Premium Feature — Available in the Professional Plus, and Enterprise Editions. Learn more or contact LabKey.

Compliance module logging is designed to answer questions such as:

  • Which users have seen a given patient's data? What data was viewed by each user?
  • Which patients have been seen by a particular user? What data was viewed for each patient?
  • Which roles and PHI levels were declared by each user? Were those declarations appropriate to their job roles & assigned responsibilities?
  • Was all data the user accessed consistent with the user's declarations?

What Gets Logged

The default behavior is to log only those queries that access PHI columns.

To open the Audit Log:

  • Select (Admin) > Site > Admin Console.
  • Click the Admin Console Links tab.
  • Under Management click Audit Log.
  • The following compliance-related views are available on the dropdown:
    • Compliance Activity Events - Shows the Terms of Use, IRB, and PHI level declared by users on login.
    • Logged query events - Shows the SQL query that was run against the data.
    • Logged select query events - Lists specific columns and identified data relating to explicitly logged queries, such as a list of participant id's that were accessed, as well as the set of PHI-marked columns that were accessed.
    • Site Settings events - Logs compliance-related configuration changes to a given folder, that is, changes made on a folder's Compliance tab.
    • User events - Records login and impersonation events.

To change the logging behavior of a folder, see Compliance: Configure PHI Data Handling.

Related Topics

Discussion

Was this content helpful?

Log in or register an account to provide feedback


previousnext
 
expand all collapse all