Personal Health Record System Functional Model, Release 2
0.1.0 - CI Build
Personal Health Record System Functional Model, Release 2 - Local Development build (v0.1.0) built by the FHIR (HL7® FHIR® Standard) Build Tools. See the Directory of published versions
| Active as of 2024-01-31 |
<Requirements xmlns="http://hl7.org/fhir">
<id value="PHRSFMR2-TI.2.1.2"/>
<meta>
<profile value="http://hl7.org/ehrs/StructureDefinition/FMFunction"/>
</meta>
<text>
<status value="extensions"/>
<div xmlns="http://www.w3.org/1999/xhtml">
<table id="statements" class="grid dict">
<tr>
<td style="padding-left: 4px;">
<span>TI.2.1.2#01</span>
</td>
<td style="padding-left: 4px;">
<span>SHALL</span>
</td>
<td style="padding-left: 4px;" class="requirement">
<span><div><p>The system SHALL provide the ability to enter the reason that access control functions are being overridden.</p>
</div></span>
</td>
</tr>
<tr>
<td style="padding-left: 4px;">
<span>TI.2.1.2#02</span>
</td>
<td style="padding-left: 4px;">
<span>SHALL</span>
</td>
<td style="padding-left: 4px;" class="requirement">
<span><div><p>The system SHALL audit key events according to scope of practice, organizational policy, and/or jurisdictional law.</p>
</div></span>
</td>
</tr>
<tr>
<td style="padding-left: 4px;">
<span>TI.2.1.2#03</span>
</td>
<td style="padding-left: 4px;">
<span>SHALL</span>
</td>
<td style="padding-left: 4px;" class="requirement">
<span><div><p>The system SHALL capture key Audit Metadata at each Audit Trigger according to scope of practice, organizational policy, and/or jurisdictional law.</p>
</div></span>
</td>
</tr>
<tr>
<td style="padding-left: 4px;">
<span>TI.2.1.2#04</span>
</td>
<td style="padding-left: 4px;">
<span>SHALL</span>
</td>
<td style="padding-left: 4px;" class="requirement">
<span><div><p>The system SHALL capture an Audit Log Entry at each Audit Trigger according to scope of practice, organizational policy, and/or jurisdictional law.</p>
</div></span>
</td>
</tr>
<tr>
<td style="padding-left: 4px;">
<span>TI.2.1.2#05</span>
</td>
<td style="padding-left: 4px;">
<span>SHALL</span>
</td>
<td style="padding-left: 4px;" class="requirement">
<span><div><p>The system SHALL provide the ability to log system maintenance events for entry to, and exit from, the PHR system.</p>
</div></span>
</td>
</tr>
<tr>
<td style="padding-left: 4px;">
<span>TI.2.1.2#06</span>
</td>
<td style="padding-left: 4px;">
<span>MAY</span>
</td>
<td style="padding-left: 4px;" class="requirement">
<span><div><p>The system MAY capture an Audit Log Entry at each Audit Trigger using a common audit engine, e.g., standards-based software.</p>
</div></span>
</td>
</tr>
</table>
</div>
</text>
<url value="http://hl7.org/ehrs/Requirements/PHRSFMR2-TI.2.1.2"/>
<version value="0.1.0"/>
<name value="TI_2_1_2_Security_Audit_Triggers"/>
<title value="TI.2.1.2 Security Audit Triggers (Function)"/>
<status value="active"/>
<date value="2024-01-31T14:45:34+00:00"/>
<publisher value="EHR WG"/>
<contact>
<telecom>
<system value="url"/>
<value value="http://www.hl7.org/Special/committees/ehr"/>
</telecom>
</contact>
<description
value="Security Audit Triggers are designed to capture security related events, both routine and exceptional, including key metadata (who, what, when, where, why)."/>
<statement>
<key value="PHRSFMR2-TI.2.1.2-01"/>
<label value="TI.2.1.2#01"/>
<conformance value="SHALL"/>
<conditionality value="false"/>
<requirement
value="The system SHALL provide the ability to enter the reason that access control functions are being overridden."/>
</statement>
<statement>
<key value="PHRSFMR2-TI.2.1.2-02"/>
<label value="TI.2.1.2#02"/>
<conformance value="SHALL"/>
<conditionality value="false"/>
<requirement
value="The system SHALL audit key events according to scope of practice, organizational policy, and/or jurisdictional law."/>
</statement>
<statement>
<key value="PHRSFMR2-TI.2.1.2-03"/>
<label value="TI.2.1.2#03"/>
<conformance value="SHALL"/>
<conditionality value="false"/>
<requirement
value="The system SHALL capture key Audit Metadata at each Audit Trigger according to scope of practice, organizational policy, and/or jurisdictional law."/>
</statement>
<statement>
<key value="PHRSFMR2-TI.2.1.2-04"/>
<label value="TI.2.1.2#04"/>
<conformance value="SHALL"/>
<conditionality value="false"/>
<requirement
value="The system SHALL capture an Audit Log Entry at each Audit Trigger according to scope of practice, organizational policy, and/or jurisdictional law."/>
</statement>
<statement>
<key value="PHRSFMR2-TI.2.1.2-05"/>
<label value="TI.2.1.2#05"/>
<conformance value="SHALL"/>
<conditionality value="false"/>
<requirement
value="The system SHALL provide the ability to log system maintenance events for entry to, and exit from, the PHR system."/>
</statement>
<statement>
<key value="PHRSFMR2-TI.2.1.2-06"/>
<label value="TI.2.1.2#06"/>
<conformance value="MAY"/>
<conditionality value="false"/>
<requirement
value="The system MAY capture an Audit Log Entry at each Audit Trigger using a common audit engine, e.g., standards-based software."/>
</statement>
</Requirements>