Audit trails

From Clinfowiki
Revision as of 06:21, 11 October 2014 by Annathehybrid (Talk | contribs)

Jump to: navigation, search

Audit Trails are logs that include the date and time of access, the information or record accessed, and the user ID under which access occurred.

Organizations should maintain in retrievable and usable form audit trails that log all accesses to clinical information. [1]

Organizations that provide health care to their own employees should enable employees to conduct audits of accesses to their own health records. Organizations should establish procedures for reviewing audit logs to detect inappropriate accesses. We should provide procedures for and a record of “random” sampling of the audit logs.

HIPAA compliance

HIPAA audit refers to maintaining audit trails that log all accesses to clinical information.

  • Questions to be considered when designing an audit trail:
  • Audit trails accessible by authorized users only?
  • Patients have the right and ability to request and review audits of all accesses to their electronic medical records?
  • Healthcare organizations should allow employees to conduct audits of accesses to their own health records?
  • Procedures for and a record of “random” sampling of the audit log should be available?

References

  1. Protecting Electronic Health Information (1997) http://www.nap.edu/catalog.php?record_id=5595
Retrieved from "https://clinfowiki.org/wiki/index.php?title=Audit_trails&oldid=18018"