HL7 Electronic Health Record System Functional Model, Release 2.1.1
2.1.1-ballot - Normative Ballot
HL7 Electronic Health Record System Functional Model, Release 2.1.1
2.1.1-ballot - Normative Ballot
This page is part of the HL7 Electronic Health Record System Functional Model, Release 2.1.1 (v2.1.1-ballot: Normative 1 Ballot 1) based on FHIR (HL7® FHIR® Standard) v5.0.0. No current official version has been published yet. For a full list of available versions, see the Directory of published versions
| Page standards status: Informative |
{
"resourceType" : "Requirements",
"id" : "EHRSFMR2-TI.2",
"meta" : {
"profile" : [
🔗 "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/FMFunction"
]
},
"text" : {
"status" : "extensions",
"div" : "<div xmlns=\"http://www.w3.org/1999/xhtml\">\n <span id=\"description\"><b>Statement <a href=\"https://hl7.org/fhir/versions.html#std-process\" title=\"Normative Content\" class=\"normative-flag\">N</a>:</b> <div><p>Audit Key Record, Security, System and Clinical Events</p>\n</div></span>\n\n \n <span id=\"purpose\"><b>Description <a href=\"https://hl7.org/fhir/versions.html#std-process\" title=\"Informative Content\" class=\"informative-flag\">I</a>:</b> <div><p>EHR Systems have built in audit triggers to capture key events in real-time, including events related to record management, security, system operations or performance or clinical situations.</p>\n<p>Event details, including key metadata (who, what, when, where), are captured in an Audit Log.</p>\n<p>Audit Review functions allow various methods of critical event notification as well as routine log review.</p>\n<p>Audit functions implement requirements according to scope of practice, organizational policy, and jurisdictional law.</p>\n</div></span>\n \n\n \n <span id=\"actors\"><b>Actors:</b><br/> ehr</span>\n \n\n \n <span id=\"requirements\"><b>Criteria <a href=\"https://hl7.org/fhir/versions.html#std-process\" title=\"Normative Content\" class=\"normative-flag\">N</a>:</b></span>\n \n <table id=\"statements\" class=\"grid dict\">\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.2#01</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n <i>dependent</i>\n \n \n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL conform to function <a href=\"Requirements-EHRSFMR2-TI.1.3.html\">TI.1.3</a> (Entity Access Control) to limit access to, or modification of, audit record information to appropriate entities according to scope of practice, organizational policy, and/or jurisdictional law.</p>\n</div></span>\n \n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.2#02</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n <i>dependent</i>\n \n \n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL conform to function <a href=\"Requirements-EHRSFMR2-TI.1.3.html\">TI.1.3</a> (Entity Access Control) to limit access to audit record information for purposes of deletion according to scope of practice, organizational policy, and/or jurisdictional law (e.g., limit access to only allow a specific system administrator to delete audit record information).</p>\n</div></span>\n \n \n </td>\n </tr>\n \n </table>\n</div>"
},
"extension" : [
{
"url" : "http://hl7.org/fhir/StructureDefinition/structuredefinition-wg",
"valueCode" : "ehr"
}
],
"url" : "http://hl7.org/ehrs/uv/ehrsfmr2/Requirements/EHRSFMR2-TI.2",
"version" : "2.1.1-ballot",
"name" : "TI_2_Audit",
"title" : "TI.2 Audit (Function)",
"status" : "active",
"date" : "2025-04-04T11:04:36+11:00",
"publisher" : "HL7 International / Electronic Health Records",
"contact" : [
{
"telecom" : [
{
"system" : "url",
"value" : "http://www.hl7.org/Special/committees/ehr"
}
]
}
],
"description" : "Audit Key Record, Security, System and Clinical Events",
"jurisdiction" : [
{
"coding" : [
{
"system" : "http://unstats.un.org/unsd/methods/m49/m49.htm",
"code" : "001",
"display" : "World"
}
]
}
],
"purpose" : "EHR Systems have built in audit triggers to capture key events in real-time, including events related to record management, security, system operations or performance or clinical situations.\n\nEvent details, including key metadata (who, what, when, where), are captured in an Audit Log.\n\nAudit Review functions allow various methods of critical event notification as well as routine log review.\n\nAudit functions implement requirements according to scope of practice, organizational policy, and jurisdictional law.",
"statement" : [
{
"extension" : [
{
"url" : "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
"valueBoolean" : true
}
],
"key" : "EHRSFMR2-TI.2-01",
"label" : "TI.2#01",
"conformance" : [
"SHALL"
],
"conditionality" : false,
"requirement" : "The system SHALL conform to function [TI.1.3](Requirements-EHRSFMR2-TI.1.3.html) (Entity Access Control) to limit access to, or modification of, audit record information to appropriate entities according to scope of practice, organizational policy, and/or jurisdictional law.",
"derivedFrom" : "EHR-S_FM_R1.1 IN.2.2#13"
},
{
"extension" : [
{
"url" : "http://hl7.org/ehrs/uv/ehrsfmr2/StructureDefinition/requirements-dependent",
"valueBoolean" : true
}
],
"key" : "EHRSFMR2-TI.2-02",
"label" : "TI.2#02",
"conformance" : [
"SHALL"
],
"conditionality" : false,
"requirement" : "The system SHALL conform to function [TI.1.3](Requirements-EHRSFMR2-TI.1.3.html) (Entity Access Control) to limit access to audit record information for purposes of deletion according to scope of practice, organizational policy, and/or jurisdictional law (e.g., limit access to only allow a specific system administrator to delete audit record information)."
}
]
}
IG © 2025 HL7 International / Electronic Health Records. Package hl7.ehrs.uv.ehrsfmr2#2.1.1-ballot based on FHIR 5.0.0. Generated 2025-04-04
Links: Table of Contents |
QA Report
| Version History |
|
Propose a change