FHIR IG analytics| Package | hl7.ehrs.us.dhfpr2 |
| Resource Type | Requirements |
| Id | Requirements-DHFPR2-TI.2.1.2.8.json |
| FHIR Version | R5 |
| Source | https://build.fhir.org/ig/HL7/dhfp-ig/Requirements-DHFPR2-TI.2.1.2.8.html |
| URL | http://hl7.org/ehrs/us/dhfpr2/Requirements/DHFPR2-TI.2.1.2.8 |
| Version | 2.0.0-ballot |
| Status | active |
| Date | 2025-12-19T08:44:27+00:00 |
| Name | TI_2_1_2_8_Extraordinary_User_Access__Break_the_Glass__Security_Audit_Trigger |
| Title | TI.2.1.2.8 Extraordinary User Access (Break the Glass) Security Audit Trigger (Function) |
| Realm | us |
| Authority | hl7 |
| Description | Manage Audit Trigger initiated to track extraordinary user access (break the glass). |
| Purpose | Capture extraordinary user access (break the glass), both routine and exceptional, including key metadata (who, what, when, where, why). |
No resources found
No resources found
Note: links and images are rebased to the (stated) source
Capture extraordinary user access (break the glass), both routine and exceptional, including key metadata (who, what, when, where, why).
| TI.2.1.2.8#01 | SHALL |
The system SHALL audit each occurrence when extraordinary access is successful (e.g., "break the glass" scenario). |
| TI.2.1.2.8#02 | SHALL |
The system SHALL capture identity of the organization. |
| TI.2.1.2.8#03 | SHALL conditional |
IF known, THEN the system SHALL capture identity of the user. |
| TI.2.1.2.8#04 | SHALL |
The system SHALL capture identity of the system. |
| TI.2.1.2.8#05 | SHALL |
The system SHALL capture the event initiating audit trigger. |
| TI.2.1.2.8#06 | SHALL |
The system SHALL capture the date and time of the event initiating audit trigger. |
| TI.2.1.2.8#07 | SHALL |
The system SHALL capture identity of the location (i.e., network address). |
| TI.2.1.2.8#08 | SHALL |
The system SHALL capture the rationale for extraordinary user access. |
FHIR
FHIRsmith{
"resourceType": "Requirements",
"id": "DHFPR2-TI.2.1.2.8",
"meta": {
"profile": [
"http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/FMFunction"
]
},
"language": "en",
"text": {
"status": "extensions",
"div": "<!-- snip (see above) -->"
},
"extension": [
{
"url": "http://hl7.org/fhir/StructureDefinition/structuredefinition-standards-status",
"valueCode": "informative"
},
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-change-info",
"valueCode": "NC"
},
{
"url": "http://hl7.org/fhir/StructureDefinition/structuredefinition-wg",
"valueCode": "ehr"
},
{
"url": "http://hl7.org/fhir/StructureDefinition/structuredefinition-fmm",
"valueInteger": 1,
"_valueInteger": {
"extension": [
{
"url": "http://hl7.org/fhir/StructureDefinition/structuredefinition-conformance-derivedFrom",
"valueCanonical": "http://hl7.org/ehrs/us/dhfpr2/ImplementationGuide/hl7.ehrs.us.dhfpr2"
}
]
}
}
],
"url": "http://hl7.org/ehrs/us/dhfpr2/Requirements/DHFPR2-TI.2.1.2.8",
"version": "2.0.0-ballot",
"name": "TI_2_1_2_8_Extraordinary_User_Access__Break_the_Glass__Security_Audit_Trigger",
"title": "TI.2.1.2.8 Extraordinary User Access (Break the Glass) Security Audit Trigger (Function)",
"status": "active",
"date": "2025-12-19T08:44:27+00:00",
"publisher": "HL7 International / Electronic Health Records",
"contact": [
{
"telecom": [
{
"system": "url",
"value": "http://www.hl7.org/Special/committees/ehr"
}
]
}
],
"description": "Manage Audit Trigger initiated to track extraordinary user access (break the glass).",
"jurisdiction": [
{
"coding": [
{
"system": "urn:iso:std:iso:3166",
"code": "US"
}
]
}
],
"purpose": "Capture extraordinary user access (break the glass), both routine and exceptional, including key metadata (who, what, when, where, why).",
"derivedFrom": [
"http://hl7.org/ehrs/uv/ehrsfmr2/Requirements/EHRSFMR2-TI.2.1.2.8"
],
"statement": [
{
"extension": [
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
"valueBoolean": false
},
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-change-info",
"valueCode": "NC"
}
],
"key": "DHFPR2-TI.2.1.2.8-01",
"label": "TI.2.1.2.8#01",
"conformance": [
"SHALL"
],
"conditionality": false,
"requirement": "The system SHALL audit each occurrence when extraordinary access is successful (e.g., \"break the glass\" scenario).",
"derivedFrom": "TI.2.1.2.8#1"
},
{
"extension": [
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
"valueBoolean": false
},
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-change-info",
"valueCode": "NC"
}
],
"key": "DHFPR2-TI.2.1.2.8-02",
"label": "TI.2.1.2.8#02",
"conformance": [
"SHALL"
],
"conditionality": false,
"requirement": "The system SHALL capture identity of the organization.",
"derivedFrom": "TI.2.1.2.8#2"
},
{
"extension": [
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
"valueBoolean": false
},
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-change-info",
"valueCode": "NC"
}
],
"key": "DHFPR2-TI.2.1.2.8-03",
"label": "TI.2.1.2.8#03",
"conformance": [
"SHALL"
],
"conditionality": true,
"requirement": "IF known, THEN the system SHALL capture identity of the user.",
"derivedFrom": "TI.2.1.2.8#3"
},
{
"extension": [
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
"valueBoolean": false
},
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-change-info",
"valueCode": "NC"
}
],
"key": "DHFPR2-TI.2.1.2.8-04",
"label": "TI.2.1.2.8#04",
"conformance": [
"SHALL"
],
"conditionality": false,
"requirement": "The system SHALL capture identity of the system.",
"derivedFrom": "TI.2.1.2.8#4"
},
{
"extension": [
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
"valueBoolean": false
},
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-change-info",
"valueCode": "NC"
}
],
"key": "DHFPR2-TI.2.1.2.8-05",
"label": "TI.2.1.2.8#05",
"conformance": [
"SHALL"
],
"conditionality": false,
"requirement": "The system SHALL capture the event initiating audit trigger.",
"derivedFrom": "TI.2.1.2.8#5"
},
{
"extension": [
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
"valueBoolean": false
},
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-change-info",
"valueCode": "NC"
}
],
"key": "DHFPR2-TI.2.1.2.8-06",
"label": "TI.2.1.2.8#06",
"conformance": [
"SHALL"
],
"conditionality": false,
"requirement": "The system SHALL capture the date and time of the event initiating audit trigger.",
"derivedFrom": "TI.2.1.2.8#6"
},
{
"extension": [
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
"valueBoolean": false
},
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-change-info",
"valueCode": "NC"
}
],
"key": "DHFPR2-TI.2.1.2.8-07",
"label": "TI.2.1.2.8#07",
"conformance": [
"SHALL"
],
"conditionality": false,
"requirement": "The system SHALL capture identity of the location (i.e., network address).",
"derivedFrom": "TI.2.1.2.8#7"
},
{
"extension": [
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
"valueBoolean": false
},
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-change-info",
"valueCode": "NC"
}
],
"key": "DHFPR2-TI.2.1.2.8-08",
"label": "TI.2.1.2.8#08",
"conformance": [
"SHALL"
],
"conditionality": false,
"requirement": "The system SHALL capture the rationale for extraordinary user access.",
"derivedFrom": "TI.2.1.2.8#8"
}
]
}