There are many security-related aspects that play a critical role in providing adequate cybersecurity to computer systems, such as User Authentication, Authorization, Access Control, Privacy/Consent, Logging, Auditing, Governance and more. While these cybersecurity activities are of utmost importance, these are not included in the focus area of CA:Aud Implementation Guidance. Instead, many of these aspects are covered in other IHE profiles that are specialized in those areas.
To achieve a high degree of cybersecurity, the actors from the various IHE profiles can be grouped together, wherever possible. Alternatively, other (IHE or non-IHE) methods can be used.
Some basic concepts are described in CA:Aud Overview.
CA:Aud defines transactions for the Audit Record Repository that enable sharing of sensitive information related to patients and systems.
In many implementations and projects, Audit Record Repository have been considered a “black-box” able to store relevant information for security and monitoring purposes. Those systems have not historically been designed to provide external access to stored records.
Security Officers and System Architects should consider this and analyze the risks of disclosing data stored in the Audit Record Repository. The Retrieve ATNA Audit Event [ITI-81] transaction define how to search the audit records stored in FHIR format captured using Record Audit Event [ITI-20] transaction.
Accordingly, access control mechanisms on the CA:Aud actors and queries are strongly recommended. The Internet User Authorization (IUA) Profile should be considered for the authorization controls. The CA:Aud Audit Record Repository can be grouped with an IUA Resource Server to enforce policies and authorization decisions. The Audit Consumer can be grouped with an IUA Authorization Client to provide authorization information to the CA:Aud Audit Record Repository. Access controls should appropriately restrict access to audit records.
The Retrieve CA:Aud Audit Event [ITI-81] transaction may involve the disclosure of sensitive information. Logging this retrieval transaction as a query event is appropriate (see section Retrieve ATNA Audit Event [ITI-81] Security Audit Considerations).
Additional Security Considerations are described in Z.8 Mobile Security Considerations of RESTful ATNA Supplement.