EHRS-FM IG

ISO/HL7 10781 - Electronic Health Record System Functional Model, Release 2.1
0.14.0 - CI Build

ISO/HL7 10781 - Electronic Health Record System Functional Model, Release 2.1 - Local Development build (v0.14.0) built by the FHIR (HL7® FHIR® Standard) Build Tools. See the Directory of published versions

: TI.2.1.2.7 User Attempts to Access Data (Unsuccessful – Access Denied) Security Audit Trigger (Function) - JSON Representation

Active as of 2024-06-01

Raw json | Download


{
  "resourceType" : "Requirements",
  "id" : "EHRSFMR2.1-TI.2.1.2.7",
  "meta" : {
    "profile" : [
      🔗 "http://hl7.org/ehrs/StructureDefinition/FMFunction"
    ]
  },
  "text" : {
    "status" : "extensions",
    "div" : "<div xmlns=\"http://www.w3.org/1999/xhtml\">\n    <span id=\"description\"><b>Statement <a href=\"https://hl7.org/fhir/versions.html#std-process\" title=\"Normative Content\" class=\"normative-flag\">N</a>:</b> <div><p>Manage Audit Trigger initiated to track user attempts to access data (unsuccessful – access denied).</p>\n</div></span>\n\n    \n    <span id=\"purpose\"><b>Description <a href=\"https://hl7.org/fhir/versions.html#std-process\" title=\"Informative Content\" class=\"informative-flag\">I</a>:</b> <div><p>Capture user attempts to access data (unsuccessful – access denied), both routine and exceptional, including key metadata (who, what, when, where, why).</p>\n</div></span>\n    \n\n    \n\n    \n    <span id=\"requirements\"><b>Criteria <a href=\"https://hl7.org/fhir/versions.html#std-process\" title=\"Normative Content\" class=\"normative-flag\">N</a>:</b></span>\n    \n    <table id=\"statements\" class=\"grid dict\">\n        \n        <tr>\n            <td style=\"padding-left: 4px;\">\n                \n                <span>TI.2.1.2.7#01</span>\n                \n            </td>\n            <td style=\"padding-left: 4px;\">\n                \n                \n                \n                <span>SHALL</span>\n                \n            </td>\n            <td style=\"padding-left: 4px;\" class=\"requirement\">\n                \n                <span><div><p>The system SHALL audit each occurrence when user access is unsuccessful (denied).</p>\n</div></span>\n                \n                \n            </td>\n        </tr>\n        \n        <tr>\n            <td style=\"padding-left: 4px;\">\n                \n                <span>TI.2.1.2.7#02</span>\n                \n            </td>\n            <td style=\"padding-left: 4px;\">\n                \n                \n                \n                <span>SHALL</span>\n                \n            </td>\n            <td style=\"padding-left: 4px;\" class=\"requirement\">\n                \n                <span><div><p>The system SHALL capture identity of the organization.</p>\n</div></span>\n                \n                \n            </td>\n        </tr>\n        \n        <tr>\n            <td style=\"padding-left: 4px;\">\n                \n                <span>TI.2.1.2.7#03</span>\n                \n            </td>\n            <td style=\"padding-left: 4px;\">\n                \n                \n                <i>conditional</i>\n                \n                \n                <span>SHALL</span>\n                \n            </td>\n            <td style=\"padding-left: 4px;\" class=\"requirement\">\n                \n                <span><div><p>IF known, THEN the system SHALL capture identity of the user.</p>\n</div></span>\n                \n                \n            </td>\n        </tr>\n        \n        <tr>\n            <td style=\"padding-left: 4px;\">\n                \n                <span>TI.2.1.2.7#04</span>\n                \n            </td>\n            <td style=\"padding-left: 4px;\">\n                \n                \n                \n                <span>SHALL</span>\n                \n            </td>\n            <td style=\"padding-left: 4px;\" class=\"requirement\">\n                \n                <span><div><p>The system SHALL capture identity of the system.</p>\n</div></span>\n                \n                \n            </td>\n        </tr>\n        \n        <tr>\n            <td style=\"padding-left: 4px;\">\n                \n                <span>TI.2.1.2.7#05</span>\n                \n            </td>\n            <td style=\"padding-left: 4px;\">\n                \n                \n                \n                <span>SHALL</span>\n                \n            </td>\n            <td style=\"padding-left: 4px;\" class=\"requirement\">\n                \n                <span><div><p>The system SHALL capture the event initiating audit trigger.</p>\n</div></span>\n                \n                \n            </td>\n        </tr>\n        \n        <tr>\n            <td style=\"padding-left: 4px;\">\n                \n                <span>TI.2.1.2.7#06</span>\n                \n            </td>\n            <td style=\"padding-left: 4px;\">\n                \n                \n                \n                <span>SHALL</span>\n                \n            </td>\n            <td style=\"padding-left: 4px;\" class=\"requirement\">\n                \n                <span><div><p>The system SHALL capture the date and time of the event initiating audit trigger.</p>\n</div></span>\n                \n                \n            </td>\n        </tr>\n        \n        <tr>\n            <td style=\"padding-left: 4px;\">\n                \n                <span>TI.2.1.2.7#07</span>\n                \n            </td>\n            <td style=\"padding-left: 4px;\">\n                \n                \n                \n                <span>SHALL</span>\n                \n            </td>\n            <td style=\"padding-left: 4px;\" class=\"requirement\">\n                \n                <span><div><p>The system SHALL capture identity of the location (i.e., network address).</p>\n</div></span>\n                \n                \n            </td>\n        </tr>\n        \n    </table>\n</div>"
  },
  "url" : "http://hl7.org/ehrs/Requirements/EHRSFMR2.1-TI.2.1.2.7",
  "version" : "0.14.0",
  "name" : "TI_2_1_2_7_User_Attempts_to_Access_Data__Unsuccessful___Access_Denied__Security_Audit_Trigger",
  "title" : "TI.2.1.2.7 User Attempts to Access Data (Unsuccessful – Access Denied) Security Audit Trigger (Function)",
  "status" : "active",
  "date" : "2024-06-01T08:34:10+00:00",
  "publisher" : "EHR WG",
  "contact" : [
    {
      "telecom" : [
        {
          "system" : "url",
          "value" : "http://www.hl7.org/Special/committees/ehr"
        }
      ]
    }
  ],
  "description" : "Manage Audit Trigger initiated to track user attempts to access data (unsuccessful – access denied).",
  "purpose" : "Capture user attempts to access data (unsuccessful – access denied), both routine and exceptional, including key metadata (who, what, when, where, why).",
  "statement" : [
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
          "valueBoolean" : false
        }
      ],
      "key" : "EHRSFMR2.1-TI.2.1.2.7-01",
      "label" : "TI.2.1.2.7#01",
      "conformance" : [
        "SHALL"
      ],
      "conditionality" : false,
      "requirement" : "The system SHALL audit each occurrence when user access is unsuccessful (denied)."
    },
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
          "valueBoolean" : false
        }
      ],
      "key" : "EHRSFMR2.1-TI.2.1.2.7-02",
      "label" : "TI.2.1.2.7#02",
      "conformance" : [
        "SHALL"
      ],
      "conditionality" : false,
      "requirement" : "The system SHALL capture identity of the organization."
    },
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
          "valueBoolean" : false
        }
      ],
      "key" : "EHRSFMR2.1-TI.2.1.2.7-03",
      "label" : "TI.2.1.2.7#03",
      "conformance" : [
        "SHALL"
      ],
      "conditionality" : true,
      "requirement" : "IF known, THEN the system SHALL capture identity of the user."
    },
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
          "valueBoolean" : false
        }
      ],
      "key" : "EHRSFMR2.1-TI.2.1.2.7-04",
      "label" : "TI.2.1.2.7#04",
      "conformance" : [
        "SHALL"
      ],
      "conditionality" : false,
      "requirement" : "The system SHALL capture identity of the system."
    },
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
          "valueBoolean" : false
        }
      ],
      "key" : "EHRSFMR2.1-TI.2.1.2.7-05",
      "label" : "TI.2.1.2.7#05",
      "conformance" : [
        "SHALL"
      ],
      "conditionality" : false,
      "requirement" : "The system SHALL capture the event initiating audit trigger."
    },
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
          "valueBoolean" : false
        }
      ],
      "key" : "EHRSFMR2.1-TI.2.1.2.7-06",
      "label" : "TI.2.1.2.7#06",
      "conformance" : [
        "SHALL"
      ],
      "conditionality" : false,
      "requirement" : "The system SHALL capture the date and time of the event initiating audit trigger."
    },
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/StructureDefinition/requirements-dependent",
          "valueBoolean" : false
        }
      ],
      "key" : "EHRSFMR2.1-TI.2.1.2.7-07",
      "label" : "TI.2.1.2.7#07",
      "conformance" : [
        "SHALL"
      ],
      "conditionality" : false,
      "requirement" : "The system SHALL capture identity of the location (i.e., network address)."
    }
  ]
}