Skip to Main Content
Dream Factory by TruBridge Ideas Portal
Categories Security
Created by Emma Fanter
Created on Mar 8, 2023

Better Auditing tool

When running an Audit Log for Hipaa, can we get a new tool that is more detailed as to what the program is to actually show what the employee is doing.

  • Attach files
  • Dawn Christian
    Reply
    |
    Jan 10, 2025

    I agree with this completely. HIPAA auditing (while I'm new at using Thrive, I'll admit) is very cumbersome. I also hate to compare to Centriq, but the 'old' Centriq audit tool (the one that was discontinued in User Admin (not the one available in the Hospital module)), was an incredible tool. I could understand and follow every single move throughout a chart.

    What I've found in Thrive is that even the simple security audit, when sorting by 'timestamp', it doesn't really sort by timestamp. It's not a chornological click by click timestamp. It may only be off by seconds, but it makes following the path difficult.

    I had to do a user audit and found that the descriptions were vague and coded in a way that offered no useful description as to the action that took place. I had to pause, audit a chart (already in my queue to audit) to try to recreate the same path and actions to compare my own user audit results to the user audit I was intentionally trying to complete. This is a very inefficient way to complete this task.

    Finally, adding the patient name (since the profile number and visit ID are already visible) to the security audit log would be of most help for the entire process. When auditing a user, it's especially helpful to have a quick visual cue as to whose chart is being accessed.

    I would love to be a part of assisting in enhancing this feature for both user audits, and chart audits.

    Thank you!

  • Susan Stevens
    Reply
    |
    Sep 13, 2023

    I added this to another Idea and will also continue to add to any that I come across regarding HIPAA auditing so please feel free to vote for all of them:0) To expound upon this further, I feel the "descriptors" of the path users are taking which could also then be clicked on to take you directly to the specific patient and document or area accessed. It is very difficult to complete a comprehensive review of an audit trail when the naming conventions don't really tell you anything. Example, and I apologize for the comparison to Centriq: Ability to have a drop down that not only covers a specific date range, but also additional dropdowns for search of specified user (both actual name and username), drop down with search for patient names, drop down with search for specific area of chart such as Notes, Lab, Documents and ability to search from dropdown for service type (IP, ER, OP, etc.). After that point, the ability to click on the "Note" and it will bring up the exact note a user had accessed.