Security Audit and Access Accountability Message XML Data Definitions for Healthcare Applications
RFC 3881

 
Document Type RFC - Informational (October 2004; No errata)
Last updated 2013-03-02
Stream ISE
Formats plain text pdf html
Stream ISE state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 3881 (Informational)
Telechat date
Responsible AD Scott Hollenbeck
Send notices to rfc-editor@rfc-editor.org,glen.f.marshall@siemens.com
Network Working Group                                        G. Marshall
Request for Comments: 3881                                       Siemens
Category: Informational                                   September 2004

           Security Audit and Access Accountability Message
           XML Data Definitions for Healthcare Applications

Status of this Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2004).

IESG Note

   This RFC is not a candidate for any level of Internet Standard.  The
   IETF disclaims any knowledge of the fitness of this RFC for any
   purpose, and notes that it has not had IETF review.  The RFC Editor
   has chosen to publish this document at its discretion.

Abstract

   This document defines the format of data to be collected and minimum
   set of attributes that need to be captured for security auditing in
   healthcare application systems.  The format is defined as an XML
   schema, which is intended as a reference for healthcare standards
   developers and application designers.  It consolidates several
   previous documents on security auditing of healthcare data.

Marshall                     Informational                      [Page 1]
RFC 3881         Security Audit & Access Accountability   September 2004

Table of Contents

   1. Purpose . . . . . . . . . . . . . . . . . . . . . . . . . . . .  2
   2. Scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  4
      2.1.  Data Collection . . . . . . . . . . . . . . . . . . . . .  4
      2.2.  Anticipated Data End-uses . . . . . . . . . . . . . . . .  5
      2.3.  Conformance . . . . . . . . . . . . . . . . . . . . . . .  6
   3. Goals . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  6
      3.1.  Effective Data Gathering. . . . . . . . . . . . . . . . .  6
      3.2.  Efficiency. . . . . . . . . . . . . . . . . . . . . . . .  7
   4. Trigger Events. . . . . . . . . . . . . . . . . . . . . . . . .  8
      4.1.  Security Administration . . . . . . . . . . . . . . . . .  8
      4.2.  Audit Administration and Data Access. . . . . . . . . . .  9
      4.3.  User Access . . . . . . . . . . . . . . . . . . . . . . . 10
   5. Data Definitions. . . . . . . . . . . . . . . . . . . . . . . . 13
      5.1.  Event Identification. . . . . . . . . . . . . . . . . . . 13
      5.2.  Active Participant Identification . . . . . . . . . . . . 17
      5.3.  Network Access Point Identification . . . . . . . . . . . 20
      5.4.  Audit Source Identification . . . . . . . . . . . . . . . 22
      5.5.  Participant Object Identification . . . . . . . . . . . . 24
   6. XML Schema. . . . . . . . . . . . . . . . . . . . . . . . . . . 31
      6.1.  XML Schema Definition . . . . . . . . . . . . . . . . . . 31
      6.2.  XML Schema Localization . . . . . . . . . . . . . . . . . 43
   7. Security Considerations . . . . . . . . . . . . . . . . . . . . 44
   8. References. . . . . . . . . . . . . . . . . . . . . . . . . . . 44
      8.1.  Normative References. . . . . . . . . . . . . . . . . . . 44
      8.2.  Informative References. . . . . . . . . . . . . . . . . . 45
   Acknowledgments. . . . . . . . . . . . . . . . . . . . . . . . . . 45
   Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 46
   Full Copyright Statement . . . . . . . . . . . . . . . . . . . . . 47

1.  Purpose

   To help assure healthcare privacy and security in automated systems,
   usage data needs to be collected.  This data will be reviewed by
   administrative staff to verify that healthcare data is being used in
   accordance with the healthcare provider's data security requirements
   and to establish accountability for data use.  This data collection
   and review process is called security auditing.

   This document defines the format of the data to be collected and
   minimum set of attributes that need to be captured by healthcare
   application systems for subsequent use by an automation-assisted
   review application.  The data includes records of who accessed
   healthcare data, when, for what action, from where, and which

Marshall                     Informational                      [Page 2]
RFC 3881         Security Audit & Access Accountability   September 2004

   patients' records were involved.  The data definition is an XML
   schema to be used as a reference by healthcare standards developers
   and application designers.

   This document consolidates previously disjointed viewpoints of
   security auditing from Health Level 7 (HL7) [HL7SASIG], Digital
   Imaging and Communications in Medicine (DICOM) Working Group 14,
Show full document text