XIG: CapabilityStatement/IHE.BALP.AuditConsumer

FHIR IG Statistics: CapabilityStatement/IHE.BALP.AuditConsumer

Package	ihe.iti.balp
Type	CapabilityStatement
Id	IHE.BALP.AuditConsumer
FHIR Version	R4
Source	https://profiles.ihe.net/ITI/BALP/https://build.fhir.org/ig/IHE/ITI.BasicAudit/CapabilityStatement-IHE.BALP.AuditConsumer.html
URL	https://profiles.ihe.net/ITI/BALP/CapabilityStatement/IHE.BALP.AuditConsumer
Version	1.1.4-current
Status	active
Date	2022-10-28
Name	IHE_BALP_AuditConsumer
Title	IHE BALP Audit Consumer
Realm	uv
Authority	ihe
Description	CapabilityStatement for [Audit Consumer](volume-1.html#152112-audit-consumer) Actor in [BALP](index.html). This CapabilityStatement replicates the requirements that would come from the ATNA *Audit Consumer actor supporting ATNA Retrieve Audit Message Option.
Kind	requirements

Resources that use this resource

No resources found

Resources that this resource uses

StructureDefinition
IHE.BasicAudit.AuthZconsent	Basic AuditEvent pattern for when an Authorization permit is decided
IHE.BasicAudit.Create	Basic AuditEvent for a successful Create not related to a Patient
IHE.BasicAudit.Delete	Basic AuditEvent for a successful Delete
IHE.BasicAudit.OAUTHaccessTokenUse.Comprehensive	Basic AuditEvent pattern for when an activity was authorized by an IUA access token
IHE.BasicAudit.OAUTHaccessTokenUse.Minimal	Basic AuditEvent pattern for oAuth Opaque
IHE.BasicAudit.OAUTHaccessTokenUse.Opaque	Basic AuditEvent pattern for oAuth Opaque
IHE.BasicAudit.PatientCreate	Basic AuditEvent for a successful Create with known Patient subject
IHE.BasicAudit.PatientDelete	Basic AuditEvent for a successful Delete with Patient
IHE.BasicAudit.PatientQuery	Basic AuditEvent for a successful Query with Patient
IHE.BasicAudit.PatientRead	Basic AuditEvent for a successful Read with a Patient
IHE.BasicAudit.PatientUpdate	Basic AuditEvent for a successful Update with a Patient subject
IHE.BasicAudit.PrivacyDisclosure.Recipient	Audit Event for a Privacy Disclosure as recorded by a Recipient
IHE.BasicAudit.PrivacyDisclosure.Source	Audit Event for Privacy Disclosure at Source
IHE.BasicAudit.Query	Basic AuditEvent for a successful Query
IHE.BasicAudit.Read	Basic AuditEvent for a successful Read
IHE.BasicAudit.SAMLaccessTokenUse.Comprehensive	Basic AuditEvent pattern for when an activity was authorized by an SAML access token Comprehensive
IHE.BasicAudit.SAMLaccessTokenUse.Minimal	Basic AuditEvent pattern for when an activity was authorized by an SAML access token Minimal
IHE.BasicAudit.Update	Basic AuditEvent for a successful Update
IHE.IUA.71	IHE IUA ITI-71 AuditEvent for a successful Get Access Token

Narrative

Note: links and images are rebased to the (stated) source

Generated Narrative: CapabilityStatement IHE.BALP.AuditConsumer

IHE BALP Audit Consumer

Implementation Guide Version: 1.1.4-current
FHIR Version: 4.0.1
Supported Formats: application/fhir+xml, application/fhir+json
Supported Patch Formats:
Published on: 2022-10-28
Published by: IHE IT Infrastructure Technical Committee

Note to Implementers: FHIR Capabilities
Any FHIR capability may be 'allowed' by the system unless explicitly marked as 'SHALL NOT'. A few items are marked as MAY in the Implementation Guide to highlight their potential relevance to the use case.

FHIR RESTful Capabilities

Mode: `client`

BALP Audit Consumer will query for AuditEvent resources.

Security

ATNA required, encouraged IHE-IUA or SMART-on-FHIR

Summary of System-wide Interactions

Capabilities by Resource/Profile

Summary

The summary table lists the resources that are part of this configuration, and for each resource it lists:

The relevant profiles (if any)
The interactions supported by each resource (Read, Search, Update, and Create, are always shown, while VRead, Patch, Delete, History on Instance, or History on Type are only present if at least one of the resources has support for them.
The required, recommended, and some optional search parameters (if any).
The linked resources enabled for _include
The other resources enabled for _revinclude
The operations on the resource (if any)

Resource Type	Profile	R	S	U	C	Searches	`_include`	`_revinclude`	Operations
AuditEvent	Supported Profiles Basic AuditEvent for a successful Create not related to a Patient Basic AuditEvent for a successful Read Basic AuditEvent for a successful Update Basic AuditEvent for a successful Delete Basic AuditEvent for a successful Query Basic AuditEvent for a successful Create with known Patient subject Basic AuditEvent for a successful Read with a Patient Basic AuditEvent for a successful Update with a Patient subject Basic AuditEvent for a successful Delete with Patient Basic AuditEvent for a successful Query with Patient IHE IUA ITI-71 AuditEvent for a successful Get Access Token Basic AuditEvent pattern for when an activity was authorized by an IUA access token Basic AuditEvent pattern for oAuth Opaque Basic AuditEvent pattern for oAuth Opaque Basic AuditEvent pattern for when an activity was authorized by an SAML access token Comprehensive Basic AuditEvent pattern for when an activity was authorized by an SAML access token Minimal Basic AuditEvent pattern for when an Authorization permit is decided Audit Event for a Privacy Disclosure as recorded by a Recipient Audit Event for Privacy Disclosure at Source	y	y			_id, _lastUpdated, date, address, agent.identifier, patient.identifier, entity.identifier, entity-type, entity-role, source.identifier, type, subtype, outcome

Resource Conformance: supported AuditEvent

Core FHIR Resource
AuditEvent

Reference Policy

Interaction summary

Supports search-type, read.

Supported Profiles

Documentation

For Retrieve ATNA Audit Event [ITI-81]. Note that all BALP Content profiles are listed here.

Search Parameters

Conformance	Parameter	Type
SHALL	_id	`token`
SHALL	_lastUpdated	`date`
SHALL	date	`date`
SHALL	address	`string`
SHALL	agent.identifier	`token`
SHALL	patient.identifier	`token`
SHALL	entity.identifier	`token`
SHALL	entity-type	`token`
SHALL	entity-role	`token`
SHALL	source.identifier	`token`
SHALL	type	`token`
SHALL	subtype	`token`
SHALL	outcome	`token`

Source

{
  "resourceType": "CapabilityStatement",
  "id": "IHE.BALP.AuditConsumer",
  "text": {
    "status": "extensions",
    "div": "<!-- snip (see above) -->"
  },
  "url": "https://profiles.ihe.net/ITI/BALP/CapabilityStatement/IHE.BALP.AuditConsumer",
  "version": "1.1.4-current",
  "name": "IHE_BALP_AuditConsumer",
  "title": "IHE BALP Audit Consumer",
  "status": "active",
  "experimental": false,
  "date": "2022-10-28",
  "publisher": "IHE IT Infrastructure Technical Committee",
  "contact": [
    {
      "name": "IHE IT Infrastructure Technical Committee",
      "telecom": [
        {
          "system": "url",
          "value": "https://www.ihe.net/ihe_domains/it_infrastructure/"
        },
        {
          "system": "email",
          "value": "iti@ihe.net"
        }
      ]
    },
    {
      "name": "IHE IT Infrastructure Technical Committee",
      "telecom": [
        {
          "system": "email",
          "value": "iti@ihe.net"
        }
      ]
    }
  ],
  "description": "CapabilityStatement for [Audit Consumer](volume-1.html#152112-audit-consumer) Actor in [BALP](index.html).\n\nThis CapabilityStatement replicates the requirements that would come from the ATNA **Audit Consumer* actor supporting **ATNA Retrieve Audit Message Option**.",
  "jurisdiction": [
    {
      "coding": [
        {
          "system": "http://unstats.un.org/unsd/methods/m49/m49.htm",
          "code": "001"
        }
      ]
    }
  ],
  "kind": "requirements",
  "fhirVersion": "4.0.1",
  "format": [
    "application/fhir+xml",
    "application/fhir+json"
  ],
  "rest": [
    {
      "mode": "client",
      "documentation": "BALP Audit Consumer will query for AuditEvent resources.",
      "security": {
        "description": "[ATNA](https://profiles.ihe.net/ITI/TF/Volume1/ch-9.html) required, encouraged [IHE-IUA](https://profiles.ihe.net/ITI/IUA/index.html) or SMART-on-FHIR"
      },
      "resource": [
        {
          "type": "AuditEvent",
          "supportedProfile": [
            "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Create",
            "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Read",
            "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Update",
            "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Delete",
            "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.Query",
            "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientCreate",
            "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientRead",
            "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientUpdate",
            "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientDelete",
            "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PatientQuery",
            "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.IUA.71",
            "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.OAUTHaccessTokenUse.Comprehensive",
            "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.OAUTHaccessTokenUse.Minimal",
            "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.OAUTHaccessTokenUse.Opaque",
            "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.SAMLaccessTokenUse.Comprehensive",
            "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.SAMLaccessTokenUse.Minimal",
            "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.AuthZconsent",
            "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PrivacyDisclosure.Recipient",
            "https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.PrivacyDisclosure.Source"
          ],
          "documentation": "For Retrieve ATNA Audit Event [ITI-81]. Note that all BALP Content profiles are listed here.",
          "interaction": [
            {
              "code": "search-type"
            },
            {
              "code": "read"
            }
          ],
          "searchParam": [
            {
              "name": "_id",
              "type": "token"
            },
            {
              "name": "_lastUpdated",
              "type": "date"
            },
            {
              "name": "date",
              "type": "date"
            },
            {
              "name": "address",
              "type": "string"
            },
            {
              "name": "agent.identifier",
              "type": "token"
            },
            {
              "name": "patient.identifier",
              "type": "token"
            },
            {
              "name": "entity.identifier",
              "type": "token"
            },
            {
              "name": "entity-type",
              "type": "token"
            },
            {
              "name": "entity-role",
              "type": "token"
            },
            {
              "name": "source.identifier",
              "type": "token"
            },
            {
              "name": "type",
              "type": "token"
            },
            {
              "name": "subtype",
              "type": "token"
            },
            {
              "name": "outcome",
              "type": "token"
            }
          ]
        }
      ]
    }
  ]
}