EHRS-FM IG

ISO/HL7 10781 - Electronic Health Record System Functional Model, Release 2.1
0.14.0 - CI Build

ISO/HL7 10781 - Electronic Health Record System Functional Model, Release 2.1 - Local Development build (v0.14.0) built by the FHIR (HL7® FHIR® Standard) Build Tools. See the Directory of published versions

: TI.2.1.2.1 Security Event Security Audit Trigger (Function) - XML Representation

Active as of 2024-06-01

Raw xml | Download



<Requirements xmlns="http://hl7.org/fhir">
  <id value="EHRSFMR2.1-TI.2.1.2.1"/>
  <meta>
    <profile value="http://hl7.org/ehrs/StructureDefinition/FMFunction"/>
  </meta>
  <text>
    <status value="extensions"/>
    <div xmlns="http://www.w3.org/1999/xhtml">
    <span id="description"><b>Statement <a href="https://hl7.org/fhir/versions.html#std-process" title="Normative Content" class="normative-flag">N</a>:</b> <div><p>Manage Audit Trigger initiated to track Security event.</p>
</div></span>

    
    <span id="purpose"><b>Description <a href="https://hl7.org/fhir/versions.html#std-process" title="Informative Content" class="informative-flag">I</a>:</b> <div><p>Capture security events, both routine and exceptional, including key metadata (who, what, when, where, why).</p>
</div></span>
    

    

    
    <span id="requirements"><b>Criteria <a href="https://hl7.org/fhir/versions.html#std-process" title="Normative Content" class="normative-flag">N</a>:</b></span>
    
    <table id="statements" class="grid dict">
        
        <tr>
            <td style="padding-left: 4px;">
                
                <span>TI.2.1.2.1#01</span>
                
            </td>
            <td style="padding-left: 4px;">
                
                <i>dependent</i>
                
                
                
                <span>SHALL</span>
                
            </td>
            <td style="padding-left: 4px;" class="requirement">
                
                <span><div><p>The system SHALL audit each occurrence when security events are detected according to scope of practice, organizational policy, and/or jurisdictional law.</p>
</div></span>
                
                
            </td>
        </tr>
        
        <tr>
            <td style="padding-left: 4px;">
                
                <span>TI.2.1.2.1#02</span>
                
            </td>
            <td style="padding-left: 4px;">
                
                
                
                <span>SHALL</span>
                
            </td>
            <td style="padding-left: 4px;" class="requirement">
                
                <span><div><p>The system SHALL capture identity of the organization.</p>
</div></span>
                
                
            </td>
        </tr>
        
        <tr>
            <td style="padding-left: 4px;">
                
                <span>TI.2.1.2.1#03</span>
                
            </td>
            <td style="padding-left: 4px;">
                
                
                <i>conditional</i>
                
                
                <span>SHALL</span>
                
            </td>
            <td style="padding-left: 4px;" class="requirement">
                
                <span><div><p>IF known, THEN the system SHALL capture identity of the user.</p>
</div></span>
                
                
            </td>
        </tr>
        
        <tr>
            <td style="padding-left: 4px;">
                
                <span>TI.2.1.2.1#04</span>
                
            </td>
            <td style="padding-left: 4px;">
                
                
                
                <span>SHALL</span>
                
            </td>
            <td style="padding-left: 4px;" class="requirement">
                
                <span><div><p>The system SHALL capture identity of the system.</p>
</div></span>
                
                
            </td>
        </tr>
        
        <tr>
            <td style="padding-left: 4px;">
                
                <span>TI.2.1.2.1#05</span>
                
            </td>
            <td style="padding-left: 4px;">
                
                
                
                <span>SHALL</span>
                
            </td>
            <td style="padding-left: 4px;" class="requirement">
                
                <span><div><p>The system SHALL capture the event initiating audit trigger.</p>
</div></span>
                
                
            </td>
        </tr>
        
        <tr>
            <td style="padding-left: 4px;">
                
                <span>TI.2.1.2.1#06</span>
                
            </td>
            <td style="padding-left: 4px;">
                
                
                
                <span>SHALL</span>
                
            </td>
            <td style="padding-left: 4px;" class="requirement">
                
                <span><div><p>The system SHALL capture the date and time of the event initiating audit trigger.</p>
</div></span>
                
                
            </td>
        </tr>
        
        <tr>
            <td style="padding-left: 4px;">
                
                <span>TI.2.1.2.1#07</span>
                
            </td>
            <td style="padding-left: 4px;">
                
                
                
                <span>SHALL</span>
                
            </td>
            <td style="padding-left: 4px;" class="requirement">
                
                <span><div><p>The system SHALL capture identity of the location (i.e., network address).</p>
</div></span>
                
                
            </td>
        </tr>
        
        <tr>
            <td style="padding-left: 4px;">
                
                <span>TI.2.1.2.1#08</span>
                
            </td>
            <td style="padding-left: 4px;">
                
                
                
                <span>MAY</span>
                
            </td>
            <td style="padding-left: 4px;" class="requirement">
                
                <span><div><p>The system MAY capture the rationale for the event initiating audit trigger.</p>
</div></span>
                
                
            </td>
        </tr>
        
    </table>
</div>
  </text>
  <url value="http://hl7.org/ehrs/Requirements/EHRSFMR2.1-TI.2.1.2.1"/>
  <version value="0.14.0"/>
  <name value="TI_2_1_2_1_Security_Event_Security_Audit_Trigger"/>
  <title value="TI.2.1.2.1 Security Event Security Audit Trigger (Function)"/>
  <status value="active"/>
  <date value="2024-06-01T08:34:10+00:00"/>
  <publisher value="EHR WG"/>
  <contact>
    <telecom>
      <system value="url"/>
      <value value="http://www.hl7.org/Special/committees/ehr"/>
    </telecom>
  </contact>
  <description
               value="Manage Audit Trigger initiated to track Security event."/>
  <purpose
           value="Capture security events, both routine and exceptional, including key metadata (who, what, when, where, why)."/>
  <statement>
    <extension
               url="http://hl7.org/ehrs/StructureDefinition/requirements-dependent">
      <valueBoolean value="true"/>
    </extension>
    <key value="EHRSFMR2.1-TI.2.1.2.1-01"/>
    <label value="TI.2.1.2.1#01"/>
    <conformance value="SHALL"/>
    <conditionality value="false"/>
    <requirement
                 value="The system SHALL audit each occurrence when security events are detected according to scope of practice, organizational policy, and/or jurisdictional law."/>
  </statement>
  <statement>
    <extension
               url="http://hl7.org/ehrs/StructureDefinition/requirements-dependent">
      <valueBoolean value="false"/>
    </extension>
    <key value="EHRSFMR2.1-TI.2.1.2.1-02"/>
    <label value="TI.2.1.2.1#02"/>
    <conformance value="SHALL"/>
    <conditionality value="false"/>
    <requirement
                 value="The system SHALL capture identity of the organization."/>
  </statement>
  <statement>
    <extension
               url="http://hl7.org/ehrs/StructureDefinition/requirements-dependent">
      <valueBoolean value="false"/>
    </extension>
    <key value="EHRSFMR2.1-TI.2.1.2.1-03"/>
    <label value="TI.2.1.2.1#03"/>
    <conformance value="SHALL"/>
    <conditionality value="true"/>
    <requirement
                 value="IF known, THEN the system SHALL capture identity of the user."/>
  </statement>
  <statement>
    <extension
               url="http://hl7.org/ehrs/StructureDefinition/requirements-dependent">
      <valueBoolean value="false"/>
    </extension>
    <key value="EHRSFMR2.1-TI.2.1.2.1-04"/>
    <label value="TI.2.1.2.1#04"/>
    <conformance value="SHALL"/>
    <conditionality value="false"/>
    <requirement value="The system SHALL capture identity of the system."/>
  </statement>
  <statement>
    <extension
               url="http://hl7.org/ehrs/StructureDefinition/requirements-dependent">
      <valueBoolean value="false"/>
    </extension>
    <key value="EHRSFMR2.1-TI.2.1.2.1-05"/>
    <label value="TI.2.1.2.1#05"/>
    <conformance value="SHALL"/>
    <conditionality value="false"/>
    <requirement
                 value="The system SHALL capture the event initiating audit trigger."/>
  </statement>
  <statement>
    <extension
               url="http://hl7.org/ehrs/StructureDefinition/requirements-dependent">
      <valueBoolean value="false"/>
    </extension>
    <key value="EHRSFMR2.1-TI.2.1.2.1-06"/>
    <label value="TI.2.1.2.1#06"/>
    <conformance value="SHALL"/>
    <conditionality value="false"/>
    <requirement
                 value="The system SHALL capture the date and time of the event initiating audit trigger."/>
  </statement>
  <statement>
    <extension
               url="http://hl7.org/ehrs/StructureDefinition/requirements-dependent">
      <valueBoolean value="false"/>
    </extension>
    <key value="EHRSFMR2.1-TI.2.1.2.1-07"/>
    <label value="TI.2.1.2.1#07"/>
    <conformance value="SHALL"/>
    <conditionality value="false"/>
    <requirement
                 value="The system SHALL capture identity of the location (i.e., network address)."/>
  </statement>
  <statement>
    <extension
               url="http://hl7.org/ehrs/StructureDefinition/requirements-dependent">
      <valueBoolean value="false"/>
    </extension>
    <key value="EHRSFMR2.1-TI.2.1.2.1-08"/>
    <label value="TI.2.1.2.1#08"/>
    <conformance value="MAY"/>
    <conditionality value="false"/>
    <requirement
                 value="The system MAY capture the rationale for the event initiating audit trigger."/>
  </statement>
</Requirements>