Package | hl7.ehrs.ehrsfmr21 |
Type | Requirements |
Id | Id |
FHIR Version | R5 |
Source | http://hl7.org/ehrs/https://build.fhir.org/ig/mvdzel/ehrsfm-fhir-r5/Requirements-EHRSFMR2.1-TI.2.1.2.html |
Url | http://hl7.org/ehrs/Requirements/EHRSFMR2.1-TI.2.1.2 |
Version | 2.1.0 |
Status | active |
Date | 2024-11-26T16:30:50+00:00 |
Name | TI_2_1_2_Security_Audit_Triggers |
Title | TI.2.1.2 Security Audit Triggers (Function) |
Experimental | False |
Realm | uv |
Authority | hl7 |
Description | Manage Security Audit Triggers |
Purpose | Security Audit Triggers are designed to capture security related events, both routine and exceptional, including key metadata (who, what, when, where, why). |
No resources found
No resources found
Note: links and images are rebased to the (stated) source
Manage Security Audit Triggers
Security Audit Triggers are designed to capture security related events, both routine and exceptional, including key metadata (who, what, when, where, why).
TI.2.1.2#01 | SHALL |
The system SHALL provide the ability to enter the reason that access control functions are being overridden. |
TI.2.1.2#02 | dependent SHALL |
The system SHALL audit key events according to scope of practice, organizational policy, and/or jurisdictional law. |
TI.2.1.2#03 | dependent SHALL |
The system SHALL capture key Audit Metadata at each Audit Trigger according to scope of practice, organizational policy, and/or jurisdictional law. |
TI.2.1.2#04 | dependent SHALL |
The system SHALL capture an Audit Log Entry at each Audit Trigger according to scope of practice, organizational policy, and/or jurisdictional law. |
TI.2.1.2#05 | SHALL |
The system SHALL provide the ability to log system maintenance events for entry to, and exit from, the EHR system. |
TI.2.1.2#06 | MAY |
The system MAY capture an Audit Log Entry at each Audit Trigger using a common audit engine, e.g., standards-based software. |
{
"resourceType" : "Requirements",
"id" : "EHRSFMR2.1-TI.2.1.2",
"meta" : {
"profile" : [
"http://hl7.org/ehrs/StructureDefinition/FMFunction"
]
},
"text" : {
"status" : "extensions",
"div" : "<div xmlns=\"http://www.w3.org/1999/xhtml\">\n <span id=\"description\"><b>Statement <a href=\"https://hl7.org/fhir/versions.html#std-process\" title=\"Normative Content\" class=\"normative-flag\">N</a>:</b> <div><p>Manage Security Audit Triggers</p>\n</div></span>\n\n \n <span id=\"purpose\"><b>Description <a href=\"https://hl7.org/fhir/versions.html#std-process\" title=\"Informative Content\" class=\"informative-flag\">I</a>:</b> <div><p>Security Audit Triggers are designed to capture security related events, both routine and exceptional, including key metadata (who, what, when, where, why).</p>\n</div></span>\n \n\n \n\n \n <span id=\"requirements\"><b>Criteria <a href=\"https://hl7.org/fhir/versions.html#std-process\" title=\"Normative Content\" class=\"normative-flag\">N</a>:</b></span>\n \n <table id=\"statements\" class=\"grid dict\">\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.2.1.2#01</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL provide the ability to enter the reason that access control functions are being overridden.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.2.1.2#02</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n <i>dependent</i>\n \n \n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL audit key events according to scope of practice, organizational policy, and/or jurisdictional law.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.2.1.2#03</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n <i>dependent</i>\n \n \n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL capture key Audit Metadata at each Audit Trigger according to scope of practice, organizational policy, and/or jurisdictional law.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.2.1.2#04</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n <i>dependent</i>\n \n \n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL capture an Audit Log Entry at each Audit Trigger according to scope of practice, organizational policy, and/or jurisdictional law.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.2.1.2#05</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL provide the ability to log system maintenance events for entry to, and exit from, the EHR system.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.2.1.2#06</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>MAY</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system MAY capture an Audit Log Entry at each Audit Trigger using a common audit engine, e.g., standards-based software.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n </table>\n</div>"
},
"url" : "http://hl7.org/ehrs/Requirements/EHRSFMR2.1-TI.2.1.2",
"version" : "2.1.0",
"name" : "TI_2_1_2_Security_Audit_Triggers",
"title" : "TI.2.1.2 Security Audit Triggers (Function)",
"status" : "active",
"date" : "2024-11-26T16:30:50+00:00",
"publisher" : "EHR WG",
"contact" : [
{
"telecom" : [
{
"system" : "url",
"value" : "http://www.hl7.org/Special/committees/ehr"
}
]
}
],
"description" : "Manage Security Audit Triggers",
"jurisdiction" : [
{
"coding" : [
{
"system" : "http://unstats.un.org/unsd/methods/m49/m49.htm",
"code" : "001",
"display" : "World"
}
]
}
],
"purpose" : "Security Audit Triggers are designed to capture security related events, both routine and exceptional, including key metadata (who, what, when, where, why).",
"statement" : [
{
"extension" : [
{
"url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
"valueBoolean" : false
}
],
"key" : "EHRSFMR2.1-TI.2.1.2-01",
"label" : "TI.2.1.2#01",
"conformance" : [
"SHALL"
],
"conditionality" : false,
"requirement" : "The system SHALL provide the ability to enter the reason that access control functions are being overridden."
},
{
"extension" : [
{
"url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
"valueBoolean" : true
}
],
"key" : "EHRSFMR2.1-TI.2.1.2-02",
"label" : "TI.2.1.2#02",
"conformance" : [
"SHALL"
],
"conditionality" : false,
"requirement" : "The system SHALL audit key events according to scope of practice, organizational policy, and/or jurisdictional law."
},
{
"extension" : [
{
"url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
"valueBoolean" : true
}
],
"key" : "EHRSFMR2.1-TI.2.1.2-03",
"label" : "TI.2.1.2#03",
"conformance" : [
"SHALL"
],
"conditionality" : false,
"requirement" : "The system SHALL capture key Audit Metadata at each Audit Trigger according to scope of practice, organizational policy, and/or jurisdictional law.",
"derivedFrom" : "EHR-S_FM_R1.1 IN.2.2#1"
},
{
"extension" : [
{
"url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
"valueBoolean" : true
}
],
"key" : "EHRSFMR2.1-TI.2.1.2-04",
"label" : "TI.2.1.2#04",
"conformance" : [
"SHALL"
],
"conditionality" : false,
"requirement" : "The system SHALL capture an Audit Log Entry at each Audit Trigger according to scope of practice, organizational policy, and/or jurisdictional law.",
"derivedFrom" : "EHR-S_FM_R1.1 IN.2.2#12"
},
{
"extension" : [
{
"url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
"valueBoolean" : false
}
],
"key" : "EHRSFMR2.1-TI.2.1.2-05",
"label" : "TI.2.1.2#05",
"conformance" : [
"SHALL"
],
"conditionality" : false,
"requirement" : "The system SHALL provide the ability to log system maintenance events for entry to, and exit from, the EHR system.",
"derivedFrom" : "EHR-S_FM_R1.1 IN.2.2#22"
},
{
"extension" : [
{
"url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
"valueBoolean" : false
}
],
"key" : "EHRSFMR2.1-TI.2.1.2-06",
"label" : "TI.2.1.2#06",
"conformance" : [
"MAY"
],
"conditionality" : false,
"requirement" : "The system MAY capture an Audit Log Entry at each Audit Trigger using a common audit engine, e.g., standards-based software.",
"derivedFrom" : "EHR-S_FM_R1.1 IN.2.2#23"
}
]
}
XIG built as of ??metadata-date??. Found ??metadata-resources?? resources in ??metadata-packages?? packages.