%% You should probably cite rfc3881 instead of this I-D.
@techreport{marshall-security-audit-12,
    number =    {draft-marshall-security-audit-12},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-marshall-security-audit/12/},
    author =    {Glen Marshall},
    title =     {{Security Audit and Access Accountability Message XML Data Definitions for Healthcare Applications}},
    pagetotal = 47,
    year =      2004,
    month =     jun,
    day =       24,
    abstract =  {This document defines the format of data to be collected and minimum set of attributes that need to be captured for security auditing in healthcare application systems. The format is defined as an XML schema, which is intended as a reference for healthcare standards developers and application designers. It consolidates several previous documents on security auditing of healthcare data. This memo provides information for the Internet community.},
}