HL7 Personal Health Record System Functional Model, Release 2
2.0.1-ballot - Normative Ballot

HL7 Personal Health Record System Functional Model, Release 2, published by EHR WG. This guide is not an authorized publication; it is the continuous build for version 2.0.1-ballot built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/HL7/phrsfm-ig/ and changes regularly. See the Directory of published versions

: TI.2.1 Audit Triggers (Function) - JSON Representation

Page standards status: Informative

Raw json | Download

{
  "resourceType" : "Requirements",
  "id" : "PHRSFMR2-TI.2.1",
  "meta" : {
    "profile" : [
      🔗 "http://hl7.org/ehrs/uv/phrsfmr2/StructureDefinition/FMFunction"
    ]
  },
  "text" : {
    "status" : "extensions",
    "div" : "<div xmlns=\"http://www.w3.org/1999/xhtml\">\n    <span id=\"description\"><b>Statement <a href=\"https://hl7.org/fhir/versions.html#std-process\" title=\"Normative Content\" class=\"normative-flag\">N</a>:</b> <div><p>Manage Audit Triggers</p>\n</div></span>\n\n    \n    <span id=\"purpose\"><b>Description <a href=\"https://hl7.org/fhir/versions.html#std-process\" title=\"Informative Content\" class=\"informative-flag\">I</a>:</b> <div><p>PHR Systems have built in audit triggers to capture key events in real-time. Audit triggers signal key:</p>\n<ul>\n<li>Record management and lifecycle events;</li>\n<li>Security events related to system and data safeguards, both routine and exceptional;</li>\n<li>System events related to performance and operations, both routine and exceptional;</li>\n<li>Clinical events with special log requirements.</li>\n</ul>\n</div></span>\n    \n\n    \n    \n    \n\n    \n    <span id=\"requirements\"><b>Criteria <a href=\"https://hl7.org/fhir/versions.html#std-process\" title=\"Normative Content\" class=\"normative-flag\">N</a>:</b></span>\n    \n    <table id=\"statements\" class=\"grid dict\">\n        \n        <tr>\n            <td style=\"padding-left: 4px;\">\n                \n                <span>TI.2.1#01</span>\n                \n            </td>\n            <td style=\"padding-left: 4px;\">\n                \n                <i>dependent</i>\n                \n                \n                \n                <span>SHALL</span>\n                \n            </td>\n            <td style=\"padding-left: 4px;\" class=\"requirement\">\n                \n                <span><div><p>The system SHALL audit key events, as specified in function <a href=\"Requirements-PHRSFMR2-TI.2.1.html\">TI.2.1</a> (Audit Triggers) and child functions, according to scope of practice, organizational policy, and/or jurisdictional law.</p>\n</div></span>\n                \n                \n            </td>\n        </tr>\n        \n        <tr>\n            <td style=\"padding-left: 4px;\">\n                \n                <span>TI.2.1#02</span>\n                \n            </td>\n            <td style=\"padding-left: 4px;\">\n                \n                <i>dependent</i>\n                \n                \n                \n                <span>SHALL</span>\n                \n            </td>\n            <td style=\"padding-left: 4px;\" class=\"requirement\">\n                \n                <span><div><p>The system SHALL capture key Audit Metadata at each Audit Trigger, as specified in <a href=\"Requirements-PHRSFMR2-TI.2.1.html\">TI.2.1</a> (Audit Triggers) and child functions, according to scope of practice, organizational policy, and/or jurisdictional law.</p>\n</div></span>\n                \n                \n            </td>\n        </tr>\n        \n        <tr>\n            <td style=\"padding-left: 4px;\">\n                \n                <span>TI.2.1#03</span>\n                \n            </td>\n            <td style=\"padding-left: 4px;\">\n                \n                <i>dependent</i>\n                \n                \n                \n                <span>SHALL</span>\n                \n            </td>\n            <td style=\"padding-left: 4px;\" class=\"requirement\">\n                \n                <span><div><p>The system SHALL capture an Audit Log Entry at each Audit Trigger as specified in <a href=\"Requirements-PHRSFMR2-TI.2.1.html\">TI.2.1</a> (Audit Triggers) according to scope of practice, organizational policy, and/or jurisdictional law.</p>\n</div></span>\n                \n                \n            </td>\n        </tr>\n        \n        <tr>\n            <td style=\"padding-left: 4px;\">\n                \n                <span>TI.2.1#04</span>\n                \n            </td>\n            <td style=\"padding-left: 4px;\">\n                \n                \n                \n                <span>SHALL</span>\n                \n            </td>\n            <td style=\"padding-left: 4px;\" class=\"requirement\">\n                \n                <span><div><p>The system SHALL capture the current master clock time to establish valid record date and time metadata.</p>\n</div></span>\n                \n                \n            </td>\n        </tr>\n        \n        <tr>\n            <td style=\"padding-left: 4px;\">\n                \n                <span>TI.2.1#05</span>\n                \n            </td>\n            <td style=\"padding-left: 4px;\">\n                \n                \n                \n                <span>MAY</span>\n                \n            </td>\n            <td style=\"padding-left: 4px;\" class=\"requirement\">\n                \n                <span><div><p>The system MAY manage Audit Trigger logging using a common audit engine (e.g., using schema and transports such as specified in the Audit Log specification of IHE Audit Trails and Node Authentication (ATNA) Profile).</p>\n</div></span>\n                \n                \n            </td>\n        </tr>\n        \n    </table>\n</div>"
  },
  "extension" : [
    {
      "url" : "http://hl7.org/fhir/StructureDefinition/structuredefinition-wg",
      "valueCode" : "ehr"
    }
  ],
  "url" : "http://hl7.org/ehrs/uv/phrsfmr2/Requirements/PHRSFMR2-TI.2.1",
  "version" : "2.0.1-ballot",
  "name" : "TI_2_1_Audit_Triggers",
  "title" : "TI.2.1 Audit Triggers (Function)",
  "status" : "active",
  "date" : "2025-08-29T14:03:44+00:00",
  "publisher" : "EHR WG",
  "contact" : [
    {
      "telecom" : [
        {
          "system" : "url",
          "value" : "http://www.hl7.org/Special/committees/ehr"
        }
      ]
    }
  ],
  "description" : "Manage Audit Triggers",
  "purpose" : "PHR Systems have built in audit triggers to capture key events in real-time. Audit triggers signal key:\r\n- Record management and lifecycle events;\r\n- Security events related to system and data safeguards, both routine and exceptional;\r\n- System events related to performance and operations, both routine and exceptional;\r\n- Clinical events with special log requirements.",
  "statement" : [
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/uv/phrsfmr2/StructureDefinition/requirements-dependent",
          "valueBoolean" : true
        }
      ],
      "key" : "PHRSFMR2-TI.2.1-01",
      "label" : "TI.2.1#01",
      "conformance" : [
        "SHALL"
      ],
      "conditionality" : false,
      "requirement" : "The system SHALL audit key events, as specified in function [TI.2.1](Requirements-PHRSFMR2-TI.2.1.html) (Audit Triggers) and child functions, according to scope of practice, organizational policy, and/or jurisdictional law."
    },
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/uv/phrsfmr2/StructureDefinition/requirements-dependent",
          "valueBoolean" : true
        }
      ],
      "key" : "PHRSFMR2-TI.2.1-02",
      "label" : "TI.2.1#02",
      "conformance" : [
        "SHALL"
      ],
      "conditionality" : false,
      "requirement" : "The system SHALL capture key Audit Metadata at each Audit Trigger, as specified in [TI.2.1](Requirements-PHRSFMR2-TI.2.1.html) (Audit Triggers) and child functions, according to scope of practice, organizational policy, and/or jurisdictional law."
    },
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/uv/phrsfmr2/StructureDefinition/requirements-dependent",
          "valueBoolean" : true
        }
      ],
      "key" : "PHRSFMR2-TI.2.1-03",
      "label" : "TI.2.1#03",
      "conformance" : [
        "SHALL"
      ],
      "conditionality" : false,
      "requirement" : "The system SHALL capture an Audit Log Entry at each Audit Trigger as specified in [TI.2.1](Requirements-PHRSFMR2-TI.2.1.html) (Audit Triggers) according to scope of practice, organizational policy, and/or jurisdictional law."
    },
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/uv/phrsfmr2/StructureDefinition/requirements-dependent",
          "valueBoolean" : false
        }
      ],
      "key" : "PHRSFMR2-TI.2.1-04",
      "label" : "TI.2.1#04",
      "conformance" : [
        "SHALL"
      ],
      "conditionality" : false,
      "requirement" : "The system SHALL capture the current master clock time to establish valid record date and time metadata."
    },
    {
      "extension" : [
        {
          "url" : "http://hl7.org/ehrs/uv/phrsfmr2/StructureDefinition/requirements-dependent",
          "valueBoolean" : false
        }
      ],
      "key" : "PHRSFMR2-TI.2.1-05",
      "label" : "TI.2.1#05",
      "conformance" : [
        "MAY"
      ],
      "conditionality" : false,
      "requirement" : "The system MAY manage Audit Trigger logging using a common audit engine (e.g., using schema and transports such as specified in the Audit Log specification of IHE Audit Trails and Node Authentication (ATNA) Profile)."
    }
  ]
}