Skip to main content
Audit logs give you a complete, tamper-proof record of what happens in your clinic. Every significant action — from creating a patient record to viewing a clinical note — is logged with full context about who did it, when, and from where.
Admin only — Only administrators can view audit logs.

What gets logged

The platform automatically logs every significant action in the system. You do not need to enable logging — it runs by default and cannot be turned off. Logged actions include:
  • Record creation — New patients, appointments, invoices, clinical notes, and other records
  • Record updates — Changes to existing records, including which fields were modified
  • Status changes — Appointment status transitions, invoice payment updates, claim status changes
  • Document views — When a user opens a patient record, clinical note, or financial document
  • Login events — Successful and failed login attempts
  • Permission changes — Role or permission modifications for staff members
  • Data exports — When reports or records are downloaded or exported

Anatomy of a log entry

Each audit log entry captures:
FieldDescription
WhoThe user who performed the action (name and role)
WhatA description of the action and what was changed
WhenExact timestamp of the action
IP addressThe IP address from which the action originated
DeviceBrowser and device information (user agent)
This level of detail makes it possible to reconstruct exactly what happened during any event, which is essential for compliance investigations and internal reviews.

Querying audit logs

The audit log viewer provides powerful filtering to help you find specific events quickly.

Filter options

Date range

Select a start and end date to narrow results to a specific time window. Useful for investigating incidents that occurred on a known date.

Action type

Filter by the type of action — creation, update, deletion, view, login, etc. Helpful when you are looking for a specific kind of event.

User

Show only actions performed by a specific staff member. Use this to review an individual’s activity history.

Patient

Filter by patient to see every action taken on or related to a specific patient record. Critical for patient-specific audits.
1

Open audit logs

Navigate to Admin > Audit Logs.
2

Apply filters

Use the filter bar to select your criteria — date range, action type, user, patient, or any combination.
3

Review results

Results appear in reverse chronological order (most recent first). Click any entry to expand its full details, including IP address and device information.
Combine filters for precise investigations. For example, filter by a specific user and date range to review everything a staff member did during a particular shift.

HIPAA compliance

Our audit logging is designed with healthcare compliance in mind. The system follows a principle of access logging without content exposure:
  • When a user views protected health information (PHI), the log records that the record was accessed and by whom
  • The log never captures the actual medical content — no clinical note text, diagnosis details, or treatment information appears in log entries
  • This approach satisfies HIPAA’s audit trail requirements while ensuring that the logs themselves do not become a secondary PHI repository
Audit logs are read-only and tamper-proof. Neither administrators nor our support team can modify or delete log entries. This ensures the integrity of your compliance trail.

What HIPAA flagging looks like

When a user accesses protected health information, the log entry includes a PHI access flag. This flag indicates that the action involved health data without revealing the data itself. For example:
  • “Dr. Ahmed viewed clinical notes for patient DN6K-M9P2” — flagged as PHI access
  • “Reception updated phone number for patient DN6K-M9P2” — not flagged (contact info update, not clinical data)
This distinction helps compliance officers quickly identify which log entries involve sensitive health data during audits.

Common audit scenarios

If a patient or staff member raises a concern about unauthorized data access, filter audit logs by the patient’s name and review all access events. The log shows exactly who viewed their records, when, and from what device.
When a staff member leaves your clinic, review their recent activity in audit logs before deactivating their account. This helps identify any unusual last-minute access patterns.
Before an external audit, filter logs by PHI access events over the relevant period. Export or screenshot the results to have documentation ready for auditors.
If a patient’s record appears to have incorrect information, use audit logs to trace every modification back to its source. The log shows what was changed and by whom.

Retention

Audit logs are retained for the lifetime of your clinic’s account. There is no automatic purging or rotation. Historical logs remain accessible regardless of how long ago the events occurred.

Best practices

Do not wait for an incident to check audit logs. A monthly review of access patterns helps you spot unusual behavior early.
When a patient exercises their right to know who accessed their records, the patient filter gives you a complete access history in seconds.
Keep a record of when and why you reviewed audit logs. This demonstrates proactive compliance management during external audits.