ITI20 | ITI20-1 | reviewed | Testable |
0
|
0
| | The Audit Record Repository shall accept the Audit Record message. | 146 | Section 3.20.5 | 2/5/16 12:27:23 PM by aboufahj |
|
ITI20 | ITI20-10 | reviewed | Testable |
0
|
0
| | The syslog message shall be created and transmitted as described in RFC 5424. | 150 | Section 3.20.6.3 | 2/5/16 12:27:23 PM by aboufahj |
|
ITI20 | ITI20-11 | reviewed | Testable |
0
|
0
| | Audit repositories must accept audit messages encoded with UTF-8 and store them without damage. | 150 | Section 3.20.6.3 | 2/5/16 12:27:23 PM by aboufahj |
|
ITI20 | ITI20-12 | reviewed | Testable |
0
|
0
| | To perform the calculation of the PRI field in the syslog message, the Facility value of 10 (security/authorization messages) shall be use. (see RFC 5424) | 150 | Section 3.20.6.3 | 2/5/16 12:27:23 PM by aboufahj |
|
ITI20 | ITI20-13 | reviewed | Testable |
0
|
0
| | To perform the calculation of the PRI field in the syslog message, the severity values of 5 (normal but significant) or 4 (warning condition) should be used. (see RFC 5424) | 150 | Section 3.20.6.3 | 2/5/16 12:27:23 PM by aboufahj |
|
ITI20 | ITI20-14 | reviewed | Testable |
0
|
0
| | Audit repositories shall be prepared to deal appropriately with any incoming PRI value. | 150 | Section 3.20.6.3 | 2/5/16 12:27:23 PM by aboufahj |
|
ITI20 | ITI20-15 | reviewed | Testable |
0
|
0
| | The MSGID field in the HEADER of the SYSLOG-MSG shall be set to “IHE+RFC-3881” (minus the quotes). | 150 | Section 3.20.6.3 | 2/5/16 12:27:23 PM by aboufahj |
|
ITI20 | ITI20-16 | reviewed | Testable |
0
|
0
| | The MSG field of the SYSLOG-MSG shall be present and shall be an XML structure following the RFC 3881 format. | 150 | Section 3.20.6.3 | 2/5/16 12:27:23 PM by aboufahj |
|
ITI20 | ITI20-17 | reviewed | Testable |
0
|
0
| | Applications using Reliable Syslog should switch to transmission of syslog messages over TLS. | 151 | Section 3.20.6.3.1 | 2/5/16 12:27:23 PM by aboufahj |
|
ITI20 | ITI20-18 | reviewed | Testable |
0
|
0
| | When transmission of Syslog Messages over UDP (RFC 5426) with the Syslog Protocol (RFC 5424) occurs, long messages may be truncated. If so, the Audit Repository must correct the message by closing the trucated XML elements. | 151 | Section 3.20.6.3.2 | 2/5/16 12:27:23 PM by aboufahj |
|
ITI20 | ITI20-19 | reviewed | Testable |
0
|
0
| | Because of the potential for truncated messages and other security concerns with Syslog Messages over UDP, the transmission of syslog messages over TLS may be preferred. | 151 | Section 3.20.6.3.2 | 2/5/16 12:27:23 PM by aboufahj |
|
ITI20 | ITI20-2 | reviewed | Testable |
0
|
0
| | The events Actor-start-stop, Audit-Log-Used, Begin-storing-instances, Health-service-event, Instances-deleted, Instances-Stored, Medication, Mobile-machine-event, Node-Authentication-failure, Order-record-event, Patient-care-assignment, Patient-care-episode, Patient-care-protocol, Patient-record-event, PHI-export, PHI-import, Procedure-record-event, Query Information, Security Alert, User Authentication, Study-Object-Event and Study-used shall be reportable by means of the IHE Audit Trail. | 146 | Section 3.20.6 | 2/5/16 12:27:23 PM by aboufahj |
|
ITI20 | ITI20-20 | reviewed | Testable |
0
|
0
| | About Transmission of Syslog Messages over TLS (RFC5425) with The Syslog Protocol (RFC5424), it is recommended to use TLS version 1.2. | 152 | Section 3.20.6.3.3 | 2/5/16 12:27:23 PM by aboufahj |
|
ITI20 | ITI20-21 | reviewed | Testable |
0
|
0
| | For audit records generated by all IHE actors, the IHE IT Infrastructure technical framework prefers use of the DICOM schema defined in the DICOM Standard, Part 15 Annex A.5. | 152 | Section 3.20.7 | 2/5/16 12:27:23 PM by aboufahj |
|
ITI20 | ITI20-22 | reviewed | Testable |
0
|
0
| | For the ParticipantObjectIDTypeCode element, and when using the values specified in RFC-3881, IHE actors SHALL specify the corresponding description from RFC-3881 in the originalText attribute and "RFC-3881" in the codeSystemName attribute. | 154 | Section 3.20.7.1.2 | 2/5/16 12:27:23 PM by aboufahj |
|
ITI20 | ITI20-23 | reviewed | Testable |
0
|
0
| | A Secure Node Actor shall be able to detect events that are defined by the DICOM standard in PS 3.16 - 2011, CID 400, and generate Record Audit Event transactions that conform to the DICOM standard when these events take place. | 154 | Section 3.20.7.2 | 2/5/16 12:27:23 PM by aboufahj |
|
ITI20 | ITI20-24 | reviewed | Testable |
0
|
0
| | The additional IHE defined events Health Services Provision Event, Medication Event, Patient Care Resource Assignment, Patient Care Episode and Patient Care Protocol (enumerated in ITI TF-2a: 3.20.7.5) shall be used for their defined purpose. | 155 | Section 3.20.7.3 | 2/5/16 12:27:23 PM by aboufahj |
|
ITI20 | ITI20-25 | reviewed | Testable |
0
|
0
| | Even for IHE Audit Trail, the messages shall be encoded as instances based on the DICOMschema. | 155 | Section 3.20.7.3 | 2/5/16 12:27:23 PM by aboufahj |
|
ITI20 | ITI20-26 | reviewed | Testable |
0
|
0
| | In cases where there is an event that applies to more than one patient, there shall be a separate audit message for each patient. | 155 | Section 3.20.7.3 | 2/5/16 12:27:23 PM by aboufahj |
|
ITI20 | ITI20-27 | reviewed | Testable |
0
|
0
| | Events that do not correspond to DICOM events or IHE Extension events can be reported. | 155 | Section 3.20.7.4 | 2/5/16 12:27:23 PM by aboufahj |
|