The Privacy Consent on FHIR (PCF) Profile provides support for patient privacy consents and access control where a FHIR API is used to access Document Sharing Health Information Exchanges. This profile includes both Consent profiling and access controls profiling of oAuth access token.
Creative Commons Attribution 4.0 International
2
stars
2
forks
source link
[Bug]: Require Grouping With ATNA Instead of BALP #11
Currently PCF actors are required to be grouped with BALP Audit Creators. However, implementations may wish to record their audits in alternative formats.
Describe the solution you'd like
Group with ATNA Secure Node/Secure Application instead so that all ATNA audit logging options are available.
Relevant log output
No response
Priority
{"High"=>"Important issue where there is major issue to be resolved. Requires discussion and debate."}
clarify that ATNA is the mandatory grouping, and that BALP provides the audit semantics, and that those semantics can be recorded using FHIR AuditEvent or ATNA AuditMessage schema accordingly.
Contact Details
slagesse@epic.com
Section Number
53.3 PCF Required Actor Groupings
What is wrong
Currently PCF actors are required to be grouped with BALP Audit Creators. However, implementations may wish to record their audits in alternative formats.
Describe the solution you'd like
Group with ATNA Secure Node/Secure Application instead so that all ATNA audit logging options are available.
Relevant log output
No response
Priority
{"High"=>"Important issue where there is major issue to be resolved. Requires discussion and debate."}
Code of Conduct