Document retrieval of record artifact from Regula Fischer 20.10.2020 14:29 on behalf of Dr. med. Hans Allzeitbereit, Member of group Labor 1 Bertaspital, Emergency Access
+
Document retrieval of record artifact from Regula Fischer 20.10.2020 14:29 on behalf of Dr. med. Hans Allzeitbereit, Member of group Labor 1 Bertaspital, Emergency Access
- 10.10.2020 10:05: Healthcare professional Dr. med. Sabine Musterfrau has been added to Group Kardiologie Universitätsspital Musterstadt and patient Jakob Wieder-Gesund has been notified
+ 10.10.2020 10:05: Healthcare professional Dr. med. Sabine Musterfrau has been added to Group Kardiologie Universitätsspital Musterstadt and patient Jakob Wieder-Gesund has been notified
\ No newline at end of file
diff --git a/input/pagecontent/changelog.md b/input/pagecontent/changelog.md
index bad9a47..2ec05f1 100644
--- a/input/pagecontent/changelog.md
+++ b/input/pagecontent/changelog.md
@@ -3,14 +3,19 @@ All significant changes to this FHIR implementation guide will be documented on
### v3.3.0-ballot (2024)
+#### Added
+* Integration of volume 1, 2 and 3 from 'Ergänzung 2.2 zu Anhang 5 EPDV-EDI' in consideration of CP 'EPDBEP-244' [#12](https://github.com/ehealthsuisse/ch-atc/issues/12)
+ * Add tracecontext by using ChEprFhirAuditEvent as parent profile for all AuditEvent profiles in CH ATC [#18](https://github.com/ehealthsuisse/ch-atc/issues/18)
+
#### Changed / Updated
* Updated the IG dependencies to the current published versions
* Adapt VS URL (http://fhir.ch/ig/ch-epr/ValueSet/EprPurposeOfUse) because of renaming CH EPR Term to CH Term [#20](https://github.com/ehealthsuisse/ch-atc/issues/20)
+* Change extension http://hl7.org/fhir/StructureDefinition/artifact-identifier to http://fhir.ch/ig/ch-epr-fhir/StructureDefinition/ch-mhd-home-community-id [#21](https://github.com/ehealthsuisse/ch-atc/issues/21)
### v3.2.0 (2024-01-31)
The implementation guide was under an informative ballot by HL7 Switzerland until September 30th, 2023. The following comments/issues have been raised and fixed:
-#### Open
+#### Open Issues
* Overview of transactions/use cases [#12](https://github.com/ehealthsuisse/ch-atc/issues/12)
#### Added
@@ -62,4 +67,4 @@ Updated draft version:
* Structural updates of the IG analogous to the further development of the IG Publisher (e.g. new template).
### v1.2.0 (2019-03-01)
-Initial published draft version according to 'www.e-health-suisse.ch/fileadmin/user_upload/Dokumente/2019/E/190528_Entwurf_EPDV-EDI_E2A5_ATC_V1.9_e.pdf' (see on [e-health-suisse.ch](https://www.e-health-suisse.ch/beispielseiten/epd-projectathon/programmierhilfen-epd/relevante-spezifikationen.html#ATC)).
\ No newline at end of file
+Initial published draft version according to 'www.e-health-suisse.ch/fileadmin/user_upload/Dokumente/2019/E/190528_Entwurf_EPDV-EDI_E2A5_ATC_V1.9_e.pdf'.
\ No newline at end of file
diff --git a/input/pagecontent/index.md b/input/pagecontent/index.md
index 0ef212b..dd69d8a 100644
--- a/input/pagecontent/index.md
+++ b/input/pagecontent/index.md
@@ -1,7 +1,7 @@
### Introduction
-This profile defines the audit trail consumption requirements a community has to provide for a patient. The profile CH ATC defines and precises the actors and transaction [ITI-81] of the [IHE IT Infrastructure Technical Framework Supplement Add RESTful Query to ATNA](http://www.ihe.net/uploadedFiles/Documents/ITI/IHE_ITI_Suppl_RESTful-ATNA.pdf) and defines the content of the Audit Messages. The different types of the Audit Messages are based on the requirements for Document and Policy Access management in order to achieve the Swiss regulation needs on the audit trail access by patients. These Audit Event types differ from the Audit Events which have also to be logged according to the IHE / CH:ATNA requirements.
-The CH ATC profile text in the National Integration Profiles (SR816.11, Annex 5, Extension 2) is normative, this implementation guide is informative. This implementation guide is built with [IG Publisher](https://confluence.hl7.org/display/FHIR/IG+Publisher+Documentation) from HL7. See [e-health-suisse.ch](https://www.e-health-suisse.ch/startseite.html) for more information about the Electronic Patient Record in Switzerland.
+Patients and their representatives have access to the audit trail of the [Electronic Patient Record (EPR)](https://www.fedlex.admin.ch/eli/cc/2017/203/en) via the portal of their reference community. The Swiss profile Audit Trail Consumption (CH ATC) defines the Audit Messages for document management, access policy management, audit trail retrieval by the patient or their representative(s), and logging of group entries of healthcare professionals. This profile uses the IHE transaction [Retrieve ATNA Audit Event [ITI-81]](https://profiles.ihe.net/ITI/TF/Volume2/ITI-81.html) to consume the Audit Messages from all communities. CH ATC is intended for patients to see what has happened in their EPR. It does not replace the logging of the ATNA Audit Events. This profile fulfills the Swiss regulations and is referenced in Annex 5 of the EPRO-FDHA.
+This implementation guide is built with [IG Publisher](https://confluence.hl7.org/display/FHIR/IG+Publisher+Documentation) from HL7. For more information about the EPR, see [patientrecord.ch](https://www.patientrecord.ch/), [e-health-suisse.ch](https://www.e-health-suisse.ch/startseite.html) and [Federal Office of Public Health](https://www.bag.admin.ch/epra).
@@ -9,21 +9,50 @@ The CH ATC profile text in the National Integration Profiles (SR816.11, Annex 5,
-
-**Download**: You can download this implementation guide in [NPM format](https://confluence.hl7.org/display/FHIR/NPM+Package+Specification) from [here](package.tgz).
-
-### IP Statements
-
+### Implementation Guide Structure
+This implementation guide is organized into this main sections:
+
+* Volume 1 - Integration Profiles
+ * [Overview](volume-1.html#overview)
+ * [Actors, Transactions and Content Modules](volume-1.html#actors-transactions-and-content-modules)
+ * [Integration Profile Options](volume-1.html#integration-profile-options)
+ * [Actor Groupings](volume-1.html#actor-groupings)
+ * [Overview - Use Cases](volume-1.html#overview---use-cases)
+ * [Security Considerations](volume-1.html#security-considerations)
+* Volume 2 - Transactions
+ * [Constraints on Retrieve ATNA Audit Event [ITI-81]](volume-2.html#constraints-on-retrieve-atna-audit-event-iti-81)
+* Volume 3 - Content Profiles
+ * [Audit Trail Consumption Event Types](volume-3.html#audit-trail-consumption-event-types)
+ * [Document Audit Event Content Profile](volume-3.html#document-audit-event-content-profile)
+ * [Policy Audit Event Content Profile](volume-3.html#policy-audit-event-content-profile)
+ * [Access Audit Trail Content Profile](volume-3.html#access-audit-trail-content-profile)
+ * [HPD Group Entry Audit Event Content Profile](volume-3.html#hpd-group-entry-audit-event-content-profile)
+
+### Conformance Expectations
+The key words _must_, _must not_, _required_, _shall_, _shall not_, _should_, _should not_, _recommended_, _may_, and _optional_ in this document are to be interpreted as described in [RFC2119](https://www.ietf.org/rfc/rfc2119.txt).
+
+#### Scope of Precisions
+The extensions, restrictions and translations specified apply to the following [IHE IT Infrastructure (ITI) integration profiles](https://profiles.ihe.net/ITI/index.html):
+
+* Technical Framework
+ * [Volume 1](https://profiles.ihe.net/ITI/TF/Volume1/index.html), Revision 20.0, August 4, 2023 - Final Text
+ * [Volume 2](https://profiles.ihe.net/ITI/TF/Volume2/index.html), Revision 20.0, August 4, 2023 - Final Text
+ * [Volume 3](https://profiles.ihe.net/ITI/TF/Volume3/index.html), Revision 20.0, August 4, 2023 - Final Text
+* Technical Framework Supplements
+ * [Add RESTful ATNA (Query and Feed)](https://www.ihe.net/uploadedFiles/Documents/ITI/IHE_ITI_Suppl_RESTful-ATNA.pdf), Revision 3.4, August 4, 2023
+ * [Internet User Authorization (IUA)](https://profiles.ihe.net/ITI/IUA/index.html), Revision 2.2, June 17, 2022
+
+### Download and Analysis
+You can download this implementation guide in [npm format](https://confluence.hl7.org/display/FHIR/NPM+Package+Specification) from [here](package.tgz).
+
+#### IP Statements
{% include ip-statements.xhtml %}
-### Cross Version Analysis
-
+#### Cross Version Analysis
{% include cross-version-analysis.xhtml %}
-### Dependency Table
-
+#### Dependency Table
{% include dependency-table.xhtml %}
-### Globals Table
-
-{% include globals-table.xhtml %}
\ No newline at end of file
+#### Globals Table
+{% include globals-table.xhtml %}
diff --git a/input/pagecontent/profiles.md b/input/pagecontent/profiles.md
new file mode 100644
index 0000000..1ae1105
--- /dev/null
+++ b/input/pagecontent/profiles.md
@@ -0,0 +1,2 @@
+
+{% include list-profiles.xhtml %}
diff --git a/input/pagecontent/profiles.xml b/input/pagecontent/profiles.xml
deleted file mode 100644
index 2d38ce4..0000000
--- a/input/pagecontent/profiles.xml
+++ /dev/null
@@ -1,8 +0,0 @@
-
-
-
- {% include list-profiles.xhtml %}
-
-
-
\ No newline at end of file
diff --git a/input/pagecontent/searchparameters.md b/input/pagecontent/searchparameters.md
new file mode 100644
index 0000000..0ddd36e
--- /dev/null
+++ b/input/pagecontent/searchparameters.md
@@ -0,0 +1,2 @@
+
+{% include list-searchparameters.xhtml %}
diff --git a/input/pagecontent/terminology.md b/input/pagecontent/terminology.md
new file mode 100644
index 0000000..895d30f
--- /dev/null
+++ b/input/pagecontent/terminology.md
@@ -0,0 +1,3 @@
+### Value Sets
+
+{% include list-simple-valuesets.xhtml %}
diff --git a/input/pagecontent/terminology.xml b/input/pagecontent/terminology.xml
deleted file mode 100644
index 01db22f..0000000
--- a/input/pagecontent/terminology.xml
+++ /dev/null
@@ -1,14 +0,0 @@
-
-
-
ValueSets
-
- {% include list-simple-valuesets.xhtml %}
-
-
-
-
-
\ No newline at end of file
diff --git a/input/pagecontent/volume-1.md b/input/pagecontent/volume-1.md
new file mode 100644
index 0000000..51bf23d
--- /dev/null
+++ b/input/pagecontent/volume-1.md
@@ -0,0 +1,205 @@
+### Overview
+
+This profile defines the audit trail consumption requirements a community has to provide for a patient’s audit trail.
+
+The profile CH:ATC defines and precises the actors and Retrieve Audit Event [ITI-81] of the [IHE ITI Supplement Add RESTful Query to ATNA](https://www.ihe.net/uploadedFiles/Documents/ITI/IHE_ITI_Suppl_RESTful-ATNA.pdf) and defines the content of the Audit Messages. The different types of the Audit Messages are based on the requirements for Document and Access Policy management as well as the entry of healthcare professionals into a group in order to achieve the Swiss regulation needs on the audit trail access by patients. These Audit Event types differ from the Audit Events which have also to be logged according to the ATNA requirements.
+
+{% include img.html img="overview.png" caption="Figure 1: CH:ATC Overview within the Swiss EPR circle of trust" width="60%" %}
+
+Each community shall provide one endpoint to a Patient Audit Record Repository which can be queried according to the Retrieve Audit Event [ITI-81] RESTful Query transaction. A reference community shall implement a Patient Audit Consumer which will query all Patient Audit Record Repositories, aggregate the results and provide it to the patient.
+
+How the Patient Audit Record Repository generates or collects the specified Audit Events within the community is outside the scope of this profile.
+
+
+### Actors, Transactions and Content Modules
+Figure 2 shows the actors directly involved in the CH:ATC Profile and the relevant transactions between them. If needed for context, other actors that may be indirectly involved due to their participation in other related profiles are shown in dotted lines.
+
+{% include img.html img="actor-diagram.png" caption="Figure 2: CH:ATC Actor diagram" width="60%" %}
+
+Table 1 lists the transactions for each actor directly involved in the CH:ATC Profile. To claim compliance with this Profile, an actor shall support all required transactions (labeled "R") and may support the optional transactions (labeled "O").
+
+{:class="table table-bordered"}
+| Actors | Transactions | Initiator or Responder | Opt | Reference |
+| --- | --- | --- | --- | --- |
+| Patient Audit Consumer | Retrieve Audit Event [ITI-81] | Initiator | R | [Patient Audit Consumer](#patient-audit-consumer) |
+| Patient Audit Record Repository | Retrieve Audit Event [ITI-81] | Responder | R | [Patient Audit Record Repository](#patient-audit-record-repository) |
+
+_Table 1: CH:ATC Profile - Actors and Transactions_
+
+#### Actor Descriptions and Actor Profile Requirements
+
+The actors defined in this profile are based on the [IHE ITI TF-2](https://profiles.ihe.net/ITI/TF/Volume2/index.html) and the [IHE ITI Supplement Add RESTful Query to ATNA](https://www.ihe.net/uploadedFiles/Documents/ITI/IHE_ITI_Suppl_RESTful-ATNA.pdf) actors. This section documents any additional requirements on the profile’s actors required in the Swiss EPR context.
+
+#### Patient Audit Record Repository
+
+For the actor Patient Audit Record Repository the actor Audit Record Repository in [IHE ITI Supplement Add RESTful Query to ATNA](https://www.ihe.net/uploadedFiles/Documents/ITI/IHE_ITI_Suppl_RESTful-ATNA.pdf) is relevant.
+
+The Patient Audit Record Repository shall support the Retrieve Audit Message Option from the Audit Record Repository (**TODO leere section** [IHE ITI TF-1, chapter 9.2.3](https://profiles.ihe.net/ITI/TF/Volume1/ch-9.html#9.2.3)) with the search capabilities as defined in [IHE ITI TF-2, chapter 3.81](https://profiles.ihe.net/ITI/TF/Volume2/ITI-81.html) and the Audit Message Formats defined in Volume 3 - Content Profiles.
+
+#### Patient Audit Consumer
+
+For the actor Patient Audit Consumer the actor Audit Consumer in [IHE ITI Supplement Add RESTful Query to ATNA](https://www.ihe.net/uploadedFiles/Documents/ITI/IHE_ITI_Suppl_RESTful-ATNA.pdf) is relevant.
+
+The Patient Audit Consumer queries a Patient Audit Record Repository for Audit Events defined by this profile. The Patient Audit Consumer shall support the Retrieve Audit Message Option from the Audit Consumer (**TODO leere section** [IHE ITI TF-1, chapter 9.2.3](https://profiles.ihe.net/ITI/TF/Volume1/ch-9.html#9.2.3)).
+
+The Patient Audit Consumer should filter duplicate AuditEvents for display (e.g. Document Retrieval Audit Event for the same document access are in multiple Patient Audit Record Repositories, because the requesting and responding community need to make the AuditEvent available).
+
+Subsequent processing like translation of the coded elements into the users preferred language and display of the query result is not defined in this profile.
+
+
+### Integration Profile Options
+
+{:class="table table-bordered"}
+| CH:ATC Actor | Option name |
+| --- | --- |
+| Patient Audit Consumer | Aggregate Audit Message Option |
+| Patient Audit Record Repository | - |
+
+_Table 2: Actors and Options_
+
+The aggregate Audit Message Options allows the Patient Audit Consumer to aggregate results from multiple Patient Audit Record Repositories. A reference community shall support at least one Patient Audit Consumer with this Option. If a Patient Audit Record Repository does not respond, an OperationOutcome with a severity warning shall be added to the aggregated results indicating the Patient Audit Record Repository of the community that does not respond.
+
+
+### Actor Groupings
+
+An actor from this profile (Column 1) shall implement all of the required transactions and/or content modules in this profile in addition to all of the requirements for the grouped actor.
+
+{:class="table table-bordered"}
+
+
+_Table 3: Actor Grouping_
+
+Section [Security Considerations](#security-considerations) describes the groupings required for security considerations.
+
+
+### Overview - Use Cases
+
+Activities related to the EPR are audited for specific document and access policy management events as well as entry events of healthcare professionals into a group and stored in the communities.
+
+This profile supports the following Use Cases:
+
+
+
A patient can request protocols of the activities related to his EPR.
+
A patient representative can request a protocol of the activities related to the patients delegated EPR.
+
+
+### Security Considerations
+
+The transaction is used to exchange sensitive information and requires authentication and authorization. This profile requires all actors to be grouped with Secure Node or Secure Application implementing the "STX: TLS 1.2 floor using BCP195 Option" defined in the [IHE ITI TF-2, chapter 3.19.6.2.3](https://profiles.ihe.net/ITI/TF/Volume2/ITI-19.html#3.19.6.2.3).
+
+Access control shall be implemented by grouping the CH:ATC Audit Consumer and Audit Record Repository with the Authorization Client and Resource Server from the IUA trial implementation profile using the SAML Token option (see [IHE ITI Supplement IUA, chapter 3.72.4.3.2](https://profiles.ihe.net/ITI/IUA/index.html#372432-saml-token-option)). As defined therein, the CH:ATC Audit Consumer and Audit Record Repository shall implement the Incorporate Authorization Token [ITI-72] transaction to convey the XUA token.
+
+The CH:ATC Patient Audit Record Repository shall be grouped with CH:ADR, i.e. the CH:ATC Patient Audit Record Repository shall use the CH:ADR Authorization Decision Request transaction to authorize the transaction and enforce the authorization decision retrieved from CH:ADR Authorization Decision Response.
diff --git a/input/pagecontent/volume-2.md b/input/pagecontent/volume-2.md
new file mode 100644
index 0000000..13235a1
--- /dev/null
+++ b/input/pagecontent/volume-2.md
@@ -0,0 +1,63 @@
+### Constraints on Retrieve ATNA Audit Event [ITI-81]
+
+The Retrieve ATNA Audit Event [ITI-81] transaction is defined in [IHE ITI TF-2](https://profiles.ihe.net/ITI/TF/Volume2/index.html) and the [IHE ITI Supplement Add RESTful Query to ATNA](https://www.ihe.net/uploadedFiles/Documents/ITI/IHE_ITI_Suppl_RESTful-ATNA.pdf). The following rules shall be applied for the CH:ATC profile.
+
+#### Message Semantics
+
+The Retrieve ATNA Audit Event message shall be a HTTP GET request sent to the Patient Audit Record Repository. This message is a FHIR search (see [http://hl7.org/fhir/R4/search.html](http://hl7.org/fhir/R4/search.html)) on AuditEvent Resources (see [http://hl7.org/fhir/R4/auditevent.html](http://hl7.org/fhir/R4/auditevent.html)). This "search" target is formatted as:
+
+``` http
+:////AuditEvent?date=ge[start-time]&date=le[stop-time]&
+```
+
+where:
+
+
+
+ <scheme> shall be https.
+
+
+ <query> shall include the entity.identifier as defined in Additional ATNA Search Parameters and may include additional ATNA Search parameters. If entity.identifier is not included an HTTP response code 400 - Bad Request shall be returned.
+
+
+
+
+#### Additional ATNA Search Parameters
+
+The Patient Audit Consumer shall not use the following parameters in a query parameters: address, patient.identifier, source, type, user, outcome. The Patient Audit Consumer may use other parameters as listed in Retrieve Audit Event [ITI-81].
+
+**entity.identifier** is a parameter of token type. This parameter specifies unique identifier for the object. The parameter value should be identified in accordance to the entity type;
+For example:
+``` http
+https://example.com/ARRservice/AuditEvent?date=ge2020-03-22&date=le2025-03-22&entity.identifier=urn:oid:2.16.756.5.30.1.127.3.10.3|5678
+```
+
+The Audit Record Repository shall match this parameter with the AuditEvent.entity.what.identifier field that is of type identifier (ParticipantObjectID in DICOM schema).
+
+For the CH:ATC profile the entity.identifier has to be the EPR-SPID:
+`entity.identifier=urn:oid:2.16.756.5.30.1.127.3.10.3|<<>>`
+
+
+#### Message Semantics for Response
+
+The returned AuditEvent FHIR resources in the Bundle shall conform the CH:ATC AuditEvent profile, see [Volume 3 - Content Profiles](volume-3.html).
+
+
+#### Security Considerations
+
+The transaction is used to exchange sensitive information and requires authentication and authorization. This profile requires all actors to be grouped with Secure Node or Secure Application implementing the "STX: TLS 1.2 floor using BCP195 Option" defined in the [IHE ITI TF-2, chapter 3.19.6.2.3](https://profiles.ihe.net/ITI/TF/Volume2/ITI-19.html#3.19.6.2.3).
+
+Access control shall be implemented by grouping the CH:ATC Audit Consumer and Audit Record Repository with the Authorization Client and Resource Server from the IUA trial implementation profile using the SAML Token option (see [IHE ITI Supplement IUA , chapter 3.72.4.3.2](https://profiles.ihe.net/ITI/IUA/index.html#372432-saml-token-option)). As defined therein, the CH:ATC Audit Consumer and Audit Record Repository shall implement the Incorporate Authorization Token [ITI-72] transaction to convey the XUA token.
+
+The actors shall implement the Incorporate Authorization Token [ITI-72] transaction with SAML token option, using the base64url encoded SAML assertion defined in XUA to the authorization header of the HTTP1.1 GET request with key "Bearer" as follows:
+``` http
+GET /example/url/to/resource/location HTTP/1.1
+Authorization: "Bearer" fFBGRNJru1FQd[…omitted for brevity…]44AzqT3Zg
+Host: examplehost.com
+```
+
+The CH:ATC Patient Audit Record Repository shall be grouped with CH:ADR, i.e. the CH:ATC Patient Audit Record Repository shall use the CH:ADR Authorization Decision Request transaction to authorize the transaction and enforce the authorization decision retrieved from CH:ADR Authorization Decision Response.
+
+
+#### Security Audit Considerations
+An audit event as specified in [Access Audit Trail Content Profile](volume-3.html#access-audit-trail-content-profile) shall be returned by a query to Patient Audit Record Repository after the Patient Audit Record Repository has been queried by a Patient Audit Consumer.
diff --git a/input/pagecontent/volume-3.md b/input/pagecontent/volume-3.md
new file mode 100644
index 0000000..e2233fe
--- /dev/null
+++ b/input/pagecontent/volume-3.md
@@ -0,0 +1,752 @@
+There are four different categories of Audit Events in the context of the EPR:
+
+
+
+ Document management (e.g. a document has been uploaded to the EPR of a patient or a list of document metadata has been retrieved)
+
+
+ Policy management (e.g. a patient has given a healthcare professional access rights to his EPR)
+
+
+ Access Patient Audit Record Repository by a patient or representative (a patient viewed the Audit Trail for the Audit Record Repository)
+
+
+ Notification of the patient about the entry of healthcare professionals into a group
+
+
+
+Each category is described as a content profile. These content profiles are based on the AuditEvent Resource, [http://hl7.org/fhir/R4/auditevent.html](http://hl7.org/fhir/R4/auditevent.html).
+
+The AuditEvent Resource has [mapping rules to the DICOM audit message format](http://hl7.org/fhir/R4/auditevent-mappings.html#dicom), which allows to map to ATNA.
+
+### Audit Trail Consumption Event Types
+The following Audit Trail Consumption Event Types are defined and shall be supported, see [EprAuditTrailConsumptionEventTypes](http://fhir.ch/ig/ch-term/ValueSet/EprAuditTrailConsumptionEventType) from [Codesystem 2.16.756.5.30.1.127.3.10.7](https://fhir.ch/ig/ch-term/CodeSystem-2.16.756.5.30.1.127.3.10.7.html).
+
+{:class="table table-bordered"}
+| Type | Description | Profile Ref | Opt Community |
+| --- | --- | --- | --- |
+| ATC_DOC_CREATE | Document upload | [Document Audit Event Content Profile](#document-audit-event-content-profile) | R |
+| ATC_DOC_READ | Document retrieval | [Document Audit Event Content Profile](#document-audit-event-content-profile) | R |
+| ATC_DOC_UPDATE | Document or Document Metadata update | [Document Audit Event Content Profile](#document-audit-event-content-profile) | R |
+| ATC_DOC_DELETE | Document removal | [Document Audit Event Content Profile](#document-audit-event-content-profile) | R |
+| ATC_DOC_SEARCH | Document search | [Document Audit Event Content Profile](#document-audit-event-content-profile) | R |
+| ATC_POL_CREATE_AUT_PART_AL | Authorize participants to access level/date | [Policy Audit Event Content Profile](#policy-audit-event-content-profile) | R, (NP if not reference community) |
+| ATC_POL_UPDATE_AUT_PART_AL | Update access level/date of authorized participants | [Policy Audit Event Content Profile](#policy-audit-event-content-profile) | R, (NP: if not reference community) |
+| ATC_POL_REMOVE_AUT_PART_AL | Remove authorization for participants | [Policy Audit Event Content Profile](#policy-audit-event-content-profile) | R, (NP: if not reference community) |
+| ATC_POL_DEF_CONFLEVEL | Set or update default Confidentiality Level | [Policy Audit Event Content Profile](#policy-audit-event-content-profile) | R, (NP: if not reference community) |
+| ATC_POL_DIS_EMER_USE | Disabling Emergency Access | [Policy Audit Event Content Profile](#policy-audit-event-content-profile) | R, (NP: if not reference community) |
+| ATC_POL_ENA_EMER_USE | Enabling Emergency Access | [Policy Audit Event Content Profile](#policy-audit-event-content-profile) | R, (NP: if not reference community) |
+| ATC_POL_INCL_BLACKLIST | Assign Healthcare Professional to Blacklist | [Policy Audit Event Content Profile](#policy-audit-event-content-profile) | R, (NP: if not reference community) |
+| ATC_POL_EXL_BLACKLIST | Exclude Healthcare Professional from Blacklist | [Policy Audit Event Content Profile](#policy-audit-event-content-profile) | R, (NP: if not reference community) |
+| ATC_LOG_READ | Accessing Patient Audit Record Repository | [Access Audit Trail Content Profile](#access-audit-trail-content-profile) | R |
+| ATC_HPD_GROUP_ENTRY_NOTIFY | Entry of healthcare professionals into a group | [HPD Group Entry Audit Event Content Profile](#hpd-group-entry-audit-event-content-profile) | R, (NP: if not reference community) |
+
+_Table 4: Audit Trail Consumption Event Types_
+
+
+### Document Audit Event Content Profile
+
+This content profile describes Audit Event related to Document Management. The following Data Elements shall be provided:
+
+{:class="table table-bordered"}
+
[5.1] If different from Initiator (Representative of patient acting on behalf of a patient then patient is responsible).
+
[5.2] Required for Document upload, Document retrieval, Document or Document Metadata update and Document removal but not for Document search.
+
[5.3] Annex 3 EPRO-FDHA, chapter 2.6 type of document (2.16.756.5.30.1.127.3.10.1.27).
+
+_Table 5: Document Audit Event Data Elements_
+
+This profile defines the content of the document audit events which a community has to provide for a patient's audit trail. This profile builds on AuditEvent ([http://hl7.org/fhir/R4/auditevent.html](http://hl7.org/fhir/R4/auditevent.html)).
+* [StructureDefinition for Document Audit Event Profile](StructureDefinition-DocumentAuditEvent.html)
+
+The mapping from the Document Audit Event Resource to the Data Elements is as follows:
+* [Mapping for Document Audit Event Profile](StructureDefinition-DocumentAuditEvent-mappings.html#mappings-for-ch-atc-https-www-bag-admin-ch-bag-en-home-html)
+
+
+#### Example of a Document Audit Event: Document upload
+
+{:class="table table-bordered"}
+| Event | Upload |
+| Resource title of Document | Austrittsbericht von Julia Helfe-Gern |
+| Resource: type of Document | Nicht näher bezeichnetes Dokument (SNOMED CT: 419891008) |
+| Resource: reference to Document | uniqueID |
+| Event Date and Time | 10.10.2020 18:29 |
+| Participant, Initiator | Julia Helfe-Gern |
+| Participant, Responsible | representing Jakob Wieder-Gesund |
+
+_Table 6: Uploading a Record Artifact by a patient representative (atc-doc-create-rep-pat)_
+
+* Example for Document Audit Event Profile: [XML](AuditEvent-atc-doc-create-rep-pat.xml.html), [JSON](AuditEvent-atc-doc-create-rep-pat.json.html)
+
+
+#### Example of a Document Audit Event: Document search
+
+{:class="table table-bordered"}
+| Event | Search for documents |
+| Event Date and Time | 10.10.2020 18:49 |
+| Participant, Initiator | David Mustermann |
+| Participant, Responsible | representing Dr. med. Sabine Musterfrau |
+| Participant, Group | Kardiologie Universitätsspital Musterstadt |
+| Purpose of event | Emergency Access |
+
+_Table 7: Example of a Document Audit Event: Document search_
+
+* Example for Document Audit Event Profile: [XML](AuditEvent-atc-doc-search.xml.html), [JSON](AuditEvent-atc-doc-search.json.html)
+
+
+### Policy Audit Event Content Profile
+
+This content profile describes Audit Events related to Policy Management. The following Data Elements shall be provided:
+
+{:class="table table-bordered"}
+
+
+
+
+
Data Element
+
+
+
Description
+
+
+
Property/Value
+
+
+
+
+
Event Type
+
+
+
Authorize participants to access level/date
+
+
+
+
+
Update access level/date of authorized participants
+
+
+
+
+
Remove authorization for participants to access level/date
+
+
+
+
+
Set or update the default Confidentiality Level for new documents
+
+
+
+
+
Disabling Emergency Access
+
+
+
+
+
Enabling Emergency Access
+
+
+
+
+
Exclude a Healthcare Professional from accessing the EPR
+
+
+
+
+
Revoke the exclusion of a Healthcare Professional from accessing the EPR
one of urn:e-health-suisse:2015:policies:provide-level: normal, restricted, secret
+
+
+
+
+
[8.1] Healthcare Professional or Assistant of Healthcare Professional can only be a participant for the first Event Type (Authorize participants to access level).
+
[8.2] Access Level and the date if the access is limited (AccessLimitedToDate) are required for the first two Event Types (Authorize, update Authorization participants to access level/date), for the other Event Types these parameters do not need to be specified.
+
[8.3] Provide Level is only relevant for the Event Type Default Confidentiality Level for new Documents.
+
+_Table 8: Policy Audit Event Data Elements_
+
+This content profile defines the document audit events which a community has to provide for a patients audit trail. This profile builds on AuditEvent ([http://hl7.org/fhir/R4/auditevent.html](http://hl7.org/fhir/R4/auditevent.html)).
+* [StructureDefinition for Policy Audit Event Profile](StructureDefinition-PolicyAuditEvent.html)
+
+The mapping from the Document Audit Event Resource to the Data Elements is as follows:
+* [Mapping for Policy Audit Event Profile](StructureDefinition-PolicyAuditEvent-mappings.html#mappings-for-ch-atc-https-www-bag-admin-ch-bag-en-home-html)
+
+
+#### Examples
+
+{:class="table table-bordered"}
+| Event | Create |
+| Resource: HCP | EPR-Access Level "delegation-and-restricted" till 31.12.2020 08:00 to Dr. med. Hans Allzeitbereit |
+| Event Date and Time | 22.09.2020 09:47 |
+| Participant Initiator | Jakob Wieder-Gesund |
+
+_Table 9: Example Create Delegation and Restricted access for a healthcare professional (atc-pol-create-acc-right)_
+
+* Example for Policy Audit Event Profile: [XML](AuditEvent-atc-pol-create-acc-right.xml.html), [JSON](AuditEvent-atc-pol-create-acc-right.json.html)
+
+{:class="table table-bordered"}
+| Event | Create |
+| Resource: Representative | Julia Helfe-Gern |
+| Event Date and Time | 22.09.2020 09:48 |
+| Participant Initiator | Jakob Wieder-Gesund |
+
+_Table 10: Example Create for a representative (atc-pol-create-rep)_
+
+* Example for Policy Audit Event Profile: [XML](AuditEvent-atc-pol-create-rep.xml.html), [JSON](AuditEvent-atc-pol-create-rep.json.html)
+
+
+### Access Audit Trail Content Profile
+
+This content profile describes Audit Event related to Accessing the Audit Trail of a Patient from a Patient Audit Record Repository. The following Data Elements shall be provided:
+
+{:class="table table-bordered"}
+
+
+
+
+
Data Element
+
+
+
Description
+
+
+
Property/Value
+
+
+
+
+
Event Type
+
+
+
+
+
+
Access Audit Trail
+
+
+
+
+
Event Date and Time
+
+
+
+
+
+
UTC
+
+
+
+
+
Participants
+
+
+
+
+
+
+
+
+
+
+
Initiator
+
+
+
Patient
+
+
+
Name
+
+
+
+
+
Representative of patient
+
+
+
Name UAP-ID or EPR-SPID
+
+
+
+
+
Responsible
+
+
+
Patient
+
+
+
Name
+
+
+
+
+
Patient
+
+
+
Involved patient
+
+
+
EPR-SPID
+
+
+
+
+
+_Table 11: Access Audit Trail Data Elements_
+
+This content profile defines the access audit trail event, which a community has to provide for a patient’s audit trail. This profile builds on AuditEvent ([http://hl7.org/fhir/R4/auditevent.html](http://hl7.org/fhir/R4/auditevent.html)).
+* [StructureDefinition for Access Audit Trail Event Profile](StructureDefinition-AccessAuditTrailEvent.html)
+
+The mapping from the Access Audit Trail Event Resource to the Data Elements is as follows:
+* [Mapping for Access Audit Trail Event Profile](StructureDefinition-AccessAuditTrailEvent-mappings.html#mappings-for-ch-atc-https-www-bag-admin-ch-bag-en-home-html)
+
+
+#### Example
+
+{:class="table table-bordered"}
+| Event | Access Audit Trail |
+| Patient | Jakob Wieder-Gesund |
+| Timestamp | 22.09.2020 10:47 |
+| Participant | Jakob Wieder-Gesund |
+
+_Table 12: Example Log Access (atc-log-read)_
+
+* Example for Access Audit Trail Event Profile: [XML](AuditEvent-atc-log-read.xml.html), [JSON](AuditEvent-atc-log-read.json.html)
+
+
+### HPD Group Entry Audit Event Content Profile
+
+This content profile describe the Audit Event related to the entry of a healthcare professional into a HPD group for which the patient is notified. The following Data Elements shall be provided:
+
+{:class="table table-bordered"}
+
+
+
+
+
Data Element
+
+
+
Description
+
+
+
Property/Value
+
+
+
+
+
Event Type
+
+
+
Patient notified of Healthcare Professionals added to a group
+
+
+
+
+
Event Date and Time
+
+
+
+
+
+
UTC
+
+
+
+
+
Notification Service
+
+
+
+
+
+
Name
+
+
+
+
+
Patient
+
+
+
Notified patient
+
+
+
EPR-SPID
+
+
+
+
+
Healthcare Professionals
+
+
+
Healthcare professionals
+
+
+
Name GLN
+
+
+
+
+
Group
+
+
+
Group where Healthcare Professionals are added as members
+
+