Difference between revisions of "Audit Trail and Node Authentication"

From IHE Wiki
Jump to navigation Jump to search
(Fixed redirect. Links to the description of what the Profile does were going to page about how to Implementation it)
 
(79 intermediate revisions by 11 users not shown)
Line 1: Line 1:
Audit Trail and Node Authentication [ATNA] describes certificate-based node authentication and transmitting PHI-related audit events to a repository. This helps sites implement confidentiality policies.
+
Basic security through (a) functional access controls, (b) defined security audit logging and (c) secure network communications
 
 
  
 
__TOC__
 
__TOC__
  
 +
==Formal Specification==
  
==Summary==
+
===[https://profiles.ihe.net/ITI/TF/Volume1/ch-9.html ATNA (html) specification]===
 
+
* [https://profiles.ihe.net/ITI/TF/Volume1/ch-9.html Final Text]
The Audit Trail and Node Authentication (ATNA) Integration Profile establishes security measures which, together with the Security Policy and Procedures of the enterprise, provide patient information confidentiality, data integrity and user accountability. The Audit Trail and Node Authentication Integration Profile requires the use of bi-directional certificate-based node authentication for connections to and from each node, and requires that events concerning PHI use are recorded and transmitted to a repository where they can be monitored to detect indications of inappropriate activity.
 
 
 
 
 
''<Include a simple graphic that, at a glance, gives an impression of what the profile does.  See [[Help:Contents#Tips_.26_Tricks| Help - Tips and Tricks]] for details on including an image/graphic.>''
 
 
 
==Benefits==
 
 
 
 
 
==Details==
 
 
 
''<Detailed discussion of what the profile does and how it works>''
 
 
 
==Systems Affected==
 
''<List (in user terms) systems that would be likely candidates for implementing this profile, e.g. RIS, PACS, HIS, CAD Workstation, etc. >''
 
 
 
==References==
 
  
''<List References (good and bad) (with link if possible) to Journal Articles that mention IHE's work (and hopefully include some analysis) >''
+
===Additional Supplements:===
 +
* [[Add RESTful Query and Feed to ATNA]] - Trial Implementation
  
 
==See Also==
 
==See Also==
Profile Status: [[Comments| Final Text]]
 
  
The [[Frameworks#IHE IT Infrastructure Technical Framework| IT Infrastructure Technical Framework]] is the official master document for this Profile.  
+
This profile supports the security/privacy model discussed in [[IHE Security and Privacy for HIE]] white paper.
  
''<Replace the Template links below with links to the actual pages for the Profile>''
+
See [[ATNA FAQ]] for implementation assistance, and [[ATNA Profile FAQ]] for other random help.
  
The [[Profile FAQ Template]] answers typical questions about what the Profile does.
+
For information related to testing the ATNA profile at IHE Connectathons, [https://gazelle.ihe.net/content/atna-testing-connectathon-digital-certificates read this][
  
The [[Profile Purchasing Template]] describes considerations when purchasing equipment to deploy this Profile.
+
NEMA White Paper on [http://www.medicalimaging.org/wp-content/uploads/2011/02/CertificateManagement-2007-05-Published.pdf Management of Machine Authentication Certificates]
  
[[Audit Trail and Node Authentication Implementation]] provides additional information about implementing this Profile in software.
+
'''Related Profiles'''
  
 +
* [[Add RESTful Query and Feed to ATNA]] option on ATNA to enable a FHIR AuditEvent feed and query
 +
* [[Audit Trail and Node Authentication - Radiology Option]] extends ATNA with Radiology-specific audit trail messages.
 +
* [[Consistent_Time | Consistent Time]]
  
 
This page is based on the [[Profile Template]]
 
This page is based on the [[Profile Template]]
  
 +
[[Category:Profiles]]
 +
[[Category:ITI Profile]]
 +
[[Category:FHIR]]
 +
[[Category:Security]]
  
[[Category:Profiles]]
+
Current: [[Frameworks#IHE IT Infrastructure Technical Framework| IT Infrastructure Technical Framework]].

Latest revision as of 11:46, 19 November 2021

Basic security through (a) functional access controls, (b) defined security audit logging and (c) secure network communications

Formal Specification

ATNA (html) specification

Additional Supplements:

See Also

This profile supports the security/privacy model discussed in IHE Security and Privacy for HIE white paper.

See ATNA FAQ for implementation assistance, and ATNA Profile FAQ for other random help.

For information related to testing the ATNA profile at IHE Connectathons, read this[

NEMA White Paper on Management of Machine Authentication Certificates

Related Profiles

This page is based on the Profile Template

Current: IT Infrastructure Technical Framework.

Retrieved from "http://wiki.ihe.net/index.php?title=Audit_Trail_and_Node_Authentication&oldid=126804"