Page Status: draft updated 2025-08-08

AuditEvent

Page index

General information
- Scope and Usage
- Boundaries and Relationships
Profile
- Details
Supported operations

General information

The AuditEvent resource is used to record information about an event happening on a system.

Scope and Usage

In the catalog AuditEvent is used to record information about what system (HVODevice), HVOPractitioner, HVOPractitionerRole or HVOOrganization is attempting to access what data from what system (HVODevice). This is done for security reasons.

HVOAuditEvents are created automatically by the server, hence this resource can not be interacted with.

Boundaries and Relationships

AuditEvent should not be confused with Provenance, another common resource used to record meta data. Provenance is used to record information about changes done to a specific instance of a resource and by whom/what. AuditEvent is intended for recording access related events.

AuditEvent together with HVODevice makes up the access control logging system used by the catalog.

Profile

HVOAuditEvent (AuditEvent)	C		AuditEvent	There are no (further) constraints on this element Element id AuditEvent Short description Record of an event Definition A record of an event relevant for purposes such as operations, privacy, security, maintenance, and performance analysis. Comments Based on IHE-ATNA. Data type AuditEvent Constraints dom-2: If the resource is contained in another resource, it SHALL NOT contain nested Resources `contained.contained.empty()` dom-3: If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource `contained.where((('#'+id in (%resource.descendants().reference \| %resource.descendants().ofType(canonical) \| %resource.descendants().ofType(uri) \| %resource.descendants().ofType(url))) or descendants().where(reference = '#').exists() or descendants().where(ofType(canonical) = '#').exists() or descendants().where(ofType(canonical) = '#').exists()).not()).trace('unmatched', id).empty()` dom-4: If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated `contained.meta.versionId.empty() and contained.meta.lastUpdated.empty()` dom-5: If a resource is contained in another resource, it SHALL NOT have a security label `contained.meta.security.empty()` dom-6: A resource should have narrative for robust management text.`div`.exists() Mappings rim: Entity, Role, or Act,ControlAct[moodCode=EVN] workflow: Event w5: infrastructure.information dicom: Message
id	Σ	0..1	id	There are no (further) constraints on this element Element id AuditEvent.id Short description Logical id of this artifact Definition The logical id of the resource, as used in the URL for the resource. Once assigned, this value never changes. Comments Within the context of the FHIR RESTful interactions, the resource has an id except for cases like the create and conditional update. Otherwise, the use of the resouce id depends on the given use case. Data type id
meta	Σ	0..1	Meta	There are no (further) constraints on this element Element id AuditEvent.meta Short description Metadata about the resource Definition The metadata about the resource. This is content that is maintained by the infrastructure. Changes to the content might not always be associated with version changes to the resource. Data type Meta Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
implicitRules	Σ ?!	0..1	uri	There are no (further) constraints on this element Element id AuditEvent.implicitRules Short description A set of rules under which this content was created Definition A reference to a set of rules that were followed when the resource was constructed, and which must be understood when processing the content. Often, this is a reference to an implementation guide that defines the special rules along with other profiles etc. Comments Asserting this rule set restricts the content to be only understood by a limited set of trading partners. This inherently limits the usefulness of the data in the long term. However, the existing health eco-system is highly fractured, and not yet ready to define, collect, and exchange data in a generally computable sense. Wherever possible, implementers and/or specification writers should avoid using this element. Often, when used, the URL is a reference to an implementation guide that defines these special rules as part of its narrative along with other profiles, value sets, etc. Data type uri Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
language		0..1	codeBinding	There are no (further) constraints on this element Element id AuditEvent.language Short description Language of the resource content Definition The base language in which the resource is written. Comments Language is provided to support indexing and accessibility (typically, services such as text to speech use the language tag). The html language tag in the narrative applies to the narrative. The language tag on the resource may be used to specify the language of other presentations generated from the data in the resource. Not all the content has to be in the base language. The Resource.language should not be assumed to apply to the narrative automatically. If a language is specified, it should it also be specified on the div element in the html (see rules in HTML5 for information about the relationship between xml:lang and the html lang attribute). Data type code Binding IETF language tag for a human language AllLanguages (required) Additional bindings CommonLanguages (starter) Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
text	C	0..1	Narrative	There are no (further) constraints on this element Element id AuditEvent.text Short description Text summary of the resource, for human interpretation Alternate names narrative, html, xhtml, display Definition A human-readable narrative that contains a summary of the resource and can be used to represent the content of the resource to a human. The narrative need not encode all the structured data, but is required to contain sufficient detail to make it "clinically safe" for a human to just read the narrative. Resource definitions may define what content should be represented in the narrative to ensure clinical safety. Comments Contained resources do not have a narrative. Resources that are not contained SHOULD have a narrative. In some cases, a resource may only have text with little or no additional discrete data (as long as all minOccurs=1 elements are satisfied). This may be necessary for data from legacy systems where information is captured as a "text blob" or where text is additionally entered raw or narrated and encoded information is added later. Data type Narrative Conditions The cardinality or value of this element may be affected by these constraints: dom-6 Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings rim: Act.text?
contained	C	0..*	Resource	There are no (further) constraints on this element Element id AuditEvent.contained Short description Contained, inline Resources Alternate names inline resources, anonymous resources, contained resources Definition These resources do not have an independent existence apart from the resource that contains them - they cannot be identified independently, nor can they have their own independent transaction scope. This is allowed to be a Parameters resource if and only if it is referenced by a resource that provides context/meaning. Comments This should never be done when the content can be identified properly, as once identification is lost, it is extremely difficult (and context dependent) to restore it again. Contained resources may have profiles and tags in their meta elements, but SHALL NOT have security labels. Data type Resource Conditions The cardinality or value of this element may be affected by these constraints: dom-2, dom-4, dom-3, dom-5 Mappings rim: N/A
extension	C	0..*	Extension	There are no (further) constraints on this element Element id AuditEvent.extension Short description Additional content defined by implementations Alternate names extensions, user content Definition May be used to represent additional information that is not part of the basic definition of the resource. To make the use of extensions safe and managable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Comments There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone. Data type Extension Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()` Mappings rim: N/A
modifierExtension	Σ ?! C	0..*	Extension	There are no (further) constraints on this element Element id AuditEvent.modifierExtension Short description Extensions that cannot be ignored Alternate names extensions, user content Definition May be used to represent additional information that is not part of the basic definition of the resource and that modifies the understanding of the element that contains it and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and managable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer is allowed to define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions. Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself). Requirements Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions. Comments There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone. Data type Extension Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()` Mappings rim: N/A
category	Σ	0..*	CodeableConcept	There are no (further) constraints on this element Element id AuditEvent.category Short description Type/identifier of event Alternate names type Definition Classification of the type of event. Requirements Codes that classify the general type of event that happened. Data type CodeableConcept Binding Type of event. AuditEventID (example) Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings workflow: Event.code w5: FiveWs.what[x] rim: .code (type, subtype and action are pre-coordinated or sent as translations) dicom: EventId w3c.prov: Activity
code	Σ	1..1	CodeableConcept	There are no (further) constraints on this element Element id AuditEvent.code Short description Specific type of event Alternate names subtype Definition Describes what happened. The most specific code for the event. Requirements This field enables queries of messages by implementation-defined event categories. Data type CodeableConcept Binding Specific type of event. AuditEventSubType (example) Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings w5: FiveWs.what[x] rim: .code (type, subtype and action are pre-coordinated or sent as translations) dicom: EventTypeCode fhirprovenance: Provenance.activity
action	Σ	0..1	codeBinding	There are no (further) constraints on this element Element id AuditEvent.action Short description Type of action performed during the event Definition Indicator for type of action performed during the event that generated the audit. Requirements This broadly indicates what kind of action was done on the AuditEvent.entity by the AuditEvent.agent. Data type code Binding DICOM Audit Event Action AuditEventAction (required) Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings w5: FiveWs.what[x] rim: .code (type, subtype and action are pre-coordinated or sent as translations) dicom: EventActionCode
severity	Σ	0..1	codeBinding	There are no (further) constraints on this element Element id AuditEvent.severity Short description emergency \| alert \| critical \| error \| warning \| notice \| informational \| debug Definition Indicates and enables segmentation of various severity including debugging from critical. Comments ATNA will map this to the SYSLOG PRI element. Data type code Binding This is in the SysLog header, PRI. http://tools.ietf.org/html/rfc5424#appendix-A.3 AuditEventSeverity (required) Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings rim: N/A dicom: PRI
occurred[x]		0..1		There are no (further) constraints on this element Element id AuditEvent.occurred[x] Short description When the activity occurred Definition The time or period during which the activity occurred. Comments The time or period can be a little arbitrary; where possible, the time should correspond to human assessment of the activity time. Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings workflow: Event.occurrence w5: FiveWs.done[x] rim: ./effectiveTime[type=IVL_TS] w3c.prov: Activity.startTime & Activity.endTime fhirprovenance: Provenance.occurred[x]
occurredPeriod			Period	There are no (further) constraints on this element Data type Period
occurredDateTime			dateTime	There are no (further) constraints on this element Data type dateTime
recorded	Σ	1..1	instant	There are no (further) constraints on this element Element id AuditEvent.recorded Short description Time when the event was recorded Definition The time when the event was recorded. Requirements This ties an event to a specific date and time. Security audits typically require a consistent time base (e.g. UTC), to eliminate time-zone issues arising from geographical distribution. Comments In a distributed system, some sort of common time base (e.g. an NTP [RFC1305] server) is a good implementation tactic. Data type instant Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings w5: FiveWs.recorded rim: .effectiveTime dicom: EventDateTime w3c.prov: Activity.when fhirprovenance: Provenance.recorded
outcome	Σ	0..1	BackboneElement	There are no (further) constraints on this element Element id AuditEvent.outcome Short description Whether the event succeeded or failed Definition Indicates whether the event succeeded or failed. A free text descripiton can be given in outcome.text. Requirements when a code is given there must be one code from the given codeSystem, and may be other equivilant codes from other codeSystems (for example http response codes such as 2xx, 4xx, or 5xx). Comments In some cases a "success" may be partial, for example, an incomplete or interrupted transfer of a radiological study. For the purpose of establishing accountability, these distinctions are not relevant. Data type BackboneElement Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings w5: FiveWs.what[x] rim: .outboundRelationship[typeCode=OUT].target.text
id		0..1	string	There are no (further) constraints on this element Element id AuditEvent.outcome.id Short description Unique id for inter-element referencing Definition Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces. Data type string Conditions The cardinality or value of this element may be affected by these constraints: ele-1 Mappings rim: n/a
extension	C	0..*	Extension	There are no (further) constraints on this element Element id AuditEvent.outcome.extension Short description Additional content defined by implementations Alternate names extensions, user content Definition May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and managable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Comments There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone. Data type Extension Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()` Mappings rim: n/a
modifierExtension	Σ ?! C	0..*	Extension	There are no (further) constraints on this element Element id AuditEvent.outcome.modifierExtension Short description Extensions that cannot be ignored even if unrecognized Alternate names extensions, user content, modifiers Definition May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and managable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions. Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself). Requirements Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions. Comments There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone. Data type Extension Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()` Mappings rim: N/A
code	Σ	1..1	CodingBinding	There are no (further) constraints on this element Element id AuditEvent.outcome.code Short description Whether the event succeeded or failed Definition Indicates whether the event succeeded or failed. Requirements when a code is given there must be one code from the given codeSystem. Comments In some cases a "success" may be partial, for example, an incomplete or interrupted transfer of a radiological study. For the purpose of establishing accountability, these distinctions are not relevant. Data type Coding Binding DICOM Audit Event Outcome AuditEventOutcome (preferred) Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings w5: FiveWs.what[x] rim: .outboundRelationship[typeCode=OUT].target.text dicom: EventOutcomeIndicator EventOutcomeIndicator
detail	Σ	0..*	CodeableConcept	There are no (further) constraints on this element Element id AuditEvent.outcome.detail Short description Additional outcome detail Definition Additional details about the error. This may be a text description of the error or a system code that identifies the error. Comments A human readable description of the error issue SHOULD be placed in details.text. Data type CodeableConcept Binding A code that provides details as the exact issue. AuditEventOutcomeDetail (example) Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings w5: FiveWs.what[x] rim: .outboundRelationship[typeCode=OUT].target.text
authorization	Σ	0..*	CodeableConcept	There are no (further) constraints on this element Element id AuditEvent.authorization Short description Authorization related to the event Alternate names PurposeOfEvent Definition The authorization (e.g., PurposeOfUse) that was used during the event being recorded. Requirements Record of any relevant security context, not restricted to purposeOfUse valueSet. May include security compartments, refrain, obligation, or other security tags. Comments Use AuditEvent.agent.authorization when you know that it is specific to the agent, otherwise use AuditEvent.authorization. For example, during a machine-to-machine transfer it might not be obvious to the audit system who caused the event, but it does know why. Data type CodeableConcept Binding The authorized purposeOfUse for the activity. PurposeOfUse (example) Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings workflow: Event.reason w5: FiveWs.why[x] rim: * .reasonCode [ControlActReason when Act.class = CACT Control Act] .outboundRelationship[typeCode=RSON].target dicom:* EventPurposeOfUse w3c.prov: Activity.Activity fhirprovenance: Provenance.authorization
basedOn		0..*	Reference(CarePlan \| DeviceRequest \| ImmunizationRecommendation \| MedicationRequest \| NutritionOrder \| ServiceRequest \| Task)	There are no (further) constraints on this element Element id AuditEvent.basedOn Short description Workflow authorization within which this event occurred Definition Allows tracing of authorizatino for the events and tracking whether proposals/recommendations were acted upon. Data type Reference(CarePlan \| DeviceRequest \| ImmunizationRecommendation \| MedicationRequest \| NutritionOrder \| ServiceRequest \| Task) Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings workflow: Event.code w5: FiveWs.why[x] rim: Act.code w3c.prov: Activity.Activity
patient		0..1	Reference(Patient)	There are no (further) constraints on this element Element id AuditEvent.patient Short description The patient is the subject of the data used/created/updated/deleted during the activity Definition The patient element is available to enable deterministic tracking of activities that involve the patient as the subject of the data used in an activity. Requirements When the .patient is populated it shall be accurate to the subject of the used data. The .patient shall not be populated when the used data used/created/updated/deleted (.entity) by the activity does not involve a subject. Note that when the patient is an agent, they will be recorded as an agent. When the Patient resource is Created, Updated, or Deleted it will be recorded as an entity. Data type Reference(Patient) Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings workflow: Event.subject w5: FiveWs.subject[x] rim: participation[typeCode=RTGT] w3c.prov: Entity.Identity
encounter		0..1	Reference(Encounter)	There are no (further) constraints on this element Element id AuditEvent.encounter Short description Encounter within which this event occurred or which the event is tightly associated Definition This will typically be the encounter the event occurred, but some events may be initiated prior to or after the official completion of an encounter but still be tied to the context of the encounter (e.g. pre-admission lab tests). Data type Reference(Encounter) Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings workflow: Event.code w5: FiveWs.why[x] rim: Act.code w3c.prov: Activity.Activity
agent	S Σ	1..*	BackboneElement	There are no (further) constraints on this element Element id AuditEvent.agent Short description Actor involved in the event Alternate names ActiveParticipant Definition An actor taking an active role in the event or activity that is logged. Requirements An agent can be a person, an organization, software, device, or other actors that may be ascribed responsibility. Comments Several agents may be associated (i.e. have some responsibility for an activity) with an event or activity. For example, an activity may be initiated by one user for other users or involve more than one user. However, only one user may be the initiator/requestor for the activity. When a network are used in an event being recorded, there should be distinct agent elements for the known actors using the network. The agent with a network detail would be the responsible agent for use of that network. Data type BackboneElement Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings workflow: Event.performer w5: FiveWs.who rim: .participation dicom: ActiveParticipant w3c.prov: Agent fhirprovenance: Provenance.agent
id		0..1	string	There are no (further) constraints on this element Element id AuditEvent.agent.id Short description Unique id for inter-element referencing Definition Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces. Data type string Conditions The cardinality or value of this element may be affected by these constraints: ele-1 Mappings rim: n/a
extension	C	0..*	Extension	There are no (further) constraints on this element Element id AuditEvent.agent.extension Short description Additional content defined by implementations Alternate names extensions, user content Definition May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and managable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Comments There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone. Data type Extension Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()` Mappings rim: n/a
modifierExtension	Σ ?! C	0..*	Extension	There are no (further) constraints on this element Element id AuditEvent.agent.modifierExtension Short description Extensions that cannot be ignored even if unrecognized Alternate names extensions, user content, modifiers Definition May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and managable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions. Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself). Requirements Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions. Comments There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone. Data type Extension Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()` Mappings rim: N/A
type		0..1	CodeableConceptBinding	There are no (further) constraints on this element Element id AuditEvent.agent.type Short description How agent participated Definition The Functional Role of the user when performing the event. Requirements Functional roles reflect functional aspects of relationships between entities. Functional roles are bound to the realization/performance of acts, where actions might be concatenated to an activity or even to a process. This element will hold the functional role that the agent played in the activity that is the focus of this Provenance. Where an agent played multiple functional roles, they will be listed as multiple .agent elements representing each functional participation. See ISO 21298:2018 - Health Informatics - Functional and structural roles, and ISO 22600-2:2014 - Health Informatics - Privilege Management and Access Control - Part 2: formal models. Comments For example: assembler, author, prescriber, signer, investigator, etc. Data type CodeableConcept Binding The Participation type of the agent to the event. ParticipationRoleType (preferred) Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings workflow: Event.performer.function w5: FiveWs.who rim: .typeCode and/or .functionCode dicom: prime RoleIdCode w3c.prov: Agent.Attribution fhirprovenance: Provenance.agent.type
role		0..*	CodeableConcept	There are no (further) constraints on this element Element id AuditEvent.agent.role Short description Agent role in the event Definition The structural roles of the agent indicating the agent's competency. The security role enabling the agent with respect to the activity. Requirements Structural roles reflect the structural aspects of relationships between entities. Structural roles describe prerequisites, feasibilities, or competences for acts. Functional roles reflect functional aspects of relationships between entities. Functional roles are bound to the realization/performance of acts, where actions might be concatenated to an activity or even to a process. See ISO 21298:2018 - Health Informatics - Functional and structural roles, and ISO 22600-2:2014 - Health Informatics - Privilege Management and Access Control - Part 2: formal models.. Comments For example: Chief-of-Radiology, Nurse, Physician, Medical-Student, etc. Data type CodeableConcept Binding What security role enabled the agent to participate in the event. SecurityRoleType (example) Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings w5: FiveWs.who rim: .role dicom: all RoleIdCode w3c.prov: Agent.Attribution fhirprovenance: Provenance.agent.role
who	S Σ	1..1	Reference(HVODevice \| HVOOrganization \| HVOPractitionerRole \| HVOPractitioner)	Element id AuditEvent.agent.who Short description Identifier of who Alternate names userId Definition Reference to who this agent is that was involved in the event. Requirements This field ties an audit event to a specific resource or identifier. Comments Where a User ID is available it will go into who.identifier. Where a name of the user (human readable) it will go into who.display. Data type Reference(HVODevice \| HVOOrganization \| HVOPractitionerRole \| HVOPractitioner) Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings workflow: Event.performer.actor w5: FiveWs.who rim: .id dicom: UserName and UserId w3c.prov: Agent.Identity fhirprovenance: Provenance.agent.who
requestor	Σ	0..1	boolean	There are no (further) constraints on this element Element id AuditEvent.agent.requestor Short description Whether user is initiator Definition Indicator that the user is or is not the requestor, or initiator, for the event being audited. Requirements This value is used to distinguish between requestor-users and recipient-users. For example, one person may initiate a report-output to be sent to another user. Comments There can only be one initiator. If the initiator is not clear, then do not choose any one agent as the initiator. Meaning when missing false Data type boolean Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings w5: FiveWs.who rim: If participation.typeCode was author, then true dicom: UserIsRequestor
location		0..1	Reference(Location)	There are no (further) constraints on this element Element id AuditEvent.agent.location Short description The agent location when the event occurred Definition Where the agent location is known, the agent location when the event occurred. Data type Reference(Location) Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings workflow: Event.location w5: FiveWs.where[x] rim: * Role.Class =SDLOC Role.Code = ServiceDeliveryLocationRoleType Entity.Code = PlaceEntityType = df.Types of places for Entity.Class = PLC EntityClass = PLC = df.A physical place or site with its containing structure. May be natural or man-made. The geographic position of a place might or might not be constant. w3c.prov:* Activity.location fhirprovenance: Provenance.location
policy		0..*	uri	There are no (further) constraints on this element Element id AuditEvent.agent.policy Short description Policy that authorized the agent participation in the event Definition Where the policy(ies) are known that authorized the agent participation in the event. Typically, a single activity may have multiple applicable policies, such as patient consent, guarantor funding, etc. The policy would also indicate the security token used. Requirements This value is used retrospectively to determine the authorization policies. Comments For example: Where an OAuth token authorizes, the unique identifier from the OAuth token is placed into the policy element Where a policy engine (e.g. XACML) holds policy logic, the unique policy identifier is placed into the policy element. Data type uri Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings w5: FiveWs.why[x] rim: ActPolicyType dicom: ParticipantRoleIDCode fhirprovenance: Provenance.policy
network[x]		0..1		There are no (further) constraints on this element Element id AuditEvent.agent.network[x] Short description This agent network location for the activity Definition When the event utilizes a network there should be an agent describing the local system, and an agent describing remote system, with the network interface details. Requirements When a network protocol is used the endpoint is associated with the agent most directly using the endpoint. This is usually the software agent that has implemented the application level protocol. Preference is to define network in terms of a Reference(Endpoint), or URI; use string only when address or hostname is all that is known. When encoding using string it is best to encode using the formal canonical host name, but if you can't, then you can encode numeric in Literal address form using square brackets '[]' as a v4 string (in dotted notation), or v6 string (in colon notation). Comments When remote network endpoint is known, another agent representing the remote agent would indicate the remote network endpoint used. Convention is to indicate data flowing from Source to Destination. The convention for Search, given data flows both ways (query parameters vs results), is to have the Source as the initiator of the Search Transaction, and the Destination the responder to the Search transaction. Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings w5: FiveWs.where[x] rim: .player.description dicom: NetworkAccessPointID and NetworkAccessPointTypeCode w3c.prov: Agent.Location
networkUri			uri	There are no (further) constraints on this element Data type uri
networkString			string	There are no (further) constraints on this element Data type string
networkReference			Reference(Endpoint)	There are no (further) constraints on this element Data type Reference(Endpoint)
authorization		0..*	CodeableConcept	There are no (further) constraints on this element Element id AuditEvent.agent.authorization Short description Allowable authorization for this agent Alternate names PurposeOfUse Definition The authorization (e.g., PurposeOfUse) that was used during the event being recorded. Requirements Record of any relevant security context, not restricted to purposeOfUse valueSet. May include security compartments, refrain, obligation, or other security tags. Comments Use AuditEvent.agent.authorization when you know that is specific to the agent, otherwise use AuditEvent.authorization. For example, during a machine-to-machine transfer it might not be obvious to the audit system who caused the event, but it does know why. Data type CodeableConcept Binding The reason the activity took place. PurposeOfUse (example) Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings w5: FiveWs.why[x] rim: .reasonCode [ActHealthInformationPurposeOfUseReason codes/v:PurposeOfUse (2.16.840.1.113883.1.11.20448) .outboundRelationship[typeCode=RSON or SUBJ].target w3c.prov: Agent.Activity
source	S Σ	1..1	BackboneElement	There are no (further) constraints on this element Element id AuditEvent.source Short description Audit Event Reporter Definition The actor that is reporting the event. Requirements The event is reported by one source. Comments Events are reported by the actor that detected them. This may be one of the participating actors, but may also be different. The actor may be a human such as a medical-records clerk disclosing data manually, that clerk would be the source for the record of disclosure. Data type BackboneElement Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings w5: FiveWs.witness rim: .participation[typeCode=INF].role[classCode=ASSIGN].player[classCode=DEV, determinerCode=INSTANCE] dicom: AuditSourceIdentification
id		0..1	string	There are no (further) constraints on this element Element id AuditEvent.source.id Short description Unique id for inter-element referencing Definition Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces. Data type string Conditions The cardinality or value of this element may be affected by these constraints: ele-1 Mappings rim: n/a
extension	C	0..*	Extension	There are no (further) constraints on this element Element id AuditEvent.source.extension Short description Additional content defined by implementations Alternate names extensions, user content Definition May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and managable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Comments There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone. Data type Extension Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()` Mappings rim: n/a
modifierExtension	Σ ?! C	0..*	Extension	There are no (further) constraints on this element Element id AuditEvent.source.modifierExtension Short description Extensions that cannot be ignored even if unrecognized Alternate names extensions, user content, modifiers Definition May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and managable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions. Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself). Requirements Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions. Comments There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone. Data type Extension Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()` Mappings rim: N/A
site		0..1	Reference(Location)	There are no (further) constraints on this element Element id AuditEvent.source.site Short description Logical source location within the enterprise Definition Logical source location within the healthcare enterprise network. For example, a hospital or other provider location within a multi-entity provider group. Requirements This value differentiates among the sites in a multi-site enterprise health information system. Data type Reference(Location) Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings w5: FiveWs.witness rim: .scopedRole[classCode=LOCE].player.desc dicom: AuditEnterpriseSiteId
observer	S Σ	1..1	Reference(HVODevice)	Element id AuditEvent.source.observer Short description The identity of source detecting the event Alternate names SourceId Definition Identifier of the source where the event was detected. Requirements This field ties the event to a specific source system. It may be used to group events for analysis according to where the event was detected. Data type Reference(HVODevice) Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings w5: FiveWs.witness rim: .id dicom: AuditSourceId
type		0..*	CodeableConceptBinding	There are no (further) constraints on this element Element id AuditEvent.source.type Short description The type of source where event originated Definition Code specifying the type of source where event originated. Requirements This field indicates which type of source is identified by the Audit Source ID. It is an optional value that may be used to group events for analysis according to the type of source where the event occurred. Data type CodeableConcept Binding Code specifying the type of system that detected and recorded the event. Use of these codes is not required but is encouraged to maintain translation with DICOM AuditMessage schema. AuditEventSourceType (preferred) Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings w5: FiveWs.witness rim: .code dicom: AuditSourceTypeCode
entity	S Σ	0..*	BackboneElement	There are no (further) constraints on this element Element id AuditEvent.entity Short description Data or objects used Alternate names ParticipantObject Definition Specific instances of data or objects that have been accessed. Requirements The event may have other entities involved. Comments Required unless the values for event identification, agent identification, and audit source identification are sufficient to document the entire auditable event. Because events may have more than one entity, this group can be a repeating set of values. Data type BackboneElement Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings w5: FiveWs.what[x] rim: .outboundRelationship[typeCode=SUBJ].target or .participation[typeCode=SBJ].role dicom: ParticipantObjectIdentification w3c.prov: Entity fhirprovenance: Provenance.target, Provenance.entity
id		0..1	string	There are no (further) constraints on this element Element id AuditEvent.entity.id Short description Unique id for inter-element referencing Definition Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces. Data type string Conditions The cardinality or value of this element may be affected by these constraints: ele-1 Mappings rim: n/a
extension	C	0..*	Extension	There are no (further) constraints on this element Element id AuditEvent.entity.extension Short description Additional content defined by implementations Alternate names extensions, user content Definition May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and managable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Comments There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone. Data type Extension Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()` Mappings rim: n/a
modifierExtension	Σ ?! C	0..*	Extension	There are no (further) constraints on this element Element id AuditEvent.entity.modifierExtension Short description Extensions that cannot be ignored even if unrecognized Alternate names extensions, user content, modifiers Definition May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and managable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions. Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself). Requirements Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions. Comments There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone. Data type Extension Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()` Mappings rim: N/A
what	S Σ	1..1	Reference(Resource)	There are no (further) constraints on this element Element id AuditEvent.entity.what Short description Specific instance of resource Definition Identifies a specific instance of the entity. The reference should be version specific. This is allowed to be a Parameters resource. Comments Use .what.display when all you have is a string (e.g. ParticipantObjectName). Data type Reference(Resource) Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings w5: FiveWs.what[x] rim: .id dicom: ParticipantObjectTypeCode, ParticipantObjectName, ParticipantObjectID and ParticipantObjectIDTypeCode fhirprovenance: Provenance.target, Provenance.entity.what
role		0..1	CodeableConcept	There are no (further) constraints on this element Element id AuditEvent.entity.role Short description What role the entity played Definition Code representing the role the entity played in the event being audited. Requirements For some detailed audit analysis it may be necessary to indicate a more granular type of entity, based on the application role it serves. Data type CodeableConcept Binding DICOM Audit Event Entity Role AuditEventEntityRole (example) Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings w5: FiveWs.context rim: role.code (not sure what this would mean for an Act) dicom: ParticipantObjectTypeCodeRole w3c.prov: Entity.role
securityLabel		0..*	CodeableConcept	There are no (further) constraints on this element Element id AuditEvent.entity.securityLabel Short description Security labels on the entity Definition Security labels for the identified entity. Requirements This field identifies the security labels for a specific instance of an object, such as a patient, to detect/track privacy and security issues. Comments Copied from entity meta security tags. Data type CodeableConcept Binding Example Security Labels from the Healthcare Privacy and Security Classification System. SecurityLabelExamples (example) Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings w5: FiveWs.context rim: .confidentialityCode dicom: ParticipantObjectSensitivity
query	Σ	0..1	base64Binary	There are no (further) constraints on this element Element id AuditEvent.entity.query Short description Query parameters Definition The query parameters for a query-type entities. Requirements For query events, it may be necessary to capture the actual query input to the query process in order to identify the specific event. Because of differences among query implementations and data encoding for them, this is a base 64 encoded data blob. It may be subsequently decoded or interpreted by downstream audit analysis processing. Comments The meaning and secondary-encoding of the content of base64 encoded blob is specific to the AuditEvent.type, AuditEvent.subtype, and AuditEvent.entity.role. The base64 is a general-use and safe container for event specific data blobs regardless of the encoding used by the transaction being recorded. An AuditEvent consuming application must understand the event it is consuming and the formats used by the event. For example, if auditing an Oracle network database access, the Oracle formats must be understood as they will be simply encoded in the base64binary blob. The DICOM AuditMessage schema does not support both .name and .query being populated. Data type base64Binary Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings w5: FiveWs.context rim: No mapping dicom: ParticipantObjectQuery
detail		0..*	BackboneElement	There are no (further) constraints on this element Element id AuditEvent.entity.detail Short description Additional Information about the entity Definition Tagged value pairs for conveying additional information about the entity. Requirements Implementation-defined data about specific details of the object accessed or used. Data type BackboneElement Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings w5: FiveWs.context rim: .inboundRelationship[typeCode=SUBJ].target[classCode=OBS, moodCode=EVN] dicom: ParticipantObjectDetail
id		0..1	string	There are no (further) constraints on this element Element id AuditEvent.entity.detail.id Short description Unique id for inter-element referencing Definition Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces. Data type string Conditions The cardinality or value of this element may be affected by these constraints: ele-1 Mappings rim: n/a
extension	C	0..*	Extension	There are no (further) constraints on this element Element id AuditEvent.entity.detail.extension Short description Additional content defined by implementations Alternate names extensions, user content Definition May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and managable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Comments There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone. Data type Extension Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()` Mappings rim: n/a
modifierExtension	Σ ?! C	0..*	Extension	There are no (further) constraints on this element Element id AuditEvent.entity.detail.modifierExtension Short description Extensions that cannot be ignored even if unrecognized Alternate names extensions, user content, modifiers Definition May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and managable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions. Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself). Requirements Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions. Comments There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone. Data type Extension Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()` Mappings rim: N/A
type		1..1	CodeableConcept	There are no (further) constraints on this element Element id AuditEvent.entity.detail.type Short description Name of the property Definition The type of extra detail provided in the value. Data type CodeableConcept Binding Additional detail about an entity used in an event. AuditEventID (example) Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings w5: FiveWs.context rim: .code dicom: ParticipantObjectDetail.type
value[x]		1..1		There are no (further) constraints on this element Element id AuditEvent.entity.detail.value[x] Short description Property value Definition The value of the extra detail. Requirements Should not duplicate the entity value unless absolutely necessary. Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings w5: FiveWs.context rim: .value dicom: ParticipantObjectDetail.value
valueQuantity			Quantity	There are no (further) constraints on this element Data type Quantity
valueCodeableConcept			CodeableConcept	There are no (further) constraints on this element Data type CodeableConcept
valueString			string	There are no (further) constraints on this element Data type string
valueBoolean			boolean	There are no (further) constraints on this element Data type boolean
valueInteger			integer	There are no (further) constraints on this element Data type integer
valueRange			Range	There are no (further) constraints on this element Data type Range
valueRatio			Ratio	There are no (further) constraints on this element Data type Ratio
valueTime			time	There are no (further) constraints on this element Data type time
valueDateTime			dateTime	There are no (further) constraints on this element Data type dateTime
valuePeriod			Period	There are no (further) constraints on this element Data type Period
valueBase64Binary			base64Binary	There are no (further) constraints on this element Data type base64Binary
agent		0..*	see (agent)	There are no (further) constraints on this element Element id AuditEvent.entity.agent Short description Entity is attributed to this agent Definition The entity is attributed to an agent to express the agent's responsibility for that entity in the activity. This is most used to indicate when persistence media (the entity) are used by an agent. For example when importing data from a device, the device would be described in an entity, and the user importing data from that media would be indicated as the entity.agent. Comments A usecase where one AuditEvent.entity.agent is used where the Entity that was used in the creation/updating of a target resource, is not in the context of the same custodianship as the target resource, and thus the meaning of AuditEvent.entity.agent is to say that the entity referenced is managed elsewhere and that this Agent provided access to it. This would be similar to where the Entity being referenced is managed outside FHIR, such as through HL7 V2, v3, or XDS. This might be where the Entity being referenced is managed in another FHIR resource server. Thus it explains the provenance of that Entity's use in the context of this AuditEvent activity. Constraints ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` Mappings rim: ./author/role dicom: ActiveParticipant.MediaType fhirprovenance: Provenance.entity.agent

AuditEvent
Short	Record of an event
Definition	A record of an event relevant for purposes such as operations, privacy, security, maintenance, and performance analysis.
Cardinality	0..*
Comments	Based on IHE-ATNA.
Constraints	dom-2: If the resource is contained in another resource, it SHALL NOT contain nested Resources `contained.contained.empty()` dom-3: If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource `contained.where((('#'+id in (%resource.descendants().reference \| %resource.descendants().ofType(canonical) \| %resource.descendants().ofType(uri) \| %resource.descendants().ofType(url))) or descendants().where(reference = '#').exists() or descendants().where(ofType(canonical) = '#').exists() or descendants().where(ofType(canonical) = '#').exists()).not()).trace('unmatched', id).empty()` dom-4: If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated `contained.meta.versionId.empty() and contained.meta.lastUpdated.empty()` dom-5: If a resource is contained in another resource, it SHALL NOT have a security label `contained.meta.security.empty()` dom-6: A resource should have narrative for robust management text.`div`.exists()
Mappings	rim: Entity, Role, or Act,ControlAct[moodCode=EVN] workflow: Event w5: infrastructure.information dicom: Message
AuditEvent.id
Short	Logical id of this artifact
Definition	The logical id of the resource, as used in the URL for the resource. Once assigned, this value never changes.
Cardinality	0..1
Type	id
Summary	True
Comments	Within the context of the FHIR RESTful interactions, the resource has an id except for cases like the create and conditional update. Otherwise, the use of the resouce id depends on the given use case.
AuditEvent.meta
Short	Metadata about the resource
Definition	The metadata about the resource. This is content that is maintained by the infrastructure. Changes to the content might not always be associated with version changes to the resource.
Cardinality	0..1
Type	Meta
Summary	True
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
AuditEvent.implicitRules
Short	A set of rules under which this content was created
Definition	A reference to a set of rules that were followed when the resource was constructed, and which must be understood when processing the content. Often, this is a reference to an implementation guide that defines the special rules along with other profiles etc.
Cardinality	0..1
Type	uri
Modifier	True
Summary	True
Comments	Asserting this rule set restricts the content to be only understood by a limited set of trading partners. This inherently limits the usefulness of the data in the long term. However, the existing health eco-system is highly fractured, and not yet ready to define, collect, and exchange data in a generally computable sense. Wherever possible, implementers and/or specification writers should avoid using this element. Often, when used, the URL is a reference to an implementation guide that defines these special rules as part of its narrative along with other profiles, value sets, etc.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
AuditEvent.language
Short	Language of the resource content
Definition	The base language in which the resource is written.
Cardinality	0..1
Type	code
Binding	IETF language tag for a human language AllLanguages (required) Additional bindings CommonLanguages (starter)
Comments	Language is provided to support indexing and accessibility (typically, services such as text to speech use the language tag). The html language tag in the narrative applies to the narrative. The language tag on the resource may be used to specify the language of other presentations generated from the data in the resource. Not all the content has to be in the base language. The Resource.language should not be assumed to apply to the narrative automatically. If a language is specified, it should it also be specified on the div element in the html (see rules in HTML5 for information about the relationship between xml:lang and the html lang attribute).
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
AuditEvent.text
Short	Text summary of the resource, for human interpretation
Definition	A human-readable narrative that contains a summary of the resource and can be used to represent the content of the resource to a human. The narrative need not encode all the structured data, but is required to contain sufficient detail to make it "clinically safe" for a human to just read the narrative. Resource definitions may define what content should be represented in the narrative to ensure clinical safety.
Cardinality	0..1
Type	Narrative
Alias	narrative, html, xhtml, display
Comments	Contained resources do not have a narrative. Resources that are not contained SHOULD have a narrative. In some cases, a resource may only have text with little or no additional discrete data (as long as all minOccurs=1 elements are satisfied). This may be necessary for data from legacy systems where information is captured as a "text blob" or where text is additionally entered raw or narrated and encoded information is added later.
Conditions	The cardinality or value of this element may be affected by these constraints: dom-6
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	rim: Act.text?
AuditEvent.contained
Short	Contained, inline Resources
Definition	These resources do not have an independent existence apart from the resource that contains them - they cannot be identified independently, nor can they have their own independent transaction scope. This is allowed to be a Parameters resource if and only if it is referenced by a resource that provides context/meaning.
Cardinality	0..*
Type	Resource
Alias	inline resources, anonymous resources, contained resources
Comments	This should never be done when the content can be identified properly, as once identification is lost, it is extremely difficult (and context dependent) to restore it again. Contained resources may have profiles and tags in their meta elements, but SHALL NOT have security labels.
Conditions	The cardinality or value of this element may be affected by these constraints: dom-2, dom-4, dom-3, dom-5
Mappings	rim: N/A
AuditEvent.extension
Short	Additional content defined by implementations
Definition	May be used to represent additional information that is not part of the basic definition of the resource. To make the use of extensions safe and managable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.
Cardinality	0..*
Type	Extension
Alias	extensions, user content
Comments	There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()`
Mappings	rim: N/A
AuditEvent.modifierExtension
Short	Extensions that cannot be ignored
Definition	May be used to represent additional information that is not part of the basic definition of the resource and that modifies the understanding of the element that contains it and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and managable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer is allowed to define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions. Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).
Cardinality	0..*
Type	Extension
Modifier	True
Summary	True
Alias	extensions, user content
Requirements	Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.
Comments	There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()`
Mappings	rim: N/A
AuditEvent.category
Short	Type/identifier of event
Definition	Classification of the type of event.
Cardinality	0..*
Type	CodeableConcept
Binding	Type of event. AuditEventID (example)
Summary	True
Alias	type
Requirements	Codes that classify the general type of event that happened.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	workflow: Event.code w5: FiveWs.what[x] rim: .code (type, subtype and action are pre-coordinated or sent as translations) dicom: EventId w3c.prov: Activity
AuditEvent.code
Short	Specific type of event
Definition	Describes what happened. The most specific code for the event.
Cardinality	1..1
Type	CodeableConcept
Binding	Specific type of event. AuditEventSubType (example)
Summary	True
Alias	subtype
Requirements	This field enables queries of messages by implementation-defined event categories.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	w5: FiveWs.what[x] rim: .code (type, subtype and action are pre-coordinated or sent as translations) dicom: EventTypeCode fhirprovenance: Provenance.activity
AuditEvent.action
Short	Type of action performed during the event
Definition	Indicator for type of action performed during the event that generated the audit.
Cardinality	0..1
Type	code
Binding	DICOM Audit Event Action AuditEventAction (required)
Summary	True
Requirements	This broadly indicates what kind of action was done on the AuditEvent.entity by the AuditEvent.agent.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	w5: FiveWs.what[x] rim: .code (type, subtype and action are pre-coordinated or sent as translations) dicom: EventActionCode
AuditEvent.severity
Short	emergency \| alert \| critical \| error \| warning \| notice \| informational \| debug
Definition	Indicates and enables segmentation of various severity including debugging from critical.
Cardinality	0..1
Type	code
Binding	This is in the SysLog header, PRI. http://tools.ietf.org/html/rfc5424#appendix-A.3 AuditEventSeverity (required)
Summary	True
Comments	ATNA will map this to the SYSLOG PRI element.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	rim: N/A dicom: PRI
AuditEvent.occurred[x]
Short	When the activity occurred
Definition	The time or period during which the activity occurred.
Cardinality	0..1
Type	Period, dateTime
Comments	The time or period can be a little arbitrary; where possible, the time should correspond to human assessment of the activity time.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	workflow: Event.occurrence w5: FiveWs.done[x] rim: ./effectiveTime[type=IVL_TS] w3c.prov: Activity.startTime & Activity.endTime fhirprovenance: Provenance.occurred[x]
AuditEvent.recorded
Short	Time when the event was recorded
Definition	The time when the event was recorded.
Cardinality	1..1
Type	instant
Summary	True
Requirements	This ties an event to a specific date and time. Security audits typically require a consistent time base (e.g. UTC), to eliminate time-zone issues arising from geographical distribution.
Comments	In a distributed system, some sort of common time base (e.g. an NTP [RFC1305] server) is a good implementation tactic.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	w5: FiveWs.recorded rim: .effectiveTime dicom: EventDateTime w3c.prov: Activity.when fhirprovenance: Provenance.recorded
AuditEvent.outcome
Short	Whether the event succeeded or failed
Definition	Indicates whether the event succeeded or failed. A free text descripiton can be given in outcome.text.
Cardinality	0..1
Type	BackboneElement
Summary	True
Requirements	when a code is given there must be one code from the given codeSystem, and may be other equivilant codes from other codeSystems (for example http response codes such as 2xx, 4xx, or 5xx).
Comments	In some cases a "success" may be partial, for example, an incomplete or interrupted transfer of a radiological study. For the purpose of establishing accountability, these distinctions are not relevant.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	w5: FiveWs.what[x] rim: .outboundRelationship[typeCode=OUT].target.text
AuditEvent.outcome.id
Short	Unique id for inter-element referencing
Definition	Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.
Cardinality	0..1
Type	string
Conditions	The cardinality or value of this element may be affected by these constraints: ele-1
Mappings	rim: n/a
AuditEvent.outcome.extension
Short	Additional content defined by implementations
Definition	May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and managable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.
Cardinality	0..*
Type	Extension
Alias	extensions, user content
Comments	There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()`
Mappings	rim: n/a
AuditEvent.outcome.modifierExtension
Short	Extensions that cannot be ignored even if unrecognized
Definition	May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and managable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions. Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).
Cardinality	0..*
Type	Extension
Modifier	True
Summary	True
Alias	extensions, user content, modifiers
Requirements	Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.
Comments	There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()`
Mappings	rim: N/A
AuditEvent.outcome.code
Short	Whether the event succeeded or failed
Definition	Indicates whether the event succeeded or failed.
Cardinality	1..1
Type	Coding
Binding	DICOM Audit Event Outcome AuditEventOutcome (preferred)
Summary	True
Requirements	when a code is given there must be one code from the given codeSystem.
Comments	In some cases a "success" may be partial, for example, an incomplete or interrupted transfer of a radiological study. For the purpose of establishing accountability, these distinctions are not relevant.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	w5: FiveWs.what[x] rim: .outboundRelationship[typeCode=OUT].target.text dicom: EventOutcomeIndicator EventOutcomeIndicator
AuditEvent.outcome.detail
Short	Additional outcome detail
Definition	Additional details about the error. This may be a text description of the error or a system code that identifies the error.
Cardinality	0..*
Type	CodeableConcept
Binding	A code that provides details as the exact issue. AuditEventOutcomeDetail (example)
Summary	True
Comments	A human readable description of the error issue SHOULD be placed in details.text.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	w5: FiveWs.what[x] rim: .outboundRelationship[typeCode=OUT].target.text
AuditEvent.authorization
Short	Authorization related to the event
Definition	The authorization (e.g., PurposeOfUse) that was used during the event being recorded.
Cardinality	0..*
Type	CodeableConcept
Binding	The authorized purposeOfUse for the activity. PurposeOfUse (example)
Summary	True
Alias	PurposeOfEvent
Requirements	Record of any relevant security context, not restricted to purposeOfUse valueSet. May include security compartments, refrain, obligation, or other security tags.
Comments	Use AuditEvent.agent.authorization when you know that it is specific to the agent, otherwise use AuditEvent.authorization. For example, during a machine-to-machine transfer it might not be obvious to the audit system who caused the event, but it does know why.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	workflow: Event.reason w5: FiveWs.why[x] rim: * .reasonCode [ControlActReason when Act.class = CACT Control Act] .outboundRelationship[typeCode=RSON].target dicom:* EventPurposeOfUse w3c.prov: Activity.Activity fhirprovenance: Provenance.authorization
AuditEvent.basedOn
Short	Workflow authorization within which this event occurred
Definition	Allows tracing of authorizatino for the events and tracking whether proposals/recommendations were acted upon.
Cardinality	0..*
Type	Reference(CarePlan \| DeviceRequest \| ImmunizationRecommendation \| MedicationRequest \| NutritionOrder \| ServiceRequest \| Task)
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	workflow: Event.code w5: FiveWs.why[x] rim: Act.code w3c.prov: Activity.Activity
AuditEvent.patient
Short	The patient is the subject of the data used/created/updated/deleted during the activity
Definition	The patient element is available to enable deterministic tracking of activities that involve the patient as the subject of the data used in an activity.
Cardinality	0..1
Type	Reference(Patient)
Requirements	When the .patient is populated it shall be accurate to the subject of the used data. The .patient shall not be populated when the used data used/created/updated/deleted (.entity) by the activity does not involve a subject. Note that when the patient is an agent, they will be recorded as an agent. When the Patient resource is Created, Updated, or Deleted it will be recorded as an entity.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	workflow: Event.subject w5: FiveWs.subject[x] rim: participation[typeCode=RTGT] w3c.prov: Entity.Identity
AuditEvent.encounter
Short	Encounter within which this event occurred or which the event is tightly associated
Definition	This will typically be the encounter the event occurred, but some events may be initiated prior to or after the official completion of an encounter but still be tied to the context of the encounter (e.g. pre-admission lab tests).
Cardinality	0..1
Type	Reference(Encounter)
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	workflow: Event.code w5: FiveWs.why[x] rim: Act.code w3c.prov: Activity.Activity
AuditEvent.agent
Short	Actor involved in the event
Definition	An actor taking an active role in the event or activity that is logged.
Cardinality	1..*
Type	BackboneElement
Must Support	True
Summary	True
Alias	ActiveParticipant
Requirements	An agent can be a person, an organization, software, device, or other actors that may be ascribed responsibility.
Comments	Several agents may be associated (i.e. have some responsibility for an activity) with an event or activity. For example, an activity may be initiated by one user for other users or involve more than one user. However, only one user may be the initiator/requestor for the activity. When a network are used in an event being recorded, there should be distinct agent elements for the known actors using the network. The agent with a network detail would be the responsible agent for use of that network.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	workflow: Event.performer w5: FiveWs.who rim: .participation dicom: ActiveParticipant w3c.prov: Agent fhirprovenance: Provenance.agent
AuditEvent.agent.id
Short	Unique id for inter-element referencing
Definition	Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.
Cardinality	0..1
Type	string
Conditions	The cardinality or value of this element may be affected by these constraints: ele-1
Mappings	rim: n/a
AuditEvent.agent.extension
Short	Additional content defined by implementations
Definition	May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and managable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.
Cardinality	0..*
Type	Extension
Alias	extensions, user content
Comments	There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()`
Mappings	rim: n/a
AuditEvent.agent.modifierExtension
Short	Extensions that cannot be ignored even if unrecognized
Definition	May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and managable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions. Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).
Cardinality	0..*
Type	Extension
Modifier	True
Summary	True
Alias	extensions, user content, modifiers
Requirements	Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.
Comments	There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()`
Mappings	rim: N/A
AuditEvent.agent.type
Short	How agent participated
Definition	The Functional Role of the user when performing the event.
Cardinality	0..1
Type	CodeableConcept
Binding	The Participation type of the agent to the event. ParticipationRoleType (preferred)
Requirements	Functional roles reflect functional aspects of relationships between entities. Functional roles are bound to the realization/performance of acts, where actions might be concatenated to an activity or even to a process. This element will hold the functional role that the agent played in the activity that is the focus of this Provenance. Where an agent played multiple functional roles, they will be listed as multiple .agent elements representing each functional participation. See ISO 21298:2018 - Health Informatics - Functional and structural roles, and ISO 22600-2:2014 - Health Informatics - Privilege Management and Access Control - Part 2: formal models.
Comments	For example: assembler, author, prescriber, signer, investigator, etc.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	workflow: Event.performer.function w5: FiveWs.who rim: .typeCode and/or .functionCode dicom: prime RoleIdCode w3c.prov: Agent.Attribution fhirprovenance: Provenance.agent.type
AuditEvent.agent.role
Short	Agent role in the event
Definition	The structural roles of the agent indicating the agent's competency. The security role enabling the agent with respect to the activity.
Cardinality	0..*
Type	CodeableConcept
Binding	What security role enabled the agent to participate in the event. SecurityRoleType (example)
Requirements	Structural roles reflect the structural aspects of relationships between entities. Structural roles describe prerequisites, feasibilities, or competences for acts. Functional roles reflect functional aspects of relationships between entities. Functional roles are bound to the realization/performance of acts, where actions might be concatenated to an activity or even to a process. See ISO 21298:2018 - Health Informatics - Functional and structural roles, and ISO 22600-2:2014 - Health Informatics - Privilege Management and Access Control - Part 2: formal models..
Comments	For example: Chief-of-Radiology, Nurse, Physician, Medical-Student, etc.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	w5: FiveWs.who rim: .role dicom: all RoleIdCode w3c.prov: Agent.Attribution fhirprovenance: Provenance.agent.role
AuditEvent.agent.who
Short	Identifier of who
Definition	Reference to who this agent is that was involved in the event.
Cardinality	1..1
Type	Reference(HVODevice \| HVOOrganization \| HVOPractitionerRole \| HVOPractitioner)
Must Support	True
Summary	True
Alias	userId
Requirements	This field ties an audit event to a specific resource or identifier.
Comments	Where a User ID is available it will go into who.identifier. Where a name of the user (human readable) it will go into who.display.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	workflow: Event.performer.actor w5: FiveWs.who rim: .id dicom: UserName and UserId w3c.prov: Agent.Identity fhirprovenance: Provenance.agent.who
AuditEvent.agent.requestor
Short	Whether user is initiator
Definition	Indicator that the user is or is not the requestor, or initiator, for the event being audited.
Cardinality	0..1
Type	boolean
Summary	True
Requirements	This value is used to distinguish between requestor-users and recipient-users. For example, one person may initiate a report-output to be sent to another user.
Comments	There can only be one initiator. If the initiator is not clear, then do not choose any one agent as the initiator.
Meaning when missing	false
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	w5: FiveWs.who rim: If participation.typeCode was author, then true dicom: UserIsRequestor
AuditEvent.agent.location
Short	The agent location when the event occurred
Definition	Where the agent location is known, the agent location when the event occurred.
Cardinality	0..1
Type	Reference(Location)
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	workflow: Event.location w5: FiveWs.where[x] rim: * Role.Class =SDLOC Role.Code = ServiceDeliveryLocationRoleType Entity.Code = PlaceEntityType = df.Types of places for Entity.Class = PLC EntityClass = PLC = df.A physical place or site with its containing structure. May be natural or man-made. The geographic position of a place might or might not be constant. w3c.prov:* Activity.location fhirprovenance: Provenance.location
AuditEvent.agent.policy
Short	Policy that authorized the agent participation in the event
Definition	Where the policy(ies) are known that authorized the agent participation in the event. Typically, a single activity may have multiple applicable policies, such as patient consent, guarantor funding, etc. The policy would also indicate the security token used.
Cardinality	0..*
Type	uri
Requirements	This value is used retrospectively to determine the authorization policies.
Comments	For example: Where an OAuth token authorizes, the unique identifier from the OAuth token is placed into the policy element Where a policy engine (e.g. XACML) holds policy logic, the unique policy identifier is placed into the policy element.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	w5: FiveWs.why[x] rim: ActPolicyType dicom: ParticipantRoleIDCode fhirprovenance: Provenance.policy
AuditEvent.agent.network[x]
Short	This agent network location for the activity
Definition	When the event utilizes a network there should be an agent describing the local system, and an agent describing remote system, with the network interface details.
Cardinality	0..1
Type	Reference(Endpoint), uri, string
Requirements	When a network protocol is used the endpoint is associated with the agent most directly using the endpoint. This is usually the software agent that has implemented the application level protocol. Preference is to define network in terms of a Reference(Endpoint), or URI; use string only when address or hostname is all that is known. When encoding using string it is best to encode using the formal canonical host name, but if you can't, then you can encode numeric in Literal address form using square brackets '[]' as a v4 string (in dotted notation), or v6 string (in colon notation).
Comments	When remote network endpoint is known, another agent representing the remote agent would indicate the remote network endpoint used. Convention is to indicate data flowing from Source to Destination. The convention for Search, given data flows both ways (query parameters vs results), is to have the Source as the initiator of the Search Transaction, and the Destination the responder to the Search transaction.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	w5: FiveWs.where[x] rim: .player.description dicom: NetworkAccessPointID and NetworkAccessPointTypeCode w3c.prov: Agent.Location
AuditEvent.agent.authorization
Short	Allowable authorization for this agent
Definition	The authorization (e.g., PurposeOfUse) that was used during the event being recorded.
Cardinality	0..*
Type	CodeableConcept
Binding	The reason the activity took place. PurposeOfUse (example)
Alias	PurposeOfUse
Requirements	Record of any relevant security context, not restricted to purposeOfUse valueSet. May include security compartments, refrain, obligation, or other security tags.
Comments	Use AuditEvent.agent.authorization when you know that is specific to the agent, otherwise use AuditEvent.authorization. For example, during a machine-to-machine transfer it might not be obvious to the audit system who caused the event, but it does know why.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	w5: FiveWs.why[x] rim: .reasonCode [ActHealthInformationPurposeOfUseReason codes/v:PurposeOfUse (2.16.840.1.113883.1.11.20448) .outboundRelationship[typeCode=RSON or SUBJ].target w3c.prov: Agent.Activity
AuditEvent.source
Short	Audit Event Reporter
Definition	The actor that is reporting the event.
Cardinality	1..1
Type	BackboneElement
Must Support	True
Summary	True
Requirements	The event is reported by one source.
Comments	Events are reported by the actor that detected them. This may be one of the participating actors, but may also be different. The actor may be a human such as a medical-records clerk disclosing data manually, that clerk would be the source for the record of disclosure.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	w5: FiveWs.witness rim: .participation[typeCode=INF].role[classCode=ASSIGN].player[classCode=DEV, determinerCode=INSTANCE] dicom: AuditSourceIdentification
AuditEvent.source.id
Short	Unique id for inter-element referencing
Definition	Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.
Cardinality	0..1
Type	string
Conditions	The cardinality or value of this element may be affected by these constraints: ele-1
Mappings	rim: n/a
AuditEvent.source.extension
Short	Additional content defined by implementations
Definition	May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and managable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.
Cardinality	0..*
Type	Extension
Alias	extensions, user content
Comments	There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()`
Mappings	rim: n/a
AuditEvent.source.modifierExtension
Short	Extensions that cannot be ignored even if unrecognized
Definition	May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and managable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions. Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).
Cardinality	0..*
Type	Extension
Modifier	True
Summary	True
Alias	extensions, user content, modifiers
Requirements	Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.
Comments	There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()`
Mappings	rim: N/A
AuditEvent.source.site
Short	Logical source location within the enterprise
Definition	Logical source location within the healthcare enterprise network. For example, a hospital or other provider location within a multi-entity provider group.
Cardinality	0..1
Type	Reference(Location)
Requirements	This value differentiates among the sites in a multi-site enterprise health information system.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	w5: FiveWs.witness rim: .scopedRole[classCode=LOCE].player.desc dicom: AuditEnterpriseSiteId
AuditEvent.source.observer
Short	The identity of source detecting the event
Definition	Identifier of the source where the event was detected.
Cardinality	1..1
Type	Reference(HVODevice)
Must Support	True
Summary	True
Alias	SourceId
Requirements	This field ties the event to a specific source system. It may be used to group events for analysis according to where the event was detected.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	w5: FiveWs.witness rim: .id dicom: AuditSourceId
AuditEvent.source.type
Short	The type of source where event originated
Definition	Code specifying the type of source where event originated.
Cardinality	0..*
Type	CodeableConcept
Binding	Code specifying the type of system that detected and recorded the event. Use of these codes is not required but is encouraged to maintain translation with DICOM AuditMessage schema. AuditEventSourceType (preferred)
Requirements	This field indicates which type of source is identified by the Audit Source ID. It is an optional value that may be used to group events for analysis according to the type of source where the event occurred.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	w5: FiveWs.witness rim: .code dicom: AuditSourceTypeCode
AuditEvent.entity
Short	Data or objects used
Definition	Specific instances of data or objects that have been accessed.
Cardinality	0..*
Type	BackboneElement
Must Support	True
Summary	True
Alias	ParticipantObject
Requirements	The event may have other entities involved.
Comments	Required unless the values for event identification, agent identification, and audit source identification are sufficient to document the entire auditable event. Because events may have more than one entity, this group can be a repeating set of values.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	w5: FiveWs.what[x] rim: .outboundRelationship[typeCode=SUBJ].target or .participation[typeCode=SBJ].role dicom: ParticipantObjectIdentification w3c.prov: Entity fhirprovenance: Provenance.target, Provenance.entity
AuditEvent.entity.id
Short	Unique id for inter-element referencing
Definition	Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.
Cardinality	0..1
Type	string
Conditions	The cardinality or value of this element may be affected by these constraints: ele-1
Mappings	rim: n/a
AuditEvent.entity.extension
Short	Additional content defined by implementations
Definition	May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and managable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.
Cardinality	0..*
Type	Extension
Alias	extensions, user content
Comments	There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()`
Mappings	rim: n/a
AuditEvent.entity.modifierExtension
Short	Extensions that cannot be ignored even if unrecognized
Definition	May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and managable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions. Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).
Cardinality	0..*
Type	Extension
Modifier	True
Summary	True
Alias	extensions, user content, modifiers
Requirements	Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.
Comments	There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()`
Mappings	rim: N/A
AuditEvent.entity.what
Short	Specific instance of resource
Definition	Identifies a specific instance of the entity. The reference should be version specific. This is allowed to be a Parameters resource.
Cardinality	1..1
Type	Reference(Resource)
Must Support	True
Summary	True
Comments	Use .what.display when all you have is a string (e.g. ParticipantObjectName).
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	w5: FiveWs.what[x] rim: .id dicom: ParticipantObjectTypeCode, ParticipantObjectName, ParticipantObjectID and ParticipantObjectIDTypeCode fhirprovenance: Provenance.target, Provenance.entity.what
AuditEvent.entity.role
Short	What role the entity played
Definition	Code representing the role the entity played in the event being audited.
Cardinality	0..1
Type	CodeableConcept
Binding	DICOM Audit Event Entity Role AuditEventEntityRole (example)
Requirements	For some detailed audit analysis it may be necessary to indicate a more granular type of entity, based on the application role it serves.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	w5: FiveWs.context rim: role.code (not sure what this would mean for an Act) dicom: ParticipantObjectTypeCodeRole w3c.prov: Entity.role
AuditEvent.entity.securityLabel
Short	Security labels on the entity
Definition	Security labels for the identified entity.
Cardinality	0..*
Type	CodeableConcept
Binding	Example Security Labels from the Healthcare Privacy and Security Classification System. SecurityLabelExamples (example)
Requirements	This field identifies the security labels for a specific instance of an object, such as a patient, to detect/track privacy and security issues.
Comments	Copied from entity meta security tags.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	w5: FiveWs.context rim: .confidentialityCode dicom: ParticipantObjectSensitivity
AuditEvent.entity.query
Short	Query parameters
Definition	The query parameters for a query-type entities.
Cardinality	0..1
Type	base64Binary
Summary	True
Requirements	For query events, it may be necessary to capture the actual query input to the query process in order to identify the specific event. Because of differences among query implementations and data encoding for them, this is a base 64 encoded data blob. It may be subsequently decoded or interpreted by downstream audit analysis processing.
Comments	The meaning and secondary-encoding of the content of base64 encoded blob is specific to the AuditEvent.type, AuditEvent.subtype, and AuditEvent.entity.role. The base64 is a general-use and safe container for event specific data blobs regardless of the encoding used by the transaction being recorded. An AuditEvent consuming application must understand the event it is consuming and the formats used by the event. For example, if auditing an Oracle network database access, the Oracle formats must be understood as they will be simply encoded in the base64binary blob. The DICOM AuditMessage schema does not support both .name and .query being populated.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	w5: FiveWs.context rim: No mapping dicom: ParticipantObjectQuery
AuditEvent.entity.detail
Short	Additional Information about the entity
Definition	Tagged value pairs for conveying additional information about the entity.
Cardinality	0..*
Type	BackboneElement
Requirements	Implementation-defined data about specific details of the object accessed or used.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	w5: FiveWs.context rim: .inboundRelationship[typeCode=SUBJ].target[classCode=OBS, moodCode=EVN] dicom: ParticipantObjectDetail
AuditEvent.entity.detail.id
Short	Unique id for inter-element referencing
Definition	Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.
Cardinality	0..1
Type	string
Conditions	The cardinality or value of this element may be affected by these constraints: ele-1
Mappings	rim: n/a
AuditEvent.entity.detail.extension
Short	Additional content defined by implementations
Definition	May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and managable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.
Cardinality	0..*
Type	Extension
Alias	extensions, user content
Comments	There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()`
Mappings	rim: n/a
AuditEvent.entity.detail.modifierExtension
Short	Extensions that cannot be ignored even if unrecognized
Definition	May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and managable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions. Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).
Cardinality	0..*
Type	Extension
Modifier	True
Summary	True
Alias	extensions, user content, modifiers
Requirements	Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions.
Comments	There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()`
Mappings	rim: N/A
AuditEvent.entity.detail.type
Short	Name of the property
Definition	The type of extra detail provided in the value.
Cardinality	1..1
Type	CodeableConcept
Binding	Additional detail about an entity used in an event. AuditEventID (example)
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	w5: FiveWs.context rim: .code dicom: ParticipantObjectDetail.type
AuditEvent.entity.detail.value[x]
Short	Property value
Definition	The value of the extra detail.
Cardinality	1..1
Type	Quantity, CodeableConcept, string, boolean, integer, Range, Ratio, time, dateTime, Period, base64Binary
Requirements	Should not duplicate the entity value unless absolutely necessary.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	w5: FiveWs.context rim: .value dicom: ParticipantObjectDetail.value
AuditEvent.entity.agent
Short	Entity is attributed to this agent
Definition	The entity is attributed to an agent to express the agent's responsibility for that entity in the activity. This is most used to indicate when persistence media (the entity) are used by an agent. For example when importing data from a device, the device would be described in an entity, and the user importing data from that media would be indicated as the entity.agent.
Cardinality	0..*
Type	see (agent)
Comments	A usecase where one AuditEvent.entity.agent is used where the Entity that was used in the creation/updating of a target resource, is not in the context of the same custodianship as the target resource, and thus the meaning of AuditEvent.entity.agent is to say that the entity referenced is managed elsewhere and that this Agent provided access to it. This would be similar to where the Entity being referenced is managed outside FHIR, such as through HL7 V2, v3, or XDS. This might be where the Entity being referenced is managed in another FHIR resource server. Thus it explains the provenance of that Entity's use in the context of this AuditEvent activity.
Constraints	ele-1: All FHIR elements must have a @value or children `hasValue() or (children().count() > id.count())`
Mappings	rim: ./author/role dicom: ActiveParticipant.MediaType fhirprovenance: Provenance.entity.agent

<id value="HVOAuditEvent" />
<url value="http://electronichealth.se/fhir/hvo/StructureDefinition/HVOAuditEvent" />
<version value="0.1.0" />
<name value="HVOAuditEvent" />
<status value="draft" />
<description value="HVO profile for security information about an event" />
<fhirVersion value="5.0.0" />
<kind value="resource" />
<abstract value="false" />
<type value="AuditEvent" />
<baseDefinition value="http://hl7.org/fhir/StructureDefinition/AuditEvent" />
<derivation value="constraint" />
<differential>
<element id="AuditEvent.agent">
<path value="AuditEvent.agent" />
<mustSupport value="true" />
</element>
<element id="AuditEvent.agent.who">
<path value="AuditEvent.agent.who" />
<type>
<code value="Reference" />
<targetProfile value="http://electronichealth.se/fhir/hvo/StructureDefinition/HVODevice" />
<targetProfile value="http://electronichealth.se/fhir/hvo/StructureDefinition/HVOOrganization" />
<targetProfile value="http://electronichealth.se/fhir/hvo/StructureDefinition/HVOPractitionerRole" />
<targetProfile value="http://electronichealth.se/fhir/hvo/StructureDefinition/HVOPractitioner" />
</type>
<mustSupport value="true" />
</element>
<element id="AuditEvent.source">
<path value="AuditEvent.source" />
<mustSupport value="true" />
</element>
<element id="AuditEvent.source.observer">
<path value="AuditEvent.source.observer" />
<type>
<code value="Reference" />
<targetProfile value="http://electronichealth.se/fhir/hvo/StructureDefinition/HVODevice" />
</type>
<mustSupport value="true" />
</element>
<element id="AuditEvent.entity">
<path value="AuditEvent.entity" />
<mustSupport value="true" />
</element>
<element id="AuditEvent.entity.what">
<path value="AuditEvent.entity.what" />
<min value="1" />
<mustSupport value="true" />
</element>
</differential>

</StructureDefinition>

{

"resourceType": "StructureDefinition",
"id": "HVOAuditEvent",
"url": "http://electronichealth.se/fhir/hvo/StructureDefinition/HVOAuditEvent",
"version": "0.1.0",
"name": "HVOAuditEvent",
"status": "draft",
"description": "HVO profile for security information about an event",
"fhirVersion": "5.0.0",
"kind": "resource",
"abstract": false,
"type": "AuditEvent",
"baseDefinition": "http://hl7.org/fhir/StructureDefinition/AuditEvent",
"derivation": "constraint",
"differential": {
"element": [
{
"id": "AuditEvent.agent",
"path": "AuditEvent.agent",
"mustSupport": true
},
{
"id": "AuditEvent.agent.who",
"path": "AuditEvent.agent.who",
"type": [
{
"code": "Reference",
"targetProfile": [
"http://electronichealth.se/fhir/hvo/StructureDefinition/HVODevice",
"http://electronichealth.se/fhir/hvo/StructureDefinition/HVOOrganization",
"http://electronichealth.se/fhir/hvo/StructureDefinition/HVOPractitionerRole",
"http://electronichealth.se/fhir/hvo/StructureDefinition/HVOPractitioner"
]
}
],
"mustSupport": true
},
{
"id": "AuditEvent.source",
"path": "AuditEvent.source",
"mustSupport": true
},
{
"id": "AuditEvent.source.observer",
"path": "AuditEvent.source.observer",
"type": [
{
"code": "Reference",
"targetProfile": [
"http://electronichealth.se/fhir/hvo/StructureDefinition/HVODevice"
]
}
],
"mustSupport": true
},
{
"id": "AuditEvent.entity",
"path": "AuditEvent.entity",
"mustSupport": true
},
{
"id": "AuditEvent.entity.what",
"path": "AuditEvent.entity.what",
"min": 1,
"mustSupport": true
}
]
}

}

Details

The must-support flag indicates that the element is expected in some use cases, and a missing flag that the element is never used.

Supported operations

HTTP methods

Operation	Supported	Comment
Search (GET, POST)	no
Insert (POST)	no
Update (PUT)	no
Delete (DEL)	no
Operation (GET, POST)	no