Terminology

CodeSystem:AuditEventEntityRole

Code representing the role the entity played in the audit event.
CodeDisplayDefinition
1PatientThis object is the patient that is the subject of care related to this event. It is identifiable by patient ID or equivalent. The patient may be either human or animal.
2LocationThis is a location identified as related to the event. This is usually the location where the event took place. Note that for shipping, the usual events are arrival at a location or departure from a location.
3ReportThis object is any kind of persistent document created as a result of the event. This could be a paper report, film, electronic report, DICOM Study, etc. Issues related to medical records life cycle management are conveyed elsewhere.
4Domain ResourceA logical object related to a health record event. This is any healthcare specific resource (object) not restricted to FHIR defined Resources.
5Master fileThis is any configurable file used to control creation of documents. Examples include the objects maintained by the HL7 Master File transactions, Value Sets, etc.
6UserA human participant not otherwise identified by some other category.
7List(deprecated).
8DoctorTypically, a licensed person who is providing or performing care related to the event, generally a physician. The key distinction between doctor and practitioner is with regards to their role, not the licensing. The doctor is the human who actually performed the work. The practitioner is the human or organization that is responsible for the work.
9SubscriberA person or system that is being notified as part of the event. This is relevant in situations where automated systems provide notifications to other parties when an event took place.
10GuarantorInsurance company, or any other organization who accepts responsibility for paying for the healthcare event.
11Security User EntityA person or active system object involved in the event with a security role.
12Security User GroupA person or system object involved in the event with the authority to modify security roles of other objects.
13Security ResourceA passive object, such as a role table, that is relevant to the event.
14Security Granularity Definition(deprecated) Relevant to certain RBAC security methodologies.
15PractitionerAny person or organization responsible for providing care. This encompasses all forms of care, licensed or otherwise, and all sorts of teams and care groups. Note the distinction between practitioner and the doctor that actually provided the care to the patient.
16Data DestinationThe source or destination for data transfer, when it does not match some other role.
17Data RepositoryA source or destination for data transfer that acts as an archive, database, or similar role.
18ScheduleAn object that holds schedule information. This could be an appointment book, availability information, etc.
19CustomerAn organization or person that is the recipient of services. This could be an organization that is buying services for a patient, or a person that is buying services for an animal.
20JobAn order, task, work item, procedure step, or other description of work to be performed; e.g. a particular instance of an MPPS.
21Job StreamA list of jobs or a system that provides lists of jobs; e.g. an MWL SCP.
22Table(Deprecated).
23Routing CriteriaAn object that specifies or controls the routing or delivery of items. For example, a distribution list is the routing criteria for mail. The items delivered may be documents, jobs, or other objects.
24QueryThe contents of a query. This is used to capture the contents of any kind of query. For security surveillance purposes knowing the queries being made is very important.

CodeSystem:AuditEventID

Event Types for Audit Events - defined by DICOM with some FHIR specific additions.
CodeDisplayDefinition
restRESTful OperationAudit Event: Execution of a RESTful operation as defined by FHIR.

CodeSystem:AuditEventSourceType

The type of process where the audit event originated from.
CodeDisplayDefinition
1User DeviceEnd-user display device, diagnostic device.
2Data InterfaceData acquisition device or instrument.
3Web ServerWeb Server process or thread.
4Application ServerApplication Server process or thread.
5Database ServerDatabase Server process or thread.
6Security ServerSecurity server, e.g. a domain controller.
7Network DeviceISO level 1-3 network component.
8Network RouterISO level 4-6 operating software.
9OtherOther kind of device (defined by DICOM, but some other code/system can be used).

CodeSystem:AuditEventAction

Indicator for type of action performed during the event that generated the event.
CodeDisplayDefinition
CCreateCreate a new database object, such as placing an order.
RRead/View/PrintDisplay or print data, such as a doctor census.
UUpdateUpdate data, such as revise patient information.
DDeleteDelete items, such as a doctor master file record.
EExecutePerform a system or application function such as log-on, program execution or use of an object's method, or perform a query/search operation.

CodeSystem:AuditEventEntityType

Code for the entity type involved in the audit event.
CodeDisplayDefinition
1PersonPerson
2System ObjectSystem Object
3OrganizationOrganization
4OtherOther

CodeSystem:ProvenanceEntityRole

How an entity was used in an activity.
CodeDisplayDefinition
derivationDerivationA transformation of an entity into another, an update of an entity resulting in a new one, or the construction of a new entity based on a pre-existing entity.

CodeSystem:AuditEventOutcome

Indicates whether the event succeeded or failed.
CodeDisplayDefinition
0SuccessThe operation completed successfully (whether with warnings or not).
4Minor failureThe action was not successful due to some kind of minor failure (often equivalent to an HTTP 400 response).
8Serious failureThe action was not successful due to some kind of unexpected error (often equivalent to an HTTP 500 response).
12Major failureAn error of such magnitude occurred that the system is no longer available for use (i.e. the system died).

CodeSystem:AuditEventAgentNetworkType

The type of network access point of this agent in the audit event.
CodeDisplayDefinition
1Machine NameThe machine name, including DNS name.
2IP AddressThe assigned Internet Protocol (IP) address.
3Telephone NumberThe assigned telephone number.
4Email addressThe assigned email address.
5URIURI (User directory, HTTP-PUT, ftp, etc.).

ValueSet: AuditEventAction

Indicator for type of action performed during the event that generated the event.

ValueSet: AuditEventOutcome

Indicates whether the event succeeded or failed.

ValueSet: AuditEventEntityRole

Code representing the role the entity played in the audit event.

ValueSet: AuditEventID

Event Types for Audit Events - defined by DICOM with some FHIR specific additions.

ValueSet: ProvenanceActivityType

This value set contains representative Activity Type codes, which includes codes from the HL7 DocumentCompletion, ActStatus, and DataOperations code system, W3C PROV-DM and PROV-N concepts and display names, several HL7 Lifecycle Event codes for which there are agreed upon definitions, and non-duplicated codes from the HL7 Security and Privacy Ontology Operations codes.

ValueSet: AuditEventEntityType

Code for the entity type involved in the audit event.

ValueSet: AuditEventAgentNetworkType

The type of network access point of this agent in the audit event.

ValueSet: ProvenanceEntityRole

How an entity was used in an activity.

ValueSet: ProvenanceHistoryRecordActivityCodes

Codes for Provenance activities that are relevant when capturing event history for resources.

ValueSet: ProvenanceEventHistoryAgentRoleCodes

Types of roles indicating how a particular agent was involved with the creation or modification of a resource for use when exposing event history

ValueSet: MediaTypeCode

Media Type Code

ValueSet: AuditEventSourceType

The type of process where the audit event originated from.

ValueSet: AuditEventSub-Type

More detailed code concerning the type of the audit event - defined by DICOM with some FHIR specific additions.

ValueSet: ObjectLifecycleEvents

This example FHIR value set is comprised of lifecycle event codes. The FHIR Actor value set is based on DICOM Audit Message, ParticipantObjectDataLifeCycle; ISO Standard, TS 21089-2017;