-50% discount* If you buy the same UNE standard in different languages. * Discount on the lower pvp.

ASTM E2147 - 18

Standard Specification for Audit and Disclosure Logs for Use in Health Information Systems

Warning: ASTM standards for reading are viewed through the client area. Thefilescannot be downloaded.
Edition date: 2018-05-01
In Force
Available languages: English
Summary:

This specification describes the security requirements involved in the development and implementation of audit and disclosure logs used in health information systems. It specifies how to design an access audit log to record all access to patient identifiable information maintained in computer systems, and includes principles for developing policies, procedures, and functions of health information logs to document all disclosure of confidential health care information to external users for use in manual and computer systems. This specification provides for two main purposes, namely: to define the nature, role, and function of system access audit logs and their use in health information systems as a technical and procedural tool to help provide security oversight; and to identify principles for establishing a permanent record of disclosure of health information to external users and the data to be recorded in maintaining it.
Keywords: audit log; disclosure; electronic health record; health information systems;
Scope:

1.1 This specification is for the development and implementation of secure audit data and logs for electronically stored health information. It specifies how to design the audit log to record all activities impacting a medical record, for example, creating a new record, entering data into a record, changing or deleting an existing record, and all additional user access data (for example, identification, location, and date and time) to patient-identifiable information maintained in computer systems. Such audit logs shall track not only data entry and modifications, but also simple access and viewing of the patient record, and whether any modifications are made during that access. This specification also includes principles for developing policies, procedures, and functions of health information logs to document all actions regarding identifiable health information for use in both manually entered (paper record) and computer systems.

1.2 The first purpose of this specification is to define the nature, purpose, and function of system access audit logs and their use in health information systems as a technical and procedural tool to help provide privacy and security oversight and produce a self-authenticating record that would, when maintained together with its audit logs, speak to and confirm its own integrity and accuracy of the medical and other data within the record. Moreover, in concert with organizational confidentiality and security policies and procedures, permanent audit logs can clearly identify all system application users who accessed and acted on patient identifiable information or both, and identify the location of the user, identify patient information accessed, and maintain a permanent record of actions taken by the user. Accomplishing the purpose of creating a trustworthy record thus requires the use of secure, automatic, computer-generated, time-stamped audit logs, which shall be used to independently record the identity of the user as well as the date, time, and location of user access, and also record all entries and actions that create, change, or delete electronic records or other patient information. Full transparency of modifications or deletions or both is mandatory. For example, record changes shall not obscure previously recorded information. Such audit data and documentation shall be retained for a period at least as long as that required for the subject paper and electronic records (together, “records”), including any time period required by evidence preservation or litigation hold requirements and applicable state or applicable federal laws pertaining to the subject records. In no event shall the audit data or medical records in hard copy or electronic format be destroyed in advance of that date prescribed by state, federal or other law or regulation, when such records may be legally destroyed; and in any case, not before ten years or, in the case of a minor child, before two years after that child’s eighteenth birthday. If such records are for any reason maintained beyond this minimum requirement, then the audit logs, and the data contained therein, must be maintained as long as the records are maintained. Audit logs and healthcare information shall be provided when specifically requested by authorized healthcare providers; the patient, his personal representative, advocate, and/or designee; researchers; quality control personnel; and organizational managers or administrators or both; and other persons authorized to have access to patient records or patient-identifiable information or both in any form.

1.3 In the absence of computerized logs, audit log principles can be implemented manually in the paper patient record environment with respect to permanently monitoring paper patient record access, data entry, and data modification. Where the paper patient record and the computer-based patient record coexist in parallel, security oversight and access and data management shall address both environments with the underlying and unifying principle being transparency regarding the identity of the individual accessing or acting upon data in the record or both; the location of the individual when doing so; the time and date of such actions/entries; and clear visibility of modifications such as addenda, deletions, error corrections, and late entries.

1.4 The second purpose of this specification is to identify principles for establishing a permanent record of disclosure of health information to external users and the data to be recorded in maintaining it. Security management of health information requires a comprehensive framework that incorporates both mandates and criteria for disclosing patient health information found in federal and state laws and rules and regulations and ethical statements of professional conduct. Accountability for such a framework shall be established through a set of standard principles that are applicable to all healthcare settings and health information systems.

1.5 The creation and preservation of logs used to audit and oversee health information access, actions made upon health information, and disclosure of health information are the responsibility of each healthcare provider, organization, data intermediary, data warehouse, clinical data repository, third-party payer, agency, organization, or corporation that maintains or provides or has access to individually identifiable data. Such logs are specified in and support policy on information access monitoring and are tied to disciplinary sanctions that satisfy legal, regulatory, accreditation, institutional mandates, civil remedies by the patient or patient’s family, and are also tied to authentication of medical data and a patient’s right to obtain a complete, accurate, and transparent set of medical data and metadata (for example, audit logs).

1.6 When non-patient-specific healthcare data is sought (for example, analyses of aggregate patient data for internal or external reviews, research, or subsidies), healthcare providers and organizations need to also prescribe access requirements for such aggregate data and approve query tools that allow complete auditing capability or design data repositories that, in an active query, can limit inclusion of data in end-product aggregate form that reveals potential keys to identifiable data. In other words, endproduct aggregate-patient data shall not contain patient-identifying data or elements that, through analysis, can be used to identify individuals through inferences. For example, fields such as birth date, sex, race, or relevant demographics, and medical records numbers, or combinations thereof, are analyzed together for research purposes, using software that matches data elements across databases, thereby allowing identification of specific patients through inferencing, while preserving patient privacy. Audit data and logs can be designed to work with such applications, if the query functions are part of a defined retrieval application, but the end-product data is safeguarded to protect patient identity from release. This specification applies to the disclosure or transfer of health information (records) whether as individual files or in batches.

1.7 This international standard was developed in accordance with internationally recognized principles on standardization established in the Decision on Principles for the Development of International Standards, Guides and Recommendations issued by the World Trade Organization Technical Barriers to Trade (TBT) Committee.
ICS: 35.240.80-IT applications in health care technology
CTN: E31.25 - E31.25

Standards Cancellations

Anula a E2147-01R13

The book in the author's words

Ultricies magna feugiat malesuada sociosqu varius vivamus cubilia parturient, himenaeos vitae vehicula nam placerat netus urna platea, nostra rutrum felis mattis penatibus velit quisque.

Button
Frequently Asked Questions Do you have any questions about our products?
  • Standards UNE, EN, ISO, IEC, BSI, DIN, ASTM, AFNOR, IEEE, SAE
  • In addition, you can request the rules of the rest of the organizations through the e-mail normas@aenor.com
  • Technical books on paper and in electronic format (PDF, epub).

The standards can be purchased in PDF, reading or paper. The reading standards are not download files, they can only be viewed in the client area. The standards ordered on paper and some of the books in the catalogue are printed on demand. 

Check deadlines in normas@aenor.com.

The license of use is for one user and one device, if you want to reproduce the content of the standard, you must request a license that will have an additional cost. Send us your inquiry here 

The AENOR standards and books that appear in the online store can only be purchased exclusively through the website. AENOR does not have a physical store.

Purchase procedure: by clicking on "Buy" the desired products will go to the shopping cart. If there are display problems, the recommended browser is Chrome.

To formalize the purchase you must access the customer area. If you are not registered as a customer, you must fill in a form with the data along with a password and username. This will create the account.

Once the "Customer data" form has been completed, "Order in progress" will be displayed with all the items loaded in the shopping cart, their prices, taxes established in current legislation and shipping costs if applicable.

The prices of the standards and books that appear in the various sections do not include taxes or shipping costs.

AENOR promotional codes consist of alphanumeric characters and can only be applied to online purchases, received through a specific offer and for a limited time. To apply your promotional code, you just have to enter it in step 2 of 4 of the purchase process on the website and click on "apply", after you have identified yourself and chosen the payment methods. Promo codes are not cumulative.

 

  • Credit or debit card (Visa, Mastercard) and PayPal.
  • Bank transfer. If you opt for this form of payment, you must first send AENOR a copy of the transfer by email to normas@aenor.com
  • The purchase invoice can be downloaded from the customer area, in my previous orders

In the case of clients of companies based abroad, the taxpayer identification number of the corresponding country (for example, in Argentina the CUIT), must be filled in the CIF/NIF - VAT field .

  • Direct download via the website in the Customer Area. In the customer area, which can only be accessed with a password and username, the products purchased will be available for a period of fifteen days from the date of purchase, as long as the payment has been accepted. Files in digital format are protected and in no case editable. Before purchasing them, it is important that the license of use is read and accepted as a prior step to purchase.
  • Shipping by courier. Products purchased on physical media are shipped by courier. The maximum delivery time in Spanish territory, from the acceptance of the order by AENOR, is:
  •  Approximately seven working days for all standards purchased through the store in paper format.
  • Approximately three days for books purchased through the store. Stocks of paper books are limited and their offer on the website does not imply availability within the indicated period. In the event that the requested book is not available, the customer is notified of the delay in receiving the order, which will be approximately seven working days. 

For the rest of the products that are not on the website, check availability and delivery time at normas@aenor.com.

1. For digital products (PDF, Epub), once delivery has been made by direct download via the website in the Customer Area, you will not have the right to exercise your right of withdrawal.

2. For personalised products on paper, once the purchase has been made, you will not have the right to exercise your right of withdrawal.

3.  For all other paper products, you have the right to withdraw from the sale within 14 calendar days from the date of purchase. Remember that for the return it is essential that the product is in perfect condition, sealed by the packaging and preserving its original packaging. The customer will be responsible for pickup and shipping costs.

The order invoice includes shipping costs, so there is no amount to pay to the courier. Shipping costs are calculated based on both the final destination of the order and the number of products ordered. They include transport and packaging costs. Shipping costs are subject to periodic revisions. Outlet books will have free shipping costs only if the shipment is made in the Peninsula.

Destination Up to three standards and/or publications From three standards and/or publications
Peninsula 7,31€ 8,60€
Balearic Islands 18,04€ 23,34€
Canary Islands, Ceuta and Melilla  18,04€ 23,34€
Europe 59,17€ 80,07€
United States and Canada 70,07€ 96,94€
Rest of the world 91,94€ 115,91€
  • Purchases made by residents of the Member States of the European Union will be subject to the payment of VAT (value added tax).
  • ​​
  • In the case of legal persons and natural persons who, acting as entrepreneurs, are domiciled in a Member State of the European Union (except residents in Spain) and have an intra-community NIF/VAT registered in the VIES census, they will be exempt from paying VAT, being an essential condition the sending of this document by email to normas@aenor.com.
  • Purchases made in a private capacity (natural person), regardless of where they have their residence, will be subject to the payment of VAT.
  • Purchases made by entities in non-EU countries will be exempt from paying VAT, as long as they send the corresponding tax residence document by email to normas@aenor.com.
  • The sale operations will be understood to have been carried out at AENOR's registered office: Génova 6, 28004, Madrid – Spain. 

The contract for the purchase of products through this Website shall be governed by Spanish law. Any dispute arising out of or in connection with the use of the Website or such contract shall be subject to the exclusive jurisdiction of the Courts and Tribunals of Madrid.

Notwithstanding the foregoing, if you are entering into this contract as a consumer under the terms of Royal Decree 1/2007, nothing in this clause shall affect the rights that may be granted to you as such under applicable law.