FHIR © HL7.org  |  Server Home  |  FHIR Server FHIR Server 3.4.11  |  FHIR Version n/a  User: [n/a]

Resource Requirements/FHIR Server from package hl7.ehrs.ehrsfmr21#current (16 ms)

Package hl7.ehrs.ehrsfmr21
Type Requirements
Id Id
FHIR Version R5
Source http://hl7.org/ehrs/https://build.fhir.org/ig/mvdzel/ehrsfm-fhir-r5/Requirements-EHRSFMR2.1-TI.2.1.2.8.html
Url http://hl7.org/ehrs/Requirements/EHRSFMR2.1-TI.2.1.2.8
Version 2.1.0
Status active
Date 2024-11-26T16:30:50+00:00
Name TI_2_1_2_8_Extraordinary_User_Access__Break_the_Glass__Security_Audit_Trigger
Title TI.2.1.2.8 Extraordinary User Access (Break the Glass) Security Audit Trigger (Function)
Experimental False
Realm uv
Authority hl7
Description Manage Audit Trigger initiated to track extraordinary user access (break the glass).
Purpose Capture extraordinary user access (break the glass), both routine and exceptional, including key metadata (who, what, when, where, why).

Resources that use this resource

No resources found


Resources that this resource uses

No resources found



Narrative

Note: links and images are rebased to the (stated) source

Statement N:

Manage Audit Trigger initiated to track extraordinary user access (break the glass).

Description I:

Capture extraordinary user access (break the glass), both routine and exceptional, including key metadata (who, what, when, where, why).

Criteria N:
TI.2.1.2.8#01 SHALL

The system SHALL audit each occurrence when extraordinary access is successful (e.g., "break the glass" scenario).

TI.2.1.2.8#02 SHALL

The system SHALL capture identity of the organization.

TI.2.1.2.8#03 conditional SHALL

IF known, THEN the system SHALL capture identity of the user.

TI.2.1.2.8#04 SHALL

The system SHALL capture identity of the system.

TI.2.1.2.8#05 SHALL

The system SHALL capture the event initiating audit trigger.

TI.2.1.2.8#06 SHALL

The system SHALL capture the date and time of the event initiating audit trigger.

TI.2.1.2.8#07 SHALL

The system SHALL capture identity of the location (i.e., network address).

TI.2.1.2.8#08 SHALL

The system SHALL capture the rationale for extraordinary user access.


Source

{
  "resourceType" : "Requirements",
  "id" : "EHRSFMR2.1-TI.2.1.2.8",
  "meta" : {
    "profile" : [
      "http://hl7.org/ehrs/StructureDefinition/FMFunction"
    ]
  },
  "text" : {
    "status" : "extensions",
    "div" : "<div xmlns=\"http://www.w3.org/1999/xhtml\">\n <span id=\"description\"><b>Statement <a href=\"https://hl7.org/fhir/versions.html#std-process\" title=\"Normative Content\" class=\"normative-flag\">N</a>:</b> <div><p>Manage Audit Trigger initiated to track extraordinary user access (break the glass).</p>\n</div></span>\n\n \n <span id=\"purpose\"><b>Description <a href=\"https://hl7.org/fhir/versions.html#std-process\" title=\"Informative Content\" class=\"informative-flag\">I</a>:</b> <div><p>Capture extraordinary user access (break the glass), both routine and exceptional, including key metadata (who, what, when, where, why).</p>\n</div></span>\n \n\n \n\n \n <span id=\"requirements\"><b>Criteria <a href=\"https://hl7.org/fhir/versions.html#std-process\" title=\"Normative Content\" class=\"normative-flag\">N</a>:</b></span>\n \n <table id=\"statements\" class=\"grid dict\">\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.2.1.2.8#01</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL audit each occurrence when extraordinary access is successful (e.g., &quot;break the glass&quot; scenario).</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.2.1.2.8#02</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL capture identity of the organization.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.2.1.2.8#03</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n <i>conditional</i>\n \n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>IF known, THEN the system SHALL capture identity of the user.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.2.1.2.8#04</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL capture identity of the system.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.2.1.2.8#05</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL capture the event initiating audit trigger.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.2.1.2.8#06</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL capture the date and time of the event initiating audit trigger.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.2.1.2.8#07</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL capture identity of the location (i.e., network address).</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.2.1.2.8#08</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL capture the rationale for extraordinary user access.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n </table>\n</div>"
  },
  "url" : "http://hl7.org/ehrs/Requirements/EHRSFMR2.1-TI.2.1.2.8",
  "version" : "2.1.0",
  "name" : "TI_2_1_2_8_Extraordinary_User_Access__Break_the_Glass__Security_Audit_Trigger",
  "title" : "TI.2.1.2.8 Extraordinary User Access (Break the Glass) Security Audit Trigger (Function)",
  "status" : "active",
  "date" : "2024-11-26T16:30:50+00:00",
  "publisher" : "EHR WG",
  "contact" : [
    {
      "telecom" : [
        {
          "system" : "url",
          "value" : "http://www.hl7.org/Special/committees/ehr"
        }
      ]
    }
  ],
  "description" : "Manage Audit Trigger initiated to track extraordinary user access (break the glass).",
  "jurisdiction" : [
    {
      "coding" : [
        {
          "system" : "http://unstats.un.org/unsd/methods/m49/m49.htm",
          "code" : "001",
          "display" : "World"
        }
      ]
    }
  ],
  "purpose" : "Capture extraordinary user access (break the glass), both routine and exceptional, including key metadata (who, what, when, where, why).",
  "statement" : [
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
          "valueBoolean" : false
        }
      ],
      "key" : "EHRSFMR2.1-TI.2.1.2.8-01",
      "label" : "TI.2.1.2.8#01",
      "conformance" : [
        "SHALL"
      ],
      "conditionality" : false,
      "requirement" : "The system SHALL audit each occurrence when extraordinary access is successful (e.g., \"break the glass\" scenario)."
    },
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
          "valueBoolean" : false
        }
      ],
      "key" : "EHRSFMR2.1-TI.2.1.2.8-02",
      "label" : "TI.2.1.2.8#02",
      "conformance" : [
        "SHALL"
      ],
      "conditionality" : false,
      "requirement" : "The system SHALL capture identity of the organization."
    },
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
          "valueBoolean" : false
        }
      ],
      "key" : "EHRSFMR2.1-TI.2.1.2.8-03",
      "label" : "TI.2.1.2.8#03",
      "conformance" : [
        "SHALL"
      ],
      "conditionality" : true,
      "requirement" : "IF known, THEN the system SHALL capture identity of the user."
    },
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
          "valueBoolean" : false
        }
      ],
      "key" : "EHRSFMR2.1-TI.2.1.2.8-04",
      "label" : "TI.2.1.2.8#04",
      "conformance" : [
        "SHALL"
      ],
      "conditionality" : false,
      "requirement" : "The system SHALL capture identity of the system."
    },
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
          "valueBoolean" : false
        }
      ],
      "key" : "EHRSFMR2.1-TI.2.1.2.8-05",
      "label" : "TI.2.1.2.8#05",
      "conformance" : [
        "SHALL"
      ],
      "conditionality" : false,
      "requirement" : "The system SHALL capture the event initiating audit trigger."
    },
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
          "valueBoolean" : false
        }
      ],
      "key" : "EHRSFMR2.1-TI.2.1.2.8-06",
      "label" : "TI.2.1.2.8#06",
      "conformance" : [
        "SHALL"
      ],
      "conditionality" : false,
      "requirement" : "The system SHALL capture the date and time of the event initiating audit trigger."
    },
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
          "valueBoolean" : false
        }
      ],
      "key" : "EHRSFMR2.1-TI.2.1.2.8-07",
      "label" : "TI.2.1.2.8#07",
      "conformance" : [
        "SHALL"
      ],
      "conditionality" : false,
      "requirement" : "The system SHALL capture identity of the location (i.e., network address)."
    },
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
          "valueBoolean" : false
        }
      ],
      "key" : "EHRSFMR2.1-TI.2.1.2.8-08",
      "label" : "TI.2.1.2.8#08",
      "conformance" : [
        "SHALL"
      ],
      "conditionality" : false,
      "requirement" : "The system SHALL capture the rationale for extraordinary user access."
    }
  ]
}

XIG built as of ??metadata-date??. Found ??metadata-resources?? resources in ??metadata-packages?? packages.