Seiteninhalt:
Die Query API: AuditEvent ermöglicht den Abruf protokollierter Ereignisse und Zugriffe auf das Aktenkonto eines Versicherten im ePA-Aktensystem.
Das ePA-FdV oder das ePA-Client-System einer Ombudsstelle nehmen Einsicht in die Protokolldaten zum Zwecke der Datenschutzkontrolle für den Akteninhaber.
Die Nachricht zum Abruf von Protkolldaten wird als HTTP GET-Anfrage an den Audit Event Service gesendet, um eine Liste von Audit-Ereignislisten abzurufen.
Wenn das ePA-FdV oder ePA-Client-System eine Suche über protokollierte Ereignisse und ePA-Zugriffe durchführen und dazu die korrespondierenden AuditEvent-Ressourcen ermitteln möchte, sendet es eine Query API: AuditEvent-Nachricht an den Audit Event Service.
Anfragen an die AuditEvent-Ressource werden über die RESTful API mittels HTTP GET-Anfragen durchgeführt werden. Dabei können spezifische Suchparameter genutzt werden, um die Anfragen zu verfeinern.
Bei Anfragen an die Query API für die AuditEvent-Ressource wird die Antwort als ein FHIR Bundle des Typs searchset zurückgegeben. Dieses Bundle enthält eine Sammlung von Einträgen, die jeweils eine Instanz der AuditEvent-Ressource enthalten.
{"resourceType":"CapabilityStatement","id":"epa-audit-event-server","meta":{"profile":["https://gematik.de/fhir/ti/StructureDefinition/ti-capability-statement"]},"extension":[{"extension":[{"url":"name","valueString":"X-Request-ID"},{"url":"type","valueString":"string"},{"url":"description","valueString":"UUID of the request message"},{"url":"format","valueString":"uuid"},{"url":"required","valueBoolean":true}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-header"},{"extension":[{"url":"name","valueString":"x-insurantid"},{"url":"type","valueString":"string"},{"url":"description","valueString":"Health Record Identifier"},{"url":"pattern","valueString":"^[A-Z]{1}\\d{9}$"},{"url":"required","valueBoolean":true}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-header"},{"extension":[{"url":"name","valueString":"x-useragent"},{"url":"type","valueString":"string"},{"url":"description","valueString":"user agent information"},{"url":"pattern","valueString":"^[a-zA-Z0-9]{20}\\/[a-zA-Z0-9\\-\\.]{1,15}$"},{"url":"required","valueBoolean":true}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-header"},{"extension":[{"url":"statusCode","valueString":"403"},{"url":"description","valueString":"Requestor not authorized (no user session with valid ID-Token available)"},{"url":"responseType","valueString":"application/json"},{"url":"errorCode","valueString":"invalAuth"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"403"},{"url":"description","valueString":"Requestor has no valid entitlement"},{"url":"responseType","valueString":"application/json"},{"url":"errorCode","valueString":"notEntitled"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"403"},{"url":"description","valueString":"Requestor role is not in the list of allowed user groups"},{"url":"responseType","valueString":"application/json"},{"url":"errorCode","valueString":"invalidOid"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"403"},{"url":"description","valueString":"Device registration does not exist (if requestor role is oid_versicherter only)"},{"url":"responseType","valueString":"application/json"},{"url":"errorCode","valueString":"unregisteredDevice"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"404"},{"url":"description","valueString":"Health record is in state UNKNOWN or INITIALIZED"},{"url":"responseType","valueString":"application/json"},{"url":"errorCode","valueString":"noHealthRecord"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"409"},{"url":"description","valueString":"Health record is in state SUSPENDED or MAINTENANCE"},{"url":"responseType","valueString":"application/json"},{"url":"errorCode","valueString":"statusMismatch"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"500"},{"url":"description","valueString":"Any other error"},{"url":"responseType","valueString":"application/json"},{"url":"errorCode","valueString":"internalError"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-base-url","valueString":"http://epa4all/epa/audit/api/v1/fhir"}],"url":"https://gematik.de/fhir/epa/CapabilityStatement/epa-audit-event-server","version":"1.2.0-ballot.1","name":"EPAAuditEventServer","title":"EPA Capability Statement für den Audit Event Service","status":"draft","date":"2025-08-01","publisher":"gematik GmbH","contact":[{"telecom":[{"system":"url","value":"https://www.gematik.de"}]}],"description":"EPA Capability Statement für den Audit Event Service","jurisdiction":[{"coding":[{"system":"urn:iso:std:iso:3166","code":"DE"}]}],"kind":"requirements","imports":["https://gematik.de/fhir/epa/CapabilityStatement/epa-basic-server"],"_imports":[{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}]}],"fhirVersion":"4.0.1","format":["application/fhir+json","application/fhir+xml"],"rest":[{"mode":"server","resource":[{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"type":"AuditEvent","profile":"https://gematik.de/fhir/epa/StructureDefinition/epa-auditevent","_profile":{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}]},"supportedProfile":["https://gematik.de/fhir/epa/StructureDefinition/epa-auditevent"],"_supportedProfile":[{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}]}],"interaction":[{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"},{"extension":[{"url":"statusCode","valueString":"200"},{"url":"description","valueString":"Successful operation"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"400"},{"url":"description","valueString":"Unknown search parameter"},{"url":"responseType","valueString":"TIOperationOutcome"},{"url":"errorCode","valueString":"MSG_PARAM_UNKNOWN"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"400"},{"url":"description","valueString":"Invalid query parameter(s)"},{"url":"responseType","valueString":"TIOperationOutcome"},{"url":"errorCode","valueString":"MSG_BAD_SYNTAX"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"400"},{"url":"description","valueString":"Invalid request"},{"url":"responseType","valueString":"TIOperationOutcome"},{"url":"errorCode","valueString":"MSG_BAD_FORMAT"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"404"},{"url":"description","valueString":"Unknown resource type"},{"url":"responseType","valueString":"TIOperationOutcome"},{"url":"errorCode","valueString":"MSG_UNKNOWN_TYPE"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"}],"code":"search-type"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"},{"extension":[{"url":"statusCode","valueString":"200"},{"url":"description","valueString":"Successful operation"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"400"},{"url":"description","valueString":"Invalid request"},{"url":"responseType","valueString":"TIOperationOutcome"},{"url":"errorCode","valueString":"MSG_BAD_FORMAT"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"404"},{"url":"description","valueString":"Unknown resource type"},{"url":"responseType","valueString":"TIOperationOutcome"},{"url":"errorCode","valueString":"MSG_UNKNOWN_TYPE"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"404"},{"url":"description","valueString":"Resource is not known"},{"url":"responseType","valueString":"TIOperationOutcome"},{"url":"errorCode","valueString":"MSG_RESOURCE_ID_FAIL"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"}],"code":"read"}],"searchParam":[{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"_id","definition":"http://hl7.org/fhir/SearchParameter/Resource-id","type":"token","documentation":"Resource.id"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"_lastUpdated","definition":"http://hl7.org/fhir/SearchParameter/Resource-lastUpdated","type":"date","documentation":"Resource.meta.lastUpdated"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"action","definition":"http://hl7.org/fhir/SearchParameter/AuditEvent-action","type":"token","documentation":"AuditEvent.action"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"altid","definition":"http://hl7.org/fhir/SearchParameter/AuditEvent-altid","type":"token","documentation":"AuditEvent.agent.altId"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"date","definition":"http://hl7.org/fhir/SearchParameter/AuditEvent-date","type":"date","documentation":"AuditEvent.recorded"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"outcome","definition":"http://hl7.org/fhir/SearchParameter/AuditEvent-outcome","type":"token","documentation":"AuditEvent.outcome"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"entity-name","definition":"http://hl7.org/fhir/SearchParameter/AuditEvent-entity-name","type":"string","documentation":"AuditEvent.entity.name"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"agent-name","definition":"http://hl7.org/fhir/SearchParameter/AuditEvent-agent-name","type":"string","documentation":"AuditEvent.agent.name"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"type","definition":"http://hl7.org/fhir/SearchParameter/AuditEvent-type","type":"token","documentation":"AuditEvent.type"}]}]}]}
<Bundle xmlns="http://hl7.org/fhir">
<id value="example-searchset-audit-event"/>
<type value="searchset"/>
<total value="100"/>
<link>
<relation value="self"/>
<url value="/epa/audit/api/v1/fhir/AuditEvent?_offset=20&_count=10"/>
</link>
<link>
<relation value="previous"/>
<url value="/epa/audit/api/v1/fhir/AuditEvent?_offset=10&_count=10"/>
</link>
<link>
<relation value="next"/>
<url value="/epa/audit/api/v1/fhir/AuditEvent?_offset=30&_count=10"/>
</link>
<entry>
<fullUrl
value="http://epa4all/epa/AuditEvent/api/v1/fhir/AuditEvent/669699b2-f131-4097-b13d-71413a58aa92"/>
<resource>
<AuditEvent>
<id value="669699b2-f131-4097-b13d-71413a58aa92"/>
<meta>
<versionId value="1"/>
<lastUpdated value="2025-01-15T14:43:33.244Z"/>
<profile
value="https://gematik.de/fhir/epa/StructureDefinition/epa-auditevent"/>
</meta>
<type>
<system
value="http://terminology.hl7.org/CodeSystem/audit-event-type"/>
<code value="rest"/>
</type>
<action value="E"/>
<recorded value="2025-01-15T14:52:04.928Z"/>
<outcome value="0"/>
<agent>
<type>
<coding>
<system value="http://dicom.nema.org/resources/ontology/DCM"/>
<code value="110150"/>
<display value="Application"/>
</coding>
</type>
<who>
<identifier>
<system value="https://gematik.de/fhir/sid/telematik-id"/>
<value value="1-000000000000000"/>
</identifier>
</who>
<altId value="1-000000000000000"/>
<name value="E-Rezept-Fachdienst"/>
<requestor value="true"/>
</agent>
<source>
<observer>
<display value="Elektronische Patientenakte Fachdienst"/>
</observer>
<type>
<system
value="https://gematik.de/fhir/epa/CodeSystem/epa-auditevent-sourcetype-cs"/>
<code value="MEDICATIONSVC"/>
<display value="Medication Service"/>
</type>
</source>
<entity>
<name value="MedicationCancelDispensation"/>
<description value="operation:cancel-dispensation-erp"/>
</entity>
</AuditEvent>
</resource>
<search>
<mode value="match"/>
</search>
</entry>
<entry>
<fullUrl
value="http://epa4all/epa/AuditEvent/api/v1/fhir/AuditEvent/589b9862-7935-42f5-a06b-11a6f35833ee"/>
<resource>
<AuditEvent>
<id value="589b9862-7935-42f5-a06b-11a6f35833ee"/>
<meta>
<versionId value="1"/>
<lastUpdated value="2025-07-15T14:43:33.244Z"/>
<profile
value="https://gematik.de/fhir/epa/StructureDefinition/epa-auditevent"/>
</meta>
<type>
<system
value="http://terminology.hl7.org/CodeSystem/audit-event-type"/>
<code value="rest"/>
</type>
<action value="R"/>
<recorded value="2025-07-15T14:52:04.928Z"/>
<outcome value="0"/>
<agent>
<type>
<coding>
<system value="http://dicom.nema.org/resources/ontology/DCM"/>
<code value="110150"/>
<display value="Application"/>
</coding>
</type>
<who>
<identifier>
<system value="https://gematik.de/fhir/sid/telematik-id"/>
<value value="1-000000000000000"/>
</identifier>
</who>
<altId value="1-000000000000000"/>
<name value="Portugal"/>
<requestor value="true"/>
</agent>
<agent>
<extension
url="https://gematik.de/fhir/epa/StructureDefinition/epa-healthcare-facility-type-extension">
<valueCoding>
<system value="urn:oid:2.16.840.1.113883.2.9.6.2.7"/>
<code value="221"/>
<display value="Medical Doctors"/>
</valueCoding>
</extension>
<type>
<coding>
<system
value="http://terminology.hl7.org/CodeSystem/v3-RoleClass"/>
<code value="PROV"/>
<display value="healthcare provider"/>
</coding>
</type>
<role>
<coding>
<system value="urn:oid:1.3.6.1.4.1.12559.11.10.1.3.2.2.2"/>
<code value="Resident Physician"/>
<display value="Resident Physician"/>
</coding>
</role>
<name value="Dr. Manuel Dos Santos / Clínica de Dos Santos"/>
<requestor value="true"/>
</agent>
<source>
<observer>
<display value="Elektronische Patientenakte Fachdienst"/>
</observer>
<type>
<system
value="https://gematik.de/fhir/epa/CodeSystem/epa-auditevent-sourcetype-cs"/>
<code value="XDSSVC"/>
<display value="XDS Document Service"/>
</type>
</source>
<entity>
<name value="Patient Summary"/>
<description value="operation:retrieve-document-set"/>
</entity>
</AuditEvent>
</resource>
<search>
<mode value="match"/>
</search>
</entry>
</Bundle>{
"resourceType" : "Bundle",
"id" : "example-searchset-audit-event",
"type" : "searchset",
"total" : 100,
"link" : [
{
"relation" : "self",
"url" : "/epa/audit/api/v1/fhir/AuditEvent?_offset=20&_count=10"
},
{
"relation" : "previous",
"url" : "/epa/audit/api/v1/fhir/AuditEvent?_offset=10&_count=10"
},
{
"relation" : "next",
"url" : "/epa/audit/api/v1/fhir/AuditEvent?_offset=30&_count=10"
}
],
"entry" : [
{
"fullUrl" : "http://epa4all/epa/AuditEvent/api/v1/fhir/AuditEvent/669699b2-f131-4097-b13d-71413a58aa92",
"resource" : {
"resourceType" : "AuditEvent",
"id" : "669699b2-f131-4097-b13d-71413a58aa92",
"meta" : {
"versionId" : "1",
"lastUpdated" : "2025-01-15T14:43:33.244Z",
"profile" : [
🔗 "https://gematik.de/fhir/epa/StructureDefinition/epa-auditevent"
]
},
"type" : {
"system" : "http://terminology.hl7.org/CodeSystem/audit-event-type",
"code" : "rest"
},
"action" : "E",
"recorded" : "2025-01-15T14:52:04.928Z",
"outcome" : "0",
"agent" : [
{
"type" : {
"coding" : [
{
"system" : "http://dicom.nema.org/resources/ontology/DCM",
"code" : "110150",
"display" : "Application"
}
]
},
"who" : {
"identifier" : {
"system" : "https://gematik.de/fhir/sid/telematik-id",
"value" : "1-000000000000000"
}
},
"altId" : "1-000000000000000",
"name" : "E-Rezept-Fachdienst",
"requestor" : true
}
],
"source" : {
"observer" : {
"display" : "Elektronische Patientenakte Fachdienst"
},
"type" : [
{
"system" : "https://gematik.de/fhir/epa/CodeSystem/epa-auditevent-sourcetype-cs",
"code" : "MEDICATIONSVC",
"display" : "Medication Service"
}
]
},
"entity" : [
{
"name" : "MedicationCancelDispensation",
"description" : "operation:cancel-dispensation-erp"
}
]
},
"search" : {
"mode" : "match"
}
},
{
"fullUrl" : "http://epa4all/epa/AuditEvent/api/v1/fhir/AuditEvent/589b9862-7935-42f5-a06b-11a6f35833ee",
"resource" : {
"resourceType" : "AuditEvent",
"id" : "589b9862-7935-42f5-a06b-11a6f35833ee",
"meta" : {
"versionId" : "1",
"lastUpdated" : "2025-07-15T14:43:33.244Z",
"profile" : [
🔗 "https://gematik.de/fhir/epa/StructureDefinition/epa-auditevent"
]
},
"type" : {
"system" : "http://terminology.hl7.org/CodeSystem/audit-event-type",
"code" : "rest"
},
"action" : "R",
"recorded" : "2025-07-15T14:52:04.928Z",
"outcome" : "0",
"agent" : [
{
"type" : {
"coding" : [
{
"system" : "http://dicom.nema.org/resources/ontology/DCM",
"code" : "110150",
"display" : "Application"
}
]
},
"who" : {
"identifier" : {
"system" : "https://gematik.de/fhir/sid/telematik-id",
"value" : "1-000000000000000"
}
},
"altId" : "1-000000000000000",
"name" : "Portugal",
"requestor" : true
},
{
"extension" : [
{
"url" : "https://gematik.de/fhir/epa/StructureDefinition/epa-healthcare-facility-type-extension",
"valueCoding" : {
"system" : "urn:oid:2.16.840.1.113883.2.9.6.2.7",
"code" : "221",
"display" : "Medical Doctors"
}
}
],
"type" : {
"coding" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-RoleClass",
"code" : "PROV",
"display" : "healthcare provider"
}
]
},
"role" : [
{
"coding" : [
{
"system" : "urn:oid:1.3.6.1.4.1.12559.11.10.1.3.2.2.2",
"code" : "Resident Physician",
"display" : "Resident Physician"
}
]
}
],
"name" : "Dr. Manuel Dos Santos / Clínica de Dos Santos",
"requestor" : true
}
],
"source" : {
"observer" : {
"display" : "Elektronische Patientenakte Fachdienst"
},
"type" : [
{
"system" : "https://gematik.de/fhir/epa/CodeSystem/epa-auditevent-sourcetype-cs",
"code" : "XDSSVC",
"display" : "XDS Document Service"
}
]
},
"entity" : [
{
"name" : "Patient Summary",
"description" : "operation:retrieve-document-set"
}
]
},
"search" : {
"mode" : "match"
}
}
]
}Um spezifische Details zu einem einzelnen Ereignis mittels der RESTful API zu erhalten, wird die AuditEvent Instance API verwendet, indem eine HTTP GET-Anfrage an den Endpunkt /AuditEvent/[id] gestellt wird.
{"resourceType":"CapabilityStatement","id":"epa-audit-event-server","meta":{"profile":["https://gematik.de/fhir/ti/StructureDefinition/ti-capability-statement"]},"extension":[{"extension":[{"url":"name","valueString":"X-Request-ID"},{"url":"type","valueString":"string"},{"url":"description","valueString":"UUID of the request message"},{"url":"format","valueString":"uuid"},{"url":"required","valueBoolean":true}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-header"},{"extension":[{"url":"name","valueString":"x-insurantid"},{"url":"type","valueString":"string"},{"url":"description","valueString":"Health Record Identifier"},{"url":"pattern","valueString":"^[A-Z]{1}\\d{9}$"},{"url":"required","valueBoolean":true}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-header"},{"extension":[{"url":"name","valueString":"x-useragent"},{"url":"type","valueString":"string"},{"url":"description","valueString":"user agent information"},{"url":"pattern","valueString":"^[a-zA-Z0-9]{20}\\/[a-zA-Z0-9\\-\\.]{1,15}$"},{"url":"required","valueBoolean":true}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-header"},{"extension":[{"url":"statusCode","valueString":"403"},{"url":"description","valueString":"Requestor not authorized (no user session with valid ID-Token available)"},{"url":"responseType","valueString":"application/json"},{"url":"errorCode","valueString":"invalAuth"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"403"},{"url":"description","valueString":"Requestor has no valid entitlement"},{"url":"responseType","valueString":"application/json"},{"url":"errorCode","valueString":"notEntitled"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"403"},{"url":"description","valueString":"Requestor role is not in the list of allowed user groups"},{"url":"responseType","valueString":"application/json"},{"url":"errorCode","valueString":"invalidOid"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"403"},{"url":"description","valueString":"Device registration does not exist (if requestor role is oid_versicherter only)"},{"url":"responseType","valueString":"application/json"},{"url":"errorCode","valueString":"unregisteredDevice"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"404"},{"url":"description","valueString":"Health record is in state UNKNOWN or INITIALIZED"},{"url":"responseType","valueString":"application/json"},{"url":"errorCode","valueString":"noHealthRecord"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"409"},{"url":"description","valueString":"Health record is in state SUSPENDED or MAINTENANCE"},{"url":"responseType","valueString":"application/json"},{"url":"errorCode","valueString":"statusMismatch"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"500"},{"url":"description","valueString":"Any other error"},{"url":"responseType","valueString":"application/json"},{"url":"errorCode","valueString":"internalError"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-base-url","valueString":"http://epa4all/epa/audit/api/v1/fhir"}],"url":"https://gematik.de/fhir/epa/CapabilityStatement/epa-audit-event-server","version":"1.2.0-ballot.1","name":"EPAAuditEventServer","title":"EPA Capability Statement für den Audit Event Service","status":"draft","date":"2025-08-01","publisher":"gematik GmbH","contact":[{"telecom":[{"system":"url","value":"https://www.gematik.de"}]}],"description":"EPA Capability Statement für den Audit Event Service","jurisdiction":[{"coding":[{"system":"urn:iso:std:iso:3166","code":"DE"}]}],"kind":"requirements","imports":["https://gematik.de/fhir/epa/CapabilityStatement/epa-basic-server"],"_imports":[{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}]}],"fhirVersion":"4.0.1","format":["application/fhir+json","application/fhir+xml"],"rest":[{"mode":"server","resource":[{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"type":"AuditEvent","profile":"https://gematik.de/fhir/epa/StructureDefinition/epa-auditevent","_profile":{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}]},"supportedProfile":["https://gematik.de/fhir/epa/StructureDefinition/epa-auditevent"],"_supportedProfile":[{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}]}],"interaction":[{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"},{"extension":[{"url":"statusCode","valueString":"200"},{"url":"description","valueString":"Successful operation"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"400"},{"url":"description","valueString":"Unknown search parameter"},{"url":"responseType","valueString":"TIOperationOutcome"},{"url":"errorCode","valueString":"MSG_PARAM_UNKNOWN"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"400"},{"url":"description","valueString":"Invalid query parameter(s)"},{"url":"responseType","valueString":"TIOperationOutcome"},{"url":"errorCode","valueString":"MSG_BAD_SYNTAX"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"400"},{"url":"description","valueString":"Invalid request"},{"url":"responseType","valueString":"TIOperationOutcome"},{"url":"errorCode","valueString":"MSG_BAD_FORMAT"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"404"},{"url":"description","valueString":"Unknown resource type"},{"url":"responseType","valueString":"TIOperationOutcome"},{"url":"errorCode","valueString":"MSG_UNKNOWN_TYPE"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"}],"code":"search-type"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"},{"extension":[{"url":"statusCode","valueString":"200"},{"url":"description","valueString":"Successful operation"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"400"},{"url":"description","valueString":"Invalid request"},{"url":"responseType","valueString":"TIOperationOutcome"},{"url":"errorCode","valueString":"MSG_BAD_FORMAT"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"404"},{"url":"description","valueString":"Unknown resource type"},{"url":"responseType","valueString":"TIOperationOutcome"},{"url":"errorCode","valueString":"MSG_UNKNOWN_TYPE"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"404"},{"url":"description","valueString":"Resource is not known"},{"url":"responseType","valueString":"TIOperationOutcome"},{"url":"errorCode","valueString":"MSG_RESOURCE_ID_FAIL"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"}],"code":"read"}],"searchParam":[{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"_id","definition":"http://hl7.org/fhir/SearchParameter/Resource-id","type":"token","documentation":"Resource.id"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"_lastUpdated","definition":"http://hl7.org/fhir/SearchParameter/Resource-lastUpdated","type":"date","documentation":"Resource.meta.lastUpdated"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"action","definition":"http://hl7.org/fhir/SearchParameter/AuditEvent-action","type":"token","documentation":"AuditEvent.action"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"altid","definition":"http://hl7.org/fhir/SearchParameter/AuditEvent-altid","type":"token","documentation":"AuditEvent.agent.altId"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"date","definition":"http://hl7.org/fhir/SearchParameter/AuditEvent-date","type":"date","documentation":"AuditEvent.recorded"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"outcome","definition":"http://hl7.org/fhir/SearchParameter/AuditEvent-outcome","type":"token","documentation":"AuditEvent.outcome"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"entity-name","definition":"http://hl7.org/fhir/SearchParameter/AuditEvent-entity-name","type":"string","documentation":"AuditEvent.entity.name"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"agent-name","definition":"http://hl7.org/fhir/SearchParameter/AuditEvent-agent-name","type":"string","documentation":"AuditEvent.agent.name"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"type","definition":"http://hl7.org/fhir/SearchParameter/AuditEvent-type","type":"token","documentation":"AuditEvent.type"}]}]}]}
Der Audit Event Service verarbeitet die Anfrage, um die AuditEvent-Einträge zu ermitteln, die den angegebenen Suchparametern entsprechen. Darüber hinaus gibt er einen zur Verarbeitung passenden HTTP Status Code sowie ein FHIR Bundle der passenden AuditEvent-Ressourcen zurück.
Generelle Sicherheitsanforderungen werden hier festgehalten.
Die Protokollierung erfolgt über den Audit Event Service. Weitere Anforderungen sind [gemSpec_Aktensystem_ePAfueralle#Protokollierung] zu entnehmen.