As per discussion in Access/Audit logging, adding a request for a Audit log that can be available to Administrators to review activity by users on the Platform.
Activities that should be tracked include :
- Moves/Adds/Changes/Deletes (MACD) to Patient records
- MACD to Appointments (we get some of this from Appointment Logs, but could be more comprehensive)
- MACD to Invoices and Products (Invoice Activity log was FR’ed at Invoice activity log)
- MACD to users and Administrators.
The lack of ability to track these at the moment is a significant Security and Privacy Risk. It could allow Security and Privacy breaches to be covered up without a trail, and this has significant implications for Health Records in a variety of jurisdictions.
Please add to the request list.