IHE ATNA
IHE ATNA (Audit Trail and Node Authentication) is implemented in the ATNA Audit module (planned v1.1.0).
What ATNA requiresโ
- Every node must authenticate before transmitting health data
- All PHI access events must be recorded in an audit trail
- Audit records must be tamper-evident and non-repudiable
- Audit trail must be queryable
Implementation planโ
The AJ Smart FHIR Platform implements ATNA using FHIR AuditEvent resources
stored on the HAPI FHIR server:
{
"resourceType": "AuditEvent",
"type": { "code": "rest" },
"action": "R",
"recorded": "2025-01-15T10:05:23Z",
"outcome": "0",
"agent": [{ "reference": "Practitioner/dr-smith-123" }],
"entity": [{ "reference": "Patient/ePatient-456" }]
}
Every audit event is written asynchronously via @Async @EventListener โ
never blocks the request path.
Events auditedโ
| Event | Trigger |
|---|---|
| Clinician login | Successful authentication |
| Launch token created | Portal launch |
| Token issued | /oauth2/token success |
| FHIR resource accessed | Every HAPI FHIR request |
| Consent granted | Patient consent action |
| Consent revoked | Patient revocation |
| Access denied | Scope or consent check failure |
Statusโ
ATNA Audit is planned for v1.1.0 alongside the Consent Manager.