FHIR © HL7.org  |  FHIRsmith 4.0.1  |  Server Home  |  XIG Home  |  XIG Stats  | 

FHIR IG analytics

Packagehl7.ehrs.us.dhfpr2
Resource TypeRequirements
IdRequirements-DHFPR2-TI.2.1.2.json
FHIR VersionR5
Sourcehttps://build.fhir.org/ig/HL7/dhfp-ig/Requirements-DHFPR2-TI.2.1.2.html
URLhttp://hl7.org/ehrs/us/dhfpr2/Requirements/DHFPR2-TI.2.1.2
Version2.0.0-ballot
Statusactive
Date2025-12-19T08:44:27+00:00
NameTI_2_1_2_Security_Audit_Triggers
TitleTI.2.1.2 Security Audit Triggers (Function)
Realmus
Authorityhl7
DescriptionManage Security Audit Triggers
PurposeSecurity Audit Triggers are designed to capture security related events, both routine and exceptional, including key metadata (who, what, when, where, why).

Resources that use this resource

No resources found

Resources that this resource uses

No resources found

Narrative

Note: links and images are rebased to the (stated) source

Description I:

Security Audit Triggers are designed to capture security related events, both routine and exceptional, including key metadata (who, what, when, where, why).

Criteria N:
TI.2.1.2#01 SHALL

The system SHALL provide the ability to enter the reason that access control functions are being overridden.
TI.2.1.2#02 SHALL dependent

The system SHALL audit key events according to scope of practice, organizational policy, and/or jurisdictional law.
TI.2.1.2#03 SHALL dependent

The system SHALL capture key Audit Metadata at each Audit Trigger according to scope of practice, organizational policy, and/or jurisdictional law.
TI.2.1.2#04 SHALL dependent

The system SHALL capture an Audit Log Entry at each Audit Trigger according to scope of practice, organizational policy, and/or jurisdictional law.
TI.2.1.2#05 SHALL

The system SHALL provide the ability to log system maintenance events for entry to, and exit from, the EHR system.
TI.2.1.2#06 MAY

The system MAY capture an Audit Log Entry at each Audit Trigger using a common audit engine, e.g., standards-based software.

Source1

{
  "resourceType": "Requirements",
  "id": "DHFPR2-TI.2.1.2",
  "meta": {
    "profile": [
      "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/FMFunction"
    ]
  },
  "language": "en",
  "text": {
    "status": "extensions",
    "div": "<!-- snip (see above) -->"
  },
  "extension": [
    {
      "url": "http://hl7.org/fhir/StructureDefinition/structuredefinition-standards-status",
      "valueCode": "informative"
    },
    {
      "url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-change-info",
      "valueCode": "NC"
    },
    {
      "url": "http://hl7.org/fhir/StructureDefinition/structuredefinition-wg",
      "valueCode": "ehr"
    },
    {
      "url": "http://hl7.org/fhir/StructureDefinition/structuredefinition-fmm",
      "valueInteger": 1,
      "_valueInteger": {
        "extension": [
          {
            "url": "http://hl7.org/fhir/StructureDefinition/structuredefinition-conformance-derivedFrom",
            "valueCanonical": "http://hl7.org/ehrs/us/dhfpr2/ImplementationGuide/hl7.ehrs.us.dhfpr2"
          }
        ]
      }
    }
  ],
  "url": "http://hl7.org/ehrs/us/dhfpr2/Requirements/DHFPR2-TI.2.1.2",
  "version": "2.0.0-ballot",
  "name": "TI_2_1_2_Security_Audit_Triggers",
  "title": "TI.2.1.2 Security Audit Triggers (Function)",
  "status": "active",
  "date": "2025-12-19T08:44:27+00:00",
  "publisher": "HL7 International / Electronic Health Records",
  "contact": [
    {
      "telecom": [
        {
          "system": "url",
          "value": "http://www.hl7.org/Special/committees/ehr"
        }
      ]
    }
  ],
  "description": "Manage Security Audit Triggers",
  "jurisdiction": [
    {
      "coding": [
        {
          "system": "urn:iso:std:iso:3166",
          "code": "US"
        }
      ]
    }
  ],
  "purpose": "Security Audit Triggers are designed to capture security related events, both routine and exceptional, including key metadata (who, what, when, where, why).",
  "derivedFrom": [
    "http://hl7.org/ehrs/uv/ehrsfmr2/Requirements/EHRSFMR2-TI.2.1.2"
  ],
  "statement": [
    {
      "extension": [
        {
          "url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
          "valueBoolean": false
        },
        {
          "url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-change-info",
          "valueCode": "NC"
        }
      ],
      "key": "DHFPR2-TI.2.1.2-01",
      "label": "TI.2.1.2#01",
      "conformance": [
        "SHALL"
      ],
      "conditionality": false,
      "requirement": "The system SHALL provide the ability to enter the reason that access control functions are being overridden.",
      "derivedFrom": "TI.2.1.2#1"
    },
    {
      "extension": [
        {
          "url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
          "valueBoolean": true
        },
        {
          "url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-change-info",
          "valueCode": "NC"
        }
      ],
      "key": "DHFPR2-TI.2.1.2-02",
      "label": "TI.2.1.2#02",
      "conformance": [
        "SHALL"
      ],
      "conditionality": false,
      "requirement": "The system SHALL audit key events according to scope of practice, organizational policy, and/or jurisdictional law.",
      "derivedFrom": "TI.2.1.2#2"
    },
    {
      "extension": [
        {
          "url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
          "valueBoolean": true
        },
        {
          "url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-change-info",
          "valueCode": "NC"
        }
      ],
      "key": "DHFPR2-TI.2.1.2-03",
      "label": "TI.2.1.2#03",
      "conformance": [
        "SHALL"
      ],
      "conditionality": false,
      "requirement": "The system SHALL capture key Audit Metadata at each Audit Trigger according to scope of practice, organizational policy, and/or jurisdictional law.",
      "derivedFrom": "TI.2.1.2#3"
    },
    {
      "extension": [
        {
          "url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
          "valueBoolean": true
        },
        {
          "url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-change-info",
          "valueCode": "NC"
        }
      ],
      "key": "DHFPR2-TI.2.1.2-04",
      "label": "TI.2.1.2#04",
      "conformance": [
        "SHALL"
      ],
      "conditionality": false,
      "requirement": "The system SHALL capture an Audit Log Entry at each Audit Trigger according to scope of practice, organizational policy, and/or jurisdictional law.",
      "derivedFrom": "TI.2.1.2#4"
    },
    {
      "extension": [
        {
          "url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
          "valueBoolean": false
        },
        {
          "url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-change-info",
          "valueCode": "NC"
        }
      ],
      "key": "DHFPR2-TI.2.1.2-05",
      "label": "TI.2.1.2#05",
      "conformance": [
        "SHALL"
      ],
      "conditionality": false,
      "requirement": "The system SHALL provide the ability to log system maintenance events for entry to, and exit from, the EHR system.",
      "derivedFrom": "TI.2.1.2#5"
    },
    {
      "extension": [
        {
          "url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
          "valueBoolean": false
        },
        {
          "url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-change-info",
          "valueCode": "NC"
        }
      ],
      "key": "DHFPR2-TI.2.1.2-06",
      "label": "TI.2.1.2#06",
      "conformance": [
        "MAY"
      ],
      "conditionality": false,
      "requirement": "The system MAY capture an Audit Log Entry at each Audit Trigger using a common audit engine, e.g., standards-based software.",
      "derivedFrom": "TI.2.1.2#6"
    }
  ]
}