DICOM PS3.15 2017d - Security and System Management Profiles

A.5.3.14 Patient Record

This message describes the event of a patient record being created, modified, accessed, or deleted.

Note

There are several types of patient records managed by both DICOM and non-DICOM system. DICOM applications often manipulate patient records managed by a variety of systems, and thus may be obligated by site security policies to record such events in the audit logs. This audit event can be used to record the access or manipulation of patient records where specific DICOM SOP Instances are not involved.

Table A.5.3.14-1. Audit Message for Patient Record

Real World Entities

Field Name

Opt.

Value Constraints

Event

EventID

M

EV (110110, DCM, "Patient Record")

EventActionCode

M

Enumerated value:

C = create

R = read

U = update

D = delete

EventDateTime

M

not specialized

EventOutcomeIndicator

M

not specialized

EventTypeCode

U

not specialized

User (1..2)

UserID

M

The identity of the person or process manipulating the data. If both are known, then two active participants shall be included (both the person and the process).

AlternateUserID

U

not specialized

UserName

U

not specialized

UserIsRequestor

U

not specialized

RoleIDCode

U

not specialized

NetworkAccessPointTypeCode

U

not specialized

NetworkAccessPointID

U

not specialized

Patient (1)

ParticipantObjectTypeCode

M

EV 1 (person)

ParticipantObjectTypeCodeRole

M

EV 1 (patient)

ParticipantObjectDataLifeCycle

U

not specialized

ParticipantObjectIDTypeCode

M

EV 2 (patient ID)

ParticipantObjectSensitivity

U

not specialized

ParticipantObjectID

M

The patient ID

ParticipantObjectName

U

The patient name

ParticipantObjectQuery

U

not specialized

ParticipantObjectDetail

U

not specialized

ParticipantObjectDescription

U

not further specialized


DICOM PS3.15 2017d - Security and System Management Profiles