EHRS-FM IG

ISO/HL7 10781 - Electronic Health Record System Functional Model, Release 2.1
0.16.0 - CI Build

Publish Box goes here

Requirements: RI.1.1.5.1 Evidence of Record Entry View/Access Event (Function)

Active as of 2024-08-12
Statement N:

Maintain Evidence of Record Entry View/Access Event

Description I:

Evidence of Record Entry View/Access Event includes key metadata, ensures health record integrity (and trust) and enables record audit.

Criteria N:
RI.1.1.5.1#01 SHALL

The system SHALL audit each occurrence when Record Entry content is viewed/accessed.

RI.1.1.5.1#02 SHALL

The system SHALL capture identity of the organization where Record Entry content is viewed/accessed.

RI.1.1.5.1#03 SHALL

The system SHALL capture identity of the patient who is subject of the viewed/accessed Record Entry content.

RI.1.1.5.1#04 SHALL

The system SHALL capture identity of the user who viewed/accessed Record Entry content.

RI.1.1.5.1#05 SHALL

The system SHALL capture identity of the system application in which Record Entry content is viewed/accessed.

RI.1.1.5.1#06 SHALL

The system SHALL capture the type of Record Event trigger (i.e., view/access).

RI.1.1.5.1#07 SHALL

The system SHALL capture the date and time Record Entry content is viewed/accessed.

RI.1.1.5.1#08 SHOULD

The system SHOULD capture identity of the location (i.e., network address) where Record Entry content is viewed/accessed.

RI.1.1.5.1#09 MAY

The system MAY capture the rationale for viewing/accessing Record Entry content (e.g., emergency access).

RI.1.1.5.1#10 SHALL

The system SHALL capture the data, document or other identifier for the viewed/accessed Record Entry content.

RI.1.1.5.1#11 MAY

The system MAY capture whether the data/document viewed/accessed is a primary source record (e.g., patient's record) or an aggregated report (e.g., summary report including multiple patients).

RI.1.1.5.1#12 dependent SHALL

The system SHALL capture when a Record Entry content view/access occurrence is known to be a disclosure, according to scope of practice, organizational policy, and/or jurisdictional law.

RI.1.1.5.1#13 SHOULD

The system SHOULD capture known and applicable permissions regarding Record Entry content viewed/accessed including confidentiality codes, patient consent authorizations, privacy policy pointers.