Left: | PolicyAuditEvent (http://fhir.ch/ig/ch-atc/StructureDefinition/PolicyAuditEvent) |
Right: | PolicyAuditEvent (http://fhir.ch/ig/ch-atc/StructureDefinition/PolicyAuditEvent) |
Error | StructureDefinition.version | Values for version differ: '3.1.0' vs '3.2.0-ballot' |
Information | StructureDefinition.copyright | Values for copyright differ: 'CC-BY-SA-4.0' vs 'CC0-1.0' |
Warning | AuditEvent | Elements differ in definition: 'Policy Audit Trail Content Profil' vs 'A record of an event made for purposes of maintaining a security log. Typical uses include detection of intrusion attempts and monitoring for inappropriate usage.' |
Warning | AuditEvent | Elements differ in comments: 'Based on ATNA (RFC 3881).' vs 'Based on IHE-ATNA.' |
Warning | AuditEvent.type | Elements differ in definition: 'Identifier for a family of the event. For example, a menu item, program, rule, policy, function code, application name or URL. It identifies the performed function.' vs 'Identifier for a family of the event. For example, a menu item, program, rule, policy, function code, application name or URL. It identifies the performed function.' |
Warning | AuditEvent.type | Elements differ in requirements: 'This identifies the performed function. For 'Execute' Event Action Code audit records, this identifies the application function performed.' vs 'This identifies the performed function. For 'Execute' Event Action Code audit records, this identifies the application function performed.' |
Warning | AuditEvent.recorded | Elements differ in comments: 'In a distributed system, some sort of common time base (e.g. an NTP [RFC1305] server) is a good implementation tactic.' vs 'In a distributed system, some sort of common time base (e.g. an NTP [RFC1305] server) is a good implementation tactic.' |
Warning | AuditEvent.recorded | Elements differ in requirements: 'This ties an event to a specific date and time. Security audits typically require a consistent time base (e.g. UTC), to eliminate time-zone issues arising from geographical distribution.' vs 'This ties an event to a specific date and time. Security audits typically require a consistent time base (e.g. UTC), to eliminate time-zone issues arising from geographical distribution.' |
Warning | AuditEvent.agent | Elements differ in definition: 'Participants' vs 'An actor taking an active role in the event or activity that is logged.' |
Warning | AuditEvent.agent | Elements differ in comments: 'Several agents may be associated (i.e. have some responsibility for an activity) with an event or activity. For example, an activity may be initiated by one user for other users or involve more than one user. However, only one user may be the initiator/requestor for the activity.' vs 'Several agents may be associated (i.e. have some responsibility for an activity) with an event or activity. For example, an activity may be initiated by one user for other users or involve more than one user. However, only one user may be the initiator/requestor for the activity.' |
Warning | AuditEvent.agent | Elements differ in requirements: 'An agent can be a person, an organization, software, device, or other actors that may be ascribed responsibility.' vs 'An agent can be a person, an organization, software, device, or other actors that may be ascribed responsibility.' |
Warning | AuditEvent.agent.role | Elements differ in definition: 'The security role that the user was acting under, that come from local codes defined by the access control security system (e.g. RBAC, ABAC) used in the local context.' vs 'The security role that the user was acting under, that come from local codes defined by the access control security system (e.g. RBAC, ABAC) used in the local context.' |
Warning | AuditEvent.agent.role | Elements differ in description: 'EprParticipant' vs 'EPR Participant' |
Warning | AuditEvent.agent.role | Elements differ in description: 'EprParticipant' vs 'EPR Participant' |
Information | AuditEvent.agent.who.identifier | Element minimum cardinalities differ: '0' vs '1' |
Warning | AuditEvent.agent.name | Elements differ in short: 'Human-meaningful name for the agent' vs 'Human friendly name for the agent' |
Warning | AuditEvent.agent.name | Elements differ in requirements: 'The User ID and Authorization User ID may be internal or otherwise obscure values. This field assists the auditor in identifying the actual user.' vs 'The User ID and Authorization User ID may be internal or otherwise obscure values. This field assists the auditor in identifying the actual user.' |
Warning | AuditEvent.agent.requestor | Elements differ in definition: 'Indicator that the participant is the initiator for the event being audited.' vs 'Indicator that the user is or is not the requestor, or initiator, for the event being audited.' |
Warning | AuditEvent.agent.requestor | Elements differ in comments: 'There can only be one initiator. If the initiator is not clear, then do not choose any one agent as the initiator.' vs 'There can only be one initiator. If the initiator is not clear, then do not choose any one agent as the initiator.' |
Warning | AuditEvent.agent.requestor | Elements differ in requirements: 'This value is used to distinguish between requestor-users and recipient-users. For example, one person may initiate a report-output to be sent to another user.' vs 'This value is used to distinguish between requestor-users and recipient-users. For example, one person may initiate a report-output to be sent to another user.' |
Warning | AuditEvent.entity | Elements differ in comments: 'Required unless the values for event identification, agent identification, and audit source identification are sufficient to document the entire auditable event. Because events may have more than one entity, this group can be a repeating set of values.' vs 'Required unless the values for event identification, agent identification, and audit source identification are sufficient to document the entire auditable event. Because events may have more than one entity, this group can be a repeating set of values.' |
Name | Value | Comments | |
---|---|---|---|
abstract | false | ||
baseDefinition | http://hl7.org/fhir/StructureDefinition/AuditEvent | ||
copyright | CC-BY-SA-4.0 | CC0-1.0 |
|
date | 2018-05-28T00:00:00+02:00 | 2018-05-28 | |
description | This profile defines the content of the policy audit events which a community has to provide for a patients audit trail. | This profile defines the content of the policy audit events which a community has to provide for a patients audit trail. |
|
experimental | false | ||
fhirVersion | 4.0.1 | ||
jurisdiction | |||
jurisdiction[0] | urn:iso:std:iso:3166#CH | ||
kind | resource | ||
name | PolicyAuditEvent | ||
publisher | eHealth Suisse | ||
purpose | |||
status | active | ||
title | PolicyAuditEvent | ||
type | AuditEvent | ||
url | http://fhir.ch/ig/ch-atc/StructureDefinition/PolicyAuditEvent | ||
version | 3.1.0 | 3.2.0-ballot |
|
Name | L Flags | L Card. | L Type | L Description & Constraints | R Flags | R Card. | L Type | L Description & Constraints | Comments | ||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
AuditEvent | C | 0..* | AuditEvent | Policy Audit Trail Content Profile ch-atc-pae-1: subtype needs to be fixed to ValueSet PolicyAuditEventType | C | 0..* | AuditEvent | Policy Audit Trail Content Profile ch-atc-pae-2: subtype needs to be fixed to ValueSet PolicyAuditEventType |
| ||||||||
id | Σ | 0..1 | string | Logical id of this artifact | Σ | 0..1 | id | Logical id of this artifact | |||||||||
meta | Σ | 0..1 | Meta | Metadata about the resource | Σ | 0..1 | Meta | Metadata about the resource | |||||||||
implicitRules | ?!Σ | 0..1 | uri | A set of rules under which this content was created | ?!Σ | 0..1 | uri | A set of rules under which this content was created | |||||||||
language | 0..1 | code | Language of the resource content Binding: ?? (preferred): A human language.
| 0..1 | code | Language of the resource content Binding: ?? (preferred): A human language.
| |||||||||||
text | 0..1 | Narrative | Text summary of the resource, for human interpretation | 0..1 | Narrative | Text summary of the resource, for human interpretation | |||||||||||
contained | 0..* | Resource | Contained, inline Resources | 0..* | Resource | Contained, inline Resources | |||||||||||
extension | 0..* | Extension | Additional content defined by implementations | 0..* | Extension | Additional content defined by implementations | |||||||||||
modifierExtension | ?! | 0..* | Extension | Extensions that cannot be ignored | ?! | 0..* | Extension | Extensions that cannot be ignored | |||||||||
type | Σ | 1..1 | Coding | Type/identifier of event Binding: ?? (extensible): Type of event. | Σ | 1..1 | Coding | Type/identifier of event Binding: ?? (extensible): Type of event. |
| ||||||||
Slices for subtype | Σ | 1..* | Coding | More specific type/id for the event Slice: Unordered, Open by value:system Binding: ?? (extensible): Sub-type of event. | Σ | 1..* | Coding | More specific type/id for the event Slice: Unordered, Open by value:system Binding: ?? (extensible): Sub-type of event. | |||||||||
action | Σ | 0..1 | code | Type of action performed during the event Binding: ?? (required): Indicator for type of action performed during the event that generated the event. | Σ | 0..1 | code | Type of action performed during the event Binding: ?? (required): Indicator for type of action performed during the event that generated the event. | |||||||||
period | 0..1 | Period | When the activity occurred | 0..1 | Period | When the activity occurred | |||||||||||
recorded | Σ | 1..1 | instant | Time when the event was recorded | Σ | 1..1 | instant | Time when the event was recorded |
| ||||||||
outcome | Σ | 0..1 | code | Whether the event succeeded or failed Binding: ?? (required): Indicates whether the event succeeded or failed. | Σ | 0..1 | code | Whether the event succeeded or failed Binding: ?? (required): Indicates whether the event succeeded or failed. | |||||||||
outcomeDesc | Σ | 0..1 | string | Description of the event outcome | Σ | 0..1 | string | Description of the event outcome | |||||||||
purposeOfEvent | Σ | 0..* | CodeableConcept | The purposeOfUse of the event Binding: ?? (extensible): The reason the activity took place. | Σ | 0..* | CodeableConcept | The purposeOfUse of the event Binding: ?? (extensible): The reason the activity took place. | |||||||||
agent | 1..* | BackboneElement | Participants | 1..* | BackboneElement | Participants |
| ||||||||||
id | 0..1 | string | Unique id for inter-element referencing | 0..1 | string | Unique id for inter-element referencing | |||||||||||
extension | 0..* | Extension | Additional content defined by implementations | 0..* | Extension | Additional content defined by implementations | |||||||||||
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | |||||||||
type | 0..1 | CodeableConcept | How agent participated Binding: ?? (extensible): The Participation type of the agent to the event. | 0..1 | CodeableConcept | How agent participated Binding: ?? (extensible): The Participation type of the agent to the event. | |||||||||||
role | 1..1 | CodeableConcept | Agent role in the event Binding: ?? (required): EprParticipant | 1..1 | CodeableConcept | Agent role in the event Binding: ?? (required): EPR Participant |
| ||||||||||
who | Σ | 0..1 | Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson) | Identifier of who | Σ | 0..1 | Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson) | Identifier of who | |||||||||
id | 0..1 | string | Unique id for inter-element referencing | 0..1 | string | Unique id for inter-element referencing | |||||||||||
Slices for extension | 0..* | Extension | Additional content defined by implementations Slice: Unordered, Open by value:url | 0..* | Extension | Additional content defined by implementations Slice: Unordered, Open by value:url | |||||||||||
reference | ΣC | 0..1 | string | Literal reference, Relative, internal or absolute URL | ΣC | 0..1 | string | Literal reference, Relative, internal or absolute URL | |||||||||
type | Σ | 0..1 | uri | Type the reference refers to (e.g. "Patient") Binding: ?? (extensible): Aa resource (or, for logical models, the URI of the logical model). | Σ | 0..1 | uri | Type the reference refers to (e.g. "Patient") Binding: ?? (extensible): Aa resource (or, for logical models, the URI of the logical model). | |||||||||
identifier | Σ | 0..1 | Identifier | Logical reference, when literal reference is not known | Σ | 1..1 | Identifier | Logical reference, when literal reference is not known |
| ||||||||
display | Σ | 0..1 | string | Text alternative for the resource | Σ | 0..1 | string | Text alternative for the resource | |||||||||
altId | 0..1 | string | Alternative User identity | 0..1 | string | Alternative User identity | |||||||||||
name | 1..1 | string | Human-meaningful name for the agent | 1..1 | string | Human friendly name for the agent |
| ||||||||||
requestor | Σ | 1..1 | boolean | Whether user is initiator | Σ | 1..1 | boolean | Whether user is initiator |
| ||||||||
location | 0..1 | Reference(Location) | Where | 0..1 | Reference(Location) | Where | |||||||||||
policy | 0..* | uri | Policy that authorized event | 0..* | uri | Policy that authorized event | |||||||||||
media | 0..1 | Coding | Type of media Binding: ?? (extensible): Used when the event is about exporting/importing onto media. | 0..1 | Coding | Type of media Binding: ?? (extensible): Used when the event is about exporting/importing onto media. | |||||||||||
network | 0..1 | BackboneElement | Logical network location for application activity | 0..1 | BackboneElement | Logical network location for application activity | |||||||||||
id | 0..1 | string | Unique id for inter-element referencing | 0..1 | string | Unique id for inter-element referencing | |||||||||||
extension | 0..* | Extension | Additional content defined by implementations | 0..* | Extension | Additional content defined by implementations | |||||||||||
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | |||||||||
address | 0..1 | string | Identifier for the network access point of the user device | 0..1 | string | Identifier for the network access point of the user device | |||||||||||
type | 0..1 | code | The type of network access point Binding: ?? (required): The type of network access point of this agent in the audit event. | 0..1 | code | The type of network access point Binding: ?? (required): The type of network access point of this agent in the audit event. | |||||||||||
purposeOfUse | 0..* | CodeableConcept | Reason given for this user Binding: ?? (extensible): The reason the activity took place. | 0..* | CodeableConcept | Reason given for this user Binding: ?? (extensible): The reason the activity took place. | |||||||||||
source | 1..1 | BackboneElement | Audit Event Reporter | 1..1 | BackboneElement | Audit Event Reporter | |||||||||||
id | 0..1 | string | Unique id for inter-element referencing | 0..1 | string | Unique id for inter-element referencing | |||||||||||
extension | 0..* | Extension | Additional content defined by implementations | 0..* | Extension | Additional content defined by implementations | |||||||||||
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | |||||||||
site | 0..1 | string | Logical source location within the enterprise | 0..1 | string | Logical source location within the enterprise | |||||||||||
observer | Σ | 1..1 | Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson) | The identity of source detecting the event | Σ | 1..1 | Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson) | The identity of source detecting the event | |||||||||
type | 0..* | Coding | The type of source where event originated Binding: ?? (extensible): Code specifying the type of system that detected and recorded the event. | 0..* | Coding | The type of source where event originated Binding: ?? (extensible): Code specifying the type of system that detected and recorded the event. | |||||||||||
Slices for entity | C | 0..* | BackboneElement | Data or objects used Slice: Unordered, Open by value:type.code | C | 0..* | BackboneElement | Data or objects used Slice: Unordered, Open by value:type.code |
| ||||||||
id | 0..1 | string | Unique id for inter-element referencing | 0..1 | string | Unique id for inter-element referencing | |||||||||||
extension | 0..* | Extension | Additional content defined by implementations | 0..* | Extension | Additional content defined by implementations | |||||||||||
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | |||||||||
what | Σ | 0..1 | Reference(Resource) | Specific instance of resource | Σ | 0..1 | Reference(Resource) | Specific instance of resource | |||||||||
type | 0..1 | Coding | Type of entity involved Binding: ?? (extensible): Code for the entity type involved in the audit event. | 0..1 | Coding | Type of entity involved Binding: ?? (extensible): Code for the entity type involved in the audit event. | |||||||||||
role | 0..1 | Coding | What role the entity played Binding: ?? (extensible): Code representing the role the entity played in the audit event. | 0..1 | Coding | What role the entity played Binding: ?? (extensible): Code representing the role the entity played in the audit event. | |||||||||||
lifecycle | 0..1 | Coding | Life-cycle stage for the entity Binding: ?? (extensible): Identifier for the data life-cycle stage for the entity. | 0..1 | Coding | Life-cycle stage for the entity Binding: ?? (extensible): Identifier for the data life-cycle stage for the entity. | |||||||||||
securityLabel | 0..* | Coding | Security labels on the entity Binding: ?? (extensible): Security Labels from the Healthcare Privacy and Security Classification System. | 0..* | Coding | Security labels on the entity Binding: ?? (extensible): Security Labels from the Healthcare Privacy and Security Classification System. | |||||||||||
name | ΣC | 0..1 | string | Descriptor for entity | ΣC | 0..1 | string | Descriptor for entity | |||||||||
description | 0..1 | string | Descriptive text | 0..1 | string | Descriptive text | |||||||||||
query | ΣC | 0..1 | base64Binary | Query parameters | ΣC | 0..1 | base64Binary | Query parameters | |||||||||
detail | 0..* | BackboneElement | Additional Information about the entity | 0..* | BackboneElement | Additional Information about the entity | |||||||||||
id | 0..1 | string | Unique id for inter-element referencing | 0..1 | string | Unique id for inter-element referencing | |||||||||||
extension | 0..* | Extension | Additional content defined by implementations | 0..* | Extension | Additional content defined by implementations | |||||||||||
modifierExtension | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | |||||||||
type | 1..1 | string | Name of the property | 1..1 | string | Name of the property | |||||||||||
value[x] | 1..1 | string, base64Binary | Property value | 1..1 | string, base64Binary | Property value | |||||||||||
Documentation for this format |