AireGlu

Appearance

Audit Task

The Audit task generates logs and sends them to AireAudit. To view these logs you can navigate to AireAudit. Here you’ll be prompted to sign in, and once logged in, you’ll see a list of audit logs which you can apply filters on.

The audit logs are based on the IHE (Integrating the Healthcare Enterprise) ATNA (Audit Trail and Node Authentication) specification. For detailed information, you can explore the following resources:

Audit Source

Required

Audit Source is a required field that identifies where the audit log originated, or the application where the event being logged took place. This is set to AireGlu by default, but this can be changed to something that better represents the system that is consuming your endpoint.

Event Identifier Type

Required

The Event Identifier Type specifies the category of the event being logged. The options for this are:

  • Provisioning Event
  • Medication Event
  • Resource Assignment
  • Care Episode
  • Care Protocol
  • Disclosure
  • Patient Search Activity
  • Application Activity
  • Audit Log Used
  • Begin Transfer Instances
  • Instances Accessed
  • Instances Transffered
  • Study Deleted
  • Export
  • Import
  • Network Activity
  • Order Record
  • Patient Record
  • Procedure Record
  • Query
  • Security Alert
  • User Authentication
  • Emergency Override Started
  • Use of restricted function
  • Login
  • Logout

Outcome Indicator

Required

The Outcome Indicator field can be set to specify whether the event succeeded or failed. The available options are:

  • Success
  • Minor Failure
  • Serious Failure
  • Critical Failure

Action Type

Required

The Action Type field specifies the kind of action being performed, to better understand whether a record was created, accessed, modified or deleted. The options here are:

  • Create
  • Read
  • Update
  • Delete
  • Execute

Event Type

The Event Type defines the event being logged and categories the action into specific, and possibly standardized event categories. Multiple event types can be added to an audit log.

Components of an Event Type

There are 3 components to an event type, the Code, the Code System and the Display Name.

Code

Required

The code is a mandatory identifier representing the type of event being logged. This should be a uniquely identifier for the event.

Code System

Optional

The code system is the standard or system which the even code is derived. It helps identify which coding scheme the code belongs to, such as HL7, DCM or a custom organizational standard.

Optional

The display name provides a human-readable description of the event type and is used to clarify the meaning of the code in audit reports.

Actors

The Actors fields represent who has made the action that is being auditted. Multiple actors can be added to an audit log.

Components of an Actor

There are 3 components to an actor, the User Id the Alternate User Id and the User Name.

At least one of these fields must be filled in.

User Id

The user id is a field that represents a unique system-assigned identifier such as a username, employee number or system account id. It is the primary way to track actions back to a specific user or entity.

Alternate User Id

The alternate user id is an optional identifier that can provide additional or alternative information about the actor. This might be an an external id for a different system, a legacy ID or an email. It is useful for environments where users have multiple representations across different systems.

User Name

The user name is an optional human-readable name for the actor. This field typically stores a full name or display name corresponding to the user id.

Auditable Objects

The Auditable Objects fields represent the specific data, resources or entities involved in the event being logged. Many auditable objects can be added to an audit log.

Components of an Auditable Object

Each auditable object can have an Object Identifier, an Object Type and an optional list of Details

Object Identifier

Required

The Object Identifier is a value that identifies the object being audited. This could be a file name, database id or any other reference.

Object Type

Required

The Object Type is a field that describes the type of object. This can be any of the following:

  • System Object
  • Organization
  • Person
  • Other

Object Details

Optional

The Details fields are a list of key value pairs that provide additional information about the object. This can be used to add context such as metadata, status information or additional attributes related to the object.