Release 4 4B

This page is part of the FHIR Specification (v4.0.1: R4 (v4.3.0: R4B - Mixed Normative and STU ) in it's permanent home (it will always be available at this URL). ). The current version which supercedes this version is 5.0.0 . For a full list of available versions, see the Directory of published versions . Page versions: R5 R4B R4 R4B R4 R3 R2

6.4.7 6.4.8 Resource AuditEvent - Mappings

Security Work Group Maturity Level : N/A Standards Status : Informative Security Category : Not Classified Compartments : Device , Patient , Practitioner

Mappings:

FiveWs Pattern Mapping

Workflow Pattern

RIM Mapping

DICOM Tag Mapping

W3C PROV

FHIR Provenance Mapping

Mappings for the auditevent resource (see Mappings to Other Standards for further information & status).

6.4.7.1 6.4.8.1 FiveWs Pattern Mapping ( http://hl7.org/fhir/fivews )

AuditEvent
    type FiveWs.what[x]
    subtype FiveWs.what[x]
    action FiveWs.what[x]
    period FiveWs.done[x]
    recorded FiveWs.recorded
    outcome FiveWs.what[x]
    outcomeDesc FiveWs.what[x]
    purposeOfEvent FiveWs.why[x]
    agent FiveWs.who
        type FiveWs.who
        role FiveWs.who
        who FiveWs.who
        altId FiveWs.who
        name FiveWs.who
        requestor FiveWs.who
        location FiveWs.where[x]
        policy FiveWs.why[x]
        media FiveWs.where[x]
        network FiveWs.where[x]
            address FiveWs.where[x]
            type FiveWs.where[x]
        purposeOfUse FiveWs.why[x]
    source FiveWs.witness
        site FiveWs.witness
        observer FiveWs.witness
        type FiveWs.witness
    entity FiveWs.what[x]
        what FiveWs.what[x]
        type FiveWs.what[x]
        role FiveWs.context
        lifecycle FiveWs.context
        securityLabel FiveWs.context
        name FiveWs.context
        description FiveWs.context
        query FiveWs.context
        detail FiveWs.context
            type FiveWs.context
            value[x] FiveWs.context

6.4.7.2 6.4.8.2 Workflow Pattern ( http://hl7.org/fhir/workflow )

AuditEvent Event
    type Event.code
    period Event.occurred[x]
    purposeOfEvent Event.reasonCode
    agent Event.performer
        type Event.performer.function
        who Event.performer.actor
        location Event.location

6.4.7.3 6.4.8.3 RIM Mapping ( http://hl7.org/v3 )

AuditEvent ControlAct[moodCode=EVN]
    type .code (type, subtype and action are pre-coordinated or sent as translations)
    subtype .code (type, subtype and action are pre-coordinated or sent as translations)
    action .code (type, subtype and action are pre-coordinated or sent as translations)
    period ./effectiveTime[type=IVL_TS]
    recorded .effectiveTime
    outcome .actionNegationInd
    outcomeDesc .outboundRelationship[typeCode=OUT].target.text
    purposeOfEvent * .reasonCode [ControlActReason when Act.class = CACT Control Act]
*.outboundRelationship[typeCode=RSON].target
    agent .participation
        type .typeCode and/or .functionCode
        role .role
        who .id
        altId .id (distinguish id type by root)
        name .name
        requestor If participation.typeCode was author, then true
        location * Role.Class =SDLOC
*Role.Code = ServiceDeliveryLocationRoleType
*Entity.Code = PlaceEntityType = df.Types of places for Entity.Class = PLC
*EntityClass = PLC = df.A physical place or site with its containing structure. May be natural or man-made. The geographic position of a place might or might not be constant.
        policy ActPolicyType
        media .player.description.mediaType
        network .player.description.reference
            address pre-coordinated into URL
            type pre-coordinated into URL
        purposeOfUse *.reasonCode [ActHealthInformationPurposeOfUseReason codes/v:PurposeOfUse
(2.16.840.1.113883.1.11.20448)
* .outboundRelationship[typeCode=RSON or SUBJ].target
    source .participation[typeCode=INF].role[classCode=ASSIGN].player[classCode=DEV, determinerCode=INSTANCE]
        site .scopedRole[classCode=LOCE].player.desc
        observer .id
        type .code
    entity .outboundRelationship[typeCode=SUBJ].target or .participation[typeCode=SBJ].role
        what .id
        type [self::Act].code or role.player.code
        role role.code (not sure what this would mean for an Act)
        lifecycle target of ObservationEvent[code="lifecycle"].value
        securityLabel .confidentialityCode
        name .title
        description .text
        query No mapping
        detail .inboundRelationship[typeCode=SUBJ].target[classCode=OBS, moodCode=EVN]
            type .code
            value[x] .value

6.4.7.4 6.4.8.4 DICOM Tag Mapping ( http://nema.org/dicom )

AuditEvent Message
    type EventId
    subtype EventTypeCode
    action EventActionCode
    period EventDateTime
    recorded
    outcome EventOutcomeIndicator
    outcomeDesc EventOutcomeDescription
    purposeOfEvent EventPurposeOfUse
    agent ActiveParticipant
        type RoleIdCode
        role RoleIdCode
        who UserId
        altId AlternativeUserId
        name UserName
        requestor UserIsRequestor
        location
        policy ParticipantRoleIDCode
        media MediaType
        network
            address NetworkAccessPointID
            type NetworkAccessPointTypeCode
        purposeOfUse
    source AuditSourceIdentification
        site AuditEnterpriseSiteId
        observer AuditSourceId
        type AuditSourceTypeCode
    entity ParticipantObjectIdentification
        what ParticipantObjectID and ParticipantObjectIDTypeCode
        type ParticipantObjectTypeCode
        role ParticipantObjectTypeCodeRole
        lifecycle ParticipantObjectDataLifeCycle
        securityLabel ParticipantObjectSensitivity
        name ParticipantObjectName
        description ParticipantObjectDescription
        query ParticipantObjectQuery
        detail ParticipantObjectDetail
            type ParticipantObjectDetail.type
            value[x] ParticipantObjectDetail.value

6.4.7.5 6.4.8.5 W3C PROV ( http://www.w3.org/ns/prov )

The provenance resource is based on known practices in the HL7 implementation space, particularly those found in the v2 EVN segment, the v3 ControlAct Wrapper, the CDA header, and IHE ATNA. The conceptual model underlying the design is the W3C provenance Specification . Though the content and format of the resource is designed to meet specific requirements for FHIR, all the parts of the resource are formally mapped to the PROV-O specification, and FHIR resources can be transformed to their W3C PROV equivalent.

AuditEvent
    type Activity
    subtype
    action
    period Activity.startTime & Activity.endTime
    recorded Activity.when
    outcome
    outcomeDesc
    purposeOfEvent Activity.Activity
    agent Agent
        type Agent.Attribution
        role Agent.Attribution
        who Agent.Identity
        altId Agent.Identity
        name Agent.Identity
        requestor
        location Activity.location
        policy
        media
        network
            address Agent.Location
            type
        purposeOfUse Agent.Activity
    source
        site
        observer
        type
    entity Entity
        what
        type Entity.type
        role Entity.role
        lifecycle Entity.role
        securityLabel
        name Entity.Label
        description
        query
        detail
            type
            value[x]

6.4.7.6 6.4.8.6 FHIR Provenance Mapping ( http://hl7.org/fhir/provenance )

AuditEvent
    type
    subtype
    action
    period Provenance.occurred[x]
    recorded Provenance.recorded
    outcome
    outcomeDesc
    purposeOfEvent Provenance.reason, Provenance.activity
    agent Provenance.agent
        type Provenance.agent.type
        role Provenance.agent.role
        who Provenance.agent.who
        altId
        name
        requestor
        location Provenance.location
        policy Provenance.policy
        media
        network
            address
            type
        purposeOfUse
    source
        site
        observer
        type
    entity Provenance.target, Provenance.entity
        what Provenance.target, Provenance.entity.what
        type Provenance.entity.type
        role
        lifecycle Provenance.entity.role
        securityLabel
        name
        description
        query
        detail
            type
            value[x]