Personal tools

4. Audit Control

From OpenEMR Project Wiki

Jump to: navigation, search


Owner of this task

OpenEMR and EHR Support

ViCarePlus HealthCare IT Services & Support

6559, SpringPath Lane, San Jose, CA, USA



MeaningFul Use Requirements

Audit Requirements

From Standards Committee

Requirements from “Certification Standards Committee” [ standards/certrecs102609.pdf]

1. Provide the capability to record and examine activity in information systems that contain or use electronic protected health information.

2. Provide the capability to use the ATNA profile to communicate audit messages between Secure Nodes and to establish Audit Repository nodes to collect audit information. Note: The same is mentioned by the CCHIT - EHR ARRA 2011 Preliminary Certification as part of the Security Criteria related to Audit [ 091001_0.pdf]

From CCHIT Ambulatory Certification

SC 02.01 - The system shall allow an authorized administrator to set the inclusion or exclusion of auditable events in SC 02.03 based on organizational policy & operating requirements/limits.

SC 02.02 - The system shall support logging to a common audit engine using the schema and transports specified in the Audit Log specification of IHE Audit Trails and Node Authentication (ATNA) Profile

SC 02.03 - The system shall be able to detect security-relevant events that it mediates and generate audit records for them. At a minimum the events shall include those listed in the Appendix Audited Events. Note: The system is only responsible for auditing security events that it mediates. A mediated event is an event that the system has some active role in allowing or causing to happen or has opportunity to detect. The system is not expected to create audit logs entries for security events that it does not mediate.

SC 02.04 - The system shall record within each audit record the following information when it is available: (1) date and time of the event; (2) the component of the system (e.g. software component, hardware component) where the event occurred; (3) type of event (including: data description and patient identifier when relevant); (4) subject identity (e.g. user identity); and (5) the outcome (success or failure) of the event.

SC 02.05 - The system shall provide authorized administrators with the capability to read all audit information from the audit records in one of the following two ways: 1) The system shall provide the audit records in a manner suitable for the user to interpret the information. The system shall provide the capability to generate reports based on ranges of system date and time that audit records were collected. 2) The system shall be able to export logs into text format in such a manner as to allow correlation based on time (e.g. UTC synchronization).

SC 02.06 - The system shall be able to support time synchronization using NTP/SNTP, and use this synchronized time in all security records of time.

SC 02.07 - The system shall have the ability to format for export recorded time stamps using UTC based on ISO 8601. Example: "1994-11-05T08:15:30-05:00" corresponds to November 5, 1994, 8:15:30 am, US Eastern Standard Time.

SC 02.08 - The system shall prohibit all users read access to the audit records, except those users that have been granted explicit read-access. The system shall protect the stored audit records from unauthorized deletion. The system shall prevent modifications to the audit records.

Reference: [[1]]

Auditing Events

2.1 Auditing Events

2.1.1 Events common to both CCHIT and ATNA

1. start/stop

2. patient record created/viewed/updated/deleted

3. Query

4. Order

5. Node-authentication failure

6. PHI export

7. PHI import

8. Security Administration events

2.1.2 Events mentioned only in CCHIT

1. user login/logout

2. session timeout+F10

3. account lockout

4. scheduling

5. signature created/validated

6. backup and restore

2.1.3 Events mentioned only in ATNA

1. Reading or modification to the audit log

2. Begin-storing-instances

3. Health-service-event

4. Images-availability-query

5. Instances-deleted

6. Instances-stored

7. Medication

8. Mobile-machine-event

9. Patient-care-assignment

10. Patient-care-episode

11. Procedure record event

12. Study created

13. Study used

Audit & ATNA - Actual Tasks

Based on the nature of the tasks involved, we can segregate the tasks into the following types.

3.1 Auditing in OpenEMR

3.2 ATNA related tasks


1. Audit & ATNA Design Document -

2. Associated with Sourceforge forum thread:

3. Audit & ATNA Test Case Document -

4. Audit Log Test Case Report -

5. SSL Connections for HIE Implementation -

6. Logging in OpenEMR -


Completed and checked in to the OpenEMR Sourceforge CVS