Seiteninhalt:
Die Query API: AuditEvent ermöglicht den Abruf protokollierter Ereignisse und Zugriffe auf das Aktenkonto eines Versicherten im ePA-Aktensystem.
Das ePA-FdV oder das ePA-Client-System einer Ombudsstelle nehmen Einsicht in die Protokolldaten zum Zwecke der Datenschutzkontrolle für den Akteninhaber.
Die Nachricht zum Abruf von Protkolldaten wird als HTTP GET-Anfrage an den Audit Event Service gesendet, um eine Liste von Audit-Ereignislisten abzurufen.
Wenn das ePA-FdV oder ePA-Client-System eine Suche über protokollierte Ereignisse und ePA-Zugriffe durchführen und dazu die korrespondierenden AuditEvent-Ressourcen ermitteln möchte, sendet es eine Query API: AuditEvent-Nachricht an den Audit Event Service.
Anfragen an die AuditEvent-Ressource werden über die RESTful API mittels HTTP GET-Anfragen durchgeführt werden. Dabei können spezifische Suchparameter genutzt werden, um die Anfragen zu verfeinern.
Bei Anfragen an die Query API für die AuditEvent-Ressource wird die Antwort als ein FHIR Bundle des Typs searchset zurückgegeben. Dieses Bundle enthält eine Sammlung von Einträgen, die jeweils eine Instanz der AuditEvent-Ressource enthalten.
{"resourceType":"CapabilityStatement","id":"epa-audit-event-server","meta":{"profile":["https://gematik.de/fhir/ti/StructureDefinition/ti-capability-statement"]},"extension":[{"extension":[{"url":"name","valueString":"X-Request-ID"},{"url":"type","valueString":"string"},{"url":"description","valueString":"UUID of the request message"},{"url":"format","valueString":"uuid"},{"url":"required","valueBoolean":true}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-header"},{"extension":[{"url":"name","valueString":"x-insurantid"},{"url":"type","valueString":"string"},{"url":"description","valueString":"Health Record Identifier"},{"url":"pattern","valueString":"^[A-Z]{1}\\d{9}$"},{"url":"required","valueBoolean":true}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-header"},{"extension":[{"url":"name","valueString":"x-useragent"},{"url":"type","valueString":"string"},{"url":"description","valueString":"user agent information"},{"url":"pattern","valueString":"^[a-zA-Z0-9]{20}\\/[a-zA-Z0-9\\-\\.]{1,15}$"},{"url":"required","valueBoolean":true}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-header"},{"extension":[{"url":"statusCode","valueString":"403"},{"url":"description","valueString":"Requestor not authorized (no user session with valid ID-Token available)"},{"url":"responseType","valueString":"application/json"},{"url":"errorCode","valueString":"invalAuth"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"403"},{"url":"description","valueString":"Requestor has no valid entitlement"},{"url":"responseType","valueString":"application/json"},{"url":"errorCode","valueString":"notEntitled"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"403"},{"url":"description","valueString":"Requestor role is not in the list of allowed user groups"},{"url":"responseType","valueString":"application/json"},{"url":"errorCode","valueString":"invalidOid"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"403"},{"url":"description","valueString":"Device registration does not exist (if requestor role is oid_versicherter only)"},{"url":"responseType","valueString":"application/json"},{"url":"errorCode","valueString":"unregisteredDevice"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"404"},{"url":"description","valueString":"Health record is in state UNKNOWN or INITIALIZED"},{"url":"responseType","valueString":"application/json"},{"url":"errorCode","valueString":"noHealthRecord"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"409"},{"url":"description","valueString":"Request conflicts with the current state of the health record"},{"url":"responseType","valueString":"application/json"},{"url":"errorCode","valueString":"statusMismatch"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"500"},{"url":"description","valueString":"Any other error"},{"url":"responseType","valueString":"application/json"},{"url":"errorCode","valueString":"internalError"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-base-url","valueString":"http://epa4all/epa/audit/api/v1/fhir"}],"url":"https://gematik.de/fhir/epa/CapabilityStatement/epa-audit-event-server","version":"1.3.0","name":"EPAAuditEventServer","title":"EPA Capability Statement für den Audit Event Service","status":"active","date":"2025-12-15","publisher":"gematik GmbH","contact":[{"telecom":[{"system":"url","value":"https://www.gematik.de"}]}],"description":"EPA Capability Statement für den Audit Event Service","jurisdiction":[{"coding":[{"system":"urn:iso:std:iso:3166","code":"DE"}]}],"copyright":"gematik GmbH / Dieser Implementation Guide ist lizenziert unter [Apache License](./license.html), Version 2.0.","kind":"requirements","imports":["https://gematik.de/fhir/epa/CapabilityStatement/epa-basic-server"],"_imports":[{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}]}],"fhirVersion":"4.0.1","format":["application/fhir+json","application/fhir+xml"],"rest":[{"mode":"server","resource":[{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"type":"AuditEvent","profile":"https://gematik.de/fhir/epa/StructureDefinition/epa-auditevent","_profile":{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}]},"supportedProfile":["https://gematik.de/fhir/epa/StructureDefinition/epa-auditevent"],"_supportedProfile":[{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}]}],"interaction":[{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"},{"extension":[{"url":"statusCode","valueString":"200"},{"url":"description","valueString":"Successful operation"},{"url":"responseType","valueString":"Bundle"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"400"},{"url":"description","valueString":"Unknown search parameter"},{"url":"responseType","valueString":"TIOperationOutcome"},{"url":"errorCode","valueString":"MSG_PARAM_UNKNOWN"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"400"},{"url":"description","valueString":"Invalid query parameter(s)"},{"url":"responseType","valueString":"TIOperationOutcome"},{"url":"errorCode","valueString":"MSG_BAD_SYNTAX"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"400"},{"url":"description","valueString":"Invalid request"},{"url":"responseType","valueString":"TIOperationOutcome"},{"url":"errorCode","valueString":"MSG_BAD_FORMAT"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"404"},{"url":"description","valueString":"Unknown resource type"},{"url":"responseType","valueString":"TIOperationOutcome"},{"url":"errorCode","valueString":"MSG_UNKNOWN_TYPE"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"}],"code":"search-type"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"},{"extension":[{"url":"statusCode","valueString":"200"},{"url":"description","valueString":"Successful operation"},{"url":"responseType","valueString":"EPAAuditEvent"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"400"},{"url":"description","valueString":"Invalid request"},{"url":"responseType","valueString":"TIOperationOutcome"},{"url":"errorCode","valueString":"MSG_BAD_FORMAT"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"404"},{"url":"description","valueString":"Unknown resource type"},{"url":"responseType","valueString":"TIOperationOutcome"},{"url":"errorCode","valueString":"MSG_UNKNOWN_TYPE"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"404"},{"url":"description","valueString":"Resource is not known"},{"url":"responseType","valueString":"TIOperationOutcome"},{"url":"errorCode","valueString":"MSG_RESOURCE_ID_FAIL"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"}],"code":"read"}],"searchParam":[{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"_id","definition":"http://hl7.org/fhir/SearchParameter/Resource-id","type":"token","documentation":"Resource.id"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"_lastUpdated","definition":"http://hl7.org/fhir/SearchParameter/Resource-lastUpdated","type":"date","documentation":"Resource.meta.lastUpdated"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"action","definition":"http://hl7.org/fhir/SearchParameter/AuditEvent-action","type":"token","documentation":"AuditEvent.action"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"altid","definition":"http://hl7.org/fhir/SearchParameter/AuditEvent-altid","type":"token","documentation":"AuditEvent.agent.altId"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"date","definition":"http://hl7.org/fhir/SearchParameter/AuditEvent-date","type":"date","documentation":"AuditEvent.recorded"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"outcome","definition":"http://hl7.org/fhir/SearchParameter/AuditEvent-outcome","type":"token","documentation":"AuditEvent.outcome"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"entity-name","definition":"http://hl7.org/fhir/SearchParameter/AuditEvent-entity-name","type":"string","documentation":"AuditEvent.entity.name"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"agent-name","definition":"http://hl7.org/fhir/SearchParameter/AuditEvent-agent-name","type":"string","documentation":"AuditEvent.agent.name"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"type","definition":"http://hl7.org/fhir/SearchParameter/AuditEvent-type","type":"token","documentation":"AuditEvent.type"}]}]}]}
<Bundle xmlns="http://hl7.org/fhir">
<id value="example-searchset-audit-event"/>
<type value="searchset"/>
<total value="100"/>
<link>
<relation value="self"/>
<url value="/epa/audit/api/v1/fhir/AuditEvent?_offset=20&_count=10"/>
</link>
<link>
<relation value="previous"/>
<url value="/epa/audit/api/v1/fhir/AuditEvent?_offset=10&_count=10"/>
</link>
<link>
<relation value="next"/>
<url value="/epa/audit/api/v1/fhir/AuditEvent?_offset=30&_count=10"/>
</link>
<entry>
<fullUrl
value="http://epa4all/epa/AuditEvent/api/v1/fhir/AuditEvent/669699b2-f131-4097-b13d-71413a58aa92"/>
<resource>
<AuditEvent>
<id value="669699b2-f131-4097-b13d-71413a58aa92"/>
<meta>
<versionId value="1"/>
<lastUpdated value="2025-01-15T14:43:33.244Z"/>
<profile
value="https://gematik.de/fhir/epa/StructureDefinition/epa-auditevent|1.3.0"/>
</meta>
<type>
<system
value="http://terminology.hl7.org/CodeSystem/audit-event-type"/>
<code value="rest"/>
</type>
<action value="E"/>
<recorded value="2025-01-15T14:52:04.928Z"/>
<outcome value="0"/>
<agent>
<type>
<coding>
<system value="http://dicom.nema.org/resources/ontology/DCM"/>
<code value="110150"/>
<display value="Application"/>
</coding>
</type>
<who>
<identifier>
<system value="https://gematik.de/fhir/sid/telematik-id"/>
<value value="1-000000000000000"/>
</identifier>
</who>
<altId value="1-000000000000000"/>
<name value="E-Rezept-Fachdienst"/>
<requestor value="true"/>
</agent>
<source>
<observer>
<display value="Elektronische Patientenakte Fachdienst"/>
</observer>
<type>
<system
value="https://gematik.de/fhir/epa/CodeSystem/epa-auditevent-sourcetype-cs"/>
<code value="MEDICATIONSVC"/>
<display value="Medication Service"/>
</type>
</source>
<entity>
<name value="Medication Service"/>
<description value="cancelDispensation_MedicationSvc"/>
</entity>
</AuditEvent>
</resource>
<search>
<mode value="match"/>
</search>
</entry>
<entry>
<fullUrl
value="http://epa4all/epa/AuditEvent/api/v1/fhir/AuditEvent/589b9862-7935-42f5-a06b-11a6f35833ee"/>
<resource>
<AuditEvent>
<id value="589b9862-7935-42f5-a06b-11a6f35833ee"/>
<meta>
<versionId value="1"/>
<lastUpdated value="2026-11-02T12:05:13.117Z"/>
<profile
value="https://gematik.de/fhir/epa/StructureDefinition/epa-auditevent|1.3.0"/>
</meta>
<type>
<system
value="http://terminology.hl7.org/CodeSystem/audit-event-type"/>
<code value="document"/>
</type>
<action value="R"/>
<recorded value="2026-11-02T12:05:13.117Z"/>
<outcome value="0"/>
<agent>
<type>
<coding>
<system value="http://dicom.nema.org/resources/ontology/DCM"/>
<code value="110150"/>
<display value="Application"/>
</coding>
</type>
<who>
<identifier>
<system value="https://gematik.de/fhir/sid/telematik-id"/>
<value value="9-000000000000000"/>
</identifier>
</who>
<altId value="9-000000000000000"/>
<name value="Portugal"/>
<requestor value="true"/>
</agent>
<agent>
<extension
url="https://gematik.de/fhir/epa/StructureDefinition/epa-healthcare-facility-type-extension">
<valueCoding>
<system value="urn:oid:2.16.840.1.113883.2.9.6.2.7"/>
<code value="221"/>
<display value="Medical Doctors"/>
</valueCoding>
</extension>
<type>
<coding>
<system
value="http://terminology.hl7.org/CodeSystem/v3-RoleClass"/>
<code value="PROV"/>
<display value="healthcare provider"/>
</coding>
</type>
<role>
<coding>
<system value="urn:oid:1.3.6.1.4.1.12559.11.10.1.3.2.2.2"/>
<code value="Resident Physician"/>
<display value="Resident Physician"/>
</coding>
</role>
<name value="Dr. Manuel Dos Santos / Clínica de Dos Santos"/>
<requestor value="true"/>
</agent>
<source>
<observer>
<display value="Elektronische Patientenakte Fachdienst"/>
</observer>
<type>
<system
value="https://gematik.de/fhir/epa/CodeSystem/epa-auditevent-sourcetype-cs"/>
<code value="XDSSVC"/>
<display value="XDS Document Service"/>
</type>
</source>
<entity>
<name value="XDS Document Service"/>
<description value="RetrieveDocumentSet"/>
<detail>
<type value="DocumentFormatCode"/>
<valueString value="urn:gematik:ig:pka:v1.0"/>
</detail>
<detail>
<type value="DocumentEntryTitle"/>
<valueString value="Patient Summary"/>
</detail>
<detail>
<type value="DocumentUniqueId"/>
<valueString value="e196c836-c8c3-47ae-9b9a-7124cbfef42f"/>
</detail>
</entity>
</AuditEvent>
</resource>
<search>
<mode value="match"/>
</search>
</entry>
</Bundle>{
"resourceType" : "Bundle",
"id" : "example-searchset-audit-event",
"type" : "searchset",
"total" : 100,
"link" : [
{
"relation" : "self",
"url" : "/epa/audit/api/v1/fhir/AuditEvent?_offset=20&_count=10"
},
{
"relation" : "previous",
"url" : "/epa/audit/api/v1/fhir/AuditEvent?_offset=10&_count=10"
},
{
"relation" : "next",
"url" : "/epa/audit/api/v1/fhir/AuditEvent?_offset=30&_count=10"
}
],
"entry" : [
{
"fullUrl" : "http://epa4all/epa/AuditEvent/api/v1/fhir/AuditEvent/669699b2-f131-4097-b13d-71413a58aa92",
"resource" : {
"resourceType" : "AuditEvent",
"id" : "669699b2-f131-4097-b13d-71413a58aa92",
"meta" : {
"versionId" : "1",
"lastUpdated" : "2025-01-15T14:43:33.244Z",
"profile" : [
🔗 "https://gematik.de/fhir/epa/StructureDefinition/epa-auditevent|1.3.0"
]
},
"type" : {
"system" : "http://terminology.hl7.org/CodeSystem/audit-event-type",
"code" : "rest"
},
"action" : "E",
"recorded" : "2025-01-15T14:52:04.928Z",
"outcome" : "0",
"agent" : [
{
"type" : {
"coding" : [
{
"system" : "http://dicom.nema.org/resources/ontology/DCM",
"code" : "110150",
"display" : "Application"
}
]
},
"who" : {
"identifier" : {
"system" : "https://gematik.de/fhir/sid/telematik-id",
"value" : "1-000000000000000"
}
},
"altId" : "1-000000000000000",
"name" : "E-Rezept-Fachdienst",
"requestor" : true
}
],
"source" : {
"observer" : {
"display" : "Elektronische Patientenakte Fachdienst"
},
"type" : [
{
"system" : "https://gematik.de/fhir/epa/CodeSystem/epa-auditevent-sourcetype-cs",
"code" : "MEDICATIONSVC",
"display" : "Medication Service"
}
]
},
"entity" : [
{
"name" : "Medication Service",
"description" : "cancelDispensation_MedicationSvc"
}
]
},
"search" : {
"mode" : "match"
}
},
{
"fullUrl" : "http://epa4all/epa/AuditEvent/api/v1/fhir/AuditEvent/589b9862-7935-42f5-a06b-11a6f35833ee",
"resource" : {
"resourceType" : "AuditEvent",
"id" : "589b9862-7935-42f5-a06b-11a6f35833ee",
"meta" : {
"versionId" : "1",
"lastUpdated" : "2026-11-02T12:05:13.117Z",
"profile" : [
🔗 "https://gematik.de/fhir/epa/StructureDefinition/epa-auditevent|1.3.0"
]
},
"type" : {
"system" : "http://terminology.hl7.org/CodeSystem/audit-event-type",
"code" : "document"
},
"action" : "R",
"recorded" : "2026-11-02T12:05:13.117Z",
"outcome" : "0",
"agent" : [
{
"type" : {
"coding" : [
{
"system" : "http://dicom.nema.org/resources/ontology/DCM",
"code" : "110150",
"display" : "Application"
}
]
},
"who" : {
"identifier" : {
"system" : "https://gematik.de/fhir/sid/telematik-id",
"value" : "9-000000000000000"
}
},
"altId" : "9-000000000000000",
"name" : "Portugal",
"requestor" : true
},
{
"extension" : [
{
"url" : "https://gematik.de/fhir/epa/StructureDefinition/epa-healthcare-facility-type-extension",
"valueCoding" : {
"system" : "urn:oid:2.16.840.1.113883.2.9.6.2.7",
"code" : "221",
"display" : "Medical Doctors"
}
}
],
"type" : {
"coding" : [
{
"system" : "http://terminology.hl7.org/CodeSystem/v3-RoleClass",
"code" : "PROV",
"display" : "healthcare provider"
}
]
},
"role" : [
{
"coding" : [
{
"system" : "urn:oid:1.3.6.1.4.1.12559.11.10.1.3.2.2.2",
"code" : "Resident Physician",
"display" : "Resident Physician"
}
]
}
],
"name" : "Dr. Manuel Dos Santos / Clínica de Dos Santos",
"requestor" : true
}
],
"source" : {
"observer" : {
"display" : "Elektronische Patientenakte Fachdienst"
},
"type" : [
{
"system" : "https://gematik.de/fhir/epa/CodeSystem/epa-auditevent-sourcetype-cs",
"code" : "XDSSVC",
"display" : "XDS Document Service"
}
]
},
"entity" : [
{
"name" : "XDS Document Service",
"description" : "RetrieveDocumentSet",
"detail" : [
{
"type" : "DocumentFormatCode",
"valueString" : "urn:gematik:ig:pka:v1.0"
},
{
"type" : "DocumentEntryTitle",
"valueString" : "Patient Summary"
},
{
"type" : "DocumentUniqueId",
"valueString" : "e196c836-c8c3-47ae-9b9a-7124cbfef42f"
}
]
}
]
},
"search" : {
"mode" : "match"
}
}
]
}Um spezifische Details zu einem einzelnen Ereignis mittels der RESTful API zu erhalten, wird die AuditEvent Instance API verwendet, indem eine HTTP GET-Anfrage an den Endpunkt /AuditEvent/[id] gestellt wird.
{"resourceType":"CapabilityStatement","id":"epa-audit-event-server","meta":{"profile":["https://gematik.de/fhir/ti/StructureDefinition/ti-capability-statement"]},"extension":[{"extension":[{"url":"name","valueString":"X-Request-ID"},{"url":"type","valueString":"string"},{"url":"description","valueString":"UUID of the request message"},{"url":"format","valueString":"uuid"},{"url":"required","valueBoolean":true}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-header"},{"extension":[{"url":"name","valueString":"x-insurantid"},{"url":"type","valueString":"string"},{"url":"description","valueString":"Health Record Identifier"},{"url":"pattern","valueString":"^[A-Z]{1}\\d{9}$"},{"url":"required","valueBoolean":true}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-header"},{"extension":[{"url":"name","valueString":"x-useragent"},{"url":"type","valueString":"string"},{"url":"description","valueString":"user agent information"},{"url":"pattern","valueString":"^[a-zA-Z0-9]{20}\\/[a-zA-Z0-9\\-\\.]{1,15}$"},{"url":"required","valueBoolean":true}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-header"},{"extension":[{"url":"statusCode","valueString":"403"},{"url":"description","valueString":"Requestor not authorized (no user session with valid ID-Token available)"},{"url":"responseType","valueString":"application/json"},{"url":"errorCode","valueString":"invalAuth"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"403"},{"url":"description","valueString":"Requestor has no valid entitlement"},{"url":"responseType","valueString":"application/json"},{"url":"errorCode","valueString":"notEntitled"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"403"},{"url":"description","valueString":"Requestor role is not in the list of allowed user groups"},{"url":"responseType","valueString":"application/json"},{"url":"errorCode","valueString":"invalidOid"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"403"},{"url":"description","valueString":"Device registration does not exist (if requestor role is oid_versicherter only)"},{"url":"responseType","valueString":"application/json"},{"url":"errorCode","valueString":"unregisteredDevice"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"404"},{"url":"description","valueString":"Health record is in state UNKNOWN or INITIALIZED"},{"url":"responseType","valueString":"application/json"},{"url":"errorCode","valueString":"noHealthRecord"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"409"},{"url":"description","valueString":"Request conflicts with the current state of the health record"},{"url":"responseType","valueString":"application/json"},{"url":"errorCode","valueString":"statusMismatch"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"500"},{"url":"description","valueString":"Any other error"},{"url":"responseType","valueString":"application/json"},{"url":"errorCode","valueString":"internalError"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-base-url","valueString":"http://epa4all/epa/audit/api/v1/fhir"}],"url":"https://gematik.de/fhir/epa/CapabilityStatement/epa-audit-event-server","version":"1.3.0","name":"EPAAuditEventServer","title":"EPA Capability Statement für den Audit Event Service","status":"active","date":"2025-12-15","publisher":"gematik GmbH","contact":[{"telecom":[{"system":"url","value":"https://www.gematik.de"}]}],"description":"EPA Capability Statement für den Audit Event Service","jurisdiction":[{"coding":[{"system":"urn:iso:std:iso:3166","code":"DE"}]}],"copyright":"gematik GmbH / Dieser Implementation Guide ist lizenziert unter [Apache License](./license.html), Version 2.0.","kind":"requirements","imports":["https://gematik.de/fhir/epa/CapabilityStatement/epa-basic-server"],"_imports":[{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}]}],"fhirVersion":"4.0.1","format":["application/fhir+json","application/fhir+xml"],"rest":[{"mode":"server","resource":[{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"type":"AuditEvent","profile":"https://gematik.de/fhir/epa/StructureDefinition/epa-auditevent","_profile":{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}]},"supportedProfile":["https://gematik.de/fhir/epa/StructureDefinition/epa-auditevent"],"_supportedProfile":[{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}]}],"interaction":[{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"},{"extension":[{"url":"statusCode","valueString":"200"},{"url":"description","valueString":"Successful operation"},{"url":"responseType","valueString":"Bundle"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"400"},{"url":"description","valueString":"Unknown search parameter"},{"url":"responseType","valueString":"TIOperationOutcome"},{"url":"errorCode","valueString":"MSG_PARAM_UNKNOWN"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"400"},{"url":"description","valueString":"Invalid query parameter(s)"},{"url":"responseType","valueString":"TIOperationOutcome"},{"url":"errorCode","valueString":"MSG_BAD_SYNTAX"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"400"},{"url":"description","valueString":"Invalid request"},{"url":"responseType","valueString":"TIOperationOutcome"},{"url":"errorCode","valueString":"MSG_BAD_FORMAT"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"404"},{"url":"description","valueString":"Unknown resource type"},{"url":"responseType","valueString":"TIOperationOutcome"},{"url":"errorCode","valueString":"MSG_UNKNOWN_TYPE"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"}],"code":"search-type"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"},{"extension":[{"url":"statusCode","valueString":"200"},{"url":"description","valueString":"Successful operation"},{"url":"responseType","valueString":"EPAAuditEvent"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"400"},{"url":"description","valueString":"Invalid request"},{"url":"responseType","valueString":"TIOperationOutcome"},{"url":"errorCode","valueString":"MSG_BAD_FORMAT"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"404"},{"url":"description","valueString":"Unknown resource type"},{"url":"responseType","valueString":"TIOperationOutcome"},{"url":"errorCode","valueString":"MSG_UNKNOWN_TYPE"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"},{"extension":[{"url":"statusCode","valueString":"404"},{"url":"description","valueString":"Resource is not known"},{"url":"responseType","valueString":"TIOperationOutcome"},{"url":"errorCode","valueString":"MSG_RESOURCE_ID_FAIL"}],"url":"https://gematik.de/fhir/ti/StructureDefinition/extension-http-response-info"}],"code":"read"}],"searchParam":[{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"_id","definition":"http://hl7.org/fhir/SearchParameter/Resource-id","type":"token","documentation":"Resource.id"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"_lastUpdated","definition":"http://hl7.org/fhir/SearchParameter/Resource-lastUpdated","type":"date","documentation":"Resource.meta.lastUpdated"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"action","definition":"http://hl7.org/fhir/SearchParameter/AuditEvent-action","type":"token","documentation":"AuditEvent.action"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"altid","definition":"http://hl7.org/fhir/SearchParameter/AuditEvent-altid","type":"token","documentation":"AuditEvent.agent.altId"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"date","definition":"http://hl7.org/fhir/SearchParameter/AuditEvent-date","type":"date","documentation":"AuditEvent.recorded"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"outcome","definition":"http://hl7.org/fhir/SearchParameter/AuditEvent-outcome","type":"token","documentation":"AuditEvent.outcome"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"entity-name","definition":"http://hl7.org/fhir/SearchParameter/AuditEvent-entity-name","type":"string","documentation":"AuditEvent.entity.name"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"agent-name","definition":"http://hl7.org/fhir/SearchParameter/AuditEvent-agent-name","type":"string","documentation":"AuditEvent.agent.name"},{"extension":[{"url":"http://hl7.org/fhir/StructureDefinition/capabilitystatement-expectation","valueCode":"SHALL"}],"name":"type","definition":"http://hl7.org/fhir/SearchParameter/AuditEvent-type","type":"token","documentation":"AuditEvent.type"}]}]}]}
Der Audit Event Service verarbeitet die Anfrage, um die AuditEvent-Einträge zu ermitteln, die den angegebenen Suchparametern entsprechen. Darüber hinaus gibt er einen zur Verarbeitung passenden HTTP Status Code sowie ein FHIR Bundle der passenden AuditEvent-Ressourcen zurück.
Generelle Sicherheitsanforderungen werden hier festgehalten.