type: exampleresource: AuditEventexample: auditevent-example-disclosure
AuditEvent Example: auditevent-example-disclosure
Example XML
<AuditEvent xmlns="http://hl7.org/fhir"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://hl7.org/fhir ../../schema/auditevent.xsd">
<id value="example-disclosure"/>
<type>
<coding>
<system value="http://dicom.nema.org/resources/ontology/DCM"/>
<code value="110106"/>
<display value="Export"/>
</coding>
</type>
<subtype>
<coding>
<code value="Disclosure"/>
<display value="HIPAA disclosure"/>
</coding>
</subtype>
<action value="R"/>
<severity value="notice"/>
<recorded value="2013-09-22T00:08:00Z"/>
<outcome>
<code>
<system value="http://terminology.hl7.org/CodeSystem/audit-event-outcome"/>
<code value="0"/>
<display value="Success"/>
</code>
<detail>
<text value="Successful Disclosure"/>
</detail>
</outcome>
<authorization>
<coding>
<system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
<code value="HMARKT"/>
<display value="healthcare marketing"/>
</coding>
</authorization>
<!-- patient whos data got disclosed -->
<patient>
<reference value="Patient/example"/>
</patient>
<agent>
<!-- who disclosed the data -->
<type>
<coding>
<system value="http://dicom.nema.org/resources/ontology/DCM"/>
<code value="110153"/>
<display value="Source Role ID"/>
</coding>
</type>
<who>
<identifier>
<value value="SomeIdiot@nowhere"/>
</identifier>
<display value="That guy everyone wishes would be caught"/>
</who>
<requestor value="true"/>
<location>
<reference value="Location/1"/>
</location>
<policy value="http://consent.com/yes"/>
<networkString value="custodian.net"/>
</agent>
<agent>
<!-- who received the data -->
<type>
<coding>
<system value="http://dicom.nema.org/resources/ontology/DCM"/>
<code value="110152"/>
<display value="Destination Role ID"/>
</coding>
</type>
<who>
<reference value="Practitioner/example"/>
<display value="Where"/>
</who>
<requestor value="false"/>
<networkString value="marketing.land"/>
<authorization>
<coding>
<system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
<code value="HMARKT"/>
<display value="healthcare marketing"/>
</coding>
</authorization>
</agent>
<source>
<!-- what system detected this disclosure -->
<observer>
<display value="Watchers Accounting of Disclosures Application"/>
</observer>
<type>
<coding>
<system value="http://terminology.hl7.org/CodeSystem/security-source-type"/>
<code value="4"/>
<display value="Application Server"/>
</coding>
</type>
</source>
<entity>
<!-- data that got disclosed -->
<what>
<reference value="Patient/example/_history/1"/>
<identifier>
<value value="What.id"/>
</identifier>
<display value="data about Everthing important"/>
</what>
<role>
<coding>
<system value="http://terminology.hl7.org/CodeSystem/object-role"/>
<code value="4"/>
<display value="Domain Resource"/>
</coding>
</role>
<securityLabel>
<coding>
<system value="http://terminology.hl7.org/CodeSystem/v3-Confidentiality"/>
<code value="V"/>
<display value="very restricted"/>
</coding>
</securityLabel>
<securityLabel>
<coding>
<system value="http://terminology.hl7.org/CodeSystem/v3-ActCode"/>
<code value="STD"/>
<display value="sexually transmitted disease information sensitivity"/>
</coding>
</securityLabel>
<securityLabel>
<coding>
<system value="http://terminology.hl7.org/CodeSystem/v3-ActCode"/>
<code value="DELAU"/>
<display value="delete after use"/>
</coding>
</securityLabel>
</entity>
</AuditEvent>