Access/Audit logging


#1

Hi There,

Just recently getting to grips with Cliniko. One thing I can’t find is any access or audit logging. I would like to be able to review login/logout activity, as well as actions performed by practitioners/admins/reception in the case that there is a need to review or audit activity on the system.

Is there any way to do this? The practice I’m working with is particularly security conscious, and I have in the past needed to perform these sorts of forensic activities (don’t ask… :frowning: ).

If not, can we add this as a feature request?

Cheers,

R.


#2

Hey R

We don’t log activity like that, so unfortunately you won’t find any way to review things like that in Cliniko yet, sorry!

As I understand it, this is required for HIPAA (in the US), so once we look to become HIPAA compliant, we’ll definitely be adding logs like this though. So it’s on the feature request list! Thanks for the suggestion though! :smile:


#3

Hi Jim,

Thanks for the answer, although I find that response somewhat worrying. Access and Audit logging is a fairly standard database feature, and the system must have some way of attaching an identity to authentication actions and read/write activities on the database. Considering we are talking about Health data here, it raises some questions about what capacity consumers and Cliniko have to actively manage and monitor for potential breaches.

R.


Audit and Activity Log for users
#4

Pinging this again. I am now having to investigate unusual activity in Cliniko and cannot work out whether its a database corruption issue or a practitioner doing the wrong thing. Without login histories or audit logs, I’m stuck.


#5

Sorry for the lack of response here! I missed the emails about this.

Can you send us an email to support@cliniko.com with the Cliniko account you’re using? We would be more than happy to assist in trying to help identify any issues you’re having.

I agree that having some transparent logging of activity would be a great thing to add to Cliniko. We’ve got it logged as a feature request. But we can try to help with whatever issue you’re having!


#6

Hi @jim,

We’ve already worked through this incident with the support team, we identified a bug that caused some of what we saw, and the rest we worked out can’t easily be tracked with existing tooling.

How do we +1 the Feature Request, or see the FR queue?


#7

Not a “queue” as such, but you can post FR right here on this board!

https://community.cliniko.com/c/feature-requests


#8

FR Created - Audit and Activity Log for users