Oracle® Health Sciences Information Manager Policy Monitor Installation and Configuration Guide Release 3.0 E61289-01 |
|
|
PDF · Mobi · ePub |
This appendix provides a reference to the RFC 3881 Audit Message compliant XML Schema, DICOM Audit Message compliant XML Schema, and an example for each Audit Message type.
This appendix includes the following sections:
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" attributeFormDefault="unqualified"> <xs:element name="AuditMessage"> <xs:complexType> <xs:sequence> <xs:element name="EventIdentification" type="EventIdentificationType" /> <xs:element name="ActiveParticipant" maxOccurs="unbounded"> <xs:complexType> <xs:complexContent> <xs:extension base="ActiveParticipantType" /> </xs:complexContent> </xs:complexType> </xs:element> <xs:element name="AuditSourceIdentification" type="AuditSourceIdentificationType" maxOccurs="unbounded" /> <xs:element name="ParticipantObjectIdentification" type="ParticipantObjectIdentificationType" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> </xs:complexType> </xs:element> <xs:complexType name="EventIdentificationType"> <xs:sequence> <xs:element name="EventID" type="CodedValueType" /> <xs:element name="EventTypeCode" type="CodedValueType" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="EventActionCode" use="optional"> <xs:simpleType> <xs:restriction base="xs:string"> <xs:enumeration value="C"> <xs:annotation> <xs:appinfo>Create</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="R"> <xs:annotation> <xs:appinfo>Read</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="U"> <xs:annotation> <xs:appinfo>Update</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="D"> <xs:annotation> <xs:appinfo>Delete</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="E"> <xs:annotation> <xs:documentation>Execute</xs:documentation> </xs:annotation> </xs:enumeration> </xs:restriction> </xs:simpleType> </xs:attribute> <xs:attribute name="EventDateTime" type="xs:dateTime" use="required" /> <xs:attribute name="EventOutcomeIndicator" use="required"> <xs:simpleType> <xs:restriction base="xs:integer"> <xs:enumeration value="0"> <xs:annotation> <xs:appinfo>Success</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="4"> <xs:annotation> <xs:appinfo>Minor failure</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="8"> <xs:annotation> <xs:appinfo>Serious failure</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="12"> <xs:annotation> <xs:appinfo> Major failure; action made unavailable </xs:appinfo> </xs:annotation> </xs:enumeration> </xs:restriction> </xs:simpleType> </xs:attribute> </xs:complexType> <xs:complexType name="AuditSourceIdentificationType"> <xs:sequence> <xs:element name="AuditSourceTypeCode" type="CodedValueType" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="AuditEnterpriseSiteID" type="xs:string" use="optional" /> <xs:attribute name="AuditSourceID" type="xs:string" use="required" /> </xs:complexType> <xs:complexType name="ActiveParticipantType"> <xs:sequence minOccurs="0"> <xs:element name="RoleIDCode" type="CodedValueType" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="UserID" type="xs:string" use="required" /> <xs:attribute name="AlternativeUserID" type="xs:string" use="optional" /> <xs:attribute name="UserName" type="xs:string" use="optional" /> <xs:attribute name="UserIsRequestor" type="xs:boolean" use="optional" default="true" /> <xs:attribute name="NetworkAccessPointID" type="xs:string" use="optional" /> <xs:attribute name="NetworkAccessPointTypeCode" use="optional"> <xs:simpleType> <xs:restriction base="xs:unsignedByte"> <xs:enumeration value="1"> <xs:annotation> <xs:appinfo> Machine Name, including DNS name </xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="2"> <xs:annotation> <xs:appinfo>IP Address</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="3"> <xs:annotation> <xs:appinfo>Telephone Number</xs:appinfo> </xs:annotation> </xs:enumeration> </xs:restriction> </xs:simpleType> </xs:attribute> </xs:complexType>
<xs:complexType name="ParticipantObjectIdentificationType"> <xs:sequence> <xs:element name="ParticipantObjectIDTypeCode" type="CodedValueType" /> <xs:choice minOccurs="0"> <xs:element name="ParticipantObjectName" type="xs:string" minOccurs="0" /> <xs:element name="ParticipantObjectQuery" type="xs:base64Binary" minOccurs="0" /> </xs:choice> <xs:element name="ParticipantObjectDetail" type="TypeValuePairType" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="ParticipantObjectID" type="xs:string" use="required" /> <xs:attribute name="ParticipantObjectTypeCode" use="optional"> <xs:simpleType> <xs:restriction base="xs:unsignedByte"> <xs:enumeration value="1"> <xs:annotation> <xs:appinfo>Person</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="2"> <xs:annotation> <xs:appinfo>System object</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="3"> <xs:annotation> <xs:appinfo>Organization</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="4"> <xs:annotation> <xs:appinfo>Other</xs:appinfo> </xs:annotation> </xs:enumeration> </xs:restriction> </xs:simpleType> </xs:attribute> <xs:attribute name="ParticipantObjectTypeCodeRole" use="optional"> <xs:simpleType> <xs:restriction base="xs:unsignedByte"> <xs:enumeration value="1"> <xs:annotation> <xs:appinfo>Patient</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="2"> <xs:annotation> <xs:appinfo>Location</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="3"> <xs:annotation> <xs:appinfo>Report</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="4"> <xs:annotation> <xs:appinfo>Resource</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="5"> <xs:annotation> <xs:appinfo>Master file</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="6"> <xs:annotation> <xs:appinfo>User</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="7"> <xs:annotation> <xs:appinfo>List</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="8"> <xs:annotation> <xs:appinfo>Doctor</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="9"> <xs:annotation> <xs:appinfo>Subscriber</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="10"> <xs:annotation> <xs:appinfo>Guarantor</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="11"> <xs:annotation> <xs:appinfo> Security User Entity </xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="12"> <xs:annotation> <xs:appinfo>Security User Group</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="13"> <xs:annotation> <xs:appinfo>Security Resource</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="14"> <xs:annotation> <xs:appinfo> Security Granualarity Definition </xs:appinfo> </xs:annotation> </xs:enumeration>
<xs:enumeration value="15"> <xs:annotation> <xs:appinfo>Provider</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="16"> <xs:annotation> <xs:appinfo>Report Destination</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="17"> <xs:annotation> <xs:appinfo>Report Library</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="18"> <xs:annotation> <xs:appinfo>Schedule</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="19"> <xs:annotation> <xs:appinfo>Customer</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="20"> <xs:annotation> <xs:appinfo>Job</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="21"> <xs:annotation> <xs:appinfo>Job Stream</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="22"> <xs:annotation> <xs:appinfo>Table</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="23"> <xs:annotation> <xs:appinfo>Routing Criteria</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="24"> <xs:annotation> <xs:appinfo>Query</xs:appinfo> </xs:annotation> </xs:enumeration> </xs:restriction> </xs:simpleType> </xs:attribute> <xs:attribute name="ParticipantObjectDataLifeCycle" use="optional"> <xs:simpleType> <xs:restriction base="xs:unsignedByte"> <xs:enumeration value="1"> <xs:annotation> <xs:appinfo> Origination / Creation </xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="2"> <xs:annotation> <xs:appinfo> Import / Copy from original </xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="3"> <xs:annotation> <xs:appinfo>Amendment</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="4"> <xs:annotation> <xs:appinfo>Verification</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="5"> <xs:annotation> <xs:appinfo>Translation</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="6"> <xs:annotation> <xs:appinfo>Access / Use</xs:appinfo> </xs:annotation> </xs:enumeration>
<xs:enumeration value="7"> <xs:annotation> <xs:appinfo>De-identification</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="8"> <xs:annotation> <xs:appinfo> Aggregation, summarization, derivation </xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="9"> <xs:annotation> <xs:appinfo>Report</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="10"> <xs:annotation> <xs:appinfo> Export / Copy to target </xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="11"> <xs:annotation> <xs:appinfo>Disclosure</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="12"> <xs:annotation> <xs:appinfo> Receipt of disclosure </xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="13"> <xs:annotation> <xs:appinfo>Archiving</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="14"> <xs:annotation> <xs:appinfo>Logical deletion</xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="15"> <xs:annotation> <xs:appinfo> Permanent erasure / Physical destruction </xs:appinfo> </xs:annotation> </xs:enumeration> </xs:restriction> </xs:simpleType> </xs:attribute> <xs:attribute name="ParticipantObjectSensitivity" type="xs:string" use="optional" /> </xs:complexType> <xs:complexType name="CodedValueType"> <xs:attribute name="code" type="xs:string" use="required" /> <xs:attributeGroup ref="CodeSystem" /> <xs:attribute name="displayName" type="xs:string" use="optional" /> <xs:attribute name="originalText" type="xs:string" use="optional" /> </xs:complexType> <xs:complexType name="TypeValuePairType"> <xs:attribute name="type" type="xs:string" use="required" /> <xs:attribute name="value" type="xs:base64Binary" use="required" /> </xs:complexType> <xs:attributeGroup name="CodeSystem"> <xs:attribute name="codeSystem" type="OID" use="optional" /> <xs:attribute name="codeSystemName" type="xs:string" use="optional" /> </xs:attributeGroup> <xs:simpleType name="OID"> <xs:restriction base="xs:string"> <xs:whiteSpace value="collapse" /> </xs:restriction> </xs:simpleType> </xs:schema>
Example of RFC 3881 Schema Compliant Audit Message
<AuditMessage> <EventIdentification EventActionCode="E" EventDateTime="2012-08-16T05:30:00.450-07:00" EventOutcomeIndicator="0"> <EventID code="110100" codeSystemName="DCM" displayName="Application Activity"></EventID> <EventTypeCode code="110120" codeSystemName="DCM" displayName="Application Start"></EventTypeCode> </EventIdentification> <ActiveParticipant AlternativeUserID="19041@hiadev001" NetworkAccessPointID="10.145.240.60" NetworkAccessPointTypeCode="2" UserID="root" UserIsRequestor="false"> <RoleIDCode code="110150" codeSystemName="DCM" displayName="Application"></RoleIDCode> </ActiveParticipant> <AuditSourceIdentification AuditSourceID="10.145.240.60@REGISTRY_ORACLE_HIM"></AuditSourceIdentification> </AuditMessage>
<xs:schema elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <!--This defines the coded value type. The comment shows a pattern that can be used to further constrain the token to limit it to the format of an OID. Not all schema software implementations support the pattern option for tokens.--> <xs:attributeGroup name="other-csd-attributes"> <xs:attribute name="codeSystemName" use="required" type="xs:token"/> <xs:attribute name="displayName" type="xs:token"/> <xs:attribute name="originalText" use="required" type="xs:token"/> </xs:attributeGroup> <!--Note: this also corresponds to DICOM " Code Meaning"--> <xs:attributeGroup name="CodedValueType"> <xs:attribute name="csd-code" use="required" type="xs:token"/> <xs:attributeGroup ref="other-csd-attributes"/> </xs:attributeGroup> <!--Define the event identification, used later--> <xs:complexType name="EventIdentificationContents"> <xs:sequence> <xs:element ref="EventID"/> <xs:element minOccurs="0" maxOccurs="unbounded" ref="EventTypeCode"/> <xs:element minOccurs="0" ref="EventOutcomeDescription"/> <!--Added per ITI Supplement XUA++ Revision 1.3 section 3.20.7.8--> <xs:element name="PurposeOfUse" minOccurs="0" maxOccurs="unbounded"> <xs:complexType> <xs:attributeGroup ref="CodedValueType"/> </xs:complexType> </xs:element> </xs:sequence> <xs:attribute name="EventActionCode"> <xs:simpleType> <xs:restriction base="xs:token"> <xs:enumeration value="C"/> <xs:enumeration value="R"> <xs:annotation> <xs:documentation>Create</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="U"> <xs:annotation> <xs:documentation>Read</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="D"> <xs:annotation> <xs:documentation>Update</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="E"> <xs:annotation> <xs:documentation>Delete</xs:documentation> </xs:annotation> </xs:enumeration> </xs:restriction> </xs:simpleType> </xs:attribute> <xs:attribute name="EventDateTime" use="required" type="xs:dateTime"> <xs:annotation> <xs:documentation>Execute</xs:documentation> </xs:annotation> </xs:attribute> <xs:attribute name="EventOutcomeIndicator" use="required"> <xs:simpleType> <xs:restriction base="xs:token"> <xs:enumeration value="0"/> <xs:enumeration value="4"> <xs:annotation> <xs:documentation>Nominal Success (use if status otherwise unknown or ambiguous)</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="8"> <xs:annotation> <xs:documentation>Minor failure (per reporting application definition)</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="12"> <xs:annotation> <xs:documentation>Serious failure (per reporting application definition)</xs:documentation> </xs:annotation> </xs:enumeration> </xs:restriction> </xs:simpleType> </xs:attribute> </xs:complexType> <xs:element name="EventID"> <xs:complexType> <xs:attributeGroup ref="CodedValueType"/> </xs:complexType> </xs:element> <xs:element name="EventTypeCode"> <xs:complexType> <xs:attributeGroup ref="CodedValueType"/> </xs:complexType> </xs:element> <xs:element name="EventOutcomeDescription" type="xs:string"> <xs:annotation> <xs:documentation>Major failure, (reporting application now unavailable)</xs:documentation> </xs:annotation> </xs:element> <!--Define AuditSourceIdentification, used later Note: This includes one constraint that cannot be represented yet in RNC. The use of a token other than the specified codes is permitted only if the codeSystemName is present. Note: This has no elements, only attributes.--> <xs:complexType name="AuditSourceIdentificationContents"> <xs:sequence> <xs:element minOccurs="0" maxOccurs="unbounded" ref="AuditSourceTypeCode"/> </xs:sequence> <xs:attribute name="code" type="xs:token" use="required"/> <xs:attribute name="codeSystemName" type="xs:token"/> <xs:attribute name="displayName" type="xs:token"/> <xs:attribute name="originalText" type="xs:token"/> <xs:attribute name="AuditEnterpriseSiteID" type="xs:token"> <xs:annotation> <xs:documentation>If these are present, they define the meaning of code</xs:documentation> </xs:annotation> </xs:attribute> <xs:attribute name="AuditSourceID" use="required" type="xs:token"/> </xs:complexType> <xs:element name="AuditSourceTypeCode" type="xs:token"/> <!--Define ActiveParticipantType, used later--> <xs:complexType name="ActiveParticipantContents"> <xs:sequence> <xs:element minOccurs="0" maxOccurs="unbounded" ref="RoleIDCode"/> <xs:element minOccurs="0" ref="MediaIdentifier"/> </xs:sequence> <xs:attribute name="UserID" use="required"/> <xs:attribute name="AlternativeUserID"/> <xs:attribute name="UserName"/> <xs:attribute name="UserIsRequestor" use="required" type="xs:boolean"/> <xs:attribute name="NetworkAccessPointID" type="xs:token"/> <xs:attribute name="NetworkAccessPointTypeCode"> <xs:simpleType> <xs:restriction base="xs:token"> <xs:enumeration value="1"/> <xs:enumeration value="2"> <xs:annotation> <xs:documentation>Machine Name, including DNS name</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="3"> <xs:annotation> <xs:documentation>IP Address</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="4"> <xs:annotation> <xs:documentation>Telephone Number</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="5"> <xs:annotation> <xs:documentation>Email address</xs:documentation> </xs:annotation> </xs:enumeration> </xs:restriction> </xs:simpleType> </xs:attribute> </xs:complexType> <xs:element name="RoleIDCode"> <xs:complexType> <xs:attributeGroup ref="CodedValueType"/> </xs:complexType> </xs:element> <xs:element name="MediaIdentifier"> <xs:complexType> <xs:sequence> <xs:element ref="MediaType"/> </xs:sequence> </xs:complexType> </xs:element> <xs:element name="MediaType"> <xs:complexType> <xs:attributeGroup ref="CodedValueType"/> </xs:complexType> </xs:element> <!--The BinaryValuePair is used in ParticipantObject descriptions to capture parameters. All values (even those that are normally plain text) are encoded as xsd:base64Binary. This is to preserve details of encoding (e.g., nulls) and to protect against text contents that contain XML fragments. These are known attack points against applications, so security logs can be expected to need to capture them without modification by the audit encoding process.--> <xs:attributeGroup name="ValuePair"> <xs:annotation> <xs:documentation>URI (user directory, HTTP-PUT, ftp, etc.)</xs:documentation> </xs:annotation> <xs:attribute name="type" use="required" type="xs:token"/> <xs:attribute name="value" use="required" type="xs:base64Binary"/> </xs:attributeGroup> <!--used to encode potentially binary, malformed XML text, etc. Define ParticipantObjectIdentification, used later Participant Object Description, used later--> <xs:group name="DICOMObjectDescriptionContents"> <xs:sequence> <xs:element minOccurs="0" maxOccurs="unbounded" ref="MPPS"/> <xs:element minOccurs="0" maxOccurs="unbounded" ref="Accession"/> <xs:element ref="SOPClass"/> <xs:element ref="ParticipantObjectContainsStudy"/> <xs:element minOccurs="0" ref="Encrypted"/> <xs:element minOccurs="0" ref="Anonymized"/> </xs:sequence> </xs:group> <xs:element name="MPPS"> <xs:complexType> <xs:attribute name="UID" use="required" type="xs:token"/> </xs:complexType> </xs:element> <xs:element name="Accession"> <xs:complexType> <xs:attribute name="Number" use="required" type="xs:token"/> </xs:complexType> </xs:element> <xs:element name="SOPClass"> <xs:complexType> <xs:sequence> <xs:element minOccurs="0" maxOccurs="unbounded" ref="Instance"/> </xs:sequence> <xs:attribute name="UID" type="xs:token"/> <xs:attribute name="NumberOfInstances" use="required" type="xs:integer"/> </xs:complexType> </xs:element> <xs:element name="Instance"> <xs:complexType> <xs:attribute name="UID" use="required" type="xs:token"/> </xs:complexType> </xs:element> <xs:element name="ParticipantObjectContainsStudy"> <xs:complexType> <xs:sequence> <xs:element minOccurs="0" maxOccurs="unbounded" ref="StudyIDs"/> </xs:sequence> </xs:complexType> </xs:element> <xs:element name="StudyIDs"> <xs:complexType> <xs:attribute name="UID" use="required" type="xs:token"/> </xs:complexType> </xs:element> <xs:element name="Encrypted" type="xs:boolean"/> <xs:element name="Anonymized" type="xs:boolean"/> <xs:complexType name="ParticipantObjectIdentificationContents"> <xs:sequence> <xs:element ref="ParticipantObjectIDTypeCode"/> <!--NOTE: The minOccurs entry on the following choice element was added because DICOM does not actually follow the requirement to have one of these two elements--> <xs:choice minOccurs="0"> <xs:element ref="ParticipantObjectName"/> <xs:element ref="ParticipantObjectQuery"/> </xs:choice> <xs:element minOccurs="0" maxOccurs="unbounded" ref="ParticipantObjectDetail"/> <xs:element minOccurs="0" maxOccurs="unbounded" ref="ParticipantObjectDescription"/> <!--NOTE: The minOccurs entry on DICOMObjectDescriptionContents is ONLY for ATNA syslog messages which are not for DICOM related events. For DICOM related events, this group is required--> <xs:group ref="DICOMObjectDescriptionContents" minOccurs="0"/> </xs:sequence> <xs:attribute name="ParticipantObjectID" use="optional" type="xs:token"/> <xs:attribute name="ParticipantObjectTypeCode"> <xs:simpleType> <xs:restriction base="xs:token"> <xs:enumeration value="1"/> <xs:enumeration value="2"/> <xs:enumeration value="3"/> <xs:enumeration value="4"/> </xs:restriction> </xs:simpleType> </xs:attribute> <xs:attribute name="ParticipantObjectTypeCodeRole"> <xs:annotation> <xs:documentation>Other</xs:documentation> </xs:annotation> <xs:simpleType> <xs:restriction base="xs:token"> <xs:enumeration value="1"> <xs:annotation> <xs:documentation>optional role</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="2"> <xs:annotation> <xs:documentation>Patient</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="3"> <xs:annotation> <xs:documentation>Location</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="4"> <xs:annotation> <xs:documentation>Report</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="5"> <xs:annotation> <xs:documentation>Resource</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="6"> <xs:annotation> <xs:documentation>Master File</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="7"> <xs:annotation> <xs:documentation>User</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="8"> <xs:annotation> <xs:documentation>List</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="9"> <xs:annotation> <xs:documentation>Doctor</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="10"> <xs:annotation> <xs:documentation>Subscriber</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="11"> <xs:annotation> <xs:documentation>guarantor</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="12"> <xs:annotation> <xs:documentation>Security User Entity</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="13"> <xs:annotation> <xs:documentation>Security User Group</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="14"> <xs:annotation> <xs:documentation>Security Resource</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="15"> <xs:annotation> <xs:documentation>Security Granulatiry Definition</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="16"> <xs:annotation> <xs:documentation>Provider</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="17"> <xs:annotation> <xs:documentation>Report Destination</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="18"> <xs:annotation> <xs:documentation>Report Library</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="19"> <xs:annotation> <xs:documentation>Schedule</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="20"> <xs:annotation> <xs:documentation>Customer</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="21"> <xs:annotation> <xs:documentation>Job</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="22"> <xs:annotation> <xs:documentation>Job Stream</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="23"> <xs:annotation> <xs:documentation>Table</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="24"> <xs:annotation> <xs:documentation>Routing Criteria</xs:documentation> </xs:annotation> </xs:enumeration> </xs:restriction> </xs:simpleType> </xs:attribute> <xs:attribute name="ParticipantObjectDataLifeCycle"> <xs:annotation> <xs:documentation>Query?,</xs:documentation> </xs:annotation> <xs:simpleType> <xs:restriction base="xs:token"> <xs:enumeration value="1"/> <xs:enumeration value="2"> <xs:annotation> <xs:documentation>Origination, Creation</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="3"> <xs:annotation> <xs:documentation>Import/ Copy</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="4"> <xs:annotation> <xs:documentation>Amendment</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="5"> <xs:annotation> <xs:documentation>Verification</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="6"> <xs:annotation> <xs:documentation>Translation</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="7"> <xs:annotation> <xs:documentation>Access/Use</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="8"> <xs:annotation> <xs:documentation>De-identification</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="9"> <xs:annotation> <xs:documentation>Aggregation, summarization, derivation</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="10"> <xs:annotation> <xs:documentation>Report</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="11"> <xs:annotation> <xs:documentation>Export</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="12"> <xs:annotation> <xs:documentation>Disclosure</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="13"> <xs:annotation> <xs:documentation>Receipt of Disclosure</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="14"> <xs:annotation> <xs:documentation>Archiving</xs:documentation> </xs:annotation> </xs:enumeration> <xs:enumeration value="15"> <xs:annotation> <xs:documentation>Logical deletion</xs:documentation> </xs:annotation> </xs:enumeration> </xs:restriction> </xs:simpleType> </xs:attribute> <xs:attribute name="ParticipantObjectSensistity" type="xs:token"> <xs:annotation> <xs:documentation>Permanent erasure, physical destruction</xs:documentation> </xs:annotation> </xs:attribute> </xs:complexType> <xs:element name="ParticipantObjectIDTypeCode"> <xs:complexType> <xs:attributeGroup ref="CodedValueType"/> </xs:complexType> </xs:element> <xs:element name="ParticipantObjectName" type="xs:token"/> <xs:element name="ParticipantObjectQuery" type="xs:base64Binary"/> <xs:element name="ParticipantObjectDetail"> <xs:complexType> <xs:attributeGroup ref="ValuePair"/> </xs:complexType> </xs:element> <xs:element name="ParticipantObjectDescription" type="xs:token"/> <!--The basic message--> <xs:element name="AuditMessage"> <xs:complexType> <xs:sequence> <xs:element ref="EventIdentification"/> <xs:element maxOccurs="unbounded" ref="ActiveParticipant"/> <xs:element ref="AuditSourceIdentification"/> <xs:element minOccurs="0" maxOccurs="unbounded" ref="ParticipantObjectIdentification"/> </xs:sequence> </xs:complexType> </xs:element> <xs:element name="EventIdentification" type="EventIdentificationContents"/> <xs:element name="ActiveParticipant" type="ActiveParticipantContents"/> <xs:element name="AuditSourceIdentification" type="AuditSourceIdentificationContents"/> <xs:element name="ParticipantObjectIdentification" type="ParticipantObjectIdentificationContents"/> </xs:schema>
Example of DICOM Schema Compliant Audit Message
<AuditMessage> <EventIdentification EventActionCode="E" EventDateTime="2014-11-10T12:00:00.500-08:00" EventOutcomeIndicator="0"> <EventID csd-code="110100" codeSystemName="DCM" originalText="Application Activity"/> <EventTypeCode csd-code="110120" codeSystemName="DCM" originalText="Application Start"/> </EventIdentification> <ActiveParticipant AlternativeUserID="19041@hiadev010" NetworkAccessPointID="10.145.240.60" NetworkAccessPointTypeCode="2" UserID="root" UserIsRequestor="false"> <RoleIDCode csd-code="110150" codeSystemName="DCM" originalText="Application"/> </ActiveParticipant> <AuditSourceIdentification code="4" AuditSourceID="10.145.240.60@REGISTRY_ORACLE_HIM"/> </AuditMessage>