Audit Controls

The next Technical Section Task is Audit Controls. Agencies must implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use EPHI.

There are at least three items that come in to play here. First, Windows Server has a Security Event Log that can track successful and unsuccessful network login attempts. This log must be turned on if it is not already on and should be periodically checked for inappropriate activity. Next, your agency management software should have some type of auditing function available. You need to know how to use this auditing function and periodically check the logs for inappropriate use. Check with your software vendor on this. And last, your Internet Firewall may have some type of logging function that should be monitored. This log will best be monitored by someone like ourselves or whoever you use for IT support.