Skip to main content
All CollectionsCapacity IQ®Capacity IQ® - Help ContentHIPAA Reports
Application Access Audit Report Description (HIPAA)
Application Access Audit Report Description (HIPAA)
Joe Caffrey avatar
Written by Joe Caffrey
Updated over 2 weeks ago

Application Access Audit Report (HIPAA)

Purpose

  • The Application Access Audit Report displays information about users who either

    • Signed into and performed various functions (such as adding transport requests, accessing the BedTracking® application, updating isolation types, or generating reports) in the Capacity IQ® solution

    • Accessed Capacity IQ® solution through the Interactive Voice Response (IVR) system.

  • This report allows you to track users' access to Protected Health Information (information about patients that is deemed private under the Health Insurance Portability and Accountability Act of 1996, or HIPAA)

Description

  • For each user who meets the criteria selected when the report was generated, the following information is displayed on the report.

  • The parameters that were selected when the report was generated (such as campus, date, and time range, or user names) appear on the report.

    • To generate this report, you must have the Access Application Level HIPAA Audit Data permission.

    • The report includes only transactions that occurred within the date range selected when the report was generated.

    • Dates and times appear in the format configured in the Admin Tool component or in Admin > Settings > Capacity Management. For example, dates might appear in dd/mm/yyyy format (07/05/2016 is May 7, 2016) and times might appear in twenty-four-hour format (16:00 is 4 PM).

    • Data can be grouped by user or by patient.

    • If data is grouped by patient, then the report shows all transactions related to the selected patients, regardless of which user performed the transactions. At least one patient name must be selected when the report is generated.

    • If data is grouped by user, then the report shows all transactions associated with each user listed on the report, regardless of the campus in which the transactions occurred.

    • The report shows only the transaction types that were selected in the Inclusions list when the report criteria was selected.

Applications Access Audit Report

Name

Description

Date

The date of each transaction associated with the user or patient (for example, the date that the user signed in or was notified about a transport job).

Time

The time of each transaction associated with the user (for example, the time that the user signed in or was notified about a transport job).

Transaction Type

The kind of transaction associated with the user (for example, signing in, transport job notification, adding a transport job, signing out) and whether the user accessed the application or had patient access through the IVR or the application. Only the transaction types that were selected in the Inclusions list when the report criteria was selected appear. If none were selected, all types appear. If Patient Access-Patient Information Accessed appears, then a user accessed the Patient Placement Details form (even if they did not make changes) OR the user set or cancelled a patient's Pending Discharge or Confirmed Discharge status. Patient Access-Patient Information Accessed is only available if the report is grouped by patient. If the user who generated the report selected Patient Badging in Inclusions, then this box shows when users navigate to the Patient Badging page. The Patient Badging page is used to associate a patient with a Location IQ® patient badge. If a user accesses the page multiple times during one session, the report will show only one time per session.

IP/IVR

The workstation IP address used to perform the transaction. If the transaction was performed over the IVR, this column displays IVR.

Job #

If App Access-Add Transport Request, App Access-Modify Transport Request, or Patient Access-Transporter Accepts Job were selected in the Inclusions list on the Report Criteria page (or all options in the Inclusions list were included in the report), then the identification code of the transport job associated with the transaction appears in this column. Patient transport jobs and item transport jobs that have patients associated with them are included. If not, then N/A appears.

Patient or User

If the report is grouped by patient, then this column is called User. If the report is grouped by user, then this column is called Patient. (Please see the notes above for more information about how data is grouped.) In the Patient column, if App Access-Add Transport Request, App Access-Modify Transport Request, or Patient Access-Transporter Accepts Job were selected in the Inclusions list on the Report Criteria page (or all options in the Inclusions list were included in the report), then the name and/or identification number of the patient associated with the transaction appears in this column. If not, then N/A appears. The IDs of patients who were associated with item transport jobs are included. If the report was grouped by patient, then the name and IVR ID of the user associated with the transaction appears in this column.

Did this answer your question?