½ðɳÓéÀÖ

Most information systems, including electronic health records that contain ePHI have the ability to create log files, which describe the activity occurring to, or within the system. A timely review of system activity can give insight into potential issues that may negatively impact the security of protected health information.

The purpose of this policy is to establish ½ðɳÓéÀÖ University's compliance with federal HIPAA regulations including standard practices for reviewing system activity within information systems. These types of reviews may include the activity and access logs of ½ðɳÓéÀÖ University medical record systems which store ePHI.

PUNID required to review policy.

Form: