Category
Informative Document
Organisation
Type
Standard
Access
Open
Status
Active
Created
Nov 2001
This informative document proposes privacy and security policy-relevant data to be exchanged among application systems via an audit message. It is intended to supplement existing system-specific security audits with healthcare application-specific requirements.
The document proposes several types of data that should be captured and communicated as evidence of compliance with, and violations of, a healthcare enterprise’s security and privacy policy. It also describes the data that would reside in a common audit engine or database and specifies how queries against audited events could be managed.
Main sections:
· Scope and harmonisation with existing standards
· Goals
· Trigger events
· Proposed data elements: Event identification, user identification, audit source identification, network access point identification, participant object identification
The document proposes several types of data that should be captured and communicated as evidence of compliance with, and violations of, a healthcare enterprise’s security and privacy policy. It also describes the data that would reside in a common audit engine or database and specifies how queries against audited events could be managed.
Main sections:
· Scope and harmonisation with existing standards
· Goals
· Trigger events
· Proposed data elements: Event identification, user identification, audit source identification, network access point identification, participant object identification
Access Common Audit Message: An Informative Document for the HL7 Security and Accountability Special Interest Group
By accessing this content, you are leaving this website. The Agency takes no responsibility for the accuracy of content on the destination page.