User and Patient Audit History

Location: Tools

The Audit Log Viewer shows a history of the actions that occurred within this application related to patients and Updox user accounts. This information is useful for:

•Investigating HIPAA privacy issues

•Monitoring if users are accessing records they should not

•Investigating who changed a user's settings or a patient's information

•Meeting MU/MACRA requirements

The information that can be linked to a patient includes:

•Address Book (patient contacts)

•Messages to/from the Updox Patient Portal

•Direct messages with a Clinical Summary (CCD) attached

•Appointments

•Patient Payments

•Analytics - patient spreadsheet download

•Note: faxes are not logged since they aren't tied directly to a patient in the Updox application

To view the history:

1.Go to Menu > Tools > User and Patient Audit History.

2.Select the filters you want to use.

•Subject Type - (required) - select the log to view (Users or Patients)

•Action - (optional) - limits the report to a selected action; the default is all actions

•Patient/User - (optional) - limits the report to a selected patient (or user); the default is all

•Modified By - (optional) - limits the report to the selected user who performed the actions; the default is all

•From - (required) - enter the start date (information is available starting in 3rd quarter 2016),

•To - (required) - enter the ending date; the default is the current date

3.Click Search.

4.To sort the report, click the arrows by one of the column headings. Click again to reverse the order.

5.To download the report to a .csv file (which is easily viewed in a spreadsheet application, e.g. Excel), click Export to CSV File.

6.To navigate through the pages, click the paging arrows or enter a specific page number.

Actions - Patient Log

The actions logged about patients include:

•Add

•Cancel

•Change

•Delete

•Download

•Print

•Save to EHR

•Transmit

•View

Actions - User Log

The actions logged about user accounts include:

•Add

•Change

Log Info

The audit log entries include:

•Patient (or User)

•Date/time

•Modified by

•Action

•Field/Category (if the action is change or delete this will be a specific field name; otherwise it will be a category of data (e.g. demographics)

•Previous Value  (if the action is change or delete)

•New Value (if the action is update)