| Package | hl7.ehrs.uv.ehrsfmr2 |
| Type | Requirements |
| Id | EHRSFMR2-TI.2.1.2.8 |
| FHIR Version | R5 |
| Source | http://hl7.org/ehrs/uv/ehrsfmr2/https://build.fhir.org/ig/mvdzel/ehrsfm-fhir-r5/Requirements-EHRSFMR2-TI.2.1.2.8.html |
| URL | http://hl7.org/ehrs/uv/ehrsfmr2/Requirements/EHRSFMR2-TI.2.1.2.8 |
| Version | 2.1.1-ballot |
| Status | active |
| Date | 2025-05-13T15:11:00+00:00 |
| Name | TI_2_1_2_8_Extraordinary_User_Access__Break_the_Glass__Security_Audit_Trigger |
| Title | TI.2.1.2.8 Extraordinary User Access (Break the Glass) Security Audit Trigger (Function) |
| Realm | uv |
| Authority | hl7 |
| Description | Manage Audit Trigger initiated to track extraordinary user access (break the glass). |
| Purpose | Capture extraordinary user access (break the glass), both routine and exceptional, including key metadata (who, what, when, where, why). |
No resources found
No resources found
Note: links and images are rebased to the (stated) source
Manage Audit Trigger initiated to track extraordinary user access (break the glass).
Capture extraordinary user access (break the glass), both routine and exceptional, including key metadata (who, what, when, where, why).
| TI.2.1.2.8#01 | SHALL |
The system SHALL audit each occurrence when extraordinary access is successful (e.g., "break the glass" scenario). |
| TI.2.1.2.8#02 | SHALL |
The system SHALL capture identity of the organization. |
| TI.2.1.2.8#03 | conditional SHALL |
IF known, THEN the system SHALL capture identity of the user. |
| TI.2.1.2.8#04 | SHALL |
The system SHALL capture identity of the system. |
| TI.2.1.2.8#05 | SHALL |
The system SHALL capture the event initiating audit trigger. |
| TI.2.1.2.8#06 | SHALL |
The system SHALL capture the date and time of the event initiating audit trigger. |
| TI.2.1.2.8#07 | SHALL |
The system SHALL capture identity of the location (i.e., network address). |
| TI.2.1.2.8#08 | SHALL |
The system SHALL capture the rationale for extraordinary user access. |
FHIR{
"resourceType": "Requirements",
"id": "EHRSFMR2-TI.2.1.2.8",
"meta": {
"profile": [
"http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/FMFunction"
]
},
"text": {
"status": "extensions",
"div": "<!-- snip (see above) -->"
},
"extension": [
{
"url": "http://hl7.org/fhir/StructureDefinition/structuredefinition-wg",
"valueCode": "ehr"
}
],
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/Requirements/EHRSFMR2-TI.2.1.2.8",
"version": "2.1.1-ballot",
"name": "TI_2_1_2_8_Extraordinary_User_Access__Break_the_Glass__Security_Audit_Trigger",
"title": "TI.2.1.2.8 Extraordinary User Access (Break the Glass) Security Audit Trigger (Function)",
"status": "active",
"date": "2025-05-13T15:11:00+00:00",
"publisher": "HL7 International / Electronic Health Records",
"contact": [
{
"telecom": [
{
"system": "url",
"value": "http://www.hl7.org/Special/committees/ehr"
}
]
}
],
"description": "Manage Audit Trigger initiated to track extraordinary user access (break the glass).",
"jurisdiction": [
{
"coding": [
{
"system": "http://unstats.un.org/unsd/methods/m49/m49.htm",
"code": "001",
"display": "World"
}
]
}
],
"purpose": "Capture extraordinary user access (break the glass), both routine and exceptional, including key metadata (who, what, when, where, why).",
"statement": [
{
"extension": [
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
"valueBoolean": false
}
],
"key": "EHRSFMR2-TI.2.1.2.8-01",
"label": "TI.2.1.2.8#01",
"conformance": [
"SHALL"
],
"conditionality": false,
"requirement": "The system SHALL audit each occurrence when extraordinary access is successful (e.g., \"break the glass\" scenario)."
},
{
"extension": [
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
"valueBoolean": false
}
],
"key": "EHRSFMR2-TI.2.1.2.8-02",
"label": "TI.2.1.2.8#02",
"conformance": [
"SHALL"
],
"conditionality": false,
"requirement": "The system SHALL capture identity of the organization."
},
{
"extension": [
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
"valueBoolean": false
}
],
"key": "EHRSFMR2-TI.2.1.2.8-03",
"label": "TI.2.1.2.8#03",
"conformance": [
"SHALL"
],
"conditionality": true,
"requirement": "IF known, THEN the system SHALL capture identity of the user."
},
{
"extension": [
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
"valueBoolean": false
}
],
"key": "EHRSFMR2-TI.2.1.2.8-04",
"label": "TI.2.1.2.8#04",
"conformance": [
"SHALL"
],
"conditionality": false,
"requirement": "The system SHALL capture identity of the system."
},
{
"extension": [
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
"valueBoolean": false
}
],
"key": "EHRSFMR2-TI.2.1.2.8-05",
"label": "TI.2.1.2.8#05",
"conformance": [
"SHALL"
],
"conditionality": false,
"requirement": "The system SHALL capture the event initiating audit trigger."
},
{
"extension": [
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
"valueBoolean": false
}
],
"key": "EHRSFMR2-TI.2.1.2.8-06",
"label": "TI.2.1.2.8#06",
"conformance": [
"SHALL"
],
"conditionality": false,
"requirement": "The system SHALL capture the date and time of the event initiating audit trigger."
},
{
"extension": [
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
"valueBoolean": false
}
],
"key": "EHRSFMR2-TI.2.1.2.8-07",
"label": "TI.2.1.2.8#07",
"conformance": [
"SHALL"
],
"conditionality": false,
"requirement": "The system SHALL capture identity of the location (i.e., network address)."
},
{
"extension": [
{
"url": "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
"valueBoolean": false
}
],
"key": "EHRSFMR2-TI.2.1.2.8-08",
"label": "TI.2.1.2.8#08",
"conformance": [
"SHALL"
],
"conditionality": false,
"requirement": "The system SHALL capture the rationale for extraordinary user access."
}
]
}