Audit Logging
DPC Pro maintains a detailed activity log of every significant action taken in your practice (who did what, when, and from where), giving you a complete audit trail for HIPAA compliance and security monitoring.
The activity log records access to patient records, changes to data, login events, exports, and administrative actions. For AI-specific activity tracking, see the AI Assistant Audit Log. Administrators and Owners can search, filter, and export the log from the audit dashboard.
What Gets Logged
Section titled “What Gets Logged”DPC Pro records the following types of activity in the audit trail:
| Action | What Is Recorded |
|---|---|
| Create | A new record was created (patient, appointment, clinical note, membership, etc.) |
| Read / View | A record containing patient information was viewed |
| Update | An existing record was modified, including a summary of what changed |
| Delete | A record was removed |
| Login | A successful or failed login attempt, including the portal used (staff or patient) |
| Logout | A user ended their session |
| Export | Data was exported from the system (CSV, JSON, or report download) |
| A record was sent to the printer | |
| Download | A file or document was downloaded |
| Share | A record was shared with another user or external party |
Each log entry includes:
- Timestamp: when the action occurred
- User: who performed the action (email address, preserved even if the account is later deleted)
- IP address: where the request originated
- Action: the type of activity (create, read, update, delete, etc.)
- Affected record: what was accessed or changed
- Patient context: if the action involved a specific patient’s records
- Practice: which practice the action was performed in
- Success or failure: whether the action completed or encountered an error
Accessing the Activity Log
Section titled “Accessing the Activity Log”The activity log is available to team members with the Administrator or Owner role. For a full breakdown of which roles can access audit data, see Staff Roles and Permissions.
- Navigate to Settings —> Audit Log.
- The audit dashboard shows a summary of recent activity, including:
- Total log entries and recent activity count (last 30 days)
- Breakdown of actions by type
- Count of patient record accesses
- Recent login events
- Any failed actions
- Select View All Logs to open the full searchable log list.
Filtering and Searching
Section titled “Filtering and Searching”The activity log supports several filters to help you find specific entries:
- Date range: filter by start and end date
- Action type: filter by the type of action (create, read, update, delete, login, export, etc.)
- User email: search for activity by a specific team member
- Patient: filter to see all access to a specific patient’s records
- Text search: search across record descriptions, action details, user emails, and request paths
Filters can be combined. For example, you can search for all “export” actions by a specific user within a date range.
Retention
Section titled “Retention”Audit log entries are retained for the duration required by HIPAA regulations. Log entries are immutable once written. They cannot be edited or deleted by any user, including Owners and Administrators.
Exporting the Activity Log
Section titled “Exporting the Activity Log”You can export the activity log as a CSV file for offline analysis, compliance reviews, or archival.
- Navigate to Settings —> Audit Log —> View All Logs.
- Apply any filters to narrow the results (optional).
- Select Export CSV.
- The export includes up to 10,000 entries matching your current filters.
- The downloaded file includes columns for timestamp, user, IP address, action, object type, object description, patient, practice, request path, success status, and details.
DPC Pro also provides specialized access reports:
- User access report: shows all patient record access by a specific team member over a date range, including the number of unique patients accessed
- Patient access report: shows every team member who accessed a specific patient’s records, broken down by action type
For additional practice-level reporting and analytics, see Reports and Analytics.
Related Pages
Section titled “Related Pages”- Your Account and Login
- Role-Based Access Control
- HIPAA Compliance and Data Protection
- Data Ownership and Portability
- Single Sign-On
Need Help?
Section titled “Need Help?”If you have questions about the activity log or need help with a compliance review, contact the DPC Pro support team at [email protected].