 |
Return to detail page at www.hitsp.org | HITSP/T15 |
| Prev TOC Next |
| HOME | ABOUT | MEMBERSHIP | NEWS & ANNOUNCEMENTS | MEETINGS | FAQ | CONTACT US | | Powered by American National Standards Institute |
|
Return to detail page at www.hitsp.org | HITSP/T15 |
| Prev TOC Next |
The HITSP Collect and Communicate Security Audit Trail Transaction is a means to provide assurance that security policies are being followed or enforced and that risks are being mitigated. This document describes the mechanisms to define and identify security relevant events and the data to be collected and communicated as determined by policy, regulation, or risk analysis. It also provides the mechanism to determine the record format to support analytical reports that are needed.
Applicable standards for Security and Privacy audit reports and automated response actions have been identified, but specific applications of those standards are subject to implementation defined policies and are therefore not in the scope of this document.
This Transaction is only relevant to security conformance, enforcement, and risk mitigation as a required element in the HIPAA Security Rule. It is distinct from a disclosure log, as defined by the HIPAA Privacy Rule. Security audit record data may be applicable to help with the requirements for a disclosure log or transmittal to a Personal Health Record (PHR).
COPYRIGHT NOTICE
2009 ANSI. This material may be copied without permission from ANSI only if and to the extent that the text is not altered in any fashion and ANSIs copyright is clearly noted.
IHE materials used in this document have been extracted from relevant copyrighted materials with permission of Integrating the Healthcare Enterprise (IHE) International. Copies of this standard may be retrieved from the IHE Web Site at www.ihe.net.
This section provides a list of key reference documents and background material. If you are already familiar with this information, proceed to Section 2.0.
A list of key reference documents and background material is provided in the table below. These documents can be retrieved from the www.hitsp.org Web Site.
Table 1-1 Reference Documents
|
Reference Document |
Document Description |
|
Lists and defines the acronyms used in this document |
|
|
Provides definitions for relevant terms used by HITSP documents |
|
|
TN900 is a reference document that provides the overall context for use of the HITSP Security and Privacy constructs |
This section describes the conformance criteria, which are objective statements of requirements that can be used to determine if a specific behavior, function, interface, or code set has been implemented correctly.
In order to claim conformance to this construct specification, an implementation must satisfy all the requirements and mandatory statements listed in this specification, the associated HITSP Interoperability Specification, its associated construct specifications, as well as conformance criteria from the selected base and composite standards. A conformant system must also implement all of the required interfaces within the scope, subset or implementation option that is selected from the associated Interoperability Specification.
Claims of conformance may only be made for the overall HITSP Interoperability Specification or Capability with which this construct is associated.
A HITSP Interoperability Specification must be implemented in its entirety for an implementation to claim conformance to the specification. HITSP may define the permissibility for interface scoping, subsetting or implementation options by which the specification may be implemented in a limited manner. Such scoping, subsetting and options may extend to associated constructs, such as this construct. This construct must implement all requirements within the selected scope, subset or options as defined in the associated Interoperability Specification to claim conformance.
|
Return to detail page at www.hitsp.org | HITSP/T15 |
| Prev TOC Next |