UZ Core AuditEvent - Uzbekistan Digital Health Platform v0.5.0

Uzbekistan Digital Health Platform
0.5.0 - ci-build Uzbekistan flag

Uzbekistan Digital Health Platform, published by Ministry of Health of the Republic of Uzbekistan. This guide is not an authorized publication; it is the continuous build for version 0.5.0 built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/uzinfocom-org/digital-health-ig/ and changes regularly. See the Directory of published versions

Resource Profile: UZ Core AuditEvent ( Experimental )

Official URL: https://dhp.uz/fhir/core/StructureDefinition/uz-core-auditevent				Version: 0.5.0	Highlight text changes?
Active as of 2025-03-29					Computable Name: UZCoreAuditEvent

Uzbekistan Core AuditEvent profile, used to track user and application activity

UZ Core AuditEvent is the immutable audit log of who accessed or changed what on the Digital Health Platform. It follows the IHE ATNA / DICOM audit model: the platform logs reads, creates, updates, deletes, searches, logins and break-glass events, recording the query behind a search and flagging failed or denied access (HTTP 401 / 403). AuditEvents are written by the platform and are read-only to clients; they link to the Patient whose data was involved.

Mandatory and Must Support data elements

The elements below must always be present (mandatory) or must be supported when the data is available (Must Support) - not all are required, but your system must populate each Must Support element when it has the data and process it on receipt. This is the human-readable summary; the formal views below give the exact cardinalities, types, and terminology bindings.

Each UZ Core AuditEvent Must Have

This profile adds no top-level mandatory cardinality of its own. The required elements are the ones inherited from the base resource: a code (what happened), a recorded timestamp, at least one agent with a who, and a source with an observer. Within the dhpCategory category slice, when present, the system (DICOM dcm) and code are each 1..1.

Each UZ Core AuditEvent Must Support

a category - the event grouping, with a sliced dhpCategory coding from DICOM (required binding on its code);
a code - the specific event sub-type (required binding);
an action - create, read, update, delete or execute (required binding);
an occurredDateTime and the recorded timestamp;
an outcome, whose code uses the required outcome binding (success, or a failure for denied 401 / 403 access);
the patient whose data was involved;
an agent with its type, role, who and authorization (the purpose-of-use, required binding) - who may be a PractitionerRole, Practitioner, Patient or RelatedPerson;
an entity with its role, what, securityLabel and query (the base64-encoded search, where applicable).

Break-glass access is recorded here as an AuditEvent whose agent.authorization carries an emergency purpose-of-use.

Building the JSON, step by step

AuditEvents are written by the platform, not by clients, so you mostly read them - but it helps to know their shape. The examples below show a self-contained event and then an event that touches a patient's data. Every value shown validates against this profile. The full reference instances are linked at the bottom of the page (login, condition lookup).

A self-contained event names what happened (code), its grouping (category), the action (E = execute), when it occurredDateTime and was recorded, the outcome.code, the agent who did it, and the source that logged it. The agent.who is a plain Reference and may point at a PractitionerRole, Practitioner, Patient or RelatedPerson:

{
  "resourceType": "AuditEvent",
  "meta": { "profile": [ "https://dhp.uz/fhir/core/StructureDefinition/uz-core-auditevent" ] },
  "category": [
    {
      "coding": [
        {
          "system": "http://dicom.nema.org/resources/ontology/DCM",
          "code": "110114",
          "display": "User Authentication"
        }
      ]
    }
  ],
  "code": {
    "coding": [
      {
        "system": "http://dicom.nema.org/resources/ontology/DCM",
        "code": "110122",
        "display": "Login"
      }
    ]
  },
  "action": "E",
  "occurredDateTime": "2023-11-09T15:23:47.123Z",
  "recorded": "2023-11-09T15:23:47.123Z",
  "outcome": { "code": { "system": "http://hl7.org/fhir/issue-severity", "code": "success" } },
  "agent": [
    {
      "type": {
        "coding": [
          {
            "system": "http://terminology.hl7.org/CodeSystem/extra-security-role-type",
            "code": "humanuser"
          }
        ]
      },
      "role": [
        {
          "coding": [
            {
              "system": "http://hl7.org/fhir/sample-security-structural-roles",
              "code": "regulated-health-professionals"
            }
          ]
        }
      ],
      "authorization": [
        {
          "coding": [
            { "system": "http://terminology.hl7.org/CodeSystem/v3-ActReason", "code": "TREAT" }
          ]
        }
      ],
      "who": { "reference": "PractitionerRole/example-practitionerrole" }
    }
  ],
  "source": {
    "observer": { "display": "Uzbekistan Digital Health Platform" },
    "type": [
      {
        "coding": [
          {
            "system": "http://terminology.hl7.org/CodeSystem/security-source-type",
            "code": "4",
            "display": "Application Server"
          }
        ]
      }
    ]
  }
}

category, code, action, outcome.code, and the agent codings (type, role, authorization) each use a required binding - the value must come from the bound value set (the Snapshot view below lists each one). agent.authorization is the purpose-of-use (TREAT here); a break-glass access carries an emergency purpose-of-use instead.

An event that touched a patient's data

When the event read or changed a specific patient's record, add the patient it concerned and an entity describing the resource that was touched. Here a practitioner searched for a Condition: the action is R (read), the code is the FHIR search interaction, and entity.what references the resource that was returned. Both patient and entity.what are plain Reference types:

{
  "resourceType": "AuditEvent",
  "meta": { "profile": [ "https://dhp.uz/fhir/core/StructureDefinition/uz-core-auditevent" ] },
  "category": [
    {
      "coding": [
        {
          "system": "http://dicom.nema.org/resources/ontology/DCM",
          "code": "110112",
          "display": "Query"
        }
      ]
    }
  ],
  "code": {
    "coding": [ { "system": "http://hl7.org/fhir/restful-interaction", "code": "search" } ]
  },
  "action": "R",
  "occurredDateTime": "2025-02-15T14:02:52Z",
  "recorded": "2025-02-15T14:02:52Z",
  "outcome": { "code": { "system": "http://hl7.org/fhir/issue-severity", "code": "success" } },
  "patient": { "reference": "Patient/example-patient" },
  "agent": [
    {
      "type": {
        "coding": [
          {
            "system": "http://terminology.hl7.org/CodeSystem/extra-security-role-type",
            "code": "humanuser"
          }
        ]
      },
      "role": [
        {
          "coding": [
            {
              "system": "http://hl7.org/fhir/sample-security-structural-roles",
              "code": "regulated-health-professionals"
            }
          ]
        }
      ],
      "authorization": [
        {
          "coding": [
            { "system": "http://terminology.hl7.org/CodeSystem/v3-ActReason", "code": "TREAT" }
          ]
        }
      ],
      "who": { "reference": "PractitionerRole/example-practitionerrole" }
    }
  ],
  "entity": [
    {
      "role": {
        "coding": [
          {
            "system": "http://terminology.hl7.org/CodeSystem/object-role",
            "code": "4",
            "display": "Domain Resource"
          }
        ]
      },
      "securityLabel": [
        {
          "coding": [
            { "system": "http://terminology.hl7.org/CodeSystem/v3-ActCode", "code": "NOAUTH" }
          ]
        }
      ],
      "what": { "reference": "Condition/example-headache" }
    }
  ],
  "source": {
    "observer": { "display": "Uzbekistan Digital Health Platform" },
    "type": [
      {
        "coding": [
          {
            "system": "http://terminology.hl7.org/CodeSystem/security-source-type",
            "code": "4",
            "display": "Application Server"
          }
        ]
      }
    ]
  }
}

For a search, the platform also records the query itself (base64-encoded) in entity.query. A failed or denied access (HTTP 401 / 403) is logged the same way but with a failure outcome.code.

For example API calls and a sample payload, see the Quick Start at the bottom of this page.

Usages:

Examples for this Profile: AuditEvent/example-auditevent-condition-lookup and AuditEvent/example-auditevent-login
CapabilityStatements using this Profile: CapabilityStatement[https://dhp.uz/fhir/core/CapabilityStatement/DHPCapabilityStatement|0.5.0]

You can also check for usages in the FHIR IG Statistics

Formal Views of Profile Content

Description Differentials, Snapshots, and other representations.

Key Elements Table
Differential Table
Snapshot Table
Statistics/References
All

Name	Flags	Card.	Type	Description & Constraints Filter: Bindings Constraints Obligations
AuditEvent		0..*	AuditEvent(5.0.0)	Record of an event
implicitRules	?!Σ	0..1	uri	A set of rules under which this content was created
contained		0..*	Resource	Contained, inline Resources
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored Constraints: ext-1
category	SΣ	0..*	CodeableConcept	Type/identifier of event Binding: AuditEventID (example): Type of event.
Slices for coding	Σ	0..*	Coding	Code defined by a terminology system Slice: Unordered, Open by value:system
coding:dhpCategory	SΣ	0..1	Coding	Code defined by a terminology system
system	SΣ	1..1	uri	Identity of the terminology system Required Pattern: http://dicom.nema.org/resources/ontology/DCM
code	SΣC	1..1	code	Symbol in syntax defined by the system Binding: AuditEventTypeVS (0.5.0) (required)
code	SΣ	1..1	CodeableConcept	Specific type of event Binding: AuditEventSubTypeVS (0.5.0) (required)
action	SΣ	0..1	code	Type of action performed during the event Binding: AuditEventActionVS (0.5.0) (required)
Slices for occurred[x]		0..1		When the activity occurred Slice: Unordered, Open by type:$this
occurredPeriod			Period
occurredDateTime			dateTime
occurred[x]:occurredDateTime	S	0..1	dateTime	When the activity occurred
recorded	SΣ	1..1	instant	Time when the event was recorded
outcome	SΣ	0..1	BackboneElement	Whether the event succeeded or failed
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized Constraints: ext-1
code	Σ	1..1	Coding	Whether the event succeeded or failed Binding: AuditEventOutcomeVS (0.5.0) (required)
patient	S	0..1	Reference(Patient)	The patient is the subject of the data used/created/updated/deleted during the activity
agent	SΣ	1..*	BackboneElement	Actor involved in the event
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized Constraints: ext-1
type	S	0..1	CodeableConcept	How agent participated Binding: AuditParticipationRoleTypeVS (0.5.0) (required)
role	S	0..*	CodeableConcept	Agent role in the event Binding: SecurityRoleTypeVS (0.5.0) (required)
who	SΣ	1..1	Reference(UZ Core PractitionerRole(0.5.0) \| UZ Core Practitioner(0.5.0) \| UZ Core Patient(0.5.0) \| RelatedPerson)	Identifier of who
authorization	S	0..*	CodeableConcept	Allowable authorization for this agent Binding: AuditPurposeOfUseVS (0.5.0) (required)
source	Σ	1..1	BackboneElement	Audit Event Reporter
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized Constraints: ext-1
observer	Σ	1..1	Reference(Practitioner \| PractitionerRole \| Organization \| CareTeam \| Patient \| Device \| RelatedPerson)	The identity of source detecting the event
entity	SΣ	0..*	BackboneElement	Data or objects used
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized Constraints: ext-1
what	SΣ	0..1	Reference(Resource)	Specific instance of resource
role	S	0..1	CodeableConcept	What role the entity played Binding: ObjectRoleVS (0.5.0) (required)
securityLabel	S	0..*	CodeableConcept	Security labels on the entity Binding: SecurityLabelVS (0.5.0) (required)
query	SΣ	0..1	base64Binary	Query parameters
Documentation for this format

Terminology Bindings

Path	Status	Usage	ValueSet	Version	Source
AuditEvent.category	Base	example	Audit Event ID	📍5.0.0	FHIR Std.
AuditEvent.category.coding:dhpCategory.code	Base	required	Audit event type	📍0.5.0	This IG
AuditEvent.code	Base	required	Audit event subtype	📍0.5.0	This IG
AuditEvent.action	Base	required	Audit event action	📍0.5.0	This IG
AuditEvent.outcome.code	Base	required	Audit event outcome	📍0.5.0	This IG
AuditEvent.agent.type	Base	required	Audit event role type	📍0.5.0	This IG
AuditEvent.agent.role	Base	required	Security role type	📍0.5.0	This IG
AuditEvent.agent.authorization	Base	required	Purpose of use	📍0.5.0	This IG
AuditEvent.entity.role	Base	required	Object role	📍0.5.0	This IG
AuditEvent.entity.securityLabel	Base	required	Security label	📍0.5.0	This IG

Constraints

Id	Grade	Path(s)	Description	Expression
dom-2	error	AuditEvent	If the resource is contained in another resource, it SHALL NOT contain nested Resources	`contained.contained.empty()`
dom-3	error	AuditEvent	If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource	`contained.where((('#'+id in (%resource.descendants().reference \| %resource.descendants().ofType(canonical) \| %resource.descendants().ofType(uri) \| %resource.descendants().ofType(url))) or descendants().where(reference = '#').exists() or descendants().where(ofType(canonical) = '#').exists() or descendants().where(ofType(canonical) = '#').exists()).not()).trace('unmatched', id).empty()`
dom-4	error	AuditEvent	If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated	`contained.meta.versionId.empty() and contained.meta.lastUpdated.empty()`
dom-5	error	AuditEvent	If a resource is contained in another resource, it SHALL NOT have a security label	`contained.meta.security.empty()`
dom-6	best practice	AuditEvent	A resource should have narrative for robust management	text.`div`.exists()
ele-1	error	AuditEvent.implicitRules, AuditEvent.modifierExtension, AuditEvent.category, AuditEvent.category.coding, AuditEvent.category.coding:dhpCategory, AuditEvent.category.coding:dhpCategory.system, AuditEvent.category.coding:dhpCategory.code, AuditEvent.code, AuditEvent.action, AuditEvent.occurred[x], AuditEvent.occurred[x]:occurredDateTime, AuditEvent.recorded, AuditEvent.outcome, AuditEvent.outcome.modifierExtension, AuditEvent.outcome.code, AuditEvent.patient, AuditEvent.agent, AuditEvent.agent.modifierExtension, AuditEvent.agent.type, AuditEvent.agent.role, AuditEvent.agent.who, AuditEvent.agent.authorization, AuditEvent.source, AuditEvent.source.modifierExtension, AuditEvent.source.observer, AuditEvent.entity, AuditEvent.entity.modifierExtension, AuditEvent.entity.what, AuditEvent.entity.role, AuditEvent.entity.securityLabel, AuditEvent.entity.query	All FHIR elements must have a @value or children	`hasValue() or (children().count() > id.count())`
ext-1	error	AuditEvent.modifierExtension, AuditEvent.outcome.modifierExtension, AuditEvent.agent.modifierExtension, AuditEvent.source.modifierExtension, AuditEvent.entity.modifierExtension	Must have either extensions or value[x], not both	`extension.exists() != value.exists()`

Name	Flags	Card.	Type	Description & Constraints Filter: Bindings Constraints Obligations
AuditEvent		0..*	AuditEvent(5.0.0)	Record of an event
category	S	0..*	CodeableConcept	Type/identifier of event
Slices for coding		0..*	Coding	Code defined by a terminology system Slice: Unordered, Open by value:system
coding:dhpCategory	S	0..1	Coding	Code defined by a terminology system
system	S	1..1	uri	Identity of the terminology system Required Pattern: http://dicom.nema.org/resources/ontology/DCM
code	S	1..1	code	Symbol in syntax defined by the system Binding: AuditEventTypeVS (0.5.0) (required)
code	S	1..1	CodeableConcept	Specific type of event Binding: AuditEventSubTypeVS (0.5.0) (required)
action	S	0..1	code	Type of action performed during the event Binding: AuditEventActionVS (0.5.0) (required)
Slices for occurred[x]		0..1	Period, dateTime	When the activity occurred Slice: Unordered, Open by type:$this
occurred[x]:occurredDateTime	S	0..1	dateTime	When the activity occurred
recorded	S	1..1	instant	Time when the event was recorded
outcome	S	0..1	BackboneElement	Whether the event succeeded or failed
code		1..1	Coding	Whether the event succeeded or failed Binding: AuditEventOutcomeVS (0.5.0) (required)
patient	S	0..1	Reference(Patient)	The patient is the subject of the data used/created/updated/deleted during the activity
agent	S	1..*	BackboneElement	Actor involved in the event
type	S	0..1	CodeableConcept	How agent participated Binding: AuditParticipationRoleTypeVS (0.5.0) (required)
role	S	0..*	CodeableConcept	Agent role in the event Binding: SecurityRoleTypeVS (0.5.0) (required)
who	S	1..1	Reference(UZ Core PractitionerRole(0.5.0) \| UZ Core Practitioner(0.5.0) \| UZ Core Patient(0.5.0) \| RelatedPerson)	Identifier of who
authorization	S	0..*	CodeableConcept	Allowable authorization for this agent Binding: AuditPurposeOfUseVS (0.5.0) (required)
entity	S	0..*	BackboneElement	Data or objects used
what	S	0..1	Reference(Resource)	Specific instance of resource
role	S	0..1	CodeableConcept	What role the entity played Binding: ObjectRoleVS (0.5.0) (required)
securityLabel	S	0..*	CodeableConcept	Security labels on the entity Binding: SecurityLabelVS (0.5.0) (required)
query	S	0..1	base64Binary	Query parameters
Documentation for this format

Terminology Bindings (Differential)

Path	Status	Usage	ValueSet	Version	Source
AuditEvent.category.coding:dhpCategory.code	Base	required	Audit event type	📍0.5.0	This IG
AuditEvent.code	Base	required	Audit event subtype	📍0.5.0	This IG
AuditEvent.action	Base	required	Audit event action	📍0.5.0	This IG
AuditEvent.outcome.code	Base	required	Audit event outcome	📍0.5.0	This IG
AuditEvent.agent.type	Base	required	Audit event role type	📍0.5.0	This IG
AuditEvent.agent.role	Base	required	Security role type	📍0.5.0	This IG
AuditEvent.agent.authorization	Base	required	Purpose of use	📍0.5.0	This IG
AuditEvent.entity.role	Base	required	Object role	📍0.5.0	This IG
AuditEvent.entity.securityLabel	Base	required	Security label	📍0.5.0	This IG

Description & Constraints Filter: Filters

AuditEvent

0..*

AuditEvent(5.0.0)

Record of an event

id

Σ

0..1

id

Logical id of this artifact

Terminology Bindings

Path	Status	Usage	ValueSet	Version	Source
AuditEvent.language	Base	required	All Languages	📍5.0.0	FHIR Std.
AuditEvent.category	Base	example	Audit Event ID	📍5.0.0	FHIR Std.
AuditEvent.category.coding:dhpCategory.code	Base	required	Audit event type	📍0.5.0	This IG
AuditEvent.code	Base	required	Audit event subtype	📍0.5.0	This IG
AuditEvent.action	Base	required	Audit event action	📍0.5.0	This IG
AuditEvent.severity	Base	required	Audit Event Severity	📍5.0.0	FHIR Std.
AuditEvent.outcome.code	Base	required	Audit event outcome	📍0.5.0	This IG
AuditEvent.outcome.detail	Base	example	Audit Event Outcome Detail	📍5.0.0	FHIR Std.
AuditEvent.authorization	Base	example	PurposeOfUse	📍3.1.0	THO v7.1
AuditEvent.agent.type	Base	required	Audit event role type	📍0.5.0	This IG
AuditEvent.agent.role	Base	required	Security role type	📍0.5.0	This IG
AuditEvent.agent.authorization	Base	required	Purpose of use	📍0.5.0	This IG
AuditEvent.source.type	Base	preferred	Audit Event Source Type	📍5.0.0	FHIR Std.
AuditEvent.entity.role	Base	required	Object role	📍0.5.0	This IG
AuditEvent.entity.securityLabel	Base	required	Security label	📍0.5.0	This IG
AuditEvent.entity.detail.type	Base	example	Audit Event ID	📍5.0.0	FHIR Std.

Constraints

Id	Grade	Path(s)	Description	Expression
dom-2	error	AuditEvent	If the resource is contained in another resource, it SHALL NOT contain nested Resources	`contained.contained.empty()`
dom-3	error	AuditEvent	If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource	`contained.where((('#'+id in (%resource.descendants().reference \| %resource.descendants().ofType(canonical) \| %resource.descendants().ofType(uri) \| %resource.descendants().ofType(url))) or descendants().where(reference = '#').exists() or descendants().where(ofType(canonical) = '#').exists() or descendants().where(ofType(canonical) = '#').exists()).not()).trace('unmatched', id).empty()`
dom-4	error	AuditEvent	If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated	`contained.meta.versionId.empty() and contained.meta.lastUpdated.empty()`
dom-5	error	AuditEvent	If a resource is contained in another resource, it SHALL NOT have a security label	`contained.meta.security.empty()`
dom-6	best practice	AuditEvent	A resource should have narrative for robust management	text.`div`.exists()
ele-1	error	AuditEvent.meta, AuditEvent.implicitRules, AuditEvent.language, AuditEvent.text, AuditEvent.extension, AuditEvent.modifierExtension, AuditEvent.category, AuditEvent.category.extension, AuditEvent.category.coding, AuditEvent.category.coding:dhpCategory, AuditEvent.category.coding:dhpCategory.extension, AuditEvent.category.coding:dhpCategory.system, AuditEvent.category.coding:dhpCategory.version, AuditEvent.category.coding:dhpCategory.code, AuditEvent.category.coding:dhpCategory.display, AuditEvent.category.coding:dhpCategory.userSelected, AuditEvent.category.text, AuditEvent.code, AuditEvent.action, AuditEvent.severity, AuditEvent.occurred[x], AuditEvent.occurred[x]:occurredDateTime, AuditEvent.recorded, AuditEvent.outcome, AuditEvent.outcome.extension, AuditEvent.outcome.modifierExtension, AuditEvent.outcome.code, AuditEvent.outcome.detail, AuditEvent.authorization, AuditEvent.basedOn, AuditEvent.patient, AuditEvent.encounter, AuditEvent.agent, AuditEvent.agent.extension, AuditEvent.agent.modifierExtension, AuditEvent.agent.type, AuditEvent.agent.role, AuditEvent.agent.who, AuditEvent.agent.requestor, AuditEvent.agent.location, AuditEvent.agent.policy, AuditEvent.agent.network[x], AuditEvent.agent.authorization, AuditEvent.source, AuditEvent.source.extension, AuditEvent.source.modifierExtension, AuditEvent.source.site, AuditEvent.source.observer, AuditEvent.source.type, AuditEvent.entity, AuditEvent.entity.extension, AuditEvent.entity.modifierExtension, AuditEvent.entity.what, AuditEvent.entity.role, AuditEvent.entity.securityLabel, AuditEvent.entity.query, AuditEvent.entity.detail, AuditEvent.entity.detail.extension, AuditEvent.entity.detail.modifierExtension, AuditEvent.entity.detail.type, AuditEvent.entity.detail.value[x], AuditEvent.entity.agent	All FHIR elements must have a @value or children	`hasValue() or (children().count() > id.count())`
ext-1	error	AuditEvent.extension, AuditEvent.modifierExtension, AuditEvent.category.extension, AuditEvent.category.coding:dhpCategory.extension, AuditEvent.outcome.extension, AuditEvent.outcome.modifierExtension, AuditEvent.agent.extension, AuditEvent.agent.modifierExtension, AuditEvent.source.extension, AuditEvent.source.modifierExtension, AuditEvent.entity.extension, AuditEvent.entity.modifierExtension, AuditEvent.entity.detail.extension, AuditEvent.entity.detail.modifierExtension	Must have either extensions or value[x], not both	`extension.exists() != value.exists()`

Summary

Mandatory: 0 element(2 nested mandatory elements)
Must-Support: 20 elements

Structures

This structure refers to these other structures:

Slices

This structure defines the following Slices:

The element 1 is sliced based on the value of AuditEvent.category.coding
The element 1 is sliced based on the value of AuditEvent.occurred[x]

Key Elements View

Name	Flags	Card.	Type	Description & Constraints Filter: Bindings Constraints Obligations
AuditEvent		0..*	AuditEvent(5.0.0)	Record of an event
implicitRules	?!Σ	0..1	uri	A set of rules under which this content was created
contained		0..*	Resource	Contained, inline Resources
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored Constraints: ext-1
category	SΣ	0..*	CodeableConcept	Type/identifier of event Binding: AuditEventID (example): Type of event.
Slices for coding	Σ	0..*	Coding	Code defined by a terminology system Slice: Unordered, Open by value:system
coding:dhpCategory	SΣ	0..1	Coding	Code defined by a terminology system
system	SΣ	1..1	uri	Identity of the terminology system Required Pattern: http://dicom.nema.org/resources/ontology/DCM
code	SΣC	1..1	code	Symbol in syntax defined by the system Binding: AuditEventTypeVS (0.5.0) (required)
code	SΣ	1..1	CodeableConcept	Specific type of event Binding: AuditEventSubTypeVS (0.5.0) (required)
action	SΣ	0..1	code	Type of action performed during the event Binding: AuditEventActionVS (0.5.0) (required)
Slices for occurred[x]		0..1		When the activity occurred Slice: Unordered, Open by type:$this
occurredPeriod			Period
occurredDateTime			dateTime
occurred[x]:occurredDateTime	S	0..1	dateTime	When the activity occurred
recorded	SΣ	1..1	instant	Time when the event was recorded
outcome	SΣ	0..1	BackboneElement	Whether the event succeeded or failed
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized Constraints: ext-1
code	Σ	1..1	Coding	Whether the event succeeded or failed Binding: AuditEventOutcomeVS (0.5.0) (required)
patient	S	0..1	Reference(Patient)	The patient is the subject of the data used/created/updated/deleted during the activity
agent	SΣ	1..*	BackboneElement	Actor involved in the event
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized Constraints: ext-1
type	S	0..1	CodeableConcept	How agent participated Binding: AuditParticipationRoleTypeVS (0.5.0) (required)
role	S	0..*	CodeableConcept	Agent role in the event Binding: SecurityRoleTypeVS (0.5.0) (required)
who	SΣ	1..1	Reference(UZ Core PractitionerRole(0.5.0) \| UZ Core Practitioner(0.5.0) \| UZ Core Patient(0.5.0) \| RelatedPerson)	Identifier of who
authorization	S	0..*	CodeableConcept	Allowable authorization for this agent Binding: AuditPurposeOfUseVS (0.5.0) (required)
source	Σ	1..1	BackboneElement	Audit Event Reporter
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized Constraints: ext-1
observer	Σ	1..1	Reference(Practitioner \| PractitionerRole \| Organization \| CareTeam \| Patient \| Device \| RelatedPerson)	The identity of source detecting the event
entity	SΣ	0..*	BackboneElement	Data or objects used
modifierExtension	?!Σ	0..*	Extension	Extensions that cannot be ignored even if unrecognized Constraints: ext-1
what	SΣ	0..1	Reference(Resource)	Specific instance of resource
role	S	0..1	CodeableConcept	What role the entity played Binding: ObjectRoleVS (0.5.0) (required)
securityLabel	S	0..*	CodeableConcept	Security labels on the entity Binding: SecurityLabelVS (0.5.0) (required)
query	SΣ	0..1	base64Binary	Query parameters
Documentation for this format

Terminology Bindings

Path	Status	Usage	ValueSet	Version	Source
AuditEvent.category	Base	example	Audit Event ID	📍5.0.0	FHIR Std.
AuditEvent.category.coding:dhpCategory.code	Base	required	Audit event type	📍0.5.0	This IG
AuditEvent.code	Base	required	Audit event subtype	📍0.5.0	This IG
AuditEvent.action	Base	required	Audit event action	📍0.5.0	This IG
AuditEvent.outcome.code	Base	required	Audit event outcome	📍0.5.0	This IG
AuditEvent.agent.type	Base	required	Audit event role type	📍0.5.0	This IG
AuditEvent.agent.role	Base	required	Security role type	📍0.5.0	This IG
AuditEvent.agent.authorization	Base	required	Purpose of use	📍0.5.0	This IG
AuditEvent.entity.role	Base	required	Object role	📍0.5.0	This IG
AuditEvent.entity.securityLabel	Base	required	Security label	📍0.5.0	This IG

Constraints

Id	Grade	Path(s)	Description	Expression
dom-2	error	AuditEvent	If the resource is contained in another resource, it SHALL NOT contain nested Resources	`contained.contained.empty()`
dom-3	error	AuditEvent	If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource	`contained.where((('#'+id in (%resource.descendants().reference \| %resource.descendants().ofType(canonical) \| %resource.descendants().ofType(uri) \| %resource.descendants().ofType(url))) or descendants().where(reference = '#').exists() or descendants().where(ofType(canonical) = '#').exists() or descendants().where(ofType(canonical) = '#').exists()).not()).trace('unmatched', id).empty()`
dom-4	error	AuditEvent	If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated	`contained.meta.versionId.empty() and contained.meta.lastUpdated.empty()`
dom-5	error	AuditEvent	If a resource is contained in another resource, it SHALL NOT have a security label	`contained.meta.security.empty()`
dom-6	best practice	AuditEvent	A resource should have narrative for robust management	text.`div`.exists()
ele-1	error	AuditEvent.implicitRules, AuditEvent.modifierExtension, AuditEvent.category, AuditEvent.category.coding, AuditEvent.category.coding:dhpCategory, AuditEvent.category.coding:dhpCategory.system, AuditEvent.category.coding:dhpCategory.code, AuditEvent.code, AuditEvent.action, AuditEvent.occurred[x], AuditEvent.occurred[x]:occurredDateTime, AuditEvent.recorded, AuditEvent.outcome, AuditEvent.outcome.modifierExtension, AuditEvent.outcome.code, AuditEvent.patient, AuditEvent.agent, AuditEvent.agent.modifierExtension, AuditEvent.agent.type, AuditEvent.agent.role, AuditEvent.agent.who, AuditEvent.agent.authorization, AuditEvent.source, AuditEvent.source.modifierExtension, AuditEvent.source.observer, AuditEvent.entity, AuditEvent.entity.modifierExtension, AuditEvent.entity.what, AuditEvent.entity.role, AuditEvent.entity.securityLabel, AuditEvent.entity.query	All FHIR elements must have a @value or children	`hasValue() or (children().count() > id.count())`
ext-1	error	AuditEvent.modifierExtension, AuditEvent.outcome.modifierExtension, AuditEvent.agent.modifierExtension, AuditEvent.source.modifierExtension, AuditEvent.entity.modifierExtension	Must have either extensions or value[x], not both	`extension.exists() != value.exists()`

Differential View

Name	Flags	Card.	Type	Description & Constraints Filter: Bindings Constraints Obligations
AuditEvent		0..*	AuditEvent(5.0.0)	Record of an event
category	S	0..*	CodeableConcept	Type/identifier of event
Slices for coding		0..*	Coding	Code defined by a terminology system Slice: Unordered, Open by value:system
coding:dhpCategory	S	0..1	Coding	Code defined by a terminology system
system	S	1..1	uri	Identity of the terminology system Required Pattern: http://dicom.nema.org/resources/ontology/DCM
code	S	1..1	code	Symbol in syntax defined by the system Binding: AuditEventTypeVS (0.5.0) (required)
code	S	1..1	CodeableConcept	Specific type of event Binding: AuditEventSubTypeVS (0.5.0) (required)
action	S	0..1	code	Type of action performed during the event Binding: AuditEventActionVS (0.5.0) (required)
Slices for occurred[x]		0..1	Period, dateTime	When the activity occurred Slice: Unordered, Open by type:$this
occurred[x]:occurredDateTime	S	0..1	dateTime	When the activity occurred
recorded	S	1..1	instant	Time when the event was recorded
outcome	S	0..1	BackboneElement	Whether the event succeeded or failed
code		1..1	Coding	Whether the event succeeded or failed Binding: AuditEventOutcomeVS (0.5.0) (required)
patient	S	0..1	Reference(Patient)	The patient is the subject of the data used/created/updated/deleted during the activity
agent	S	1..*	BackboneElement	Actor involved in the event
type	S	0..1	CodeableConcept	How agent participated Binding: AuditParticipationRoleTypeVS (0.5.0) (required)
role	S	0..*	CodeableConcept	Agent role in the event Binding: SecurityRoleTypeVS (0.5.0) (required)
who	S	1..1	Reference(UZ Core PractitionerRole(0.5.0) \| UZ Core Practitioner(0.5.0) \| UZ Core Patient(0.5.0) \| RelatedPerson)	Identifier of who
authorization	S	0..*	CodeableConcept	Allowable authorization for this agent Binding: AuditPurposeOfUseVS (0.5.0) (required)
entity	S	0..*	BackboneElement	Data or objects used
what	S	0..1	Reference(Resource)	Specific instance of resource
role	S	0..1	CodeableConcept	What role the entity played Binding: ObjectRoleVS (0.5.0) (required)
securityLabel	S	0..*	CodeableConcept	Security labels on the entity Binding: SecurityLabelVS (0.5.0) (required)
query	S	0..1	base64Binary	Query parameters
Documentation for this format

Terminology Bindings (Differential)

Path	Status	Usage	ValueSet	Version	Source
AuditEvent.category.coding:dhpCategory.code	Base	required	Audit event type	📍0.5.0	This IG
AuditEvent.code	Base	required	Audit event subtype	📍0.5.0	This IG
AuditEvent.action	Base	required	Audit event action	📍0.5.0	This IG
AuditEvent.outcome.code	Base	required	Audit event outcome	📍0.5.0	This IG
AuditEvent.agent.type	Base	required	Audit event role type	📍0.5.0	This IG
AuditEvent.agent.role	Base	required	Security role type	📍0.5.0	This IG
AuditEvent.agent.authorization	Base	required	Purpose of use	📍0.5.0	This IG
AuditEvent.entity.role	Base	required	Object role	📍0.5.0	This IG
AuditEvent.entity.securityLabel	Base	required	Security label	📍0.5.0	This IG

Snapshot ViewView

Description & Constraints Filter: Filters

AuditEvent

0..*

AuditEvent(5.0.0)

Record of an event

id

Σ

0..1

id

Logical id of this artifact

Terminology Bindings

Path	Status	Usage	ValueSet	Version	Source
AuditEvent.language	Base	required	All Languages	📍5.0.0	FHIR Std.
AuditEvent.category	Base	example	Audit Event ID	📍5.0.0	FHIR Std.
AuditEvent.category.coding:dhpCategory.code	Base	required	Audit event type	📍0.5.0	This IG
AuditEvent.code	Base	required	Audit event subtype	📍0.5.0	This IG
AuditEvent.action	Base	required	Audit event action	📍0.5.0	This IG
AuditEvent.severity	Base	required	Audit Event Severity	📍5.0.0	FHIR Std.
AuditEvent.outcome.code	Base	required	Audit event outcome	📍0.5.0	This IG
AuditEvent.outcome.detail	Base	example	Audit Event Outcome Detail	📍5.0.0	FHIR Std.
AuditEvent.authorization	Base	example	PurposeOfUse	📍3.1.0	THO v7.1
AuditEvent.agent.type	Base	required	Audit event role type	📍0.5.0	This IG
AuditEvent.agent.role	Base	required	Security role type	📍0.5.0	This IG
AuditEvent.agent.authorization	Base	required	Purpose of use	📍0.5.0	This IG
AuditEvent.source.type	Base	preferred	Audit Event Source Type	📍5.0.0	FHIR Std.
AuditEvent.entity.role	Base	required	Object role	📍0.5.0	This IG
AuditEvent.entity.securityLabel	Base	required	Security label	📍0.5.0	This IG
AuditEvent.entity.detail.type	Base	example	Audit Event ID	📍5.0.0	FHIR Std.

Constraints

Id	Grade	Path(s)	Description	Expression
dom-2	error	AuditEvent	If the resource is contained in another resource, it SHALL NOT contain nested Resources	`contained.contained.empty()`
dom-3	error	AuditEvent	If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource	`contained.where((('#'+id in (%resource.descendants().reference \| %resource.descendants().ofType(canonical) \| %resource.descendants().ofType(uri) \| %resource.descendants().ofType(url))) or descendants().where(reference = '#').exists() or descendants().where(ofType(canonical) = '#').exists() or descendants().where(ofType(canonical) = '#').exists()).not()).trace('unmatched', id).empty()`
dom-4	error	AuditEvent	If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated	`contained.meta.versionId.empty() and contained.meta.lastUpdated.empty()`
dom-5	error	AuditEvent	If a resource is contained in another resource, it SHALL NOT have a security label	`contained.meta.security.empty()`
dom-6	best practice	AuditEvent	A resource should have narrative for robust management	text.`div`.exists()
ele-1	error	AuditEvent.meta, AuditEvent.implicitRules, AuditEvent.language, AuditEvent.text, AuditEvent.extension, AuditEvent.modifierExtension, AuditEvent.category, AuditEvent.category.extension, AuditEvent.category.coding, AuditEvent.category.coding:dhpCategory, AuditEvent.category.coding:dhpCategory.extension, AuditEvent.category.coding:dhpCategory.system, AuditEvent.category.coding:dhpCategory.version, AuditEvent.category.coding:dhpCategory.code, AuditEvent.category.coding:dhpCategory.display, AuditEvent.category.coding:dhpCategory.userSelected, AuditEvent.category.text, AuditEvent.code, AuditEvent.action, AuditEvent.severity, AuditEvent.occurred[x], AuditEvent.occurred[x]:occurredDateTime, AuditEvent.recorded, AuditEvent.outcome, AuditEvent.outcome.extension, AuditEvent.outcome.modifierExtension, AuditEvent.outcome.code, AuditEvent.outcome.detail, AuditEvent.authorization, AuditEvent.basedOn, AuditEvent.patient, AuditEvent.encounter, AuditEvent.agent, AuditEvent.agent.extension, AuditEvent.agent.modifierExtension, AuditEvent.agent.type, AuditEvent.agent.role, AuditEvent.agent.who, AuditEvent.agent.requestor, AuditEvent.agent.location, AuditEvent.agent.policy, AuditEvent.agent.network[x], AuditEvent.agent.authorization, AuditEvent.source, AuditEvent.source.extension, AuditEvent.source.modifierExtension, AuditEvent.source.site, AuditEvent.source.observer, AuditEvent.source.type, AuditEvent.entity, AuditEvent.entity.extension, AuditEvent.entity.modifierExtension, AuditEvent.entity.what, AuditEvent.entity.role, AuditEvent.entity.securityLabel, AuditEvent.entity.query, AuditEvent.entity.detail, AuditEvent.entity.detail.extension, AuditEvent.entity.detail.modifierExtension, AuditEvent.entity.detail.type, AuditEvent.entity.detail.value[x], AuditEvent.entity.agent	All FHIR elements must have a @value or children	`hasValue() or (children().count() > id.count())`
ext-1	error	AuditEvent.extension, AuditEvent.modifierExtension, AuditEvent.category.extension, AuditEvent.category.coding:dhpCategory.extension, AuditEvent.outcome.extension, AuditEvent.outcome.modifierExtension, AuditEvent.agent.extension, AuditEvent.agent.modifierExtension, AuditEvent.source.extension, AuditEvent.source.modifierExtension, AuditEvent.entity.extension, AuditEvent.entity.modifierExtension, AuditEvent.entity.detail.extension, AuditEvent.entity.detail.modifierExtension	Must have either extensions or value[x], not both	`extension.exists() != value.exists()`

Summary

Mandatory: 0 element(2 nested mandatory elements)
Must-Support: 20 elements

Structures

This structure refers to these other structures:

Slices

This structure defines the following Slices:

The element 1 is sliced based on the value of AuditEvent.category.coding
The element 1 is sliced based on the value of AuditEvent.occurred[x]

Other representations of profile: CSV, Excel, Schematron

Quick Start

Common API interactions for this profile. Requests require a JWT access token - see Security and authentication. [base] is the FHIR server base URL; | separates a code system from its value and must be URL-encoded as %7C.

AuditEvents are written by the platform and are read-only to clients - there is no create or update path. Query the audit log with read and search.

Read by server id

GET [base]/AuditEvent/[id]

Search the audit log

GET [base]/AuditEvent?patient=Patient/[id]
GET [base]/AuditEvent?patient=Patient/[id]&date=ge2025-01-01
GET [base]/AuditEvent?agent=PractitionerRole/[id]
GET [base]/AuditEvent?patient=Patient/[id]&action=R
GET [base]/AuditEvent?patient=Patient/[id]&category=http://dicom.nema.org/resources/ontology/DCM%7C110112
GET [base]/AuditEvent?patient=Patient/[id]&entity=Condition/[id]
GET [base]/AuditEvent?patient=Patient/[id]&outcome=http://hl7.org/fhir/issue-severity%7Cerror

In FHIR R5 the event grouping is searched with category and the specific sub-type with code (R4's type / subtype). In this profile outcome.code is bound to the issue-severity value set, so a denied or failed access is searchable as error (or fatal) rather than success.

See the CapabilityStatement for the full list of supported search parameters.

< prev

top

next >

IG © 2025+ Ministry of Health of the Republic of Uzbekistan. Package uz.dhp.core#0.5.0 based on FHIR 5.0.0. Generated 2026-06-05
Links: Table of Contents | QA Report

Resource Profile: UZ Core AuditEvent ( Experimental )

Mandatory and Must Support data elements

Each UZ Core AuditEvent Must Have

Each UZ Core AuditEvent Must Support

Building the JSON, step by step

A representative event (a login)

An event that touched a patient's data

Formal Views of Profile Content

Terminology Bindings

Constraints

Terminology Bindings (Differential)

Terminology Bindings

Constraints

Terminology Bindings

Constraints

Terminology Bindings (Differential)

Terminology Bindings

Constraints

Quick Start

Related