A part of the HIPAA guidelines is that access logs are kept each time someone has access to protected health information.
This allows you to look back through the logs to see who accessed the information during a specific time period in case you suspect a violation of policy or data breach.
This log data is saved in the HIPAA FORMS Service database to ensure the integrity of the data and may be shared with investigators if requested by authorities if a potential data breach or violation is suspected.
Beyond just logging when someone accesses the HIPAA Forms admin dashboard, we also log each time someone interacts with a specific form. This gives you a much more granular way of reviewing the history of a specific form in case of a potential breach or during a self-audit. This log includes the user’s name, ID, date/time and the event such as viewing, archiving, deleting or generating an encrypted PDF version of the form.