FHIR © HL7.org  |  Server Home  |  FHIR Server FHIR Server 3.4.11  |  FHIR Version n/a  User: [n/a]

Resource Requirements/FHIR Server from package hl7.ehrs.ehrsfmr21#current (32 ms)

Package hl7.ehrs.ehrsfmr21
Type Requirements
Id Id
FHIR Version R5
Source http://hl7.org/ehrs/https://build.fhir.org/ig/mvdzel/ehrsfm-fhir-r5/Requirements-EHRSFMR2.1-TI.2.2.html
Url http://hl7.org/ehrs/Requirements/EHRSFMR2.1-TI.2.2
Version 2.1.0
Status active
Date 2024-11-26T16:30:50+00:00
Name TI_2_2_Audit_Log_Management
Title TI.2.2 Audit Log Management (Function)
Experimental False
Realm uv
Authority hl7
Description Manage Audit Log
Purpose Audit Triggers create Audit Log entries. Audit Log entries are typically managed as persistent evidence of events occurring over time, including events pertaining to record management, security, system operations and performance, key clinical situations. Audit log entries capture event details, including key metadata (who, what, when, where).Audit log functions fulfill log maintenance and persistence requirements according to scope of practice, organizational policy, and jurisdictional law.

Resources that use this resource

No resources found


Resources that this resource uses

No resources found



Narrative

Note: links and images are rebased to the (stated) source

Statement N:

Manage Audit Log

Description I:

Audit Triggers create Audit Log entries. Audit Log entries are typically managed as persistent evidence of events occurring over time, including events pertaining to record management, security, system operations and performance, key clinical situations.

Audit log entries capture event details, including key metadata (who, what, when, where).Audit log functions fulfill log maintenance and persistence requirements according to scope of practice, organizational policy, and jurisdictional law.

Criteria N:
TI.2.2#01 SHALL

The system SHALL provide the ability to capture audit log entries using a standards-based audit record format according to scope of practice, organizational policy, and/or jurisdictional law (e.g., IETF RFC 3881 "Internet Engineering Task Force, Request For Comment, Security Audit and Access Accountability Message XML Data Definitions for Healthcare Applications").

TI.2.2#02 SHOULD

The system SHOULD provide the ability to annotate or tag previously recorded audit log entries.

TI.2.2#03 SHOULD

The system SHOULD provide the ability to store audit log entry metadata (including related metadata). NOTE: Audit log entry metadata and related metadata ought to be stored in a secure fashion.

TI.2.2#04 SHALL

The system SHALL provide the ability to log access to audit log entries, and/or metadata.


Source

{
  "resourceType" : "Requirements",
  "id" : "EHRSFMR2.1-TI.2.2",
  "meta" : {
    "profile" : [
      "http://hl7.org/ehrs/StructureDefinition/FMFunction"
    ]
  },
  "text" : {
    "status" : "extensions",
    "div" : "<div xmlns=\"http://www.w3.org/1999/xhtml\">\n <span id=\"description\"><b>Statement <a href=\"https://hl7.org/fhir/versions.html#std-process\" title=\"Normative Content\" class=\"normative-flag\">N</a>:</b> <div><p>Manage Audit Log</p>\n</div></span>\n\n \n <span id=\"purpose\"><b>Description <a href=\"https://hl7.org/fhir/versions.html#std-process\" title=\"Informative Content\" class=\"informative-flag\">I</a>:</b> <div><p>Audit Triggers create Audit Log entries. Audit Log entries are typically managed as persistent evidence of events occurring over time, including events pertaining to record management, security, system operations and performance, key clinical situations.</p>\n<p>Audit log entries capture event details, including key metadata (who, what, when, where).Audit log functions fulfill log maintenance and persistence requirements according to scope of practice, organizational policy, and jurisdictional law.</p>\n</div></span>\n \n\n \n\n \n <span id=\"requirements\"><b>Criteria <a href=\"https://hl7.org/fhir/versions.html#std-process\" title=\"Normative Content\" class=\"normative-flag\">N</a>:</b></span>\n \n <table id=\"statements\" class=\"grid dict\">\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.2.2#01</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL provide the ability to capture audit log entries using a standards-based audit record format according to scope of practice, organizational policy, and/or jurisdictional law (e.g., IETF RFC 3881 &quot;Internet Engineering Task Force, Request For Comment, Security Audit and Access Accountability Message XML Data Definitions for Healthcare Applications&quot;).</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.2.2#02</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>SHOULD</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHOULD provide the ability to annotate or tag previously recorded audit log entries.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.2.2#03</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>SHOULD</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHOULD provide the ability to store audit log entry metadata (including related metadata). NOTE: Audit log entry metadata and related metadata ought to be stored in a secure fashion.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.2.2#04</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n \n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL provide the ability to log access to audit log entries, and/or metadata.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n </table>\n</div>"
  },
  "url" : "http://hl7.org/ehrs/Requirements/EHRSFMR2.1-TI.2.2",
  "version" : "2.1.0",
  "name" : "TI_2_2_Audit_Log_Management",
  "title" : "TI.2.2 Audit Log Management (Function)",
  "status" : "active",
  "date" : "2024-11-26T16:30:50+00:00",
  "publisher" : "EHR WG",
  "contact" : [
    {
      "telecom" : [
        {
          "system" : "url",
          "value" : "http://www.hl7.org/Special/committees/ehr"
        }
      ]
    }
  ],
  "description" : "Manage Audit Log",
  "jurisdiction" : [
    {
      "coding" : [
        {
          "system" : "http://unstats.un.org/unsd/methods/m49/m49.htm",
          "code" : "001",
          "display" : "World"
        }
      ]
    }
  ],
  "purpose" : "Audit Triggers create Audit Log entries. Audit Log entries are typically managed as persistent evidence of events occurring over time, including events pertaining to record management, security, system operations and performance, key clinical situations.\n\nAudit log entries capture event details, including key metadata (who, what, when, where).Audit log functions fulfill log maintenance and persistence requirements according to scope of practice, organizational policy, and jurisdictional law.",
  "statement" : [
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
          "valueBoolean" : false
        }
      ],
      "key" : "EHRSFMR2.1-TI.2.2-01",
      "label" : "TI.2.2#01",
      "conformance" : [
        "SHALL"
      ],
      "conditionality" : false,
      "requirement" : "The system SHALL provide the ability to capture audit log entries using a standards-based audit record format according to scope of practice, organizational policy, and/or jurisdictional law (e.g., IETF RFC 3881 \"Internet Engineering Task Force, Request For Comment, Security Audit and Access Accountability Message XML Data Definitions for Healthcare Applications\").",
      "derivedFrom" : "EHR-S_FM_R1.1 IN.2.2#25"
    },
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
          "valueBoolean" : false
        }
      ],
      "key" : "EHRSFMR2.1-TI.2.2-02",
      "label" : "TI.2.2#02",
      "conformance" : [
        "SHOULD"
      ],
      "conditionality" : false,
      "requirement" : "The system SHOULD provide the ability to annotate or tag previously recorded audit log entries."
    },
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
          "valueBoolean" : false
        }
      ],
      "key" : "EHRSFMR2.1-TI.2.2-03",
      "label" : "TI.2.2#03",
      "conformance" : [
        "SHOULD"
      ],
      "conditionality" : false,
      "requirement" : "The system SHOULD provide the ability to store audit log entry metadata (including related metadata). NOTE: Audit log entry metadata and related metadata ought to be stored in a secure fashion."
    },
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
          "valueBoolean" : false
        }
      ],
      "key" : "EHRSFMR2.1-TI.2.2-04",
      "label" : "TI.2.2#04",
      "conformance" : [
        "SHALL"
      ],
      "conditionality" : false,
      "requirement" : "The system SHALL provide the ability to log access to audit log entries, and/or metadata."
    }
  ]
}

XIG built as of ??metadata-date??. Found ??metadata-resources?? resources in ??metadata-packages?? packages.