StructureDefinition-IHE.BasicAudit.SAMLaccessTokenUse.Comprehensive

Sourceihe.iti.balp#current:Basic Audit Log Patterns (BALP) (v4.0.1)
resourceTypeStructureDefinition
idIHE.BasicAudit.SAMLaccessTokenUse.Comprehensive
canonicalhttps://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.SAMLaccessTokenUse.Comprehensive
version1.1.2
statusactive
publisherIHE IT Infrastructure Technical Committee
nameSAMLaccessTokenUseComprehensive
titleBasic AuditEvent pattern for when an activity was authorized by an SAML access token Comprehensive
date2023-07-28T13:59:05+00:00
descriptionA basic AuditEvent profile for when an activity was authorized by an SAML access token. This profile is expected to be used with some other detail that explains the activity. This profile only covers the SAML access token. The following table uses a short-hand for the SAML fields and FHIR AuditEvent elements to keep the table compact. It is presumed the reader can understand the SAML field and the FHIR AuditEvent element given. Note the `~` character represents attributes under the SAML `AttributeStatement`. **Builds upon the Minimal** | SAML field | Comprehensive AuditEvent |------------------------------|-----------------------------------| | ID | agent[user].policy | Issuer | agent[user].who.identifier.system | Subject.NameID | agent[user].who.identifier.value | ~subject:role | agent[user].role | ~subject:purposeofuse | agent[user].purposeOfUse | AuthnContextClassRef | agent[user].extension[assuranceLevel] | ~subject:subject-id | agent[user].extension[otherId][subject-id].value | ~subject:npi | agent[user].extension[otherId][npi].value | ~subject:provider-identifier | agent[user].extension[otherId][provider-id].value | ~subject:organization | agent[userorg].who.display | ~subject:organization-id | agent[userorg].who.identifier.value | ~homeCommunityId | agent[homeCommunityId].who.identifier.value | ~bppc:2007:docid | entity[consent].what.identifier.value | ~xua:2012:acp | entity[consent].detail.valueString | ~resource:resource-id | entity[consent-patient].what.identifier.value
jurisdictionsuv
fhirVersion4.0.1
kindresource
abstractfalse
sdTtypeAuditEvent
derivationconstraint
basehttp://hl7.org/fhir/StructureDefinition/AuditEvent
Usages
Name Flags Card. Type Description & Constraints doco
. . AuditEvent AuditEvent
. . . Slices for agent Slice: Unordered, Open by pattern:type
. . . . agent:All Slices Content/Rules for all slices
. . . . . Slices for extension Slice: Unordered, Open by value:url
. . . . . assuranceLevel S 0..* CodeableConcept AuditEvent.agent Assurance Level
URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-assuranceLevel
Binding: todo ( preferred )
. . . . . otherId S 0..* Identifier AuditEvent.agent other identifiers
URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-otherId
. . . . agent:user 1..*
. . . . . Slices for extension Slice: Unordered, Open by value:url, value:value.ofType(Identifier).type
. . . . . . assuranceLevel S 0..* CodeableConcept AuditEvent.agent Assurance Level
URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-assuranceLevel
Binding: todo ( preferred )
. . . . . . otherId S 0..* Identifier AuditEvent.agent other identifiers
URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-otherId
. . . . . . extension:otherId/subject-id 0..*
. . . . . . . value[x]
. . . . . . . . type Required Pattern: At least the following
. . . . . . . . . coding 1..* Coding Code defined by a terminology system
Fixed Value: (complex)
. . . . . . . . . . system 1..1 uri Identity of the terminology system
Fixed Value: https://profiles.ihe.net/ITI/BALP/CodeSystem/OtherIdentifierTypes
. . . . . . . . . . code 1..1 code Symbol in syntax defined by the system
Fixed Value: SAML-subject-id
. . . . . . . . value S 1.. SAML Attribute subject-id
. . . . . . extension:otherId/npi 0..*
. . . . . . . value[x]
. . . . . . . . type Required Pattern: At least the following
. . . . . . . . . coding 1..* Coding Code defined by a terminology system
Fixed Value: (complex)
. . . . . . . . . . system 1..1 uri Identity of the terminology system
Fixed Value: http://terminology.hl7.org/CodeSystem/v2-0203
. . . . . . . . . . code 1..1 code Symbol in syntax defined by the system
Fixed Value: NPI
. . . . . . . . value S 1.. SAML Attribute npi
. . . . . . extension:otherId/provider-id 0..*
. . . . . . . value[x]
. . . . . . . . type Required Pattern: At least the following
. . . . . . . . . coding 1..* Coding Code defined by a terminology system
Fixed Value: (complex)
. . . . . . . . . . system 1..1 uri Identity of the terminology system
Fixed Value: http://terminology.hl7.org/CodeSystem/v2-0203
. . . . . . . . . . code 1..1 code Symbol in syntax defined by the system
Fixed Value: PRN
. . . . . . . . value S 1.. SAML Attribute provider-identifier
. . . . . type 1.. Required Pattern: At least the following
. . . . . . coding 1..* Coding Code defined by a terminology system
Fixed Value: (complex)
. . . . . . . system 1..1 uri Identity of the terminology system
Fixed Value: https://profiles.ihe.net/ITI/BALP/CodeSystem/UserAgentTypes
. . . . . . . code 1..1 code Symbol in syntax defined by the system
Fixed Value: UserSamlAgent
. . . . . role S SAML subject:role(s)
. . . . . who 1..
. . . . . . identifier
. . . . . . . system S SAML Issuer
. . . . . . . value S 1.. SAML Subject.NameID
. . . . . altId .. 0
. . . . . requestor Required Pattern: true
. . . . . policy S 1..1 SAML token ID
. . . . . media .. 0
. . . . . network .. 0
. . . . . purposeOfUse S SAML subject:purposeofuse
. . . . agent:userorg 0..*
. . . . . assuranceLevel S 0..* CodeableConcept AuditEvent.agent Assurance Level
URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-assuranceLevel
Binding: todo ( preferred )
. . . . . otherId S 0..* Identifier AuditEvent.agent other identifiers
URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-otherId
. . . . . type 1.. Required Pattern: At least the following
. . . . . . coding 1..* Coding Code defined by a terminology system
Fixed Value: (complex)
. . . . . . . system 1..1 uri Identity of the terminology system
Fixed Value: http://terminology.hl7.org/CodeSystem/v3-RoleClass
. . . . . . . code 1..1 code Symbol in syntax defined by the system
Fixed Value: PROV
. . . . . role .. 0
. . . . . who
. . . . . . identifier
. . . . . . . value S 1.. SAML Attribute urn:oasis:names:tc:xspa:1.0:subject:organization-id
. . . . . . display S 1.. SAML Attribute urn:oasis:names:tc:xspa:1.0:subject:organization
. . . . . altId .. 0
. . . . . name .. 0
. . . . . requestor Required Pattern: false
. . . . . location .. 0
. . . . . policy .. 0
. . . . . media .. 0
. . . . . network .. 0
. . . . . purposeOfUse .. 0
. . . . agent:homeCommunityId 0..*
. . . . . assuranceLevel S 0..* CodeableConcept AuditEvent.agent Assurance Level
URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-assuranceLevel
Binding: todo ( preferred )
. . . . . otherId S 0..* Identifier AuditEvent.agent other identifiers
URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/ihe-otherId
. . . . . type 1.. Required Pattern: At least the following
. . . . . . coding 1..* Coding Code defined by a terminology system
Fixed Value: (complex)
. . . . . . . system 1..1 uri Identity of the terminology system
Fixed Value: urn:ihe:iti:xca:2010
. . . . . . . code 1..1 code Symbol in syntax defined by the system
Fixed Value: homeCommunityId
. . . . . role .. 0
. . . . . who
. . . . . . identifier S 1.. homeCommunityId
. . . . . altId .. 0
. . . . . name .. 0
. . . . . requestor Required Pattern: false
. . . . . location .. 0
. . . . . policy .. 0
. . . . . media .. 0
. . . . . network .. 0
. . . . . purposeOfUse .. 0
. . . Slices for entity Slice: Unordered, Open by pattern:type
. . . . entity:consent 0..*
. . . . . what
. . . . . . identifier S BPPC Patient Privacy Policy Acknowledgement Document unique id
. . . . . type 1.. Required Pattern: At least the following
. . . . . . system 1..1 uri Identity of the terminology system
Fixed Value: http://hl7.org/fhir/resource-types
. . . . . . code 1..1 code Symbol in syntax defined by the system
Fixed Value: Consent
. . . . . Slices for detail Slice: Unordered, Open by pattern:type
. . . . . . detail:acp 0..1 Home Community ID where the Consent is.
. . . . . . . type Required Pattern: urn:ihe:iti:xua:2012:acp
. . . . . . . value[x] string
. . . . . . detail:patient-id 0..1 The Patient Identity where the Consent is.
. . . . . . . type Required Pattern: urn:oasis:names:tc:xacml:2.0:resource:resource-id
. . . . . . . value[x] string

doco Documentation for this format

Produced 08 Sep 2023