CH EPR mHealth (R4)
3.0.0-ballot - ballot Switzerland flag

This page is part of the CH EPR mHealth (R4) (v3.0.0-ballot: Draft Ballot 1) based on FHIR R4. This is the current published version in its permanent home (it will always be available at this URL). For a full list of available versions, see the Directory of published versions

Record Audit Event [ITI-20]

Scope

This section describes the national extension for the Swiss EPR of the Send Audit Resource Request Message – RESTful interaction [ITI-20] transaction defined in the RESTful ATNA profile which is currently prepared as IHE Trial Implementation with the working title ”Add RESTful ATNA (Query and Feed)”. The Audit Record Repository SHALL support the ATX: FHIR Feed Option.

Actor Roles

Actor: Any actor or any other application that is grouped with the Secure Node or Secure Application.
Role: Create an audit record and transmit this record to the Audit Record Repository.
Actor: Audit Record Repository
Role: Receive an audit record from the Audit Record Creator and store this for audit purposes.

Referenced Standards

Add RESTful ATNA (Query and Feed), Rev. 3.3 – Trial Implementation, July 2, 2021
This RESTful ATNA profile is based on Release 4 of the HL7® FHIR® standard.

Messages

The “Send Audit Resource Request Message – FHIR Feed Interaction” is used for auditing the FHIR Audit Event Resource using the RESTful protocol.

Interaction Diagram for [ITI-20]Secure ApplicationSecure NodeAudit Record ForwarderSecure ApplicationSecure NodeAudit Record ForwarderAudit RecordRepositoryAudit RecordRepositorySend Audit Resource RequestSend Audit Resource ResponseSend Audit Bundle RequestSend Audit Bundle Response

Trigger Events

This message is sent when an actor that is grouped with Secure Node or Secure Application or an Audit Record Forwarder needs to post a single or multiple AuditEvent Resource to the Audit Record Repository.

Message Semantics

Expected Actions

Same message semantics and expected actions apply as described in the ITI-20 transaction.

Security Consideration

TLS SHALL be used.

Audit Example for a Provide Bundle Transaction from source perspective.