oracle.hsgbu.hdr.auditing (Oracle Healthcare Data Repository v8.0 API)

Interface Summary
Interface	Description
AuditAccessLogII	This interface provides getter and setter methods for OHF_AU_ACCESS_LOG_II table values
AuditService	Defines a create method that logs an audit event.
EventLog	Defines an `EventLog` value object.

Class Summary
Class Description

AuditingHelper
Provides factory methods that creates and returns empty instances of the EventLog value object defined in the auditing package.

Class Summary
Class	Description
AuditingHelper	Provides factory methods that creates and returns empty instances of the `EventLog` value object defined in the `auditing` package.

Package oracle.hsgbu.hdr.auditing Description

Assists in determining compliance with, and detecting actual or attempted violations of established policy and operational procedures. The auditing service, which is a core HDR service, records details of relevant events in the HDR platform in a chronological order. This enables reconstruction of events at a later stage for verification.

There are two types of audit events, security and application events. Currently, only security events are tracked by the auditing service. Security events are of two types:

User access events: These are events of calling applications invoking the HDR security services, such as login and check for authorization. They are logged by service interfaces of HDR security services.
Security administration events: These are events of calling applications manipulating components of the security policy, such as principal, role, and rule. They are logged by management interfaces of HDR security services.

An audit entry records details of a relevant event. The data fields in an audit entry are of two types: standard fields and custom fields. Standard fields, which correspond to fields in the proposed HL7 Common Audit Message standard, can be further divided into five categories:

Event Identification - Details of what was done and when.
User Identification - Details of who did (authored, entered, signed) it.
Object Identification - Details of the object to which the event was applied.
Access Point Identification - Details of where the event originated.
Transaction Identification - Details of the context in which the event occurred. The attributes of a context include:

Role of the user logged in.
Organization from which the user logs in.
Medical transaction in which the event happens.
Data owner (Example, patient) whose data is accessed by the event.

All audit entries contain standard fields, while the number and type of custom fields are specific to event types. For example, Event Date/Time is a standard field indicating the date and time at which the event occurred. Whereas Rule Name, which indicates the authorization rule based on which a grant decision is made, is a custom field applicable only to authorization events.

The EventLog interface specifies all the data fields, both standard and custom, for an audit event as its attributes. Accessor methods defined in this interface set and get values of these attributes. Classes that implement this interface are value objects that contain details of an audit event.

These details are logged to an audit trail using the createEventLog method of the AuditService interface.