Auditable Events Sample Clauses
The Auditable Events clause establishes the requirement for parties to maintain records of specific actions or transactions that may be subject to review or inspection. In practice, this clause typically obligates one or both parties to document activities such as financial transactions, data access, or system changes, and to make these records available for audit by the other party or a designated third party upon request. Its core function is to ensure transparency and accountability, enabling verification of compliance with contractual obligations and helping to detect or prevent errors, fraud, or misuse.
Auditable Events. Each Participant shall utilize the security policy established by the QHIN with whom the Participant has a signed a Participant-QHIN Agreement to identify a set of auditable events. Said security policy shall be consistent with the QHIN’s security policy but with appropriate modifications based on the transactions being performed. Each Participant’s security policy shall include the following auditing requirements for each Exchange Purpose that it performs:
(i) A list of auditable events described in said security policy;
(ii) An audit log including records for all auditable events identified by said security policy. A Participant shall retain all audit logs (both electronic and non-electronic) in accordance with Applicable Law and make such audit logs available during any audit; and
(iii) A record of an auditable event which at a minimum should include the following information: • The description of the event; • The date and time the event occurred; • A success or failure indicator; and • Where appropriate, the identity of the entity and/or operator that was responsible for the event.
Auditable Events. Each QHIN shall abide by the auditable events requirements described in the QHIN Technical Framework. Additionally, each QHIN’s security policy shall include the following auditing requirements for each Exchange Purpose that it performs:
(i) Auditable events as required by the QHIN Technical Framework;
(ii) An audit log including records for all auditable events required by the QHIN Technical Framework. A QHIN shall retain all audit logs (both electronic and non-electronic) in accordance with Applicable Law and make such audit logs available during any audit; and
(iii) A record of an auditable event which at a minimum should include the following information: • The description of the event; • The date and time the event occurred; • A success or failure indicator; and (where appropriate) • The identity of the entity and/or operator that was responsible for the event.