10/14
D Audit Message XML Schema Reference
This appendix provides a reference to the RFC 3881 Audit Message compliant XML Schema, DICOM Audit Message compliant XML Schema, and an example for each Audit Message type.
This appendix includes the following sections:
D.1 RFC 3881 Compliant XML Schema Reference
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"
elementFormDefault="qualified" attributeFormDefault="unqualified">
<xs:element name="AuditMessage">
<xs:complexType>
<xs:sequence>
<xs:element name="EventIdentification"
type="EventIdentificationType" />
<xs:element name="ActiveParticipant"
maxOccurs="unbounded">
<xs:complexType>
<xs:complexContent>
<xs:extension base="ActiveParticipantType" />
</xs:complexContent>
</xs:complexType>
</xs:element>
<xs:element name="AuditSourceIdentification"
type="AuditSourceIdentificationType" maxOccurs="unbounded" />
<xs:element name="ParticipantObjectIdentification"
type="ParticipantObjectIdentificationType" minOccurs="0"
maxOccurs="unbounded" />
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:complexType name="EventIdentificationType">
<xs:sequence>
<xs:element name="EventID" type="CodedValueType" />
<xs:element name="EventTypeCode" type="CodedValueType"
minOccurs="0" maxOccurs="unbounded" />
</xs:sequence>
<xs:attribute name="EventActionCode" use="optional">
<xs:simpleType>
<xs:restriction base="xs:string">
<xs:enumeration value="C">
<xs:annotation>
<xs:appinfo>Create</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="R">
<xs:annotation>
<xs:appinfo>Read</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="U">
<xs:annotation>
<xs:appinfo>Update</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="D">
<xs:annotation>
<xs:appinfo>Delete</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="E">
<xs:annotation>
<xs:documentation>Execute</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
</xs:attribute>
<xs:attribute name="EventDateTime" type="xs:dateTime"
use="required" />
<xs:attribute name="EventOutcomeIndicator" use="required">
<xs:simpleType>
<xs:restriction base="xs:integer">
<xs:enumeration value="0">
<xs:annotation>
<xs:appinfo>Success</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="4">
<xs:annotation>
<xs:appinfo>Minor failure</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="8">
<xs:annotation>
<xs:appinfo>Serious failure</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="12">
<xs:annotation>
<xs:appinfo>
Major failure; action made unavailable
</xs:appinfo>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
</xs:attribute>
</xs:complexType>
<xs:complexType name="AuditSourceIdentificationType">
<xs:sequence>
<xs:element name="AuditSourceTypeCode" type="CodedValueType"
minOccurs="0" maxOccurs="unbounded" />
</xs:sequence>
<xs:attribute name="AuditEnterpriseSiteID" type="xs:string"
use="optional" />
<xs:attribute name="AuditSourceID" type="xs:string"
use="required" />
</xs:complexType>
<xs:complexType name="ActiveParticipantType">
<xs:sequence minOccurs="0">
<xs:element name="RoleIDCode" type="CodedValueType"
minOccurs="0" maxOccurs="unbounded" />
</xs:sequence>
<xs:attribute name="UserID" type="xs:string" use="required" />
<xs:attribute name="AlternativeUserID" type="xs:string"
use="optional" />
<xs:attribute name="UserName" type="xs:string" use="optional" />
<xs:attribute name="UserIsRequestor" type="xs:boolean"
use="optional" default="true" />
<xs:attribute name="NetworkAccessPointID" type="xs:string"
use="optional" />
<xs:attribute name="NetworkAccessPointTypeCode"
use="optional">
<xs:simpleType>
<xs:restriction base="xs:unsignedByte">
<xs:enumeration value="1">
<xs:annotation>
<xs:appinfo>
Machine Name, including DNS name
</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="2">
<xs:annotation>
<xs:appinfo>IP Address</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="3">
<xs:annotation>
<xs:appinfo>Telephone Number</xs:appinfo>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
</xs:attribute>
</xs:complexType>
<xs:complexType name="ParticipantObjectIdentificationType">
<xs:sequence>
<xs:element name="ParticipantObjectIDTypeCode"
type="CodedValueType" />
<xs:choice minOccurs="0">
<xs:element name="ParticipantObjectName"
type="xs:string" minOccurs="0" />
<xs:element name="ParticipantObjectQuery"
type="xs:base64Binary" minOccurs="0" />
</xs:choice>
<xs:element name="ParticipantObjectDetail"
type="TypeValuePairType" minOccurs="0" maxOccurs="unbounded" />
</xs:sequence>
<xs:attribute name="ParticipantObjectID" type="xs:string"
use="required" />
<xs:attribute name="ParticipantObjectTypeCode" use="optional">
<xs:simpleType>
<xs:restriction base="xs:unsignedByte">
<xs:enumeration value="1">
<xs:annotation>
<xs:appinfo>Person</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="2">
<xs:annotation>
<xs:appinfo>System object</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="3">
<xs:annotation>
<xs:appinfo>Organization</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="4">
<xs:annotation>
<xs:appinfo>Other</xs:appinfo>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
</xs:attribute>
<xs:attribute name="ParticipantObjectTypeCodeRole"
use="optional">
<xs:simpleType>
<xs:restriction base="xs:unsignedByte">
<xs:enumeration value="1">
<xs:annotation>
<xs:appinfo>Patient</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="2">
<xs:annotation>
<xs:appinfo>Location</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="3">
<xs:annotation>
<xs:appinfo>Report</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="4">
<xs:annotation>
<xs:appinfo>Resource</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="5">
<xs:annotation>
<xs:appinfo>Master file</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="6">
<xs:annotation>
<xs:appinfo>User</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="7">
<xs:annotation>
<xs:appinfo>List</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="8">
<xs:annotation>
<xs:appinfo>Doctor</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="9">
<xs:annotation>
<xs:appinfo>Subscriber</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="10">
<xs:annotation>
<xs:appinfo>Guarantor</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="11">
<xs:annotation>
<xs:appinfo>
Security User Entity
</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="12">
<xs:annotation>
<xs:appinfo>Security User Group</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="13">
<xs:annotation>
<xs:appinfo>Security Resource</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="14">
<xs:annotation>
<xs:appinfo>
Security Granualarity Definition
</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="15">
<xs:annotation>
<xs:appinfo>Provider</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="16">
<xs:annotation>
<xs:appinfo>Report Destination</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="17">
<xs:annotation>
<xs:appinfo>Report Library</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="18">
<xs:annotation>
<xs:appinfo>Schedule</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="19">
<xs:annotation>
<xs:appinfo>Customer</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="20">
<xs:annotation>
<xs:appinfo>Job</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="21">
<xs:annotation>
<xs:appinfo>Job Stream</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="22">
<xs:annotation>
<xs:appinfo>Table</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="23">
<xs:annotation>
<xs:appinfo>Routing Criteria</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="24">
<xs:annotation>
<xs:appinfo>Query</xs:appinfo>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
</xs:attribute>
<xs:attribute name="ParticipantObjectDataLifeCycle"
use="optional">
<xs:simpleType>
<xs:restriction base="xs:unsignedByte">
<xs:enumeration value="1">
<xs:annotation>
<xs:appinfo>
Origination / Creation
</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="2">
<xs:annotation>
<xs:appinfo>
Import / Copy from original
</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="3">
<xs:annotation>
<xs:appinfo>Amendment</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="4">
<xs:annotation>
<xs:appinfo>Verification</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="5">
<xs:annotation>
<xs:appinfo>Translation</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="6">
<xs:annotation>
<xs:appinfo>Access / Use</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="7">
<xs:annotation>
<xs:appinfo>De-identification</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="8">
<xs:annotation>
<xs:appinfo>
Aggregation, summarization, derivation
</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="9">
<xs:annotation>
<xs:appinfo>Report</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="10">
<xs:annotation>
<xs:appinfo>
Export / Copy to target
</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="11">
<xs:annotation>
<xs:appinfo>Disclosure</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="12">
<xs:annotation>
<xs:appinfo>
Receipt of disclosure
</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="13">
<xs:annotation>
<xs:appinfo>Archiving</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="14">
<xs:annotation>
<xs:appinfo>Logical deletion</xs:appinfo>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="15">
<xs:annotation>
<xs:appinfo>
Permanent erasure / Physical destruction
</xs:appinfo>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
</xs:attribute>
<xs:attribute name="ParticipantObjectSensitivity"
type="xs:string" use="optional" />
</xs:complexType>
<xs:complexType name="CodedValueType">
<xs:attribute name="code" type="xs:string" use="required" />
<xs:attributeGroup ref="CodeSystem" />
<xs:attribute name="displayName" type="xs:string"
use="optional" />
<xs:attribute name="originalText" type="xs:string"
use="optional" />
</xs:complexType>
<xs:complexType name="TypeValuePairType">
<xs:attribute name="type" type="xs:string" use="required" />
<xs:attribute name="value" type="xs:base64Binary"
use="required" />
</xs:complexType>
<xs:attributeGroup name="CodeSystem">
<xs:attribute name="codeSystem" type="OID" use="optional" />
<xs:attribute name="codeSystemName" type="xs:string"
use="optional" />
</xs:attributeGroup>
<xs:simpleType name="OID">
<xs:restriction base="xs:string">
<xs:whiteSpace value="collapse" />
</xs:restriction>
</xs:simpleType>
</xs:schema>
Example of RFC 3881 Schema Compliant Audit Message
<AuditMessage>
<EventIdentification EventActionCode="E" EventDateTime="2012-08-16T05:30:00.450-07:00" EventOutcomeIndicator="0">
<EventID code="110100" codeSystemName="DCM" displayName="Application Activity"></EventID>
<EventTypeCode code="110120" codeSystemName="DCM" displayName="Application Start"></EventTypeCode>
</EventIdentification>
<ActiveParticipant AlternativeUserID="19041@hiadev001" NetworkAccessPointID="10.145.240.60" NetworkAccessPointTypeCode="2" UserID="root" UserIsRequestor="false">
<RoleIDCode code="110150" codeSystemName="DCM" displayName="Application"></RoleIDCode>
</ActiveParticipant>
<AuditSourceIdentification AuditSourceID="10.145.240.60@REGISTRY_ORACLE_HIM"></AuditSourceIdentification>
</AuditMessage>
D.2 DICOM Audit Message XML Schema Reference
<xs:schema elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<!--This defines the coded value type. The comment shows a pattern that
can be used to further constrain the token to limit it to the format of an
OID. Not all schema software implementations support the pattern option for
tokens.-->
<xs:attributeGroup name="other-csd-attributes">
<xs:attribute name="codeSystemName" use="required" type="xs:token"/>
<xs:attribute name="displayName" type="xs:token"/>
<xs:attribute name="originalText" use="required" type="xs:token"/>
</xs:attributeGroup>
<!--Note: this also corresponds to DICOM " Code Meaning"-->
<xs:attributeGroup name="CodedValueType">
<xs:attribute name="csd-code" use="required" type="xs:token"/>
<xs:attributeGroup ref="other-csd-attributes"/>
</xs:attributeGroup>
<!--Define the event identification, used later-->
<xs:complexType name="EventIdentificationContents">
<xs:sequence>
<xs:element ref="EventID"/>
<xs:element minOccurs="0" maxOccurs="unbounded" ref="EventTypeCode"/>
<xs:element minOccurs="0" ref="EventOutcomeDescription"/>
<!--Added per ITI Supplement XUA++ Revision 1.3 section 3.20.7.8-->
<xs:element name="PurposeOfUse" minOccurs="0" maxOccurs="unbounded">
<xs:complexType>
<xs:attributeGroup ref="CodedValueType"/>
</xs:complexType>
</xs:element>
</xs:sequence>
<xs:attribute name="EventActionCode">
<xs:simpleType>
<xs:restriction base="xs:token">
<xs:enumeration value="C"/>
<xs:enumeration value="R">
<xs:annotation>
<xs:documentation>Create</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="U">
<xs:annotation>
<xs:documentation>Read</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="D">
<xs:annotation>
<xs:documentation>Update</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="E">
<xs:annotation>
<xs:documentation>Delete</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
</xs:attribute>
<xs:attribute name="EventDateTime" use="required" type="xs:dateTime">
<xs:annotation>
<xs:documentation>Execute</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="EventOutcomeIndicator" use="required">
<xs:simpleType>
<xs:restriction base="xs:token">
<xs:enumeration value="0"/>
<xs:enumeration value="4">
<xs:annotation>
<xs:documentation>Nominal Success (use if status otherwise
unknown or ambiguous)</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="8">
<xs:annotation>
<xs:documentation>Minor failure (per reporting application
definition)</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="12">
<xs:annotation>
<xs:documentation>Serious failure (per reporting application
definition)</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
</xs:attribute>
</xs:complexType>
<xs:element name="EventID">
<xs:complexType>
<xs:attributeGroup ref="CodedValueType"/>
</xs:complexType>
</xs:element>
<xs:element name="EventTypeCode">
<xs:complexType>
<xs:attributeGroup ref="CodedValueType"/>
</xs:complexType>
</xs:element>
<xs:element name="EventOutcomeDescription" type="xs:string">
<xs:annotation>
<xs:documentation>Major failure, (reporting application now
unavailable)</xs:documentation>
</xs:annotation>
</xs:element>
<!--Define AuditSourceIdentification, used later Note: This includes one
constraint that cannot be represented yet in RNC. The use of a token other
than the specified codes is permitted only if the codeSystemName is present.
Note: This has no elements, only attributes.-->
<xs:complexType name="AuditSourceIdentificationContents">
<xs:sequence>
<xs:element minOccurs="0" maxOccurs="unbounded" ref="AuditSourceTypeCode"/>
</xs:sequence>
<xs:attribute name="code" type="xs:token" use="required"/>
<xs:attribute name="codeSystemName" type="xs:token"/>
<xs:attribute name="displayName" type="xs:token"/>
<xs:attribute name="originalText" type="xs:token"/>
<xs:attribute name="AuditEnterpriseSiteID" type="xs:token">
<xs:annotation>
<xs:documentation>If these are present, they define the meaning of
code</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="AuditSourceID" use="required" type="xs:token"/>
</xs:complexType>
<xs:element name="AuditSourceTypeCode" type="xs:token"/>
<!--Define ActiveParticipantType, used later-->
<xs:complexType name="ActiveParticipantContents">
<xs:sequence>
<xs:element minOccurs="0" maxOccurs="unbounded" ref="RoleIDCode"/>
<xs:element minOccurs="0" ref="MediaIdentifier"/>
</xs:sequence>
<xs:attribute name="UserID" use="required"/>
<xs:attribute name="AlternativeUserID"/>
<xs:attribute name="UserName"/>
<xs:attribute name="UserIsRequestor" use="required" type="xs:boolean"/>
<xs:attribute name="NetworkAccessPointID" type="xs:token"/>
<xs:attribute name="NetworkAccessPointTypeCode">
<xs:simpleType>
<xs:restriction base="xs:token">
<xs:enumeration value="1"/>
<xs:enumeration value="2">
<xs:annotation>
<xs:documentation>Machine Name, including DNS name</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="3">
<xs:annotation>
<xs:documentation>IP Address</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="4">
<xs:annotation>
<xs:documentation>Telephone Number</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="5">
<xs:annotation>
<xs:documentation>Email address</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
</xs:attribute>
</xs:complexType>
<xs:element name="RoleIDCode">
<xs:complexType>
<xs:attributeGroup ref="CodedValueType"/>
</xs:complexType>
</xs:element>
<xs:element name="MediaIdentifier">
<xs:complexType>
<xs:sequence>
<xs:element ref="MediaType"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="MediaType">
<xs:complexType>
<xs:attributeGroup ref="CodedValueType"/>
</xs:complexType>
</xs:element>
<!--The BinaryValuePair is used in ParticipantObject descriptions to capture
parameters. All values (even those that are normally plain text) are encoded
as xsd:base64Binary. This is to preserve details of encoding (e.g., nulls)
and to protect against text contents that contain XML fragments. These are
known attack points against applications, so security logs can be expected
to need to capture them without modification by the audit encoding process.-->
<xs:attributeGroup name="ValuePair">
<xs:annotation>
<xs:documentation>URI (user directory, HTTP-PUT, ftp, etc.)</xs:documentation>
</xs:annotation>
<xs:attribute name="type" use="required" type="xs:token"/>
<xs:attribute name="value" use="required" type="xs:base64Binary"/>
</xs:attributeGroup>
<!--used to encode potentially binary, malformed XML text, etc. Define
ParticipantObjectIdentification, used later Participant Object Description,
used later-->
<xs:group name="DICOMObjectDescriptionContents">
<xs:sequence>
<xs:element minOccurs="0" maxOccurs="unbounded" ref="MPPS"/>
<xs:element minOccurs="0" maxOccurs="unbounded" ref="Accession"/>
<xs:element ref="SOPClass"/>
<xs:element ref="ParticipantObjectContainsStudy"/>
<xs:element minOccurs="0" ref="Encrypted"/>
<xs:element minOccurs="0" ref="Anonymized"/>
</xs:sequence>
</xs:group>
<xs:element name="MPPS">
<xs:complexType>
<xs:attribute name="UID" use="required" type="xs:token"/>
</xs:complexType>
</xs:element>
<xs:element name="Accession">
<xs:complexType>
<xs:attribute name="Number" use="required" type="xs:token"/>
</xs:complexType>
</xs:element>
<xs:element name="SOPClass">
<xs:complexType>
<xs:sequence>
<xs:element minOccurs="0" maxOccurs="unbounded" ref="Instance"/>
</xs:sequence>
<xs:attribute name="UID" type="xs:token"/>
<xs:attribute name="NumberOfInstances" use="required" type="xs:integer"/>
</xs:complexType>
</xs:element>
<xs:element name="Instance">
<xs:complexType>
<xs:attribute name="UID" use="required" type="xs:token"/>
</xs:complexType>
</xs:element>
<xs:element name="ParticipantObjectContainsStudy">
<xs:complexType>
<xs:sequence>
<xs:element minOccurs="0" maxOccurs="unbounded" ref="StudyIDs"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="StudyIDs">
<xs:complexType>
<xs:attribute name="UID" use="required" type="xs:token"/>
</xs:complexType>
</xs:element>
<xs:element name="Encrypted" type="xs:boolean"/>
<xs:element name="Anonymized" type="xs:boolean"/>
<xs:complexType name="ParticipantObjectIdentificationContents">
<xs:sequence>
<xs:element ref="ParticipantObjectIDTypeCode"/>
<!--NOTE: The minOccurs entry on the following choice element was
added because DICOM does not actually follow the requirement to
have one of these two elements-->
<xs:choice minOccurs="0">
<xs:element ref="ParticipantObjectName"/>
<xs:element ref="ParticipantObjectQuery"/>
</xs:choice>
<xs:element minOccurs="0" maxOccurs="unbounded" ref="ParticipantObjectDetail"/>
<xs:element minOccurs="0" maxOccurs="unbounded" ref="ParticipantObjectDescription"/>
<!--NOTE: The minOccurs entry on DICOMObjectDescriptionContents is
ONLY for ATNA syslog messages which are not for DICOM related
events. For DICOM related events, this group is required-->
<xs:group ref="DICOMObjectDescriptionContents" minOccurs="0"/>
</xs:sequence>
<xs:attribute name="ParticipantObjectID" use="optional" type="xs:token"/>
<xs:attribute name="ParticipantObjectTypeCode">
<xs:simpleType>
<xs:restriction base="xs:token">
<xs:enumeration value="1"/>
<xs:enumeration value="2"/>
<xs:enumeration value="3"/>
<xs:enumeration value="4"/>
</xs:restriction>
</xs:simpleType>
</xs:attribute>
<xs:attribute name="ParticipantObjectTypeCodeRole">
<xs:annotation>
<xs:documentation>Other</xs:documentation>
</xs:annotation>
<xs:simpleType>
<xs:restriction base="xs:token">
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>optional role</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="2">
<xs:annotation>
<xs:documentation>Patient</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="3">
<xs:annotation>
<xs:documentation>Location</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="4">
<xs:annotation>
<xs:documentation>Report</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="5">
<xs:annotation>
<xs:documentation>Resource</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="6">
<xs:annotation>
<xs:documentation>Master File</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="7">
<xs:annotation>
<xs:documentation>User</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="8">
<xs:annotation>
<xs:documentation>List</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="9">
<xs:annotation>
<xs:documentation>Doctor</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="10">
<xs:annotation>
<xs:documentation>Subscriber</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="11">
<xs:annotation>
<xs:documentation>guarantor</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="12">
<xs:annotation>
<xs:documentation>Security User Entity</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="13">
<xs:annotation>
<xs:documentation>Security User Group</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="14">
<xs:annotation>
<xs:documentation>Security Resource</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="15">
<xs:annotation>
<xs:documentation>Security Granulatiry Definition</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="16">
<xs:annotation>
<xs:documentation>Provider</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="17">
<xs:annotation>
<xs:documentation>Report Destination</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="18">
<xs:annotation>
<xs:documentation>Report Library</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="19">
<xs:annotation>
<xs:documentation>Schedule</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="20">
<xs:annotation>
<xs:documentation>Customer</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="21">
<xs:annotation>
<xs:documentation>Job</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="22">
<xs:annotation>
<xs:documentation>Job Stream</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="23">
<xs:annotation>
<xs:documentation>Table</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="24">
<xs:annotation>
<xs:documentation>Routing Criteria</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
</xs:attribute>
<xs:attribute name="ParticipantObjectDataLifeCycle">
<xs:annotation>
<xs:documentation>Query?,</xs:documentation>
</xs:annotation>
<xs:simpleType>
<xs:restriction base="xs:token">
<xs:enumeration value="1"/>
<xs:enumeration value="2">
<xs:annotation>
<xs:documentation>Origination, Creation</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="3">
<xs:annotation>
<xs:documentation>Import/ Copy</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="4">
<xs:annotation>
<xs:documentation>Amendment</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="5">
<xs:annotation>
<xs:documentation>Verification</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="6">
<xs:annotation>
<xs:documentation>Translation</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="7">
<xs:annotation>
<xs:documentation>Access/Use</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="8">
<xs:annotation>
<xs:documentation>De-identification</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="9">
<xs:annotation>
<xs:documentation>Aggregation, summarization, derivation</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="10">
<xs:annotation>
<xs:documentation>Report</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="11">
<xs:annotation>
<xs:documentation>Export</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="12">
<xs:annotation>
<xs:documentation>Disclosure</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="13">
<xs:annotation>
<xs:documentation>Receipt of Disclosure</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="14">
<xs:annotation>
<xs:documentation>Archiving</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="15">
<xs:annotation>
<xs:documentation>Logical deletion</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
</xs:attribute>
<xs:attribute name="ParticipantObjectSensistity" type="xs:token">
<xs:annotation>
<xs:documentation>Permanent erasure, physical destruction</xs:documentation>
</xs:annotation>
</xs:attribute>
</xs:complexType>
<xs:element name="ParticipantObjectIDTypeCode">
<xs:complexType>
<xs:attributeGroup ref="CodedValueType"/>
</xs:complexType>
</xs:element>
<xs:element name="ParticipantObjectName" type="xs:token"/>
<xs:element name="ParticipantObjectQuery" type="xs:base64Binary"/>
<xs:element name="ParticipantObjectDetail">
<xs:complexType>
<xs:attributeGroup ref="ValuePair"/>
</xs:complexType>
</xs:element>
<xs:element name="ParticipantObjectDescription" type="xs:token"/>
<!--The basic message-->
<xs:element name="AuditMessage">
<xs:complexType>
<xs:sequence>
<xs:element ref="EventIdentification"/>
<xs:element maxOccurs="unbounded" ref="ActiveParticipant"/>
<xs:element ref="AuditSourceIdentification"/>
<xs:element minOccurs="0" maxOccurs="unbounded" ref="ParticipantObjectIdentification"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="EventIdentification" type="EventIdentificationContents"/>
<xs:element name="ActiveParticipant" type="ActiveParticipantContents"/>
<xs:element name="AuditSourceIdentification" type="AuditSourceIdentificationContents"/>
<xs:element name="ParticipantObjectIdentification" type="ParticipantObjectIdentificationContents"/>
</xs:schema>
Example of DICOM Schema Compliant Audit Message
<AuditMessage>
<EventIdentification EventActionCode="E"
EventDateTime="2014-11-10T12:00:00.500-08:00" EventOutcomeIndicator="0">
<EventID csd-code="110100" codeSystemName="DCM" originalText="Application Activity"/>
<EventTypeCode csd-code="110120" codeSystemName="DCM" originalText="Application Start"/>
</EventIdentification>
<ActiveParticipant AlternativeUserID="19041@hiadev010"
NetworkAccessPointID="10.145.240.60"
NetworkAccessPointTypeCode="2" UserID="root" UserIsRequestor="false">
<RoleIDCode csd-code="110150" codeSystemName="DCM" originalText="Application"/>
</ActiveParticipant>
<AuditSourceIdentification code="4" AuditSourceID="10.145.240.60@REGISTRY_ORACLE_HIM"/>
</AuditMessage>
