The diagram below shows the actors directly involved in CA:Aud and the relevant transactions between them.
The table below lists the transactions for each actor directly involved in CA:Aud.
To claim compliance with this CA:Aud, an actor shall support all required transactions (labeled “R”) and may support the optional transactions (labeled “O”).
Actors | Transactions | Optionality |
Audit Creator | Record Audit Event [ITI-20] | O (Note 1) |
Audit Record Repository | Record Audit Event [ITI-20] | O (Note 1) |
Retrieve ATNA Audit Event [ITI-81] | O (Note 2) | |
Audit Record Forwarder | Record Audit Event [ITI-20] | O (Note 1) |
Audit Consumer | Retrieve ATNA Audit Event [ITI-81] | R |
Note 1: The audit events must be recorded using the IHE Record Audit Event [ITI-20] with FHIR Feed option or other (IHE or non-IHE) methods.
Note 2: This transaction is required if the Audit Record Repository is central.
Note that if other (IHE or non-IHE) methods are used to record the audit events, the messages must be converted into the FHIR format that is expected by the Audit Consumer for Retrieve ATNA Audit Event [ITI-81] transaction.
Actor Descriptions and Requirements
Audit Creator
The Audit Creator creates AuditEvent records in FHIR format as specified in Record Audit Event [ITI-20] and sends these records to the Audit Record Repository.
The Audit Creator shall:
- Perform only secure transactions to or from the node.
- Provide sufficient authentication methods, based on risk assessment, to ensure that only authorized users access the Audit Creator.
- Detect and report a Record Audit Event as specified in Record Audit Event [ITI-20] or by other (IHE or non-IHE) means for:
- all the activity-related events for the Audit Creator
- all transaction-related events for the Audit Creator
Audit Record Repository
The Audit Record Repository receives event audit reports and stores them. It may be part of a federated network of repositories. It is expected to have analysis and reporting capabilities, but those capabilities are not specified as part of CA:Aud. CA:Aud also does not specify the capacity of an Audit Record Repository, because the variety of deployment needs makes it impractical to set requirements for the event report volume or capacity needed.
The Audit Record Repository shall support:
- Recording and storing of Record Audit Events via Record Audit Event [ITI-20] or by other (IHE or non-IHE) means.
- Search capabilities as defined in Retrieve ATNA Audit Event [ITI-81].
- Local security and privacy service protections and user access controls.
The Audit Repository may support:
- The FHIR Feed audit transport mechanism specified in Record Audit Event [ITI-20].
- Receipt of an IHE-specified audit message format. Note that the message format is extensible to include both future IHE specifications (e.g., audit requirements for new IHE transactions) and private extensions.
- Other (IHE or non-IHE) transport mechanisms and message formats for audit records.
Audit Record Forwarder
The Audit Record Forwarder is grouped with an Audit Record Repository, and forwards selected audit messages that are received by the Audit Record Repository. It may filter these messages and forward them selectively. It may forward to multiple different Audit Record Repositories.
The Audit Record Forwarder shall:
- Be grouped with an Audit Record Repository.
- Filter and forward messages as they arrive.
- Be configurable to forward messages to destination Audit Record Repositories.
Audit Consumer
The Audit Consumer queries an Audit Record Repository for CA:Aud audit records using CA:Aud audit record content. Subsequent processing of the query result is not defined in this CA:Aud.