FHIR © HL7.org  |  Server Home  |  FHIR Server FHIR Server 3.4.11  |  FHIR Version n/a  User: [n/a]

Resource Requirements/FHIR Server from package hl7.ehrs.ehrsfmr21#current (31 ms)

Package hl7.ehrs.ehrsfmr21
Type Requirements
Id Id
FHIR Version R5
Source http://hl7.org/ehrs/https://build.fhir.org/ig/mvdzel/ehrsfm-fhir-r5/Requirements-EHRSFMR2.1-TI.2.1.2.html
Url http://hl7.org/ehrs/Requirements/EHRSFMR2.1-TI.2.1.2
Version 2.1.0
Status active
Date 2024-11-26T16:30:50+00:00
Name TI_2_1_2_Security_Audit_Triggers
Title TI.2.1.2 Security Audit Triggers (Function)
Experimental False
Realm uv
Authority hl7
Description Manage Security Audit Triggers
Purpose Security Audit Triggers are designed to capture security related events, both routine and exceptional, including key metadata (who, what, when, where, why).

Resources that use this resource

No resources found


Resources that this resource uses

No resources found



Narrative

Note: links and images are rebased to the (stated) source

Statement N:

Manage Security Audit Triggers

Description I:

Security Audit Triggers are designed to capture security related events, both routine and exceptional, including key metadata (who, what, when, where, why).

Criteria N:
TI.2.1.2#01 SHALL

The system SHALL provide the ability to enter the reason that access control functions are being overridden.

TI.2.1.2#02 dependent SHALL

The system SHALL audit key events according to scope of practice, organizational policy, and/or jurisdictional law.

TI.2.1.2#03 dependent SHALL

The system SHALL capture key Audit Metadata at each Audit Trigger according to scope of practice, organizational policy, and/or jurisdictional law.

TI.2.1.2#04 dependent SHALL

The system SHALL capture an Audit Log Entry at each Audit Trigger according to scope of practice, organizational policy, and/or jurisdictional law.

TI.2.1.2#05 SHALL

The system SHALL provide the ability to log system maintenance events for entry to, and exit from, the EHR system.

TI.2.1.2#06 MAY

The system MAY capture an Audit Log Entry at each Audit Trigger using a common audit engine, e.g., standards-based software.


Source

{
  "resourceType" : "Requirements",
  "id" : "EHRSFMR2.1-TI.2.1.2",
  "meta" : {
    "profile" : [
      "http://hl7.org/ehrs/StructureDefinition/FMFunction"
    ]
  },
  "text" : {
    "status" : "extensions",
    "div" : "<div xmlns=\"http://www.w3.org/1999/xhtml\">\n <span id=\"description\"><b>Statement <a href=\"https://hl7.org/fhir/versions.html#std-process\" title=\"Normative Content\" class=\"normative-flag\">N</a>:</b> <div><p>Manage Security Audit Triggers</p>\n</div></span>\n\n \n <span id=\"purpose\"><b>Description <a href=\"https://hl7.org/fhir/versions.html#std-process\" title=\"Informative Content\" class=\"informative-flag\">I</a>:</b> <div><p>Security Audit Triggers are designed to capture security related events, both routine and exceptional, including key metadata (who, what, when, where, why).</p>\n</div></span>\n \n\n \n\n \n <span id=\"requirements\"><b>Criteria <a href=\"https://hl7.org/fhir/versions.html#std-process\" title=\"Normative Content\" class=\"normative-flag\">N</a>:</b></span>\n \n <table id=\"statements\" class=\"grid dict\">\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.2.1.2#01</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL provide the ability to enter the reason that access control functions are being overridden.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.2.1.2#02</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n <i>dependent</i>\n \n \n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL audit key events according to scope of practice, organizational policy, and/or jurisdictional law.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.2.1.2#03</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n <i>dependent</i>\n \n \n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL capture key Audit Metadata at each Audit Trigger according to scope of practice, organizational policy, and/or jurisdictional law.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.2.1.2#04</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n <i>dependent</i>\n \n \n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL capture an Audit Log Entry at each Audit Trigger according to scope of practice, organizational policy, and/or jurisdictional law.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.2.1.2#05</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL provide the ability to log system maintenance events for entry to, and exit from, the EHR system.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.2.1.2#06</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>MAY</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system MAY capture an Audit Log Entry at each Audit Trigger using a common audit engine, e.g., standards-based software.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n </table>\n</div>"
  },
  "url" : "http://hl7.org/ehrs/Requirements/EHRSFMR2.1-TI.2.1.2",
  "version" : "2.1.0",
  "name" : "TI_2_1_2_Security_Audit_Triggers",
  "title" : "TI.2.1.2 Security Audit Triggers (Function)",
  "status" : "active",
  "date" : "2024-11-26T16:30:50+00:00",
  "publisher" : "EHR WG",
  "contact" : [
    {
      "telecom" : [
        {
          "system" : "url",
          "value" : "http://www.hl7.org/Special/committees/ehr"
        }
      ]
    }
  ],
  "description" : "Manage Security Audit Triggers",
  "jurisdiction" : [
    {
      "coding" : [
        {
          "system" : "http://unstats.un.org/unsd/methods/m49/m49.htm",
          "code" : "001",
          "display" : "World"
        }
      ]
    }
  ],
  "purpose" : "Security Audit Triggers are designed to capture security related events, both routine and exceptional, including key metadata (who, what, when, where, why).",
  "statement" : [
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
          "valueBoolean" : false
        }
      ],
      "key" : "EHRSFMR2.1-TI.2.1.2-01",
      "label" : "TI.2.1.2#01",
      "conformance" : [
        "SHALL"
      ],
      "conditionality" : false,
      "requirement" : "The system SHALL provide the ability to enter the reason that access control functions are being overridden."
    },
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
          "valueBoolean" : true
        }
      ],
      "key" : "EHRSFMR2.1-TI.2.1.2-02",
      "label" : "TI.2.1.2#02",
      "conformance" : [
        "SHALL"
      ],
      "conditionality" : false,
      "requirement" : "The system SHALL audit key events according to scope of practice, organizational policy, and/or jurisdictional law."
    },
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
          "valueBoolean" : true
        }
      ],
      "key" : "EHRSFMR2.1-TI.2.1.2-03",
      "label" : "TI.2.1.2#03",
      "conformance" : [
        "SHALL"
      ],
      "conditionality" : false,
      "requirement" : "The system SHALL capture key Audit Metadata at each Audit Trigger according to scope of practice, organizational policy, and/or jurisdictional law.",
      "derivedFrom" : "EHR-S_FM_R1.1 IN.2.2#1"
    },
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
          "valueBoolean" : true
        }
      ],
      "key" : "EHRSFMR2.1-TI.2.1.2-04",
      "label" : "TI.2.1.2#04",
      "conformance" : [
        "SHALL"
      ],
      "conditionality" : false,
      "requirement" : "The system SHALL capture an Audit Log Entry at each Audit Trigger according to scope of practice, organizational policy, and/or jurisdictional law.",
      "derivedFrom" : "EHR-S_FM_R1.1 IN.2.2#12"
    },
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
          "valueBoolean" : false
        }
      ],
      "key" : "EHRSFMR2.1-TI.2.1.2-05",
      "label" : "TI.2.1.2#05",
      "conformance" : [
        "SHALL"
      ],
      "conditionality" : false,
      "requirement" : "The system SHALL provide the ability to log system maintenance events for entry to, and exit from, the EHR system.",
      "derivedFrom" : "EHR-S_FM_R1.1 IN.2.2#22"
    },
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
          "valueBoolean" : false
        }
      ],
      "key" : "EHRSFMR2.1-TI.2.1.2-06",
      "label" : "TI.2.1.2#06",
      "conformance" : [
        "MAY"
      ],
      "conditionality" : false,
      "requirement" : "The system MAY capture an Audit Log Entry at each Audit Trigger using a common audit engine, e.g., standards-based software.",
      "derivedFrom" : "EHR-S_FM_R1.1 IN.2.2#23"
    }
  ]
}

XIG built as of ??metadata-date??. Found ??metadata-resources?? resources in ??metadata-packages?? packages.