Security and Privacy| Security Work Group | Maturity Level: N/A | Standards Status: Informative | Compartments: Device, Patient, Practitioner |
Raw XML (canonical form + also see XML Format Specification)
Accounting of a Disclosure (id = "example-disclosure")
<?xml version="1.0" encoding="UTF-8"?> <AuditEvent xmlns="http://hl7.org/fhir"> <id value="example-disclosure"/> <text> <status value="generated"/> <div xmlns="http://www.w3.org/1999/xhtml">Disclosure by some idiot, for marketing reasons, to places unknown, of a Poor Sap, data about Everthing important.</div> </text> <type> <system value="http://dicom.nema.org/resources/ontology/DCM"/> <code value="110106"/> <display value="Export"/> </type> <subtype> <code value="Disclosure"/> <display value="HIPAA disclosure"/> </subtype> <action value="R"/> <recorded value="2013-09-22T00:08:00Z"/> <outcome value="0"/> <outcomeDesc value="Successful Disclosure"/> <purposeOfEvent> <coding> <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/> <code value="HMARKT"/> <display value="healthcare marketing"/> </coding> </purposeOfEvent> <agent> <!-- who disclosed the data --> <type> <coding> <system value="http://dicom.nema.org/resources/ontology/DCM"/> <code value="110153"/> <display value="Source Role ID"/> </coding> </type> <who> <identifier> <value value="SomeIdiot@nowhere"/> </identifier> </who> <altId value="notMe"/> <name value="That guy everyone wishes would be caught"/> <requestor value="true"/> <location> <reference value="Location/1"/> </location> <policy value="http://consent.com/yes"/> <network> <address value="custodian.net"/> <type value="1"/> </network> </agent> <agent> <!-- who received the data --> <type> <coding> <system value="http://dicom.nema.org/resources/ontology/DCM"/> <code value="110152"/> <display value="Destination Role ID"/> </coding> </type> <who> <reference value="Practitioner/example"/> <display value="Where"/> </who> <requestor value="false"/> <network> <address value="marketing.land"/> <type value="1"/> </network> <purposeOfUse> <coding> <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/> <code value="HMARKT"/> <display value="healthcare marketing"/> </coding> </purposeOfUse> </agent> <source> <!-- what system detected this disclosure --> <site value="Watcher"/> <observer> <display value="Watchers Accounting of Disclosures Application"/> </observer> <type> <system value="http://terminology.hl7.org/CodeSystem/security-source-type"/> <code value="4"/> <display value="Application Server"/> </type> </source> <entity> <!-- patient whos data got disclosed --> <what> <reference value="Patient/example"/> </what> <type> <system value="http://terminology.hl7.org/CodeSystem/audit-entity-type"/> <code value="1"/> <display value="Person"/> </type> <role> <system value="http://terminology.hl7.org/CodeSystem/object-role"/> <code value="1"/> <display value="Patient"/> </role> </entity> <entity> <!-- data that got disclosed --> <what> <reference value="Patient/example/_history/1"/> <identifier> <value value="What.id"/> </identifier> </what> <type> <system value="http://terminology.hl7.org/CodeSystem/audit-entity-type"/> <code value="2"/> <display value="System Object"/> </type> <role> <system value="http://terminology.hl7.org/CodeSystem/object-role"/> <code value="4"/> <display value="Domain Resource"/> </role> <lifecycle> <system value="http://terminology.hl7.org/CodeSystem/dicom-audit-lifecycle"/> <code value="11"/> <display value="Disclosure"/> </lifecycle> <securityLabel> <system value="http://terminology.hl7.org/CodeSystem/v3-Confidentiality"/> <code value="V"/> <display value="very restricted"/> </securityLabel> <securityLabel> <system value="http://terminology.hl7.org/CodeSystem/v3-ActCode"/> <code value="STD"/> <display value="sexually transmitted disease information sensitivity"/> </securityLabel> <securityLabel> <system value="http://terminology.hl7.org/CodeSystem/v3-ActCode"/> <code value="DELAU"/> <display value="delete after use"/> </securityLabel> <name value="Namne of What"/> <description value="data about Everthing important"/> </entity> </AuditEvent>
Usage note: every effort has been made to ensure that the examples are correct and useful, but they are not a normative part of the specification.
®© HL7.org 2011+. FHIR Release 4 (Technical Correction #1) (v4.0.1) generated on Thu, Jan 21, 2021 15:37+0000. QA Page
Links: Search |
Version History |
Table of Contents |
Credits |
Compare to R3 |
|
Propose a change
