Actions
Story #20
openEpic #1: Access Control & Identity Management
Log Authorization Failures for PHI Access Attempts
Status:
New
Priority:
Medium
Assignee:
-
Target version:
-
Start date:
12/24/2025
Due date:
% Done:
0%
Estimated time:
Acceptance Criteria:
1. All denied access attempts are logged
2. Logs include user ID, role, resource, timestamp
3. Logs are tamper-resistant
4. Logs are retained per retention policy
DOR:
No
Story Points:
Work Type:
Feature
User Impact:
Technical Area:
Release Narrative:
Planned Sprint:
Completed In Sprint:
Spillover Reason:
Deployment Reference URL:
Description
User Story:
As a security auditor,
I want failed authorization attempts logged,
So that suspicious access patterns can be detected.
No data to display
Actions