Verifiable Health Link
0.0.2-current - ci-build
Verifiable Health Link, published by IHE IT Infrastructure Technical Committee. This guide is not an authorized publication; it is the continuous build for version 0.0.2-current built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/IHE/ITI.VHL/ and changes regularly. See the Directory of published versions
Active as of 2025-06-16 |
<Requirements xmlns="http://hl7.org/fhir">
<id value="RecordAccessToHealthData"/>
<text>
<status value="generated"/>
<div xmlns="http://www.w3.org/1999/xhtml"><p class="res-header-id"><b>Generated Narrative: Requirements RecordAccessToHealthData</b></p><a name="RecordAccessToHealthData"> </a><a name="hcRecordAccessToHealthData"> </a><p>These requirements apply to the actor <a href="ActorDefinition-VHLSharer.html">VHL Sharer</a></p><table class="grid"/></div>
</text>
<url
value="https://profiles.ihe.net/ITI/VHL/Requirements/RecordAccessToHealthData"/>
<version value="0.0.2-current"/>
<name value="RecordAccessToHealthData"/>
<title value="Record Access to Health Data"/>
<status value="active"/>
<date value="2025-06-16T13:14:26+00:00"/>
<publisher value="IHE IT Infrastructure Technical Committee"/>
<contact>
<telecom>
<system value="url"/>
<value value="https://www.ihe.net/ihe_domains/it_infrastructure/"/>
</telecom>
</contact>
<contact>
<telecom>
<system value="email"/>
<value value="iti@ihe.net"/>
</telecom>
</contact>
<contact>
<name value="IHE IT Infrastructure Technical Committee"/>
<telecom>
<system value="email"/>
<value value="iti@ihe.net"/>
</telecom>
</contact>
<description
value="The [VHL Sharer](ActorDefinition-VHLSharer.html) MAY record audit events when health data is accessed through a Verified Health Link (VHL). These events support accountability, traceability, and compliance with applicable security and privacy regulations.
Audit records MAY include the following metadata:
* Timestamp of the access event
* Identity of the accessing actor (e.g., person or system)
* Type and identifier of the accessed resource (e.g., DocumentReference)
* Purpose of access, where available (e.g., treatment, consent verification)
* Outcome of the event (e.g., success, failure)
Audit events SHALL be represented using the FHIR `AuditEvent` resource, and SHOULD conform to applicable IHE profiles such as ATNA where appropriate. Implementers MAY define additional audit logging behavior to meet jurisdictional or organizational policies."/>
<jurisdiction>
<coding>
<system value="http://unstats.un.org/unsd/methods/m49/m49.htm"/>
<code value="001"/>
</coding>
</jurisdiction>
<actor value="https://profiles.ihe.net/ITI/VHL/ActorDefinition/VHLSharer"/>
</Requirements>