Audit Message : epSOS-2 - Issuance of a HCP Identity Assertion

Back to list

Name
epSOS-2 - Issuance of a HCP Identity Assertion
OID
1.3.6.1.4.1.12559.11.1.2.1.12.52
Document reference
WP3A_epSOS_EED_AuditTrail_Binding
Section
2.3.4.1
Last change
3/23/15 3:50:46 PM (CET GMT+0100) by aboufahj
Schema
/opt/XDStarClient/xsd/RFC3881.xsd
Dicom compatible
Deprecate RFC3881 Validation
false
Deprecated Validator
Field Name Opt Value Regex
EventIdentification EventID M
EventActionCode M
EventDateTime M
EventOutcomeIndicator M ^0|1|4|8$
EventTypeCode U
HumanRequestor
1 .. *
PointOfCare
1 .. *
ServiceConsumerNCP
0 .. 1
ServiceProviderNCP
0 .. 1
AuditSourceIdentification
1 .. *
ErrorMessage
0 .. *
RequestMessage
1 .. 1
ResponseMessage
1 .. 1
EventTarget
1 .. *
Field Name Opt Value Regex
HumanRequestor ActiveParticipant Distinguisher RoleIDCode[@code='dentist' or @code='nurse' or @code='pharmacist' or @code='physician' or @code='medical doctor' or @code='nurse midwife' or @code='admission clerk' or @code='ancillary services' or @code='clinical services']
UserID M .*<.+@.+>
AlternativeUserID M
UserName U
UserIsRequestor M true
RoleIDCode M
NetworkAccessPointTypeCode U
NetworkAccessPointID U
Field Name Opt Value Regex
PointOfCare ActiveParticipant Distinguisher RoleIDCode[@codeSystem='1.3.6.1.4.1.12559.11.10.1.3.2.2.2' or @codeSystemName='urn:epsos:names:wp3.4:subject:healthcare-facility-type']
UserID M .+
AlternativeUserID U
UserName U
UserIsRequestor M true
RoleIDCode M
NetworkAccessPointTypeCode U
NetworkAccessPointID U
Field Name Opt Value Regex
ServiceConsumerNCP ActiveParticipant Distinguisher RoleIDCode[@code='ServiceConsumer']
UserID M
AlternativeUserID U
UserName U
UserIsRequestor M true
RoleIDCode M
NetworkAccessPointTypeCode U
NetworkAccessPointID U
Field Name Opt Value Regex
ServiceProviderNCP ActiveParticipant Distinguisher RoleIDCode[@code='ServiceProvider']
UserID M
AlternativeUserID U
UserName U
UserIsRequestor M false
RoleIDCode M
NetworkAccessPointTypeCode U
NetworkAccessPointID U
Field Name Opt Value Regex
AuditSourceIdentification AuditSourceID M ^[A-Z][A-Z]-[A-Z0-9]{1,3}$
AuditEnterpriseSiteID U
AuditSourceTypeCode U
Field Name Opt Value Regex
ErrorMessage ParticipantObjectIdentification Distinguisher @ParticipantObjectTypeCode='2' and @ParticipantObjectTypeCodeRole='3'
ParticipantObjectTypeCode M 2
ParticipantObjectTypeCodeRole M 3
ParticipantObjectDataLifeCycle U
ParticipantObjectIDTypeCode M 9
ParticipantObjectSensitivity U
ParticipantObjectID M
ParticipantObjectName U
ParticipantObjectQuery U
ParticipantObjectDetail M
Field Name Opt Value Regex
RequestMessage ParticipantObjectIdentification Distinguisher ParticipantObjectIDTypeCode[@code='req']
ParticipantObjectTypeCode M 4
ParticipantObjectTypeCodeRole U
ParticipantObjectDataLifeCycle U
ParticipantObjectIDTypeCode M EV('req', 'epSOS Msg', 'Request Message')
ParticipantObjectSensitivity U
ParticipantObjectID M urn:uuid:.*
ParticipantObjectName U
ParticipantObjectQuery U
ParticipantObjectDetail M
Field Name Opt Value Regex
ResponseMessage ParticipantObjectIdentification Distinguisher ParticipantObjectIDTypeCode[@code='rsp']
ParticipantObjectTypeCode M 4
ParticipantObjectTypeCodeRole U
ParticipantObjectDataLifeCycle U
ParticipantObjectIDTypeCode M EV('rsp', 'epSOS Msg', 'Response Message')
ParticipantObjectSensitivity U
ParticipantObjectID M urn:uuid:.*
ParticipantObjectName U
ParticipantObjectQuery U
ParticipantObjectDetail M
Field Name Opt Value Regex
EventTarget ParticipantObjectIdentification Distinguisher ParticipantObjectIDTypeCode[@code='IdA']
ParticipantObjectTypeCode M 2
ParticipantObjectTypeCodeRole U
ParticipantObjectDataLifeCycle U
ParticipantObjectIDTypeCode M EV('IdA', 'epSOS Security', 'HCP Identity Assertion')
ParticipantObjectSensitivity U
ParticipantObjectID M urn:uuid:.*
ParticipantObjectName U
ParticipantObjectQuery U
ParticipantObjectDetail U

Extra constraints :

IdKindxPathDescription
366errormatches(/AuditMessage/EventIdentification/EventID/@codeSystemName,'^epSOS Transaction|IHE Transactions|unknown$')Event/EventID@codeSystemName SHALL be 'epSOS Transaction' or 'IHE Transactions'
367errorevery $actpart in /AuditMessage/ActiveParticipant[RoleIDCode[@codeSystem='1.3.6.1.4.1.12559.11.10.1.3.2.2.2' or @codeSystemName='urn:epsos:names:wp3.4:subject:healthcare-facility-type']] satisfies matches($actpart/RoleIDCode/@code, '^Hospital|Resident Physician|Pharmacy|Other$')PointOfCare/RoleIDCode/@code SHALL be from HCPO Type
368errorevery $actpart in /AuditMessage/ActiveParticipant[RoleIDCode[@code='ServiceConsumer']] satisfies $actpart/RoleIDCode/@codeSystem='epSOS' and $actpart/RoleIDCode/@displayName='epSOS Service Consumer'ServiceConsumerNCP/RoleIDCode/@codeSystem shall be equals to 'epSOS' and the displayName='epSOS Service Consumer'
369errorevery $actpart in /AuditMessage/ActiveParticipant[RoleIDCode[@code='ServiceProvider']] satisfies $actpart/RoleIDCode/@codeSystem='epSOS' and $actpart/RoleIDCode/@displayName='epSOS Service Provider'ServiceProviderNCP/RoleIDCode/@codeSystem shall be equals to 'epSOS' and the displayName='epSOS Service Provider'
370errorevery $partid in /AuditMessage/ParticipantObjectIdentification[@ParticipantObjectTypeCode='2' and @ParticipantObjectTypeCodeRole='3'] satisfies (every $i in $partid/ParticipantObjectDetail satisfies $i/@type='errormsg')ErrorMessage/ParticipantObjectDetail must have the type='errormsg'
371errorevery $partid in /AuditMessage/ParticipantObjectIdentification[@ParticipantObjectTypeCode='2' and @ParticipantObjectTypeCodeRole='3'] satisfies (every $i in $partid/ParticipantObjectDetail[@type='errormsg'] satisfies matches($i/@value,'^\w+$'))ErrorMessage/ParticipantObjectDetail with type='errormsg' shall have a value coded base 64
372errorevery $partid in /AuditMessage/ParticipantObjectIdentification[ParticipantObjectIDTypeCode[@code='req']] satisfies (every $i in $partid/ParticipantObjectDetail satisfies $i/@type='securityheader')RequestMessage/ParticipantObjectDetail shall have the type=securityheader
373errorevery $partid in /AuditMessage/ParticipantObjectIdentification[ParticipantObjectIDTypeCode[@code='rsp']] satisfies (every $i in $partid/ParticipantObjectDetail satisfies $i/@type='securityheader')ResponseMessage/ParticipantObjectDetail shall have the type=securityheader
374error/AuditMessage/EventIdentification/EventID[@codeSystemName!='unknown' or @code='epsos-00']Event/EventID shall have the codeSystemName!=unknown, or the code=epsos-00
375error/AuditMessage/EventIdentification/EventID[(@code='ITI-63' and @displayName='XCF::CrossGatewayFetchRequest') or (@code='ITI-38' and @displayName='XCA::CrossGatewayQuery') or (@code='ITI-39' and @displayName='XCA::CrossGatewayRetrieve') or (@code='ITI-41' and @displayName='XDR::ProvideandRegisterDocumentSet-b') or (@code='ITI-41' and @displayName='XDR::BPPCProvideandRegisterDocumentSet-b') or (@code='ITI-55' and @displayName='XCPD::CrossGatewayPatientDiscovery') or (@code='epsos-91' and @displayName='identityProvider::HPAuthentication') or (@code='ITI-40' and @displayName='XUA::ProvideX-UserAssertion') or (@code='epsos-92' and @displayName='ncp::TrcAssertion') or (@code='epsos-93' and @displayName='ncpConfigurationManager::ImportNSL') or (@code='epsos-94' and @displayName='ncpTransformationMgr::Translate') or @code='epSOS-95' or @code='epSOS-96' or (@code='epsos-97' and @displayName='ncpTransformationMgr::Translate') or (@code='epsos-00' and @displayName='unknown')]Event/EventID@displayName SHALL be conform to the specification on the table 2.3.4.7
376errormatches(/AuditMessage/EventIdentification/EventID/@code,'^(ITI-63|ITI-38|ITI-39|ITI-41|ITI-55|epsos-91|ITI-40|epsos-92|epsos-93|epsos-94|epsos-95|epsos-96|epsos-97|epsos-00)$')Event/EventID@code SHALL be from the list : ITI-63, ITI-38, ITI-39, ITI-41, ITI-55, epsos-91, ITI-40, epsos-92, epsos-93, epsos-94, epsos-95, epsos-96, epsos-97, epsos-00
377error/AuditMessage/EventIdentification[@EventActionCode='E' and EventID[@code='ITI-55' or @code='epsos-91' or @code='ITI-40' or @code='epsos-92' or @code='epsos-93' or @code='epsos-94' or @code='epsos-95' or @code='epsos-96' or @code='epsos-97' or @code='epsos-00']] or /AuditMessage/EventIdentification[@EventActionCode='R' and EventID[@code='ITI-63' or @code='ITI-38' or @code='ITI-39']] or /AuditMessage/EventIdentification[@EventActionCode='U' and EventID[@code='ITI-41']] or /AuditMessage/EventIdentification[@EventActionCode='C' and EventID[@code='ITI-41']]/EventID@EventActionCode SHALL be conform to the value of Event/EventID according to the table 2.3.4.7

Back to list