StructureDefinition-IHE.BasicAudit.AuthZconsent

Sourceihe.iti.balp#current:Basic Audit Log Patterns (BALP) (v4.0.1)
resourceTypeStructureDefinition
idIHE.BasicAudit.AuthZconsent
canonicalhttps://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.AuthZconsent
version1.1.2
statusactive
publisherIHE IT Infrastructure Technical Committee
nameAuthZconsent
titleBasic AuditEvent pattern for when an Authorization permit is decided
date2023-07-28T13:59:05+00:00
descriptionAn AduitEvent recording a permit authorization decision by a Consent Decision Service, - Given an Authorization Decision resulted in a permit - And based on a Consent resource (C1) - And filed by a patient (P1), - And in response to a request by an organization (Org1) - And for the purpose of treatment (TREAT). - And the given request is authorized - When an AuditEvent is recorded for the activity - Then that AuditEvent would follow this profile regarding recording the authorization decision - Security Alert - Authorization Decison by Consent - Execute action - date/time recorded - outcome - success when Permit - failure when Deny - outcomeDesc would explain why a deny - recorded by the authorization server - Agents - client app - user - user requested purposeOfUse - user organization - authorization service - Entity - patient subject - consent on file for that patient - the token id (JWT ID) issued (if one is issued) should be recorded - other data may be recorded that was used in the decision
jurisdictionsuv
fhirVersion4.0.1
kindresource
abstractfalse
sdTtypeAuditEvent
derivationconstraint
basehttp://hl7.org/fhir/StructureDefinition/AuditEvent
Usages
Name Flags Card. Type Description & Constraints doco
. . AuditEvent AuditEvent
. . . modifierExtension .. 0
. . . type Required Pattern: At least the following
. . . . system 1..1 uri Identity of the terminology system
Fixed Value: http://dicom.nema.org/resources/ontology/DCM
. . . . code 1..1 code Symbol in syntax defined by the system
Fixed Value: 110113
. . . subtype Binding: Authorization subType events valueset ( required )
. . . action Required Pattern: E
. . . outcome 1..
. . . outcomeDesc S
. . . purposeOfEvent S
. . . Slices for agent 4 .. Slice: Unordered, Open by pattern:type
. . . . agent:client 1..1
. . . . . type 1.. Required Pattern: At least the following
. . . . . . coding 1..* Coding Code defined by a terminology system
Fixed Value: (complex)
. . . . . . . system 1..1 uri Identity of the terminology system
Fixed Value: http://dicom.nema.org/resources/ontology/DCM
. . . . . . . code 1..1 code Symbol in syntax defined by the system
Fixed Value: 110150
. . . . . role .. 0
. . . . . who 1..
. . . . . altId .. 0
. . . . . name .. 0
. . . . . location .. 0
. . . . . policy S
. . . . . media .. 0
. . . . . network 1..
. . . . . purposeOfUse .. 0
. . . . agent:user 1..1
. . . . . type 1.. Required Pattern: At least the following
. . . . . . coding 1..* Coding Code defined by a terminology system
Fixed Value: (complex)
. . . . . . . system 1..1 uri Identity of the terminology system
Fixed Value: http://terminology.hl7.org/CodeSystem/v3-ParticipationType
. . . . . . . code 1..1 code Symbol in syntax defined by the system
Fixed Value: IRCP
. . . . . role S
. . . . . who 1..
. . . . . altId .. 0
. . . . . name S
. . . . . requestor Required Pattern: true
. . . . . location .. 0
. . . . . policy S
. . . . . media .. 0
. . . . . network .. 0
. . . . . purposeOfUse S
. . . . agent:userorg 1..1
. . . . . type 1.. Required Pattern: At least the following
. . . . . . coding 1..* Coding Code defined by a terminology system
Fixed Value: (complex)
. . . . . . . system 1..1 uri Identity of the terminology system
Fixed Value: http://terminology.hl7.org/CodeSystem/v3-RoleClass
. . . . . . . code 1..1 code Symbol in syntax defined by the system
Fixed Value: PROV
. . . . . role .. 0
. . . . . who S 1..
. . . . . altId .. 0
. . . . . name .. 0
. . . . . requestor Required Pattern: false
. . . . . location .. 0
. . . . . policy .. 0
. . . . . media .. 0
. . . . . network .. 0
. . . . . purposeOfUse S
. . . . agent:authorizer C 1..1 val-audit-source: The Audit Source is this agent too.
. . . . . type 1.. Required Pattern: At least the following
. . . . . . coding 1..* Coding Code defined by a terminology system
Fixed Value: (complex)
. . . . . . . system 1..1 uri Identity of the terminology system
Fixed Value: http://terminology.hl7.org/CodeSystem/extra-security-role-type
. . . . . . . code 1..1 code Symbol in syntax defined by the system
Fixed Value: authserver
. . . . . role .. 0
. . . . . who 1..
. . . . . altId .. 0
. . . . . name .. 0
. . . . . requestor Required Pattern: false
. . . . . location .. 0
. . . . . policy .. 0
. . . . . media .. 0
. . . . . network .. 0
. . . . . purposeOfUse .. 0
. . . Slices for entity 2 .. Slice: Unordered, Closed by pattern:type
. . . . entity:patient 1..1
. . . . . what 1.. Reference ( Patient )
. . . . . type 1.. Required Pattern: At least the following
. . . . . . system 1..1 uri Identity of the terminology system
Fixed Value: http://terminology.hl7.org/CodeSystem/audit-entity-type
. . . . . . code 1..1 code Symbol in syntax defined by the system
Fixed Value: 1
. . . . . role Required Pattern: At least the following
. . . . . . system 1..1 uri Identity of the terminology system
Fixed Value: http://terminology.hl7.org/CodeSystem/object-role
. . . . . . code 1..1 code Symbol in syntax defined by the system
Fixed Value: 1
. . . . entity:consent 1..*
. . . . . what S 1..
. . . . . type 1.. Required Pattern: At least the following
. . . . . . system 1..1 uri Identity of the terminology system
Fixed Value: http://hl7.org/fhir/resource-types
. . . . . . code 1..1 code Symbol in syntax defined by the system
Fixed Value: Consent
. . . . entity:token 0..1
. . . . . what 1..
. . . . . . identifier 1..
. . . . . . . value 1.. jti (JWT ID)
. . . . . type 1.. Required Pattern: At least the following
. . . . . . system 1..1 uri Identity of the terminology system
Fixed Value: https://profiles.ihe.net/ITI/BALP/CodeSystem/UserAgentTypes
. . . . . . code 1..1 code Symbol in syntax defined by the system
Fixed Value: UserOauthAgent

doco Documentation for this format

Produced 08 Sep 2023