Access Logging Module
The Access Logging module has been abandoned. Please see the Usage Statistics module for similar functionality.
Overview
The Access Logging module keeps a log of all access to individual patient and encounter records. The module records the patient or encounter accessed, the user who accessed the record, and time of the access.
Administrators are able to query the log based on a specific user, patient, and/or date range.
Usage
Download and install the module and it will immediately begin logging all access of patient and encounter records.
On the Administration page, the Access Log section provides options to Query the Access Log, Manage the Access Log, and Purge the Access Log.
Query Access Log
The Query Access Log option queries the access log based on certain parameters. Select a specific User to restrict the query to only those records accessed by that user. Select a specific Patient to restrict the query to that patient's records, including all Encounters linked to that Patient. Select a start date and/or end date to restrict the query to a certain date range. Toggle the "Include Patient Access Log" and "Include Encounter Access Log" checkboxes to limit the query to only Patient records or Encounter records.
None of the query parameters are mandatory; leaving all the parameters empty will result in the entire access log being returned.
Manage Access Log
Manage Access Log allows administrators to turn on and off the logging of patient and/or encounter accesses, and to exclude logging of methods that return sets of Patients and Encounters.
The module works by intercepting all calls to the Patient and Encounter services, and creating a new log entry whenever the respective service returns a Patient or Encounter object. Unchecking "Enable Patient Service access logging" will disable the interception of the Patient Service, and unchecking "Enable Encounter Service access logging" will do the same for the Encounter Service.
When "Exclude methods that return sets of Patients" is checked, the module will not log methods that returns sets of Patient, only methods return a single Patient. This is helpful to exclude the logging of patient searches. "Exclude methods that return sets of Patients" defaults to true.
"Exclude methods that return sets of Encounters" works in a similar manner, and also defaults to true.
Note that the module has to be restarted via the Manage Modules section for these change to take affect.
Purge Access Log
Purge Access Log allows administrators to permanently delete all logs before a certain date. This section also provides a count of the current number of rows in the access log table.
Required Privileges
Query Access Log requires "Query Access Log" privilege
Manage Access Log requires "Manage Access Log" privilege and "Manage Settings (formerly Global Properties from platform 1.8 downwards)" privilege (since the configuration parameters are stored as Settings (formerly Global Properties from platform 1.8 downwards))
Purge Access Log requires "Purge Access Log" privilege
Download
Future Functionality
Ability to create alerts to notify users when certain patient records are accessed
Release Notes
Version 1.1.5
Added ability to configure whether or to log methods that return sets of Patients and Encounters
Version 1.1.0
Added ability to purge access log
Added ability to configure access log to intercept only the Patient Service or the Encounter Service
Added logging of methodName
Added query parameters to the query results display
Implemented caching in after returning advice
Fixed bug in Query Access Log section with patient and encounter widgets
Version 1.0.1
Initial version with basic query functionality
Developers
??@Mark Goodrich