Auditing who access patient files

[savann...@gmail.com]

We are looking at the auditing features in our current Paragon implementation and have noticed that when we try to find out who accessed a certain patient's file, everyone with access to the bed boards and tracking boards shows up in the audit as touching a file, even if they just updated the boards and did not touch the patient's actual file.  Does anyone have any tips or tricks on drilling into the auditing portion to see if someone actually looked at a patient file versus someone who just looked at the tracking boards?  Or is anyone willing to share how they audit who accesses patient files?

[Follett, Rick]

I cannot speak to the technical aspects however; we addressed this through security. 

 

ED Tracking Board is view-only through a generic sign-on.  The user doesn’t see PHI but can locate a room.  To see the patient record the user will selects the patient and is prompted to use their own credentials to log-in.  That is the only way to see the patient details.

 

Rick Follett

CIO

The Good Samaritan Health System

--
You received this message because you are subscribed to the Google Groups "Paragon CIO" group.
To unsubscribe from this group and stop receiving emails from it, send an email to paragon-cio...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

This Message is intended only for the use of the individual or entity to which it is addressed, and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination or copying of this message or the taking of any action in reliance on the contents of this message is strictly prohibited. If you have received this message in error, please notify us immediately and destroy the original message. Thank you.

[Savanna Myer]

My understanding (at least with how we have it set up here) is that our generic users can see pretty much everything in a patient record so our tracking boards can house all of that information.  We have been filtering those out of our audits.  Our issues comes with someone who accesses the tracking board using their own log in and user information, but is looking at everyone on the tracking board, not a specific patient.  So, if I am an ER nurse and I pull up the tracking board, I can see everyone's information.  If we do an audit of the patient files the ER nurse shows up and looking at a patient file, because they looked at the tracking board.

I was hoping there would be some way to filter our who looks at tracking boards versus who actually drills into the patient information.