirements

                                                            This value is used to distinguish between requestor-users and recipient-users. For example, one person may initiate a report-output to be sent to another user.

                                                            Pattern Valuefalse
                                                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                            326. AuditEvent.agent:homeCommunityId.location
                                                            Definition

                                                            Where the event occurred.

                                                            ShortWhere
                                                            Control0..0
                                                            TypeReference(Location)
                                                            Is Modifierfalse
                                                            Summaryfalse
                                                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                            328. AuditEvent.agent:homeCommunityId.policy
                                                            Definition

                                                            The policy or plan that authorized the activity being recorded. Typically, a single activity may have multiple applicable policies, such as patient consent, guarantor funding, etc. The policy would also indicate the security token used.

                                                            ShortPolicy that authorized event
                                                            Comments

                                                            For example: Where an OAuth token authorizes, the unique identifier from the OAuth token is placed into the policy element Where a policy engine (e.g. XACML) holds policy logic, the unique policy identifier is placed into the policy element.

                                                            Control0..0
                                                            Typeuri
                                                            Is Modifierfalse
                                                            Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                            Summaryfalse
                                                            Requirements

                                                            This value is used retrospectively to determine the authorization policies.

                                                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                            330. AuditEvent.agent:homeCommunityId.media
                                                            Definition

                                                            Type of media involved. Used when the event is about exporting/importing onto media.

                                                            ShortType of media
                                                            Control0..0
                                                            BindingUnless not suitable, these codes SHALL be taken from MediaTypeCode
                                                            (extensible to http://hl7.org/fhir/ValueSet/dicm-405-mediatype)

                                                            Used when the event is about exporting/importing onto media.

                                                            TypeCoding
                                                            Is Modifierfalse
                                                            Summaryfalse
                                                            Requirements

                                                            Usually, this is used instead of specifying a network address. This field is not used for Media Id (i.e. the serial number of a CD).

                                                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                            332. AuditEvent.agent:homeCommunityId.network
                                                            Definition

                                                            Logical network location for application activity, if the activity has a network location.

                                                            ShortLogical network location for application activity
                                                            Control0..0
                                                            TypeBackboneElement
                                                            Is Modifierfalse
                                                            Summaryfalse
                                                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                            339. AuditEvent.agent:homeCommunityId.purposeOfUse
                                                            Definition

                                                            The reason (purpose of use), specific to this agent, that was used during the event being recorded.

                                                            ShortReason given for this user
                                                            Comments

                                                            Use AuditEvent.agent.purposeOfUse when you know that is specific to the agent, otherwise use AuditEvent.purposeOfEvent. For example, during a machine-to-machine transfer it might not be obvious to the audit system who caused the event, but it does know why.

                                                            Control0..0
                                                            BindingUnless not suitable, these codes SHALL be taken from PurposeOfUse
                                                            (extensible to http://terminology.hl7.org/ValueSet/v3-PurposeOfUse)

                                                            The reason the activity took place.

                                                            TypeCodeableConcept
                                                            Is Modifierfalse
                                                            Summaryfalse
                                                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                            341. AuditEvent.source
                                                            Definition

                                                            The system that is reporting the event.

                                                            ShortAudit Event Reporter
                                                            Comments

                                                            Since multi-tier, distributed, or composite applications make source identification ambiguous, this collection of fields may repeat for each application or process actively involved in the event. For example, multiple value-sets can identify participating web servers, application processes, and database server threads in an n-tier distributed application. Passive event participants (e.g. low-level network transports) need not be identified.

                                                            Control1..1
                                                            TypeBackboneElement
                                                            Is Modifierfalse
                                                            Summaryfalse
                                                            Requirements

                                                            The event is reported by one source.

                                                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                            343. AuditEvent.source.id
                                                            Definition

                                                            Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.

                                                            ShortUnique id for inter-element referencing
                                                            Control0..1
                                                            Typestring
                                                            Is Modifierfalse
                                                            XML FormatIn the XML format, this property is represented as an attribute.
                                                            Summaryfalse
                                                            345. AuditEvent.source.extension
                                                            Definition

                                                            May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.

                                                            ShortAdditional content defined by implementations
                                                            Comments

                                                            There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                                                            Control0..*
                                                            TypeExtension
                                                            Is Modifierfalse
                                                            Summaryfalse
                                                            Alternate Namesextensions, user content
                                                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                            ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                                            347. AuditEvent.source.modifierExtension
                                                            Definition

                                                            May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.

                                                            Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).

                                                            ShortExtensions that cannot be ignored even if unrecognized
                                                            Comments

                                                            There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                                                            Control0..*
                                                            TypeExtension
                                                            Is Modifiertrue because Modifier extensions are expected to modify the meaning or interpretation of the element that contains them
                                                            Summarytrue
                                                            Requirements

                                                            Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.

                                                            Alternate Namesextensions, user content, modifiers
                                                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                            ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                                            349. AuditEvent.source.site
                                                            Definition

                                                            Logical source location within the healthcare enterprise network. For example, a hospital or other provider location within a multi-entity provider group.

                                                            ShortLogical source location within the enterprise
                                                            Control0..1
                                                            Typestring
                                                            Is Modifierfalse
                                                            Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                            Summaryfalse
                                                            Requirements

                                                            This value differentiates among the sites in a multi-site enterprise health information system.

                                                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                            351. AuditEvent.source.observer
                                                            Definition

                                                            Identifier of the source where the event was detected.

                                                            ShortThe identity of source detecting the event
                                                            Control1..1
                                                            TypeReference(PractitionerRole, Practitioner, Organization, Device, Patient, RelatedPerson)
                                                            Is Modifierfalse
                                                            Summarytrue
                                                            Requirements

                                                            This field ties the event to a specific source system. It may be used to group events for analysis according to where the event was detected.

                                                            Alternate NamesSourceId
                                                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                            353. AuditEvent.source.type
                                                            Definition

                                                            Code specifying the type of source where event originated.

                                                            ShortThe type of source where event originated
                                                            Control0..*
                                                            BindingUnless not suitable, these codes SHALL be taken from AuditEventSourceType
                                                            (extensible to http://hl7.org/fhir/ValueSet/audit-source-type)

                                                            Code specifying the type of system that detected and recorded the event.

                                                            TypeCoding
                                                            Is Modifierfalse
                                                            Summaryfalse
                                                            Requirements

                                                            This field indicates which type of source is identified by the Audit Source ID. It is an optional value that may be used to group events for analysis according to the type of source where the event occurred.

                                                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                            355. AuditEvent.entity
                                                            Definition

                                                            Specific instances of data or objects that have been accessed.

                                                            ShortData or objects used
                                                            Comments

                                                            Required unless the values for event identification, agent identification, and audit source identification are sufficient to document the entire auditable event. Because events may have more than one entity, this group can be a repeating set of values.

                                                            Control0..*
                                                            TypeBackboneElement
                                                            Is Modifierfalse
                                                            Summaryfalse
                                                            Requirements

                                                            The event may have other entities involved.

                                                            Alternate NamesParticipantObject
                                                            Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                            sev-1: Either a name or a query (NOT both) (name.empty() or query.empty())
                                                            SlicingThis element introduces a set of slices on AuditEvent.entity. The slices areUnordered and Open, and can be differentiated using the following discriminators:
                                                            • pattern @ type
                                                            • 357. AuditEvent.entity.id
                                                              Definition

                                                              Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.

                                                              ShortUnique id for inter-element referencing
                                                              Control0..1
                                                              Typestring
                                                              Is Modifierfalse
                                                              XML FormatIn the XML format, this property is represented as an attribute.
                                                              Summaryfalse
                                                              359. AuditEvent.entity.extension
                                                              Definition

                                                              May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.

                                                              ShortAdditional content defined by implementations
                                                              Comments

                                                              There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                                                              Control0..*
                                                              TypeExtension
                                                              Is Modifierfalse
                                                              Summaryfalse
                                                              Alternate Namesextensions, user content
                                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                              ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                                              361. AuditEvent.entity.modifierExtension
                                                              Definition

                                                              May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.

                                                              Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).

                                                              ShortExtensions that cannot be ignored even if unrecognized
                                                              Comments

                                                              There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                                                              Control0..*
                                                              TypeExtension
                                                              Is Modifiertrue because Modifier extensions are expected to modify the meaning or interpretation of the element that contains them
                                                              Summarytrue
                                                              Requirements

                                                              Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.

                                                              Alternate Namesextensions, user content, modifiers
                                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                              ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                                              363. AuditEvent.entity.what
                                                              Definition

                                                              Identifies a specific instance of the entity. The reference should be version specific.

                                                              ShortSpecific instance of resource
                                                              Control0..1
                                                              TypeReference(Resource)
                                                              Is Modifierfalse
                                                              Summarytrue
                                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                              365. AuditEvent.entity.type
                                                              Definition

                                                              The type of the object that was involved in this audit event.

                                                              ShortType of entity involved
                                                              Comments

                                                              This value is distinct from the user's role or any user relationship to the entity.

                                                              Control0..1
                                                              BindingUnless not suitable, these codes SHALL be taken from AuditEventEntityType
                                                              (extensible to http://hl7.org/fhir/ValueSet/audit-entity-type)

                                                              Code for the entity type involved in the audit event.

                                                              TypeCoding
                                                              Is Modifierfalse
                                                              Summaryfalse
                                                              Requirements

                                                              To describe the object being acted upon. In addition to queries on the subject of the action in an auditable event, it is also important to be able to query on the object type for the action.

                                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                              367. AuditEvent.entity.role
                                                              Definition

                                                              Code representing the role the entity played in the event being audited.

                                                              ShortWhat role the entity played
                                                              Control0..1
                                                              BindingUnless not suitable, these codes SHALL be taken from AuditEventEntityRole
                                                              (extensible to http://hl7.org/fhir/ValueSet/object-role)

                                                              Code representing the role the entity played in the audit event.

                                                              TypeCoding
                                                              Is Modifierfalse
                                                              Summaryfalse
                                                              Requirements

                                                              For some detailed audit analysis it may be necessary to indicate a more granular type of entity, based on the application role it serves.

                                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                              369. AuditEvent.entity.lifecycle
                                                              Definition

                                                              Identifier for the data life-cycle stage for the entity.

                                                              ShortLife-cycle stage for the entity
                                                              Comments

                                                              This can be used to provide an audit trail for data, over time, as it passes through the system.

                                                              Control0..1
                                                              BindingUnless not suitable, these codes SHALL be taken from ObjectLifecycleEvents
                                                              (extensible to http://hl7.org/fhir/ValueSet/object-lifecycle-events)

                                                              Identifier for the data life-cycle stage for the entity.

                                                              TypeCoding
                                                              Is Modifierfalse
                                                              Summaryfalse
                                                              Requirements

                                                              Institutional policies for privacy and security may optionally fall under different accountability rules based on data life cycle. This provides a differentiating value for those cases.

                                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                              371. AuditEvent.entity.securityLabel
                                                              Definition

                                                              Security labels for the identified entity.

                                                              ShortSecurity labels on the entity
                                                              Comments

                                                              Copied from entity meta security tags.

                                                              Control0..*
                                                              BindingUnless not suitable, these codes SHALL be taken from All Security Labels
                                                              (extensible to http://hl7.org/fhir/ValueSet/security-labels)

                                                              Security Labels from the Healthcare Privacy and Security Classification System.

                                                              TypeCoding
                                                              Is Modifierfalse
                                                              Summaryfalse
                                                              Requirements

                                                              This field identifies the security labels for a specific instance of an object, such as a patient, to detect/track privacy and security issues.

                                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                              373. AuditEvent.entity.name
                                                              Definition

                                                              A name of the entity in the audit event.

                                                              ShortDescriptor for entity
                                                              Comments

                                                              This field may be used in a query/report to identify audit events for a specific person. For example, where multiple synonymous entity identifiers (patient number, medical record number, encounter number, etc.) have been used.

                                                              Control0..1
                                                              This element is affected by the following invariants: sev-1
                                                              Typestring
                                                              Is Modifierfalse
                                                              Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                              Summarytrue
                                                              Requirements

                                                              Use only where entity can't be identified with an identifier.

                                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                              375. AuditEvent.entity.description
                                                              Definition

                                                              Text that describes the entity in more detail.

                                                              ShortDescriptive text
                                                              Control0..1
                                                              Typestring
                                                              Is Modifierfalse
                                                              Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                              Summaryfalse
                                                              Requirements

                                                              Use only where entity can't be identified with an identifier.

                                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                              377. AuditEvent.entity.query
                                                              Definition

                                                              The query parameters for a query-type entities.

                                                              ShortQuery parameters
                                                              Comments

                                                              The meaning and secondary-encoding of the content of base64 encoded blob is specific to the AuditEvent.type, AuditEvent.subtype, AuditEvent.entity.type, and AuditEvent.entity.role. The base64 is a general-use and safe container for event specific data blobs regardless of the encoding used by the transaction being recorded. An AuditEvent consuming application must understand the event it is consuming and the formats used by the event. For example, if auditing an Oracle network database access, the Oracle formats must be understood as they will be simply encoded in the base64binary blob.

                                                              Control0..1
                                                              This element is affected by the following invariants: sev-1
                                                              Typebase64Binary
                                                              Is Modifierfalse
                                                              Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                              Summarytrue
                                                              Requirements

                                                              For query events, it may be necessary to capture the actual query input to the query process in order to identify the specific event. Because of differences among query implementations and data encoding for them, this is a base 64 encoded data blob. It may be subsequently decoded or interpreted by downstream audit analysis processing.

                                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                              379. AuditEvent.entity.detail
                                                              Definition

                                                              Tagged value pairs for conveying additional information about the entity.

                                                              ShortAdditional Information about the entity
                                                              Control0..*
                                                              TypeBackboneElement
                                                              Is Modifierfalse
                                                              Summaryfalse
                                                              Requirements

                                                              Implementation-defined data about specific details of the object accessed or used.

                                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                              381. AuditEvent.entity.detail.id
                                                              Definition

                                                              Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.

                                                              ShortUnique id for inter-element referencing
                                                              Control0..1
                                                              Typestring
                                                              Is Modifierfalse
                                                              XML FormatIn the XML format, this property is represented as an attribute.
                                                              Summaryfalse
                                                              383. AuditEvent.entity.detail.extension
                                                              Definition

                                                              May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.

                                                              ShortAdditional content defined by implementations
                                                              Comments

                                                              There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                                                              Control0..*
                                                              TypeExtension
                                                              Is Modifierfalse
                                                              Summaryfalse
                                                              Alternate Namesextensions, user content
                                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                              ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                                              385. AuditEvent.entity.detail.modifierExtension
                                                              Definition

                                                              May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.

                                                              Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).

                                                              ShortExtensions that cannot be ignored even if unrecognized
                                                              Comments

                                                              There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                                                              Control0..*
                                                              TypeExtension
                                                              Is Modifiertrue because Modifier extensions are expected to modify the meaning or interpretation of the element that contains them
                                                              Summarytrue
                                                              Requirements

                                                              Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.

                                                              Alternate Namesextensions, user content, modifiers
                                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                              ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                                              387. AuditEvent.entity.detail.type
                                                              Definition

                                                              The type of extra detail provided in the value.

                                                              ShortName of the property
                                                              Control1..1
                                                              Typestring
                                                              Is Modifierfalse
                                                              Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                              Summaryfalse
                                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                              389. AuditEvent.entity.detail.value[x]
                                                              Definition

                                                              The value of the extra detail.

                                                              ShortProperty value
                                                              Comments

                                                              The value can be string when known to be a string, else base64 encoding should be used to protect binary or undefined content. The meaning and secondary-encoding of the content of base64 encoded blob is specific to the AuditEvent.type, AuditEvent.subtype, AuditEvent.entity.type, and AuditEvent.entity.role. The base64 is a general-use and safe container for event specific data blobs regardless of the encoding used by the transaction being recorded. An AuditEvent consuming application must understand the event it is consuming and the formats used by the event. For example if auditing an Oracle network database access, the Oracle formats must be understood as they will be simply encoded in the base64binary blob.

                                                              Control1..1
                                                              TypeChoice of: string, base64Binary
                                                              [x] NoteSeeChoice of Data Typesfor further information about how to use [x]
                                                              Is Modifierfalse
                                                              Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                              Summaryfalse
                                                              Requirements

                                                              Should not duplicate the entity value unless absolutely necessary.

                                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                              391. AuditEvent.entity:consent
                                                              Slice Nameconsent
                                                              Definition

                                                              Specific instances of data or objects that have been accessed.

                                                              ShortData or objects used
                                                              Comments

                                                              Required unless the values for event identification, agent identification, and audit source identification are sufficient to document the entire auditable event. Because events may have more than one entity, this group can be a repeating set of values.

                                                              Control0..*
                                                              TypeBackboneElement
                                                              Is Modifierfalse
                                                              Summaryfalse
                                                              Requirements

                                                              The event may have other entities involved.

                                                              Alternate NamesParticipantObject
                                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                              sev-1: Either a name or a query (NOT both) (name.empty() or query.empty())
                                                              393. AuditEvent.entity:consent.id
                                                              Definition

                                                              Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.

                                                              ShortUnique id for inter-element referencing
                                                              Control0..1
                                                              Typestring
                                                              Is Modifierfalse
                                                              XML FormatIn the XML format, this property is represented as an attribute.
                                                              Summaryfalse
                                                              395. AuditEvent.entity:consent.extension
                                                              Definition

                                                              May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.

                                                              ShortAdditional content defined by implementations
                                                              Comments

                                                              There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                                                              Control0..*
                                                              TypeExtension
                                                              Is Modifierfalse
                                                              Summaryfalse
                                                              Alternate Namesextensions, user content
                                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                              ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                                              397. AuditEvent.entity:consent.modifierExtension
                                                              Definition

                                                              May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.

                                                              Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).

                                                              ShortExtensions that cannot be ignored even if unrecognized
                                                              Comments

                                                              There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                                                              Control0..*
                                                              TypeExtension
                                                              Is Modifiertrue because Modifier extensions are expected to modify the meaning or interpretation of the element that contains them
                                                              Summarytrue
                                                              Requirements

                                                              Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.

                                                              Alternate Namesextensions, user content, modifiers
                                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                              ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                                              399. AuditEvent.entity:consent.what
                                                              Definition

                                                              Identifies a specific instance of the entity. The reference should be version specific.

                                                              ShortSpecific instance of resource
                                                              Control0..1
                                                              TypeReference(Resource)
                                                              Is Modifierfalse
                                                              Summarytrue
                                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                              401. AuditEvent.entity:consent.what.id
                                                              Definition

                                                              Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.

                                                              ShortUnique id for inter-element referencing
                                                              Control0..1
                                                              Typestring
                                                              Is Modifierfalse
                                                              XML FormatIn the XML format, this property is represented as an attribute.
                                                              Summaryfalse
                                                              403. AuditEvent.entity:consent.what.extension
                                                              Definition

                                                              May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.

                                                              ShortAdditional content defined by implementations
                                                              Comments

                                                              There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                                                              Control0..*
                                                              TypeExtension
                                                              Is Modifierfalse
                                                              Summaryfalse
                                                              Alternate Namesextensions, user content
                                                              Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                              ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                                              SlicingThis element introduces a set of slices on AuditEvent.entity.what.extension. The slices areUnordered and Open, and can be differentiated using the following discriminators:
                                                              • value @ url
                                                              • 405. AuditEvent.entity:consent.what.reference
                                                                Definition

                                                                A reference to a location at which the other resource is found. The reference may be a relative reference, in which case it is relative to the service base URL, or an absolute URL that resolves to the location where the resource is found. The reference may be version specific or not. If the reference is not to a FHIR RESTful server, then it should be assumed to be version specific. Internal fragment references (start with '#') refer to contained resources.

                                                                ShortLiteral reference, Relative, internal or absolute URL
                                                                Comments

                                                                Using absolute URLs provides a stable scalable approach suitable for a cloud/web context, while using relative/logical references provides a flexible approach suitable for use when trading across closed eco-system boundaries. Absolute URLs do not need to point to a FHIR RESTful server, though this is the preferred approach. If the URL conforms to the structure "/[type]/[id]" then it should be assumed that the reference is to a FHIR RESTful server.

                                                                Control0..1
                                                                This element is affected by the following invariants: ref-1
                                                                Typestring
                                                                Is Modifierfalse
                                                                Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                                Summarytrue
                                                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                                407. AuditEvent.entity:consent.what.type
                                                                Definition

                                                                The expected type of the target of the reference. If both Reference.type and Reference.reference are populated and Reference.reference is a FHIR URL, both SHALL be consistent.

                                                                The type is the Canonical URL of Resource Definition that is the type this reference refers to. References are URLs that are relative to http://hl7.org/fhir/StructureDefinition/ e.g. "Patient" is a reference to http://hl7.org/fhir/StructureDefinition/Patient. Absolute URLs are only allowed for logical models (and can only be used in references in logical models, not resources).

                                                                ShortType the reference refers to (e.g. "Patient")
                                                                Comments

                                                                This element is used to indicate the type of the target of the reference. This may be used which ever of the other elements are populated (or not). In some cases, the type of the target may be determined by inspection of the reference (e.g. a RESTful URL) or by resolving the target of the reference; if both the type and a reference is provided, the reference SHALL resolve to a resource of the same type as that specified.

                                                                Control0..1
                                                                BindingUnless not suitable, these codes SHALL be taken from ResourceType
                                                                (extensible to http://hl7.org/fhir/ValueSet/resource-types)

                                                                Aa resource (or, for logical models, the URI of the logical model).

                                                                Typeuri
                                                                Is Modifierfalse
                                                                Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                                Summarytrue
                                                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                                409. AuditEvent.entity:consent.what.identifier
                                                                Definition

                                                                An identifier for the target resource. This is used when there is no way to reference the other resource directly, either because the entity it represents is not available through a FHIR server, or because there is no way for the author of the resource to convert a known identifier to an actual location. There is no requirement that a Reference.identifier point to something that is actually exposed as a FHIR instance, but it SHALL point to a business concept that would be expected to be exposed as a FHIR instance, and that instance would need to be of a FHIR resource type allowed by the reference.

                                                                ShortBPPC Patient Privacy Policy Acknowledgement Document unique id
                                                                Comments

                                                                When an identifier is provided in place of a reference, any system processing the reference will only be able to resolve the identifier to a reference if it understands the business context in which the identifier is used. Sometimes this is global (e.g. a national identifier) but often it is not. For this reason, none of the useful mechanisms described for working with references (e.g. chaining, includes) are possible, nor should servers be expected to be able resolve the reference. Servers may accept an identifier based reference untouched, resolve it, and/or reject it - see CapabilityStatement.rest.resource.referencePolicy.

                                                                When both an identifier and a literal reference are provided, the literal reference is preferred. Applications processing the resource are allowed - but not required - to check that the identifier matches the literal reference

                                                                Applications converting a logical reference to a literal reference may choose to leave the logical reference present, or remove it.

                                                                Reference is intended to point to a structure that can potentially be expressed as a FHIR resource, though there is no need for it to exist as an actual FHIR resource instance - except in as much as an application wishes to actual find the target of the reference. The content referred to be the identifier must meet the logical constraints implied by any limitations on what resource types are permitted for the reference. For example, it would not be legitimate to send the identifier for a drug prescription if the type were Reference(Observation|DiagnosticReport). One of the use-cases for Reference.identifier is the situation where no FHIR representation exists (where the type is Reference (Any).

                                                                NoteThis is a business identifier, not a resource identifier (see discussion)
                                                                Control0..1
                                                                TypeIdentifier
                                                                Is Modifierfalse
                                                                Must Supporttrue
                                                                Summarytrue
                                                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                                411. AuditEvent.entity:consent.what.display
                                                                Definition

                                                                Plain text narrative that identifies the resource in addition to the resource reference.

                                                                ShortText alternative for the resource
                                                                Comments

                                                                This is generally not the same as the Resource.text of the referenced resource. The purpose is to identify what's being referenced, not to fully describe it.

                                                                Control0..1
                                                                Typestring
                                                                Is Modifierfalse
                                                                Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                                Summarytrue
                                                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                                413. AuditEvent.entity:consent.type
                                                                Definition

                                                                The type of the object that was involved in this audit event.

                                                                ShortType of entity involved
                                                                Comments

                                                                This value is distinct from the user's role or any user relationship to the entity.

                                                                Control1..1
                                                                BindingUnless not suitable, these codes SHALL be taken from AuditEventEntityType
                                                                (extensible to http://hl7.org/fhir/ValueSet/audit-entity-type)

                                                                Code for the entity type involved in the audit event.

                                                                TypeCoding
                                                                Is Modifierfalse
                                                                Summaryfalse
                                                                Requirements

                                                                To describe the object being acted upon. In addition to queries on the subject of the action in an auditable event, it is also important to be able to query on the object type for the action.

                                                                Pattern Value{
                                                                  "system" : "http://hl7.org/fhir/resource-types",
                                                                  "code" : "Consent"
                                                                }
                                                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                                415. AuditEvent.entity:consent.role
                                                                Definition

                                                                Code representing the role the entity played in the event being audited.

                                                                ShortWhat role the entity played
                                                                Control0..1
                                                                BindingUnless not suitable, these codes SHALL be taken from AuditEventEntityRole
                                                                (extensible to http://hl7.org/fhir/ValueSet/object-role)

                                                                Code representing the role the entity played in the audit event.

                                                                TypeCoding
                                                                Is Modifierfalse
                                                                Summaryfalse
                                                                Requirements

                                                                For some detailed audit analysis it may be necessary to indicate a more granular type of entity, based on the application role it serves.

                                                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                                417. AuditEvent.entity:consent.lifecycle
                                                                Definition

                                                                Identifier for the data life-cycle stage for the entity.

                                                                ShortLife-cycle stage for the entity
                                                                Comments

                                                                This can be used to provide an audit trail for data, over time, as it passes through the system.

                                                                Control0..1
                                                                BindingUnless not suitable, these codes SHALL be taken from ObjectLifecycleEvents
                                                                (extensible to http://hl7.org/fhir/ValueSet/object-lifecycle-events)

                                                                Identifier for the data life-cycle stage for the entity.

                                                                TypeCoding
                                                                Is Modifierfalse
                                                                Summaryfalse
                                                                Requirements

                                                                Institutional policies for privacy and security may optionally fall under different accountability rules based on data life cycle. This provides a differentiating value for those cases.

                                                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                                419. AuditEvent.entity:consent.securityLabel
                                                                Definition

                                                                Security labels for the identified entity.

                                                                ShortSecurity labels on the entity
                                                                Comments

                                                                Copied from entity meta security tags.

                                                                Control0..*
                                                                BindingUnless not suitable, these codes SHALL be taken from All Security Labels
                                                                (extensible to http://hl7.org/fhir/ValueSet/security-labels)

                                                                Security Labels from the Healthcare Privacy and Security Classification System.

                                                                TypeCoding
                                                                Is Modifierfalse
                                                                Summaryfalse
                                                                Requirements

                                                                This field identifies the security labels for a specific instance of an object, such as a patient, to detect/track privacy and security issues.

                                                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                                421. AuditEvent.entity:consent.name
                                                                Definition

                                                                A name of the entity in the audit event.

                                                                ShortDescriptor for entity
                                                                Comments

                                                                This field may be used in a query/report to identify audit events for a specific person. For example, where multiple synonymous entity identifiers (patient number, medical record number, encounter number, etc.) have been used.

                                                                Control0..1
                                                                This element is affected by the following invariants: sev-1
                                                                Typestring
                                                                Is Modifierfalse
                                                                Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                                Summarytrue
                                                                Requirements

                                                                Use only where entity can't be identified with an identifier.

                                                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                                423. AuditEvent.entity:consent.description
                                                                Definition

                                                                Text that describes the entity in more detail.

                                                                ShortDescriptive text
                                                                Control0..1
                                                                Typestring
                                                                Is Modifierfalse
                                                                Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                                Summaryfalse
                                                                Requirements

                                                                Use only where entity can't be identified with an identifier.

                                                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                                425. AuditEvent.entity:consent.query
                                                                Definition

                                                                The query parameters for a query-type entities.

                                                                ShortQuery parameters
                                                                Comments

                                                                The meaning and secondary-encoding of the content of base64 encoded blob is specific to the AuditEvent.type, AuditEvent.subtype, AuditEvent.entity.type, and AuditEvent.entity.role. The base64 is a general-use and safe container for event specific data blobs regardless of the encoding used by the transaction being recorded. An AuditEvent consuming application must understand the event it is consuming and the formats used by the event. For example, if auditing an Oracle network database access, the Oracle formats must be understood as they will be simply encoded in the base64binary blob.

                                                                Control0..1
                                                                This element is affected by the following invariants: sev-1
                                                                Typebase64Binary
                                                                Is Modifierfalse
                                                                Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                                Summarytrue
                                                                Requirements

                                                                For query events, it may be necessary to capture the actual query input to the query process in order to identify the specific event. Because of differences among query implementations and data encoding for them, this is a base 64 encoded data blob. It may be subsequently decoded or interpreted by downstream audit analysis processing.

                                                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                                427. AuditEvent.entity:consent.detail
                                                                Definition

                                                                Tagged value pairs for conveying additional information about the entity.

                                                                ShortAdditional Information about the entity
                                                                Control0..*
                                                                TypeBackboneElement
                                                                Is Modifierfalse
                                                                Summaryfalse
                                                                Requirements

                                                                Implementation-defined data about specific details of the object accessed or used.

                                                                Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                                SlicingThis element introduces a set of slices on AuditEvent.entity.detail. The slices areUnordered and Open, and can be differentiated using the following discriminators:
                                                                • pattern @ type
                                                                • 429. AuditEvent.entity:consent.detail.id
                                                                  Definition

                                                                  Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.

                                                                  ShortUnique id for inter-element referencing
                                                                  Control0..1
                                                                  Typestring
                                                                  Is Modifierfalse
                                                                  XML FormatIn the XML format, this property is represented as an attribute.
                                                                  Summaryfalse
                                                                  431. AuditEvent.entity:consent.detail.extension
                                                                  Definition

                                                                  May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.

                                                                  ShortAdditional content defined by implementations
                                                                  Comments

                                                                  There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                                                                  Control0..*
                                                                  TypeExtension
                                                                  Is Modifierfalse
                                                                  Summaryfalse
                                                                  Alternate Namesextensions, user content
                                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                                  ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                                                  433. AuditEvent.entity:consent.detail.modifierExtension
                                                                  Definition

                                                                  May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.

                                                                  Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).

                                                                  ShortExtensions that cannot be ignored even if unrecognized
                                                                  Comments

                                                                  There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                                                                  Control0..*
                                                                  TypeExtension
                                                                  Is Modifiertrue because Modifier extensions are expected to modify the meaning or interpretation of the element that contains them
                                                                  Summarytrue
                                                                  Requirements

                                                                  Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.

                                                                  Alternate Namesextensions, user content, modifiers
                                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                                  ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                                                  435. AuditEvent.entity:consent.detail.type
                                                                  Definition

                                                                  The type of extra detail provided in the value.

                                                                  ShortName of the property
                                                                  Control1..1
                                                                  Typestring
                                                                  Is Modifierfalse
                                                                  Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                                  Summaryfalse
                                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                                  437. AuditEvent.entity:consent.detail.value[x]
                                                                  Definition

                                                                  The value of the extra detail.

                                                                  ShortProperty value
                                                                  Comments

                                                                  The value can be string when known to be a string, else base64 encoding should be used to protect binary or undefined content. The meaning and secondary-encoding of the content of base64 encoded blob is specific to the AuditEvent.type, AuditEvent.subtype, AuditEvent.entity.type, and AuditEvent.entity.role. The base64 is a general-use and safe container for event specific data blobs regardless of the encoding used by the transaction being recorded. An AuditEvent consuming application must understand the event it is consuming and the formats used by the event. For example if auditing an Oracle network database access, the Oracle formats must be understood as they will be simply encoded in the base64binary blob.

                                                                  Control1..1
                                                                  TypeChoice of: string, base64Binary
                                                                  [x] NoteSeeChoice of Data Typesfor further information about how to use [x]
                                                                  Is Modifierfalse
                                                                  Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                                  Summaryfalse
                                                                  Requirements

                                                                  Should not duplicate the entity value unless absolutely necessary.

                                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                                  439. AuditEvent.entity:consent.detail:acp
                                                                  Slice Nameacp
                                                                  Definition

                                                                  Tagged value pairs for conveying additional information about the entity.

                                                                  ShortHome Community ID where the Consent is.
                                                                  Control0..1
                                                                  TypeBackboneElement
                                                                  Is Modifierfalse
                                                                  Summaryfalse
                                                                  Requirements

                                                                  Implementation-defined data about specific details of the object accessed or used.

                                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                                  441. AuditEvent.entity:consent.detail:acp.id
                                                                  Definition

                                                                  Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.

                                                                  ShortUnique id for inter-element referencing
                                                                  Control0..1
                                                                  Typestring
                                                                  Is Modifierfalse
                                                                  XML FormatIn the XML format, this property is represented as an attribute.
                                                                  Summaryfalse
                                                                  443. AuditEvent.entity:consent.detail:acp.extension
                                                                  Definition

                                                                  May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.

                                                                  ShortAdditional content defined by implementations
                                                                  Comments

                                                                  There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                                                                  Control0..*
                                                                  TypeExtension
                                                                  Is Modifierfalse
                                                                  Summaryfalse
                                                                  Alternate Namesextensions, user content
                                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                                  ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                                                  445. AuditEvent.entity:consent.detail:acp.modifierExtension
                                                                  Definition

                                                                  May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.

                                                                  Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).

                                                                  ShortExtensions that cannot be ignored even if unrecognized
                                                                  Comments

                                                                  There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                                                                  Control0..*
                                                                  TypeExtension
                                                                  Is Modifiertrue because Modifier extensions are expected to modify the meaning or interpretation of the element that contains them
                                                                  Summarytrue
                                                                  Requirements

                                                                  Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.

                                                                  Alternate Namesextensions, user content, modifiers
                                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                                  ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                                                  447. AuditEvent.entity:consent.detail:acp.type
                                                                  Definition

                                                                  The type of extra detail provided in the value.

                                                                  ShortName of the property
                                                                  Control1..1
                                                                  Typestring
                                                                  Is Modifierfalse
                                                                  Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                                  Summaryfalse
                                                                  Pattern Valueurn:ihe:iti:xua:2012:acp
                                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                                  449. AuditEvent.entity:consent.detail:acp.value[x]
                                                                  Definition

                                                                  The value of the extra detail.

                                                                  ShortProperty value
                                                                  Comments

                                                                  The value can be string when known to be a string, else base64 encoding should be used to protect binary or undefined content. The meaning and secondary-encoding of the content of base64 encoded blob is specific to the AuditEvent.type, AuditEvent.subtype, AuditEvent.entity.type, and AuditEvent.entity.role. The base64 is a general-use and safe container for event specific data blobs regardless of the encoding used by the transaction being recorded. An AuditEvent consuming application must understand the event it is consuming and the formats used by the event. For example if auditing an Oracle network database access, the Oracle formats must be understood as they will be simply encoded in the base64binary blob.

                                                                  Control1..1
                                                                  Typestring
                                                                  [x] NoteSeeChoice of Data Typesfor further information about how to use [x]
                                                                  Is Modifierfalse
                                                                  Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                                  Summaryfalse
                                                                  Requirements

                                                                  Should not duplicate the entity value unless absolutely necessary.

                                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                                  451. AuditEvent.entity:consent.detail:patient-id
                                                                  Slice Namepatient-id
                                                                  Definition

                                                                  Tagged value pairs for conveying additional information about the entity.

                                                                  ShortThe Patient Identity where the Consent is.
                                                                  Control0..1
                                                                  TypeBackboneElement
                                                                  Is Modifierfalse
                                                                  Summaryfalse
                                                                  Requirements

                                                                  Implementation-defined data about specific details of the object accessed or used.

                                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                                  453. AuditEvent.entity:consent.detail:patient-id.id
                                                                  Definition

                                                                  Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.

                                                                  ShortUnique id for inter-element referencing
                                                                  Control0..1
                                                                  Typestring
                                                                  Is Modifierfalse
                                                                  XML FormatIn the XML format, this property is represented as an attribute.
                                                                  Summaryfalse
                                                                  455. AuditEvent.entity:consent.detail:patient-id.extension
                                                                  Definition

                                                                  May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.

                                                                  ShortAdditional content defined by implementations
                                                                  Comments

                                                                  There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                                                                  Control0..*
                                                                  TypeExtension
                                                                  Is Modifierfalse
                                                                  Summaryfalse
                                                                  Alternate Namesextensions, user content
                                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                                  ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                                                  457. AuditEvent.entity:consent.detail:patient-id.modifierExtension
                                                                  Definition

                                                                  May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.

                                                                  Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).

                                                                  ShortExtensions that cannot be ignored even if unrecognized
                                                                  Comments

                                                                  There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

                                                                  Control0..*
                                                                  TypeExtension
                                                                  Is Modifiertrue because Modifier extensions are expected to modify the meaning or interpretation of the element that contains them
                                                                  Summarytrue
                                                                  Requirements

                                                                  Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.

                                                                  Alternate Namesextensions, user content, modifiers
                                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                                  ext-1: Must have either extensions or value[x], not both (extension.exists() != value.exists())
                                                                  459. AuditEvent.entity:consent.detail:patient-id.type
                                                                  Definition

                                                                  The type of extra detail provided in the value.

                                                                  ShortName of the property
                                                                  Control1..1
                                                                  Typestring
                                                                  Is Modifierfalse
                                                                  Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                                  Summaryfalse
                                                                  Pattern Valueurn:oasis:names:tc:xacml:2.0:resource:resource-id
                                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))
                                                                  461. AuditEvent.entity:consent.detail:patient-id.value[x]
                                                                  Definition

                                                                  The value of the extra detail.

                                                                  ShortProperty value
                                                                  Comments

                                                                  The value can be string when known to be a string, else base64 encoding should be used to protect binary or undefined content. The meaning and secondary-encoding of the content of base64 encoded blob is specific to the AuditEvent.type, AuditEvent.subtype, AuditEvent.entity.type, and AuditEvent.entity.role. The base64 is a general-use and safe container for event specific data blobs regardless of the encoding used by the transaction being recorded. An AuditEvent consuming application must understand the event it is consuming and the formats used by the event. For example if auditing an Oracle network database access, the Oracle formats must be understood as they will be simply encoded in the base64binary blob.

                                                                  Control1..1
                                                                  Typestring
                                                                  [x] NoteSeeChoice of Data Typesfor further information about how to use [x]
                                                                  Is Modifierfalse
                                                                  Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
                                                                  Summaryfalse
                                                                  Requirements

                                                                  Should not duplicate the entity value unless absolutely necessary.

                                                                  Invariantsele-1: All FHIR elements must have a @value or children (hasValue() or (children().count() > id.count()))