Difference between revisions of "ITI Tech Audit Msg Specification New Approach"

From IHE Wiki
Jump to navigation Jump to search
(Replaced content with "This content has moved. See https://github.com/IHE/publications/issues/62")
 
(6 intermediate revisions by 2 users not shown)
Line 1: Line 1:
= ITI Technical Committee - Exploring a new approach to Audit Message Specification in the TF =
+
This content has movedSee https://github.com/IHE/publications/issues/62
 
 
During the Feb 2017 F2F Meeting in Naples, Italy, the ITI Technical Committee began exploring alternatives to specifying audit message requirements.  This wiki page is a working document in order to make progress toward an improved specification
 
 
 
This page is not owned/maintained by one personFeel free to make edits and share your ideas.
 
 
 
== The problem ==
 
 
 
* The current practice in the ITI TF is to specify audit message requirements in the Security Considerations section at the end of every transaction in Volume 2a, 2b, 2c.  The tables are based on the General Message Format in [http://dicom.nema.org/medical/dicom/current/output/pdf/part15.pdf DICOM PS3.15] Section A.5.2.
 
* For new transactions, ITI does not have documented guidance for profile authors on how to fill out each field in an audit message/
 
* The ITI TF does not have a template for the IHE conventions for specifying audit messages (use of fonts, etc)
 
* Thus, for a new transaction, a common practice is for the author to copy an audit message specification for an existing transaction and then make edits.  Authors have varying expertise in this area, and the original table may have had errors.  This results in many errors that cascade into many, many CPs to fix audit message specifications.
 
* Errors in the TF are then encoded into the Gazelle Security Suite and Gazelle EVS Client test tools that do audit message checks based on the TF requirements.
 
* more...
 
 
 
== IHE Tools for audit message documentation & validation ==
 
 
 
* Gazelle External Validation Service - aka EVS Client
 
** Link to tool: https://gazelle.ihe.net/EVSClient/home.seam
 
** To validate, see menu ''IHE-->Audit messages-->Validate''
 
** To see results, see menu ''IHE-->Audit messages-->Validation logs''
 
* Gazelle Security Suite - aka GSS
 
** Link to tool: https://gazelle.ihe.net/gss/home.seam
 
** Link to documentation on audit messages checked by the tool:  menu '' Audit Trail --> Audit message documentation''
 
** Example audit message documentation for ITI-41 Doc Source audit message:  https://gazelle.ihe.net/gss/amview/auditMessage.seam?id=17
 
 
 
== Opportunities ==
 
 
* Explore the possibility of documenting the audit message requirements for each transaction once in the tool.  The specification and the tool would reside together.  The published IHE TF would reference into the tool for the audit msg portion of the specification for each transaction.
 
* more...
 
 
 
== Enhancements needed to the tools ==
 
 
 
* With the exception of some codes, the audit message documentation in GSS currently does not contain the contents of the "Value Constraints" column in the audit message tables in the TF.  This needs to be added.
 
* Ideally, would need a GUI to enable a TF editor or ITI Tech Cmte member to create a new audit message definition in the tool, rather than relying on gazelle developers to do this work.
 
* Ideally, add an example for each audit message.  (It is currently possible to look through the database of verified audit messages for examples.)
 
* more...
 
 
 
== Administrative and governance issues to address ==
 
 
 
* Figure out how the CP process (to fix TF documentation) and the Jira process (to fix the tools) work together
 
** Determine how implementers know that a message definition has been fixed in the tool
 
* Confirm that there are no intellectual property issues associated w/ using the tools?
 
* If/when the audit message definitions reside in the GSS, what happens if the tool goes offline?
 
* How will the published TF reference the audit message definitions in the tool?
 
* more...
 
 
 
== Next steps and To Dos ==
 
 
 
{| style="width:95%" border="1" cellpadding="1"
 
! What
 
! Who
 
! When
 
! Notes
 
|-
 
| Engage with Eric Poiseau's team to get feedback on this idea
 
| Lynn
 
| asap after Feb F2F;
 
| Feb-17 - initial outreach email sent Feb
 
|-
 
| If Gazelle dev team is on board with this, create Jira issues and start the ball rolling on updates to the tools
 
| Lynn
 
| tbd
 
|
 
|-
 
|
 
|
 
|
 
|
 
|-
 
|
 
|
 
|
 
|
 
|-
 
|
 
|
 
|
 
|
 
|-
 
|
 
|
 
|
 
|
 
|}
 

Latest revision as of 11:30, 7 May 2021

This content has moved. See https://github.com/IHE/publications/issues/62

Retrieved from "http://wiki.ihe.net/index.php?title=ITI_Tech_Audit_Msg_Specification_New_Approach&oldid=125014"