ISO/HL7 10781 - Electronic Health Record System Functional Model, Release 2.1
2.1.0 - local International flag

Publish Box goes here

: TI.1.3 Entity Access Control (Function) - XML Representation

Active as of 2024-11-26

Raw xml | Download


<Requirements xmlns="http://hl7.org/fhir">
  <id value="EHRSFMR2.1-TI.1.3"/>
  <meta>
    <profile value="http://hl7.org/ehrs/StructureDefinition/FMFunction"/>
  </meta>
  <text>
    <status value="extensions"/>
    <div xmlns="http://www.w3.org/1999/xhtml">
    <span id="description"><b>Statement <a href="https://hl7.org/fhir/versions.html#std-process" title="Normative Content" class="normative-flag">N</a>:</b> <div><p>Manage access to EHR-S resources.</p>
</div></span>

    
    <span id="purpose"><b>Description <a href="https://hl7.org/fhir/versions.html#std-process" title="Informative Content" class="informative-flag">I</a>:</b> <div><p>To ensure access is controlled, an EHR-S must authenticate and check authorization of entities for appropriate operations.</p>
</div></span>
    

    

    
    <span id="requirements"><b>Criteria <a href="https://hl7.org/fhir/versions.html#std-process" title="Normative Content" class="normative-flag">N</a>:</b></span>
    
    <table id="statements" class="grid dict">
        
        <tr>
            <td style="padding-left: 4px;">
                
                <span>TI.1.3#01</span>
                
            </td>
            <td style="padding-left: 4px;">
                
                
                
                <span>SHALL</span>
                
            </td>
            <td style="padding-left: 4px;" class="requirement">
                
                <span><div><p>The system SHALL conform to function [[TI.1.1]] (Entity Authentication).</p>
</div></span>
                
                
            </td>
        </tr>
        
        <tr>
            <td style="padding-left: 4px;">
                
                <span>TI.1.3#02</span>
                
            </td>
            <td style="padding-left: 4px;">
                
                
                
                <span>SHALL</span>
                
            </td>
            <td style="padding-left: 4px;" class="requirement">
                
                <span><div><p>The system SHALL conform to function [[TI.1.2]] (Entity Authorization).</p>
</div></span>
                
                
            </td>
        </tr>
        
        <tr>
            <td style="padding-left: 4px;">
                
                <span>TI.1.3#03</span>
                
            </td>
            <td style="padding-left: 4px;">
                
                <i>dependent</i>
                
                
                
                <span>SHALL</span>
                
            </td>
            <td style="padding-left: 4px;" class="requirement">
                
                <span><div><p>The system SHALL provide the ability to manage system and data access rules for all EHR-S resources according to scope of practice, organizational policy, and/or jurisdictional law.</p>
</div></span>
                
                
            </td>
        </tr>
        
        <tr>
            <td style="padding-left: 4px;">
                
                <span>TI.1.3#04</span>
                
            </td>
            <td style="padding-left: 4px;">
                
                
                
                <span>SHALL</span>
                
            </td>
            <td style="padding-left: 4px;" class="requirement">
                
                <span><div><p>The system SHALL manage the enforcement of authorizations to access EHR-S resources.</p>
</div></span>
                
                
            </td>
        </tr>
        
        <tr>
            <td style="padding-left: 4px;">
                
                <span>TI.1.3#05</span>
                
            </td>
            <td style="padding-left: 4px;">
                
                <i>dependent</i>
                
                
                
                <span>SHALL</span>
                
            </td>
            <td style="padding-left: 4px;" class="requirement">
                
                <span><div><p>The system SHALL control access to EHR-S resources after a configurable period of inactivity by terminating the session, or by initiating a session lock that remains in effect until the entity re-establishes access using appropriate identification and authentication procedures, according to organizational policy, and/or jurisdictional law.</p>
</div></span>
                
                
            </td>
        </tr>
        
        <tr>
            <td style="padding-left: 4px;">
                
                <span>TI.1.3#06</span>
                
            </td>
            <td style="padding-left: 4px;">
                
                <i>dependent</i>
                
                
                
                <span>SHOULD</span>
                
            </td>
            <td style="padding-left: 4px;" class="requirement">
                
                <span><div><p>The system SHOULD provide the ability to control-access to data, and/or functionality according to scope of practice, organizational policy, and/or jurisdictional law.</p>
</div></span>
                
                
            </td>
        </tr>
        
        <tr>
            <td style="padding-left: 4px;">
                
                <span>TI.1.3#07</span>
                
            </td>
            <td style="padding-left: 4px;">
                
                
                
                <span>SHALL</span>
                
            </td>
            <td style="padding-left: 4px;" class="requirement">
                
                <span><div><p>The system SHALL control-access to data, and/or functionality by using authentication mechanisms that comply with regulatory and policy guidelines (e.g.,by using a combination of Username and Password, Digital Certificates, Secure Tokens, and/or Biometrics).</p>
</div></span>
                
                
            </td>
        </tr>
        
        <tr>
            <td style="padding-left: 4px;">
                
                <span>TI.1.3#08</span>
                
            </td>
            <td style="padding-left: 4px;">
                
                
                
                <span>MAY</span>
                
            </td>
            <td style="padding-left: 4px;" class="requirement">
                
                <span><div><p>The system MAY provide the ability to determine the identity of public health agencies for healthcare purposes through the use of internal, and/or external registry services or directories.</p>
</div></span>
                
                
            </td>
        </tr>
        
        <tr>
            <td style="padding-left: 4px;">
                
                <span>TI.1.3#09</span>
                
            </td>
            <td style="padding-left: 4px;">
                
                
                
                <span>MAY</span>
                
            </td>
            <td style="padding-left: 4px;" class="requirement">
                
                <span><div><p>The system MAY provide the ability to determine the identity of healthcare resources (e.g., Meal Delivery services for home-based patients) and devices (e.g., wheelchairs) for resource management purposes through the use of internal, and/or external registry services or directories.</p>
</div></span>
                
                
            </td>
        </tr>
        
    </table>
</div>
  </text>
  <url value="http://hl7.org/ehrs/Requirements/EHRSFMR2.1-TI.1.3"/>
  <version value="2.1.0"/>
  <name value="TI_1_3_Entity_Access_Control"/>
  <title value="TI.1.3 Entity Access Control (Function)"/>
  <status value="active"/>
  <date value="2024-11-26T16:30:50+00:00"/>
  <publisher value="EHR WG"/>
  <contact>
    <telecom>
      <system value="url"/>
      <value value="http://www.hl7.org/Special/committees/ehr"/>
    </telecom>
  </contact>
  <description value="Manage access to EHR-S resources."/>
  <jurisdiction>
    <coding>
      <system value="http://unstats.un.org/unsd/methods/m49/m49.htm"/>
      <code value="001"/>
      <display value="World"/>
    </coding>
  </jurisdiction>
  <purpose
           value="To ensure access is controlled, an EHR-S must authenticate and check authorization of entities for appropriate operations."/>
  <statement>
    <extension
               url="http://hl7.org/ehrs/StructureDefinition/requirements-dependent">
      <valueBoolean value="false"/>
    </extension>
    <key value="EHRSFMR2.1-TI.1.3-01"/>
    <label value="TI.1.3#01"/>
    <conformance value="SHALL"/>
    <conditionality value="false"/>
    <requirement
                 value="The system SHALL conform to function [[TI.1.1]] (Entity Authentication)."/>
    <derivedFrom value="EHR-S_FM_R1.1 IN.1.3#1"/>
  </statement>
  <statement>
    <extension
               url="http://hl7.org/ehrs/StructureDefinition/requirements-dependent">
      <valueBoolean value="false"/>
    </extension>
    <key value="EHRSFMR2.1-TI.1.3-02"/>
    <label value="TI.1.3#02"/>
    <conformance value="SHALL"/>
    <conditionality value="false"/>
    <requirement
                 value="The system SHALL conform to function [[TI.1.2]] (Entity Authorization)."/>
    <derivedFrom value="EHR-S_FM_R1.1 IN.1.3#2"/>
  </statement>
  <statement>
    <extension
               url="http://hl7.org/ehrs/StructureDefinition/requirements-dependent">
      <valueBoolean value="true"/>
    </extension>
    <key value="EHRSFMR2.1-TI.1.3-03"/>
    <label value="TI.1.3#03"/>
    <conformance value="SHALL"/>
    <conditionality value="false"/>
    <requirement
                 value="The system SHALL provide the ability to manage system and data access rules for all EHR-S resources according to scope of practice, organizational policy, and/or jurisdictional law."/>
    <derivedFrom value="EHR-S_FM_R1.1 IN.1.3#3"/>
  </statement>
  <statement>
    <extension
               url="http://hl7.org/ehrs/StructureDefinition/requirements-dependent">
      <valueBoolean value="false"/>
    </extension>
    <key value="EHRSFMR2.1-TI.1.3-04"/>
    <label value="TI.1.3#04"/>
    <conformance value="SHALL"/>
    <conditionality value="false"/>
    <requirement
                 value="The system SHALL manage the enforcement of authorizations to access EHR-S resources."/>
    <derivedFrom value="EHR-S_FM_R1.1 IN.1.3#4"/>
  </statement>
  <statement>
    <extension
               url="http://hl7.org/ehrs/StructureDefinition/requirements-dependent">
      <valueBoolean value="true"/>
    </extension>
    <key value="EHRSFMR2.1-TI.1.3-05"/>
    <label value="TI.1.3#05"/>
    <conformance value="SHALL"/>
    <conditionality value="false"/>
    <requirement
                 value="The system SHALL control access to EHR-S resources after a configurable period of inactivity by terminating the session, or by initiating a session lock that remains in effect until the entity re-establishes access using appropriate identification and authentication procedures, according to organizational policy, and/or jurisdictional law."/>
  </statement>
  <statement>
    <extension
               url="http://hl7.org/ehrs/StructureDefinition/requirements-dependent">
      <valueBoolean value="true"/>
    </extension>
    <key value="EHRSFMR2.1-TI.1.3-06"/>
    <label value="TI.1.3#06"/>
    <conformance value="SHOULD"/>
    <conditionality value="false"/>
    <requirement
                 value="The system SHOULD provide the ability to control-access to data, and/or functionality according to scope of practice, organizational policy, and/or jurisdictional law."/>
  </statement>
  <statement>
    <extension
               url="http://hl7.org/ehrs/StructureDefinition/requirements-dependent">
      <valueBoolean value="false"/>
    </extension>
    <key value="EHRSFMR2.1-TI.1.3-07"/>
    <label value="TI.1.3#07"/>
    <conformance value="SHALL"/>
    <conditionality value="false"/>
    <requirement
                 value="The system SHALL control-access to data, and/or functionality by using authentication mechanisms that comply with regulatory and policy guidelines (e.g.,by using a combination of Username and Password, Digital Certificates, Secure Tokens, and/or Biometrics)."/>
  </statement>
  <statement>
    <extension
               url="http://hl7.org/ehrs/StructureDefinition/requirements-dependent">
      <valueBoolean value="false"/>
    </extension>
    <key value="EHRSFMR2.1-TI.1.3-08"/>
    <label value="TI.1.3#08"/>
    <conformance value="MAY"/>
    <conditionality value="false"/>
    <requirement
                 value="The system MAY provide the ability to determine the identity of public health agencies for healthcare purposes through the use of internal, and/or external registry services or directories."/>
  </statement>
  <statement>
    <extension
               url="http://hl7.org/ehrs/StructureDefinition/requirements-dependent">
      <valueBoolean value="false"/>
    </extension>
    <key value="EHRSFMR2.1-TI.1.3-09"/>
    <label value="TI.1.3#09"/>
    <conformance value="MAY"/>
    <conditionality value="false"/>
    <requirement
                 value="The system MAY provide the ability to determine the identity of healthcare resources (e.g., Meal Delivery services for home-based patients) and devices (e.g., wheelchairs) for resource management purposes through the use of internal, and/or external registry services or directories."/>
  </statement>
</Requirements>