ABCDEFGHIJKLMNOPQRST
1
ItemASTMCCHITDoDHL7HALCIEEEIHEMU1MU2NEMAOBPCISANSNISTHITSPCHI
2
Access/View1121141111115
3
Disperse/Deliver123
4
Merge record11
5
Unmerge record11
6
User login111121121112
7
Modify log content11114
8
Modify user account111115
9
Delete user account1113
10
User logout1111116
11
Session Timeout11114
12
Delete log content112
13
Access log content1113
14
Disable audit1113
15
Enable audit1113
16
Grant access right112
17
Revoke access right112
18
Update classification configuration that affect protected information112
19
Update function definition112
20
Update role definition112
21
Update security domain definition112
22
Activate classification definition11
23
Activate function definition11
24
Activate role definition11
25
Activate security domain definition11
26
Activation of data definition11
27
Create classification definition11
28
Create function definition11
29
Create permission definition11
30
Create role definition11
31
Create security domain definition11
32
Deactivate classification definition11
33
Deactivate function definition11
34
Deactivate role definition11
35
Deactivate security domain definition11
36
Deactivation of data definition11
37
Update data definition11
38
Date & Time11111111111112
39
User Identification1111111111111
40
Role ID112
41
Success/Failure11111117
42
Destination ID1113
43
Object affected data lifecycle11
44
Object affected ID type11
45
Object affected type11
46
Deassign22
47
Create user account21115
48
Modify user privileges211116
49
Type of Event112111111111
50
Source21213111113
51
Object affected12111118
52
Source Type22
53
Assign325
54
Resolve/complete1438
55
Create1215171111122
56
Modify11518111120
57
Cancel549
58
Delete1111411111---13
59
Startup1131111110
60
Shutdown11311119
61
Security Administration Events (General/Other)1152121114
62
Export1113
63
Create log files112
64
Detection of malicious activity112
65
Emergency mode operation112
66
Change system date/time11
67
Change to network security configuration11
68
De-identify PHI11
69
Hardware modification11
70
Re-association of data11
71
Switching to another user's access after logging in with one'own identification11
72
Update virus signatures11
73
Print (or fax)112
74
Faults/Errors11215
75
Node authentication failure1124
76
Closed network connection111137
77
Unauthorized access attempt211116
78
Initiate network connection11125
79
Access to cryptographic keys11
80
Chage audit configuration11
81
Change of access protocol/port11
82
Change to access control11
83
Disable access protocols/ports11
84
Enable access protocols/port11
85
Exhausted resources325
86
Functions initiated by automated data processing operators11
87
Hardware additions11
88
Hardware deletions11
89
System hardware maintenance actions11
90
Backup123
91
Account lockout11
92
Restore11
93
Application/component intallation11
94
Disable encryption11
95
Enable encryption11
96
Invalid input11
97
Override of human-readable output markings11
98
Copy11
99
overrides the consent directives of a patient/person via the EHRi;11
100
accesses, via the EHRi, data that is locked or masked by instruction of a patient/person;11