This topic is under construction for the 17.1 release of LabKey Server.

Compliance module logging is designed to answer questions such as:

  • Which users have seen a given patient's data? What data was viewed by each user?
  • Which patients have been seen by a particular user? What data was viewed for each patient?
  • Which roles and PHI levels were declared by each user? Were those declarations appropriate to their job roles & assigned responsibilities?
  • Was all data the user accessed consistent with the user's declarations?
Site administrators can view the standard audit logs by visiting Admin > Site > Admin Console. Under Management click Audit Log.

What Gets Logged

The logging behavior described here is only an example -- other logging behavior is customized for each client's regulatory requirements. Each application determines how the logging is configured.

Declare Activity and Accept Terms of Use

Access PHI Data

When a user accesses PHI data (for example, a data grid which includes PHI columns) the following logs are made:

Access non-PHI Data

  • Entries are made in Logged Query Events. Argos does not log Patient IDs for access to non-PHI data.

Share Grids and Filters

Compliance Activity Events

The log is available at: Admin > Site > Admin Console. Under Management click Audit Log. From the dropdown, select Compliance Activity Events.

Captures the role, IRB, PHI level, and terms of use declared on login.

Logged Query Events

The log is available at: Admin > Site > Admin Console. Under Management click Audit Log. From the dropdown, select Logged Query Events.

Logged Select Query Events

The log is available at: Admin > Site > Admin Console. Under Management click Audit Log. From the dropdown, select Logged Select Query Events.

Related Topics

discussion

Discussion

Search 

Pages 

previousnext
 
expand all collapse all