Audit log and access reviews
What is logged, where to read it, and how to run a quarterly access review.
- Updated
- Updated
- Reading time
- 5 min read
- Tags
- auditcompliancehipaa
Every read and write to a chart is logged. The audit log is your single source of truth for HIPAA access reviews.
What is logged
Sign-ins, chart opens, note edits, prescription sends, role changes, exports. Each entry has user, timestamp, IP, and the affected record.
Quarterly access reviews
Establishment → Audit → Access reviews. Generate a report listing every active user, their roles, and last login. Mark each as reviewed; the report is timestamped and archived for your compliance file.
Was this article helpful?
Be the first to rate this article.