Verifiable Health Link
0.0.2-current - ci-build International flag

Verifiable Health Link, published by IHE IT Infrastructure Technical Committee. This guide is not an authorized publication; it is the continuous build for version 0.0.2-current built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/IHE/ITI.VHL/ and changes regularly. See the Directory of published versions

Requirements: Record Access to Health Data

Official URL: https://profiles.ihe.net/ITI/VHL/Requirements/RecordAccessToHealthData Version: 0.0.2-current
Active as of 2025-09-19 Computable Name: RecordAccessToHealthData

The VHL Sharer MAY record audit events when health data is accessed through a Verified Health Link (VHL). These events support accountability, traceability, and compliance with applicable security and privacy regulations.

Audit records MAY include the following metadata:

  • Timestamp of the access event
  • Identity of the accessing actor (e.g., person or system)
  • Type and identifier of the accessed resource (e.g., DocumentReference)
  • Purpose of access, where available (e.g., treatment, consent verification)
  • Outcome of the event (e.g., success, failure)

Audit events SHALL be represented using the FHIR AuditEvent resource, and SHOULD conform to applicable IHE profiles such as ATNA where appropriate. Implementers MAY define additional audit logging behavior to meet jurisdictional or organizational policies.

Publisher IHE IT Infrastructure Technical Committee
Contact Email No contact email has been registered.
Jurisdiction
Statements
Derived from This requirement is not derived from another requriement.
Derivatives This requirement has the following derivatives:
Participating Actors