ITI-78 (and possibly other FHIR transactions) audit message does not conform to the profile defined in PDQm

[Ivan1pl]

According to https://profiles.ihe.net/ITI/PDQm/ITI-78.html, ITI-78 audit messages should be recorded using profiles:

• https://profiles.ihe.net/ITI/PDQm/StructureDefinition-IHE.PDQm.Query.Audit.Consumer.html
• https://profiles.ihe.net/ITI/PDQm/StructureDefinition-IHE.PDQm.Query.Audit.Supplier.html

I tried validating the created ITI-78 supplier audit message against the profile and got multiple errors. I believe some new restrictions have been added since this was implemented.

This is probably not the highest priority, the issue can be circumvented by constructing a custom audit message.
A dirty workaround if you need to replace the default behavior:

        Class<?> TransactionConfigurationClass = TransactionConfiguration.class;
        Field clientAuditStrategyField = TransactionConfigurationClass.getDeclaredField("clientAuditStrategy");
        clientAuditStrategyField.setAccessible(true);
        clientAuditStrategyField.set(PDQM.Interactions.ITI_78.getFhirTransactionConfiguration(),
                new Iti78ClientFhirQueryAuditStrategy());

        Field serverAuditStrategy = TransactionConfigurationClass.getDeclaredField("serverAuditStrategy");
        serverAuditStrategy.setAccessible(true);
        serverAuditStrategy.set(PDQM.Interactions.ITI_78.getFhirTransactionConfiguration(),
                new Iti78ServerFhirQueryAuditStrategy());

Perhaps it would be a good idea to provide a better way to override the default audit strategy for transactions?

Relevant issues:

• AuditEvent.subtype: minimum required = 2, but only found 1
  "subtype":[{"system":"urn:ihe:event-type-code","code":"ITI-78","display":"Mobile Patient Demographics Query"}]
• Slice 'AuditEvent.subtype:anySearch': a matching slice is required, but not found
• Value is 'http://dicom.nema.org/resources/ontology/DCM' but is fixed to 'http://terminology.hl7.org/CodeSystem/audit-event-type' in the profile https://profiles.ihe.net/ITI/PDQm/StructureDefinition/IHE.PDQm.Query.Audit.Supplier|3.1.0#AuditEvent
  "type":{"system":"http://dicom.nema.org/resources/ontology/DCM","code":"110112","display":"Query"}
• Value is '110112' but is fixed to 'rest' in the profile https://profiles.ihe.net/ITI/PDQm/StructureDefinition/IHE.PDQm.Query.Audit.Supplier|3.1.0#AuditEvent
• Constraint failed: val-audit-source: 'The Audit Source is this agent too.'
  The constraint in question: $this.who = %resource.source.observer
• AuditEvent.entity:query.what: max allowed = 0, but found 1
  {"what":{"identifier":{"value":"MobilePatientDemographicsQuery"}},"type":{"system":"http://terminology.hl7.org/CodeSystem/audit-entity-type","code":"2"},"role":{"system":"http://terminology.hl7.org/CodeSystem/object-role","code":"24"},"query":"aWRlbnRpZmllcj11cm46b2lkOjIuMTYuODQwLjEuMTEzODgzLjMuNDQyNC4xLjEuNjE2fDA4MjgyNzgxMDk1"}

I did not yet try to validate other audit messages, but I suspect similar results, possibly in other integration profiles as well.

[Ivan1pl]

Easy to fix:

• type needs additional mapping instead of fixed http://dicom.nema.org/resources/ontology/DCM
• queryParameters need an empty string as queryMessageIdentifier (note: this might result in invalid DICOM Syslog AuditMessage)

Needs some thought:

• possibly need to base on a different builder than transactions that log over Syslog? To be able to provide multiple subtypes and have a correct type
• source.observer needs an identifier