Access/Audit logging


#1

Hi There,

Just recently getting to grips with Cliniko. One thing I can’t find is any access or audit logging. I would like to be able to review login/logout activity, as well as actions performed by practitioners/admins/reception in the case that there is a need to review or audit activity on the system.

Is there any way to do this? The practice I’m working with is particularly security conscious, and I have in the past needed to perform these sorts of forensic activities (don’t ask… :frowning: ).

If not, can we add this as a feature request?

Cheers,

R.


#2

Hey R

We don’t log activity like that, so unfortunately you won’t find any way to review things like that in Cliniko yet, sorry!

As I understand it, this is required for HIPAA (in the US), so once we look to become HIPAA compliant, we’ll definitely be adding logs like this though. So it’s on the feature request list! Thanks for the suggestion though! :smile:


#3

Hi Jim,

Thanks for the answer, although I find that response somewhat worrying. Access and Audit logging is a fairly standard database feature, and the system must have some way of attaching an identity to authentication actions and read/write activities on the database. Considering we are talking about Health data here, it raises some questions about what capacity consumers and Cliniko have to actively manage and monitor for potential breaches.

R.