Questions about Fileman Audits, and CPRS history
120 views
Skip to first unread message
Kevin Toppenberg
Jul 6, 2012, 5:33:01 PM7/6/12
to hard...@googlegroups.com
Someone suggested an extension to CPRS that seems like a good idea: A history log of patients accessed from CPRS. It would be kind of like a web browser's record of sites visited. CPRS currently shows the last patient a provider accessed, but doesn't help if you try to remember someone you saw earlier this morning, or perhaps yesterday or last week. I think I want to put this into TMG/Astronaut-CPRS.
So it seems that such a record should/could be done through the audit trails. So I did a bit of reading about auditing here:
http://hardhats.org/fileman/u2/au_frm.htm
Here I see that one can set up an audit trail for entering, changing, or deleting data. But I don't see that viewing the data is audited.
I thought that being able to see which user viewed which documents was a Meaningful use criteria. Is this correct?
So before I re-invent the wheel again
1. Is there already a history record of data viewed?
2. Does Fileman support auditing the viewing of data?
3. Any thoughts or pointers before I get started?
Kevin
So it seems that such a record should/could be done through the audit trails. So I did a bit of reading about auditing here:
http://hardhats.org/fileman/u2/au_frm.htm
Here I see that one can set up an audit trail for entering, changing, or deleting data. But I don't see that viewing the data is audited.
I thought that being able to see which user viewed which documents was a Meaningful use criteria. Is this correct?
So before I re-invent the wheel again
1. Is there already a history record of data viewed?
2. Does Fileman support auditing the viewing of data?
3. Any thoughts or pointers before I get started?
Kevin
Sam Habiel
Jul 6, 2012, 6:58:33 PM7/6/12
to hard...@googlegroups.com
Already done. David Whitten I believe wrote the code.
https://trac.opensourcevista.net/svn/audit/trunk/kids/
Sam
> --
> http://groups.google.com/group/Hardhats
> To unsubscribe, send email to Hardhats+u...@googlegroups.com
https://trac.opensourcevista.net/svn/audit/trunk/kids/
Sam
> http://groups.google.com/group/Hardhats
> To unsubscribe, send email to Hardhats+u...@googlegroups.com
David Whitten
Jul 6, 2012, 7:28:06 PM7/6/12
to hard...@googlegroups.com
Well, I wrote part of the code. Wally Fort and George Timson wrote some too.
George Timson
Jul 7, 2012, 11:09:38 AM7/7/12
to Hardhats
At the VistA Community meeting of January, 2008, I showed how
Medsphere FileMan (http://www.hardhats.org/fileman/MSC.html) can be
used to do audits of accesses to the PATIENT File, and indeed to any
File. The entry point (which I also sneaked into VA FileMan) is
ACCESSED^DIET. In Medsphere's OpenVista (http://sourceforge.net/
projects/openvista/files/) the call is from the lookup routine
DGSEC4. More generally, you could call ACCESSED^DIET from any File's
POST-SELECTION ACTION (http://www.hardhats.org/fileman/pm/
afd_10.htm). Each access to an entry in the File is then logged in
the audit-trail for the .01 field of that File. These audits can be
purged when desired in the usual way for audits (http://
www.hardhats.org/fileman/u2/au_field.htm#Purging).
--George Timson
Medsphere FileMan (http://www.hardhats.org/fileman/MSC.html) can be
used to do audits of accesses to the PATIENT File, and indeed to any
File. The entry point (which I also sneaked into VA FileMan) is
ACCESSED^DIET. In Medsphere's OpenVista (http://sourceforge.net/
projects/openvista/files/) the call is from the lookup routine
DGSEC4. More generally, you could call ACCESSED^DIET from any File's
POST-SELECTION ACTION (http://www.hardhats.org/fileman/pm/
afd_10.htm). Each access to an entry in the File is then logged in
the audit-trail for the .01 field of that File. These audits can be
purged when desired in the usual way for audits (http://
www.hardhats.org/fileman/u2/au_field.htm#Purging).
--George Timson
Kevin Toppenberg
Jul 9, 2012, 7:09:12 AM7/9/12
to hard...@googlegroups.com
George,
Thank you for the reply. Are you saying that this is already in MSC Fileman?
Was your presentation a proof of concept? Or has this already been set up?
Thanks
Kevin
Thank you for the reply. Are you saying that this is already in MSC Fileman?
Was your presentation a proof of concept? Or has this already been set up?
Thanks
Kevin
Nancy Anthracite
Jul 9, 2012, 9:21:01 AM7/9/12
to hard...@googlegroups.com, Kevin Toppenberg
Here it is in standard VA Fileman. :-)
ACCESSED(%F,REF) ;WILL FLAG ENTRY 'REF' IN FILE '%F' AS BEING ACCESSED BY
CURRENT USER, CURRENT TIME, CURRENT OPTION
N Y,X,%T,%D
D:'$G(DT) DT^DICRW
Q:'%F!'REF S %F=+%F,(REF,X)=+REF Q:'$D(^DIC(%F))
D ADD ;COMES BACK WITH %T AND Y--THE AUDIT REF
S ^DIA(%F,Y,0)=REF_U_%T_U_.01_U_DUZ_U_U_"i"
S ^DIA(%F,"B",REF,Y)=""
Q
;
--
Nancy Anthracite
On Monday, July 09, 2012, Kevin Toppenberg wrote:
> George,
>
> Thank you for the reply. Are you saying that this is already in MSC
> Fileman?
> Was your presentation a proof of concept? Or has this already been set up?
>
> Thanks
> Kevin
>
> On Saturday, July 7, 2012 11:09:38 AM UTC-4, George Timson wrote:
> > At the VistA Community meeting of January, 2008, I showed how
> > Medsphere FileMan (http://www.hardhats.org/fileman/MSC.html) can be
> > used to do audits of accesses to the PATIENT File, and indeed to any
> > File. The entry point (which I also sneaked into VA FileMan) is
> > ACCESSED^DIET. In Medsphere's OpenVista (http://sourceforge.net/
> > projects/openvista/files/<http://sourceforge.net/projects/openvista/files
> > />) the call is from the lookup routine
ACCESSED(%F,REF) ;WILL FLAG ENTRY 'REF' IN FILE '%F' AS BEING ACCESSED BY
CURRENT USER, CURRENT TIME, CURRENT OPTION
N Y,X,%T,%D
D:'$G(DT) DT^DICRW
Q:'%F!'REF S %F=+%F,(REF,X)=+REF Q:'$D(^DIC(%F))
D ADD ;COMES BACK WITH %T AND Y--THE AUDIT REF
S ^DIA(%F,Y,0)=REF_U_%T_U_.01_U_DUZ_U_U_"i"
S ^DIA(%F,"B",REF,Y)=""
Q
;
--
Nancy Anthracite
On Monday, July 09, 2012, Kevin Toppenberg wrote:
> George,
>
> Thank you for the reply. Are you saying that this is already in MSC
> Fileman?
> Was your presentation a proof of concept? Or has this already been set up?
>
> Thanks
> Kevin
>
> On Saturday, July 7, 2012 11:09:38 AM UTC-4, George Timson wrote:
> > At the VistA Community meeting of January, 2008, I showed how
> > Medsphere FileMan (http://www.hardhats.org/fileman/MSC.html) can be
> > used to do audits of accesses to the PATIENT File, and indeed to any
> > File. The entry point (which I also sneaked into VA FileMan) is
> > ACCESSED^DIET. In Medsphere's OpenVista (http://sourceforge.net/
> > />) the call is from the lookup routine
> > DGSEC4. More generally, you could call ACCESSED^DIET from any File's
> > POST-SELECTION ACTION (http://www.hardhats.org/fileman/pm/
> > afd_10.htm <http://www.hardhats.org/fileman/pm/afd_10.htm>). Each access
> > POST-SELECTION ACTION (http://www.hardhats.org/fileman/pm/
Kevin Toppenberg
Jul 9, 2012, 12:41:19 PM7/9/12
to hard...@googlegroups.com
OK,
so ACCESSED^DIET(%F,REF) is in standard Fileman.
The code comments say:
WILL FLAG ENTRY 'REF' IN FILE '%F' AS BEING ACCESSED BYCURRENT USER, CURRENT TIME, CURRENT OPTION
George wrote that OpenVistA used this in their patient lookup routine to trigger the accessed-log. But anyone else could also do this by putting in code to call this ACCESSED^DIET from a files POST-SELECTION ACTION.
What I still don't understand:
1. What do I pass in? I realize that %F is supposed to be the file number, but is there a variable that will contain the value of the file currently being referenced? And was is the "REF" mean, and how would I pass this it?
2. Is this being done already? Is WorldVistA doing that? Or is it just using Dave W. et al. RPC log method? If it is already being done, can someone post an example of the code stored in the POST-SELECTION-ACTION field?
3. George wrote that: "Each access to an entry in the File is then logged in the audit-trail for the .01 field of that File." I don't have all that much experience with audit trails. Will it specify that it was "accessed" as compared to write/deleted. The part where it seems to store the audit trail is as below. But I don't know how each of the pieces are being used, esp 'REF'.
S ^DIA(%F,Y,0)=REF_U_%T_U_.01_U_DUZ_U_U_"i"S ^DIA(%F,"B",REF,Y)=""
I would like to be able to use something that has already been implemented. But I am seeing only pieces of this solution, not the full picture.
Thanks
Kevin
David Whitten
Jul 9, 2012, 3:10:03 PM7/9/12
to hard...@googlegroups.com
but It isn't clear to me
how the audit file handles changes to multiples. Either the REF is an
IENS (comma separated list of IENs) and the %F is a DDnumber for the
multiple, or the REF is an IEN and the %F is the FileNumber of the
file, and something else is being done for multiples
George Timson
Jul 16, 2012, 2:22:01 PM7/16/12
to hard...@googlegroups.com
When calling ACCESSED^DIET (as I thought was obvious from the comment), %F in the number of the File and REF is the ien of the entry in that File that we are flagging as now being accessed. No sub-files.
I cannot speak for WorldVista, but this kind of access audit has been done by Medsphere customers for over six years, as I reported at Midland, since, indeed, it is required by HIPAA and meaningful use. The 'full picture' is there, and has been for years with Medsphere.
In both VA & MSC FileMan, CAPTIONED output will show 'accessed' (rather than 'created' or 'changed') if the audit is simply an 'access' audit, rather than a 'write' audit.
--George Timson
I cannot speak for WorldVista, but this kind of access audit has been done by Medsphere customers for over six years, as I reported at Midland, since, indeed, it is required by HIPAA and meaningful use. The 'full picture' is there, and has been for years with Medsphere.
In both VA & MSC FileMan, CAPTIONED output will show 'accessed' (rather than 'created' or 'changed') if the audit is simply an 'access' audit, rather than a 'write' audit.
--George Timson
Kevin Toppenberg
Jul 16, 2012, 5:52:24 PM7/16/12
to hard...@googlegroups.com
George,
Thanks for your reply. That 'REF' does seem obvious now that you say it is an IEN value. I was thinking more like CREF^DILF vs OREF^DILF type references (e.g. REF="^DPT(23,").
I'll work on this some more.
Kevin.
Reply all
Reply to author
Forward
0 new messages