Patient Generated Health Data Implementation Guide - Local Development build (v0.1.0) built by the FHIR (HL7® FHIR® Standard) Build Tools. See the Directory of published versions
Resource Profile: AuditEventDataAccess
| Official URL: https://pghd.na.icar.cnr.it/StructureDefinition/data-access-audit-event | Version: 0.1.0 | |||
| Active as of 2026-03-19 | Computable Name: AuditEventDataAccess | |||
Representatione Profile for recording clinical and research data access as seen in mobile interfaces
Usages:
- Examples for this Profile: AuditEvent/ExampleAudit
You can also check for usages in the FHIR IG Statistics
Formal Views of Profile Content
Description of Profiles, Differentials, Snapshots and how the different presentations work.
| Name | Flags | Card. | Type | Description & Constraints Filter:   |
|---|---|---|---|---|
  AuditEvent |
0..* | AuditEvent | Event record kept for security purposes | |
  implicitRules |
?!Σ | 0..1 | uri | A set of rules under which this content was created |
 modifierExtension |
?! | 0..* | Extension | Extensions that cannot be ignored |
 type |
Σ | 1..1 | Coding | Type/identifier of event Binding: AuditEventID (extensible): Type of event. |
| action |
Σ | 0..1 | code | Type of action performed during the event Binding: AuditEventAction (required): Indicator for type of action performed during the event that generated the event. Required Pattern: R |
| recorded |
SΣ | 1..1 | instant | Time when the event was recorded |
| outcome |
SΣ | 1..1 | code | Whether the event succeeded or failed Binding: AuditEventOutcome (required): Indicates whether the event succeeded or failed. |
| purposeOfEvent |
SΣ | 1..* | CodeableConcept | The purposeOfUse of the event Binding: PurposeOfUse (extensible): The reason the activity took place. |
 agent |
S | 1..* | BackboneElement | Actor involved in the event |
  Slices for extension |
1..* | Extension | Extension Slice: Unordered, Open by value:url | |
  extension:context |
S | 1..1 | (Complex) | Context URL: https://pghd.na.icar.cnr.it/StructureDefinition/access-context |
  extension |
0..0 | Extension Slice: Unordered, Open by value:url | ||
| url |
1..1 | uri | "https://pghd.na.icar.cnr.it/StructureDefinition/access-context" | |
 value[x] |
S | 1..1 | code | Context Level Binding: http://pghd.na.icar.cnr.it/ValueSet/ContextAccessVS (required) |
| modifierExtension |
?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized |
| requestor |
Σ | 1..1 | boolean | Whether user is initiator |
 location |
S | 0..1 | Reference(Location) | Where |
 policy |
S | 0..* | uri | Policy that authorized event |
 source |
1..1 | BackboneElement | Audit Event Reporter | |
| modifierExtension |
?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized |
| observer |
Σ | 1..1 | Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson) | The identity of source detecting the event |
| Documentation for this format | ||||
Terminology Bindings
| Path | Status | Usage | ValueSet | Version | Source |
| AuditEvent.type | Base | extensible | Audit Event ID | 📍4.0.1 | FHIR Std. |
| AuditEvent.action | Base | required | AuditEventAction | 📍4.0.1 | FHIR Std. |
| AuditEvent.outcome | Base | required | AuditEventOutcome | 📍4.0.1 | FHIR Std. |
| AuditEvent.purposeOfEvent | Base | extensible | PurposeOfUse | 📦3.1.0 | THO v7.1 |
| AuditEvent.agent.extension:context.value[x] | Base | required | http://pghd.na.icar.cnr.it/ValueSet/ContextAccessVS | Not State | Unknown |
Constraints
| Id | Grade | Path(s) | Description | Expression |
| dom-2 | error | AuditEvent | If the resource is contained in another resource, it SHALL NOT contain nested Resources |
contained.contained.empty()
|
| dom-3 | error | AuditEvent | If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource |
contained.where((('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(canonical) = '#').exists()).not()).trace('unmatched', id).empty()
|
| dom-4 | error | AuditEvent | If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated |
contained.meta.versionId.empty() and contained.meta.lastUpdated.empty()
|
| dom-5 | error | AuditEvent | If a resource is contained in another resource, it SHALL NOT have a security label |
contained.meta.security.empty()
|
| dom-6 | best practice | AuditEvent | A resource should have narrative for robust management |
text.`div`.exists()
|
| ele-1 | error | **ALL** elements | All FHIR elements must have a @value or children |
hasValue() or (children().count() > id.count())
|
| ext-1 | error | **ALL** extensions | Must have either extensions or value[x], not both |
extension.exists() != value.exists()
|
This structure is derived from AuditEvent
| Name | Flags | Card. | Type | Description & Constraints Filter: |
|---|---|---|---|---|
| AuditEvent |
0..* | AuditEvent | Event record kept for security purposes | |
 action |
0..1 | code | Type of action performed during the event Required Pattern: R | |
| recorded |
S | 1..1 | instant | Time when the event was recorded |
| outcome |
S | 1..1 | code | Whether the event succeeded or failed |
| purposeOfEvent |
S | 1..* | CodeableConcept | The purposeOfUse of the event |
| agent |
S | 1..* | BackboneElement | Actor involved in the event |
| Slices for extension |
1..* | Extension | Extension Slice: Unordered, Open by value:url | |
| extension:context |
S | 1..1 | (Complex) | Context URL: https://pghd.na.icar.cnr.it/StructureDefinition/access-context |
| value[x] |
S | 1..1 | code | Context Level |
| location |
S | 0..1 | Reference(Location) | Where |
| policy |
S | 0..* | uri | Policy that authorized event |
| Documentation for this format | ||||
| Name | Flags | Card. | Type | Description & Constraints Filter: | ||||
|---|---|---|---|---|---|---|---|---|
| AuditEvent |
0..* | AuditEvent | Event record kept for security purposes | |||||
| id |
Σ | 0..1 | id | Logical id of this artifact | ||||
| meta |
Σ | 0..1 | Meta | Metadata about the resource | ||||
| implicitRules |
?!Σ | 0..1 | uri | A set of rules under which this content was created | ||||
| language |
0..1 | code | Language of the resource content Binding: CommonLanguages (preferred): A human language.
| |||||
| text |
0..1 | Narrative | Text summary of the resource, for human interpretation This profile does not constrain the narrative in regard to content, language, or traceability to data elements | |||||
| contained |
0..* | Resource | Contained, inline Resources | |||||
| extension |
0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension |
?! | 0..* | Extension | Extensions that cannot be ignored | ||||
| type |
Σ | 1..1 | Coding | Type/identifier of event Binding: AuditEventID (extensible): Type of event. | ||||
| subtype |
Σ | 0..* | Coding | More specific type/id for the event Binding: AuditEventSub-Type (extensible): Sub-type of event. | ||||
| action |
Σ | 0..1 | code | Type of action performed during the event Binding: AuditEventAction (required): Indicator for type of action performed during the event that generated the event. Required Pattern: R | ||||
| period |
0..1 | Period | When the activity occurred | |||||
| recorded |
SΣ | 1..1 | instant | Time when the event was recorded | ||||
| outcome |
SΣ | 1..1 | code | Whether the event succeeded or failed Binding: AuditEventOutcome (required): Indicates whether the event succeeded or failed. | ||||
| outcomeDesc |
Σ | 0..1 | string | Description of the event outcome | ||||
| purposeOfEvent |
SΣ | 1..* | CodeableConcept | The purposeOfUse of the event Binding: PurposeOfUse (extensible): The reason the activity took place. | ||||
| agent |
S | 1..* | BackboneElement | Actor involved in the event | ||||
| id |
0..1 | string | Unique id for inter-element referencing | |||||
| Slices for extension |
1..* | Extension | Extension Slice: Unordered, Open by value:url | |||||
| extension:context |
S | 1..1 | (Complex) | Context URL: https://pghd.na.icar.cnr.it/StructureDefinition/access-context | ||||
| id |
0..1 | string | Unique id for inter-element referencing | |||||
| extension |
0..0 | Extension Slice: Unordered, Open by value:url | ||||||
| url |
1..1 | uri | "https://pghd.na.icar.cnr.it/StructureDefinition/access-context" | |||||
| value[x] |
S | 1..1 | code | Context Level Binding: http://pghd.na.icar.cnr.it/ValueSet/ContextAccessVS (required) | ||||
| modifierExtension |
?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| type |
0..1 | CodeableConcept | How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. | |||||
| role |
0..* | CodeableConcept | Agent role in the event Binding: SecurityRoleType (example): What security role enabled the agent to participate in the event. | |||||
| who |
Σ | 0..1 | Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson) | Identifier of who | ||||
| altId |
0..1 | string | Alternative User identity | |||||
| name |
0..1 | string | Human friendly name for the agent | |||||
| requestor |
Σ | 1..1 | boolean | Whether user is initiator | ||||
| location |
S | 0..1 | Reference(Location) | Where | ||||
| policy |
S | 0..* | uri | Policy that authorized event | ||||
| media |
0..1 | Coding | Type of media Binding: MediaTypeCode (extensible): Used when the event is about exporting/importing onto media. | |||||
| network |
0..1 | BackboneElement | Logical network location for application activity | |||||
| id |
0..1 | string | Unique id for inter-element referencing | |||||
| extension |
0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension |
?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| address |
0..1 | string | Identifier for the network access point of the user device | |||||
| type |
0..1 | code | The type of network access point Binding: AuditEventAgentNetworkType (required): The type of network access point of this agent in the audit event. | |||||
| purposeOfUse |
0..* | CodeableConcept | Reason given for this user Binding: PurposeOfUse (extensible): The reason the activity took place. | |||||
| source |
1..1 | BackboneElement | Audit Event Reporter | |||||
| id |
0..1 | string | Unique id for inter-element referencing | |||||
| extension |
0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension |
?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| site |
0..1 | string | Logical source location within the enterprise | |||||
| observer |
Σ | 1..1 | Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson) | The identity of source detecting the event | ||||
| type |
0..* | Coding | The type of source where event originated Binding: AuditEventSourceType (extensible): Code specifying the type of system that detected and recorded the event. | |||||
| entity |
C | 0..* | BackboneElement | Data or objects used Constraints: sev-1 | ||||
| id |
0..1 | string | Unique id for inter-element referencing | |||||
| extension |
0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension |
?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| what |
Σ | 0..1 | Reference(Resource) | Specific instance of resource | ||||
| type |
0..1 | Coding | Type of entity involved Binding: AuditEventEntityType (extensible): Code for the entity type involved in the audit event. | |||||
| role |
0..1 | Coding | What role the entity played Binding: AuditEventEntityRole (extensible): Code representing the role the entity played in the audit event. | |||||
| lifecycle |
0..1 | Coding | Life-cycle stage for the entity Binding: ObjectLifecycleEvents (extensible): Identifier for the data life-cycle stage for the entity. | |||||
| securityLabel |
0..* | Coding | Security labels on the entity Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System. | |||||
| name |
ΣC | 0..1 | string | Descriptor for entity | ||||
| description |
0..1 | string | Descriptive text | |||||
| query |
ΣC | 0..1 | base64Binary | Query parameters | ||||
| detail |
0..* | BackboneElement | Additional Information about the entity | |||||
| id |
0..1 | string | Unique id for inter-element referencing | |||||
| extension |
0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension |
?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| type |
1..1 | string | Name of the property | |||||
 value[x] |
1..1 | Property value | ||||||
| valueString |
string | |||||||
| valueBase64Binary |
base64Binary | |||||||
| Documentation for this format | ||||||||
Terminology Bindings
| Path | Status | Usage | ValueSet | Version | Source |
| AuditEvent.language | Base | preferred | Common Languages | 📍4.0.1 | FHIR Std. |
| AuditEvent.type | Base | extensible | Audit Event ID | 📍4.0.1 | FHIR Std. |
| AuditEvent.subtype | Base | extensible | Audit Event Sub-Type | 📍4.0.1 | FHIR Std. |
| AuditEvent.action | Base | required | AuditEventAction | 📍4.0.1 | FHIR Std. |
| AuditEvent.outcome | Base | required | AuditEventOutcome | 📍4.0.1 | FHIR Std. |
| AuditEvent.purposeOfEvent | Base | extensible | PurposeOfUse | 📦3.1.0 | THO v7.1 |
| AuditEvent.agent.extension:context.value[x] | Base | required | http://pghd.na.icar.cnr.it/ValueSet/ContextAccessVS | Not State | Unknown |
| AuditEvent.agent.type | Base | extensible | ParticipationRoleType | 📍4.0.1 | FHIR Std. |
| AuditEvent.agent.role | Base | example | SecurityRoleType | 📍4.0.1 | FHIR Std. |
| AuditEvent.agent.media | Base | extensible | Media Type Code | 📍4.0.1 | FHIR Std. |
| AuditEvent.agent.network.type | Base | required | AuditEventAgentNetworkType | 📍4.0.1 | FHIR Std. |
| AuditEvent.agent.purposeOfUse | Base | extensible | PurposeOfUse | 📦3.1.0 | THO v7.1 |
| AuditEvent.source.type | Base | extensible | Audit Event Source Type | 📍4.0.1 | FHIR Std. |
| AuditEvent.entity.type | Base | extensible | Audit event entity type | 📍4.0.1 | FHIR Std. |
| AuditEvent.entity.role | Base | extensible | AuditEventEntityRole | 📍4.0.1 | FHIR Std. |
| AuditEvent.entity.lifecycle | Base | extensible | ObjectLifecycleEvents | 📍4.0.1 | FHIR Std. |
| AuditEvent.entity.securityLabel | Base | extensible | SecurityLabels | 📍4.0.1 | FHIR Std. |
Constraints
| Id | Grade | Path(s) | Description | Expression |
| dom-2 | error | AuditEvent | If the resource is contained in another resource, it SHALL NOT contain nested Resources |
contained.contained.empty()
|
| dom-3 | error | AuditEvent | If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource |
contained.where((('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(canonical) = '#').exists()).not()).trace('unmatched', id).empty()
|
| dom-4 | error | AuditEvent | If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated |
contained.meta.versionId.empty() and contained.meta.lastUpdated.empty()
|
| dom-5 | error | AuditEvent | If a resource is contained in another resource, it SHALL NOT have a security label |
contained.meta.security.empty()
|
| dom-6 | best practice | AuditEvent | A resource should have narrative for robust management |
text.`div`.exists()
|
| ele-1 | error | **ALL** elements | All FHIR elements must have a @value or children |
hasValue() or (children().count() > id.count())
|
| ext-1 | error | **ALL** extensions | Must have either extensions or value[x], not both |
extension.exists() != value.exists()
|
| sev-1 | error | AuditEvent.entity | Either a name or a query (NOT both) |
name.empty() or query.empty()
|
This structure is derived from AuditEvent
Key Elements View
| Name | Flags | Card. | Type | Description & Constraints Filter: |
|---|---|---|---|---|
| AuditEvent |
0..* | AuditEvent | Event record kept for security purposes | |
| implicitRules |
?!Σ | 0..1 | uri | A set of rules under which this content was created |
| modifierExtension |
?! | 0..* | Extension | Extensions that cannot be ignored |
| type |
Σ | 1..1 | Coding | Type/identifier of event Binding: AuditEventID (extensible): Type of event. |
| action |
Σ | 0..1 | code | Type of action performed during the event Binding: AuditEventAction (required): Indicator for type of action performed during the event that generated the event. Required Pattern: R |
| recorded |
SΣ | 1..1 | instant | Time when the event was recorded |
| outcome |
SΣ | 1..1 | code | Whether the event succeeded or failed Binding: AuditEventOutcome (required): Indicates whether the event succeeded or failed. |
| purposeOfEvent |
SΣ | 1..* | CodeableConcept | The purposeOfUse of the event Binding: PurposeOfUse (extensible): The reason the activity took place. |
| agent |
S | 1..* | BackboneElement | Actor involved in the event |
| Slices for extension |
1..* | Extension | Extension Slice: Unordered, Open by value:url | |
| extension:context |
S | 1..1 | (Complex) | Context URL: https://pghd.na.icar.cnr.it/StructureDefinition/access-context |
| extension |
0..0 | Extension Slice: Unordered, Open by value:url | ||
| url |
1..1 | uri | "https://pghd.na.icar.cnr.it/StructureDefinition/access-context" | |
| value[x] |
S | 1..1 | code | Context Level Binding: http://pghd.na.icar.cnr.it/ValueSet/ContextAccessVS (required) |
| modifierExtension |
?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized |
| requestor |
Σ | 1..1 | boolean | Whether user is initiator |
| location |
S | 0..1 | Reference(Location) | Where |
| policy |
S | 0..* | uri | Policy that authorized event |
| source |
1..1 | BackboneElement | Audit Event Reporter | |
| modifierExtension |
?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized |
| observer |
Σ | 1..1 | Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson) | The identity of source detecting the event |
| Documentation for this format | ||||
Terminology Bindings
| Path | Status | Usage | ValueSet | Version | Source |
| AuditEvent.type | Base | extensible | Audit Event ID | 📍4.0.1 | FHIR Std. |
| AuditEvent.action | Base | required | AuditEventAction | 📍4.0.1 | FHIR Std. |
| AuditEvent.outcome | Base | required | AuditEventOutcome | 📍4.0.1 | FHIR Std. |
| AuditEvent.purposeOfEvent | Base | extensible | PurposeOfUse | 📦3.1.0 | THO v7.1 |
| AuditEvent.agent.extension:context.value[x] | Base | required | http://pghd.na.icar.cnr.it/ValueSet/ContextAccessVS | Not State | Unknown |
Constraints
| Id | Grade | Path(s) | Description | Expression |
| dom-2 | error | AuditEvent | If the resource is contained in another resource, it SHALL NOT contain nested Resources |
contained.contained.empty()
|
| dom-3 | error | AuditEvent | If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource |
contained.where((('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(canonical) = '#').exists()).not()).trace('unmatched', id).empty()
|
| dom-4 | error | AuditEvent | If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated |
contained.meta.versionId.empty() and contained.meta.lastUpdated.empty()
|
| dom-5 | error | AuditEvent | If a resource is contained in another resource, it SHALL NOT have a security label |
contained.meta.security.empty()
|
| dom-6 | best practice | AuditEvent | A resource should have narrative for robust management |
text.`div`.exists()
|
| ele-1 | error | **ALL** elements | All FHIR elements must have a @value or children |
hasValue() or (children().count() > id.count())
|
| ext-1 | error | **ALL** extensions | Must have either extensions or value[x], not both |
extension.exists() != value.exists()
|
Differential View
This structure is derived from AuditEvent
| Name | Flags | Card. | Type | Description & Constraints Filter: |
|---|---|---|---|---|
| AuditEvent |
0..* | AuditEvent | Event record kept for security purposes | |
| action |
0..1 | code | Type of action performed during the event Required Pattern: R | |
| recorded |
S | 1..1 | instant | Time when the event was recorded |
| outcome |
S | 1..1 | code | Whether the event succeeded or failed |
| purposeOfEvent |
S | 1..* | CodeableConcept | The purposeOfUse of the event |
| agent |
S | 1..* | BackboneElement | Actor involved in the event |
| Slices for extension |
1..* | Extension | Extension Slice: Unordered, Open by value:url | |
| extension:context |
S | 1..1 | (Complex) | Context URL: https://pghd.na.icar.cnr.it/StructureDefinition/access-context |
| value[x] |
S | 1..1 | code | Context Level |
| location |
S | 0..1 | Reference(Location) | Where |
| policy |
S | 0..* | uri | Policy that authorized event |
| Documentation for this format | ||||
Snapshot View
| Name | Flags | Card. | Type | Description & Constraints Filter: | ||||
|---|---|---|---|---|---|---|---|---|
| AuditEvent |
0..* | AuditEvent | Event record kept for security purposes | |||||
| id |
Σ | 0..1 | id | Logical id of this artifact | ||||
| meta |
Σ | 0..1 | Meta | Metadata about the resource | ||||
| implicitRules |
?!Σ | 0..1 | uri | A set of rules under which this content was created | ||||
| language |
0..1 | code | Language of the resource content Binding: CommonLanguages (preferred): A human language.
| |||||
| text |
0..1 | Narrative | Text summary of the resource, for human interpretation This profile does not constrain the narrative in regard to content, language, or traceability to data elements | |||||
| contained |
0..* | Resource | Contained, inline Resources | |||||
| extension |
0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension |
?! | 0..* | Extension | Extensions that cannot be ignored | ||||
| type |
Σ | 1..1 | Coding | Type/identifier of event Binding: AuditEventID (extensible): Type of event. | ||||
| subtype |
Σ | 0..* | Coding | More specific type/id for the event Binding: AuditEventSub-Type (extensible): Sub-type of event. | ||||
| action |
Σ | 0..1 | code | Type of action performed during the event Binding: AuditEventAction (required): Indicator for type of action performed during the event that generated the event. Required Pattern: R | ||||
| period |
0..1 | Period | When the activity occurred | |||||
| recorded |
SΣ | 1..1 | instant | Time when the event was recorded | ||||
| outcome |
SΣ | 1..1 | code | Whether the event succeeded or failed Binding: AuditEventOutcome (required): Indicates whether the event succeeded or failed. | ||||
| outcomeDesc |
Σ | 0..1 | string | Description of the event outcome | ||||
| purposeOfEvent |
SΣ | 1..* | CodeableConcept | The purposeOfUse of the event Binding: PurposeOfUse (extensible): The reason the activity took place. | ||||
| agent |
S | 1..* | BackboneElement | Actor involved in the event | ||||
| id |
0..1 | string | Unique id for inter-element referencing | |||||
| Slices for extension |
1..* | Extension | Extension Slice: Unordered, Open by value:url | |||||
| extension:context |
S | 1..1 | (Complex) | Context URL: https://pghd.na.icar.cnr.it/StructureDefinition/access-context | ||||
| id |
0..1 | string | Unique id for inter-element referencing | |||||
| extension |
0..0 | Extension Slice: Unordered, Open by value:url | ||||||
| url |
1..1 | uri | "https://pghd.na.icar.cnr.it/StructureDefinition/access-context" | |||||
| value[x] |
S | 1..1 | code | Context Level Binding: http://pghd.na.icar.cnr.it/ValueSet/ContextAccessVS (required) | ||||
| modifierExtension |
?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| type |
0..1 | CodeableConcept | How agent participated Binding: ParticipationRoleType (extensible): The Participation type of the agent to the event. | |||||
| role |
0..* | CodeableConcept | Agent role in the event Binding: SecurityRoleType (example): What security role enabled the agent to participate in the event. | |||||
| who |
Σ | 0..1 | Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson) | Identifier of who | ||||
| altId |
0..1 | string | Alternative User identity | |||||
| name |
0..1 | string | Human friendly name for the agent | |||||
| requestor |
Σ | 1..1 | boolean | Whether user is initiator | ||||
| location |
S | 0..1 | Reference(Location) | Where | ||||
| policy |
S | 0..* | uri | Policy that authorized event | ||||
| media |
0..1 | Coding | Type of media Binding: MediaTypeCode (extensible): Used when the event is about exporting/importing onto media. | |||||
| network |
0..1 | BackboneElement | Logical network location for application activity | |||||
| id |
0..1 | string | Unique id for inter-element referencing | |||||
| extension |
0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension |
?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| address |
0..1 | string | Identifier for the network access point of the user device | |||||
| type |
0..1 | code | The type of network access point Binding: AuditEventAgentNetworkType (required): The type of network access point of this agent in the audit event. | |||||
| purposeOfUse |
0..* | CodeableConcept | Reason given for this user Binding: PurposeOfUse (extensible): The reason the activity took place. | |||||
| source |
1..1 | BackboneElement | Audit Event Reporter | |||||
| id |
0..1 | string | Unique id for inter-element referencing | |||||
| extension |
0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension |
?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| site |
0..1 | string | Logical source location within the enterprise | |||||
| observer |
Σ | 1..1 | Reference(PractitionerRole | Practitioner | Organization | Device | Patient | RelatedPerson) | The identity of source detecting the event | ||||
| type |
0..* | Coding | The type of source where event originated Binding: AuditEventSourceType (extensible): Code specifying the type of system that detected and recorded the event. | |||||
| entity |
C | 0..* | BackboneElement | Data or objects used Constraints: sev-1 | ||||
| id |
0..1 | string | Unique id for inter-element referencing | |||||
| extension |
0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension |
?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| what |
Σ | 0..1 | Reference(Resource) | Specific instance of resource | ||||
| type |
0..1 | Coding | Type of entity involved Binding: AuditEventEntityType (extensible): Code for the entity type involved in the audit event. | |||||
| role |
0..1 | Coding | What role the entity played Binding: AuditEventEntityRole (extensible): Code representing the role the entity played in the audit event. | |||||
| lifecycle |
0..1 | Coding | Life-cycle stage for the entity Binding: ObjectLifecycleEvents (extensible): Identifier for the data life-cycle stage for the entity. | |||||
| securityLabel |
0..* | Coding | Security labels on the entity Binding: All Security Labels (extensible): Security Labels from the Healthcare Privacy and Security Classification System. | |||||
| name |
ΣC | 0..1 | string | Descriptor for entity | ||||
| description |
0..1 | string | Descriptive text | |||||
| query |
ΣC | 0..1 | base64Binary | Query parameters | ||||
| detail |
0..* | BackboneElement | Additional Information about the entity | |||||
| id |
0..1 | string | Unique id for inter-element referencing | |||||
| extension |
0..* | Extension | Additional content defined by implementations | |||||
| modifierExtension |
?!Σ | 0..* | Extension | Extensions that cannot be ignored even if unrecognized | ||||
| type |
1..1 | string | Name of the property | |||||
| value[x] |
1..1 | Property value | ||||||
| valueString |
string | |||||||
| valueBase64Binary |
base64Binary | |||||||
| Documentation for this format | ||||||||
Terminology Bindings
| Path | Status | Usage | ValueSet | Version | Source |
| AuditEvent.language | Base | preferred | Common Languages | 📍4.0.1 | FHIR Std. |
| AuditEvent.type | Base | extensible | Audit Event ID | 📍4.0.1 | FHIR Std. |
| AuditEvent.subtype | Base | extensible | Audit Event Sub-Type | 📍4.0.1 | FHIR Std. |
| AuditEvent.action | Base | required | AuditEventAction | 📍4.0.1 | FHIR Std. |
| AuditEvent.outcome | Base | required | AuditEventOutcome | 📍4.0.1 | FHIR Std. |
| AuditEvent.purposeOfEvent | Base | extensible | PurposeOfUse | 📦3.1.0 | THO v7.1 |
| AuditEvent.agent.extension:context.value[x] | Base | required | http://pghd.na.icar.cnr.it/ValueSet/ContextAccessVS | Not State | Unknown |
| AuditEvent.agent.type | Base | extensible | ParticipationRoleType | 📍4.0.1 | FHIR Std. |
| AuditEvent.agent.role | Base | example | SecurityRoleType | 📍4.0.1 | FHIR Std. |
| AuditEvent.agent.media | Base | extensible | Media Type Code | 📍4.0.1 | FHIR Std. |
| AuditEvent.agent.network.type | Base | required | AuditEventAgentNetworkType | 📍4.0.1 | FHIR Std. |
| AuditEvent.agent.purposeOfUse | Base | extensible | PurposeOfUse | 📦3.1.0 | THO v7.1 |
| AuditEvent.source.type | Base | extensible | Audit Event Source Type | 📍4.0.1 | FHIR Std. |
| AuditEvent.entity.type | Base | extensible | Audit event entity type | 📍4.0.1 | FHIR Std. |
| AuditEvent.entity.role | Base | extensible | AuditEventEntityRole | 📍4.0.1 | FHIR Std. |
| AuditEvent.entity.lifecycle | Base | extensible | ObjectLifecycleEvents | 📍4.0.1 | FHIR Std. |
| AuditEvent.entity.securityLabel | Base | extensible | SecurityLabels | 📍4.0.1 | FHIR Std. |
Constraints
| Id | Grade | Path(s) | Description | Expression |
| dom-2 | error | AuditEvent | If the resource is contained in another resource, it SHALL NOT contain nested Resources |
contained.contained.empty()
|
| dom-3 | error | AuditEvent | If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource |
contained.where((('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(canonical) = '#').exists()).not()).trace('unmatched', id).empty()
|
| dom-4 | error | AuditEvent | If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated |
contained.meta.versionId.empty() and contained.meta.lastUpdated.empty()
|
| dom-5 | error | AuditEvent | If a resource is contained in another resource, it SHALL NOT have a security label |
contained.meta.security.empty()
|
| dom-6 | best practice | AuditEvent | A resource should have narrative for robust management |
text.`div`.exists()
|
| ele-1 | error | **ALL** elements | All FHIR elements must have a @value or children |
hasValue() or (children().count() > id.count())
|
| ext-1 | error | **ALL** extensions | Must have either extensions or value[x], not both |
extension.exists() != value.exists()
|
| sev-1 | error | AuditEvent.entity | Either a name or a query (NOT both) |
name.empty() or query.empty()
|
This structure is derived from AuditEvent
Other representations of profile: CSV, Excel, Schematron