HL7 Personal Health Record System Functional Model, Release 2
2.0.1-ballot - Normative Ballot

HL7 Personal Health Record System Functional Model, Release 2, published by EHR WG. This guide is not an authorized publication; it is the continuous build for version 2.0.1-ballot built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/HL7/phrsfm-ig/ and changes regularly. See the Directory of published versions

Requirements: TI.2.1.2.3 User Authentication (System Prompt for Password Change) Security Audit Trigger (Function)

Page standards status: Informative
Statement N:

Manage Audit Trigger initiated to track user authentication (system prompt for password change).

Description I:

Capture user authentication (system prompt for password change), both routine and exceptional, including key metadata (who, what, when, where, why).

Criteria N:
TI.2.1.2.3#01 SHALL

The system SHALL audit each occurrence of user authentication when user is prompted to change password.

TI.2.1.2.3#02 SHALL

The system SHALL capture identity of the organization.

TI.2.1.2.3#03 conditional SHALL

IF known, THEN the system SHALL capture identity of the user.

TI.2.1.2.3#04 SHALL

The system SHALL capture the identity of the system.

TI.2.1.2.3#05 SHALL

The system SHALL capture the event initiating audit trigger.

TI.2.1.2.3#06 SHALL

The system SHALL capture the date and time of the event initiating audit trigger.

TI.2.1.2.3#07 SHALL

The system SHALL capture identity of the location (i.e., network address).

TI.2.1.2.3#08 conditional SHALL

IF password change successful, THEN the system SHALL capture the new password.