Patient Connect Audit Events

1up Patient Connect captures FHIR® R4 audit events for the patient-mediated workflow and records them to share with customers as FHIR resources. You can use these audit events to get information about the patient access workflow for a patient or a payer member. Each audit events is logged separately by the environment’s client ID and client secret. You can retrieve audit events using the client ID, client secret, and the time stamp for the event.

Patient Connect supports the following FHIR R4 audit events and event subtypes.

Audit event types and subtypes

Audit Event	Subtype	Description	Attributes
System Search Results	system-search-results	This event is logged each time a member searches for a payer or provider. It includes the number of search results returned. You can use this audit event to identify when a user can’t find a payer or provider (0 results are returned).	1up API base URL 1up user ID Search text Results count Error message Date and time stamp
System Selected	system-selected	This event is logged when a member selects a payer or provider from the search results.	1up API base URL 1up user ID System name System ID Date and time stamp
Member Authorization	member-authorization	This event is logged when members return from a third-party authorization workflow and attempt to complete the process to authorize or decline sharing their data. The event details include the outcome: `authorized` or `declined`.	1up API base URL 1up user ID System name System ID Date and time stamp Outcome description
Payer Connection Not Established	payer-connection-not-established	This event is logged when 1upHealth can’t establish a connection to the member’s selected system. The event details include the outcome, and can include the related status codes or error messages from the member’s selected system.	1up API base URL 1up user ID System name System ID Date and time stamp Outcome description
Data Transfer Initiated	data-transfer-initiated	This event is logged when a member logs in to the external payer or provider and approves the data transfer. A successful outcome indicates patient matching was successful, and the data transfer has been initiated.	1up API base URL 1up user ID Payer or provider name Payer or provider ID Audit event type Date and time stamp
Resource Retrieval Failure	resource-retrieval-failure	This event is logged when the import of the member’s data from the external payer or provider fails. This indicates that an error occurred during the process of making the calls to the external endpoint to retrieve the data. One audit event is logged for every resource retrieval failure. This doesn’t indicate that all of the data from the external endpoint failed to be retrieved, because the process to retrieve the data from the external endpoint runs asynchronously.	1up API base URL 1up user ID Payer or provider name Payer or provider ID Audit event type Error message = Failure Date and time stamp
Resource Ingestion Result	resource-ingestion-result	This event is logged each time an individual FHIR resource is ingested into the FHIR Server. A successful outcome indicates the resource has been ingested.	1up API base URL 1up IP server address 1up user ID Resource type Resource ID Payer or provider name Payer or provider ID Status code Date and time stamp
Member Data Ingestion Completed	member-data-ingestion-completed	This event is logged when all of the available member’s FHIR resources have been successfully ingested by 1upHealth.	1up API base URL 1up user ID Payer or provider name Payer or provider ID Audit event type Error message = Failure Date and time stamp
Member Data Ingestion Timeout	member-data-ingestion-timeout	This event is logged when a timeout occurs before the member import process can complete and successfully ingest all member resources.	1up API base URL 1up user ID Payer or provider name Payer or provider ID Audit event type Error message Date and time stamp

Retrieve Your Audit Events

After your audit events are recorded, you can use the 1up FHIR API Audit Event endpoint to retrieve them.

You can use your client ID and client secret to make an HTTPS GET request to get all of the audit events that are logged under your client ID. You can also submit a request for a specific subtype of an audit event.

Before you begin, make sure that you have your client ID and client secret.

Get All Audit Events

To get all of the audit events for your client ID, you can submit a cURL GET request to the Audit Event endpoint using your client ID and client secret.

Get request for all audit events

1
2
3
4
curl -XGET 'https://api.1up.health/r4/AuditEvent' \
    -H 'client_id:{client_id}' \
    -H 'client_secret:{client_secret}' \
    -H 'x-oneup-user-id: client'

Make sure to replace the text in brackets with the correct values for your environment. You don’t have to specify a value for x-oneup-user-id.

Example curl request for all events

1
2
3
4
curl -XGET 'https://api.1up.health/r4/AuditEvent' \
    -H 'client_id:example123ID' \
    -H 'client_secret:example123Secret' \
    -H 'x-oneup-user-id: client'

Get Details for a Specific Audit Event

You can also submit a cURL GET request to get a specific audit event from the Audit Event endpoint using your client ID and client secret.

Get request for a specific audit event

1
2
3
4
curl -XGET 'https://api.1up.health/r4/AuditEvent?subtype={event-subtype}' \
    -H 'client_id:{client_id}' \
    -H 'client_secret:{client_secret}' \
    -H 'x-oneup-user-id: client'

Replace {event-subtype} with the name of the audit event subtype that you want to retrieve.

Make sure to replace the text in brackets with the correct values for your environment. You don’t have to specify a value for x-oneup-user-id.

Example curl request for a specific event

1
2
3
4
curl -XGET 'https://api.1up.health/r4/AuditEvent?subtype=system-search-results' \
    -H 'client_id:example123ID' \
    -H 'client_secret:example123Secret' \
    -H 'x-oneup-user-id: client'

Questions about this page? Contact us