Implement Audit Logging

Implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use ePHI.

## Acceptance criteria
- [ ] Log all access attempts (successful and failed)
- [ ] Log all user authentication events
- [ ] Log modifications to ePHI
- [ ] Timestamp, user ID, action, resource accessed, source IP
- [ ] 6-year retention
- [ ] Tamper-evident

---
**Source:** § 2.2.1

> Covered entities MUST implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use ePHI.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Implement Audit Logging #5

Acceptance criteria

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Implement Audit Logging #5

Description

Acceptance criteria

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions