患者应用的审核日志Audit logs for Patients app

备注

2020年10月30日,患者应用已停用,并已由团队中的 " 列表" 应用 取代。Effective October 30, 2020, the Patients app has been retired and replaced by the Lists app in Teams. 患者应用数据存储在支持团队的 Office 365 组的组邮箱中。Patients app data is stored in the group mailbox of the Office 365 group that backs the team. 与病人应用关联的所有数据都将保留在此组中,但不能再通过用户界面进行访问。All data associated with the Patients app is retained in this group but can no longer be accessed through the user interface. 用户可以使用 " 列表" 应用重新创建其列表。Users can re-create their lists using the Lists app.

利用 "列表",医疗保健组织中的 "护理团队" 可以创建各种方案的患者列表,包括从倒圆角和 interdisciplinary 团队会议到常规患者监控。With Lists, care teams in your healthcare organization can create patient lists for scenarios ranging from rounds and interdisciplinary team meetings to general patient monitoring. 查看列表中的患者模板以开始使用。Check out the Patients template in Lists to get started. 若要了解有关如何管理组织中的列表应用的详细信息,请参阅 管理列表应用To learn more about how to manage the Lists app in your organization, see Manage the Lists app.

患者应用活动的审核日志允许事件响应团队查看患者的电子医疗记录更改 (EMR) 或患者医疗保健信息 (PHI) ,并确定是否需要在生产力工具中进行更改或改进以支持 PHI 访问。An Audit log for Patients app activity allows after-incident response teams to review changes to a patient's Electronic Medical Records (EMR) or Patient Healthcare Information (PHI) and determine if changes or improvements in policy or procedure for PHI access in productivity tools are needed. 审核日志事件涵盖通过患者应用用户界面执行的操作。The audit log events cover actions performed through the Patients app user interface.

满足 HIPAA 要求Meet HIPAA requirements

根据 HIPAA 指南,医疗保健提供商需要保留对 PHI 的所有访问的记录,以便审核所做的更改。According to HIPAA guidelines, healthcare providers are required to keep records of all access to PHI, so that it is possible for the changes to be audited. Microsoft 致力于使用 Microsoft 团队的企业客户,并帮助他们满足 HIPAA 要求和控制措施。Microsoft is committed to its enterprise customers using Microsoft Teams, and to helping them meet HIPAA requirements and controls. 通过 "患者" 应用对 PHI 的访问已完全被跟踪,在 Microsoft 365 合规性中心中提供了日志,如 " 审核日志搜索功能 " 文章中所述。Access to PHI via the Patients App is fully tracked and logs are made available in the Microsoft 365 Compliance center, as described in the Audit Log Search functionality article.

重要

法律规定,保持患者隐私的负担由医疗保健提供商承担。The burden of maintaining patient privacy is placed on the healthcare provider by law. 法律证明病人对隐私的要求,并要求 IT 管理员或 HIPAA 控制器能够轻松地确定哪些护士、clinician 或社会工作者访问或更改了患者记录。The law entitles patients to privacy, and requires that an IT admin or HIPAA controller can easily determine which nurse, clinician, or social worker accessed or altered patient records. 最常见的 PHI 访问冲突示例之一是访问 VIP 患者。One of the most common examples of a PHI access violation is access to VIP patients. 审核日志功能是执行任何 PHI 访问冲突调查和满足 HIPAA 要求所必需的。The audit log functionality is required to conduct investigations of any PHI access violation, and to meet HIPAA requirements.

为患者应用启用审核日志Enable Audit logs for the Patients App

审核依赖于几个以前的配置:An Audit is dependent on several prior configurations:

  1. 管理员必须使用其 FHIR 服务提供商,才能以患者应用使用的格式使用 EMR。The admin would have to work with their FHIR service provider to have EMR in a format used by the Patients App. 请参阅将 电子医疗保健记录集成到 Microsoft 团队See Integrating Electronic Healthcare Records into Microsoft Teams.
  2. 医疗保健提供商管理员必须在 "团队管理中心" 中启用 "患者" 应用。A healthcare provider admin would have to enable the patients app in Teams Admin center. 有关详细信息,请参阅 Microsoft 团队和相关文章 中的管理应用设置策略See Manage app setup policies in Microsoft Teams and related articles for more information.
  3. 管理员必须启用活动审核,这与启用任何活动日志审核的方式相同,详见 " 开始 " 和 "打开或关闭审核日志搜索"。The admin would have to enable activity audits, the same way they enable any activity log audit, as described in Before you begin and Turn audit log search on or off. 如果审核日志记录已打开,则患者应用不需要任何特殊内容。If audit logging is already on, nothing special is needed for the Patients App. 每当医疗保健提供商在团队内部安装和运行应用时,审核日志都会记录其 PHI 活动。Any time a healthcare provider installs and runs the app within a Team, the audit logs record their PHI activity.
  4. 管理员随后需要宣布患者应用的可用性,并且医疗保健工作人员必须开始生成活动才能纳入审核。The admin would then need to announce availability of the Patients app, and Healthcare workers would have to start generating activity to be included in an audit.

运行审核Run an audit

有关运行活动日志搜索的说明,请参阅 搜索审核日志For instructions on running a search of the activity log, see Search the audit log.

患者应用的已记录活动Logged activities for Patients app

患者应用有自己的记录的活动,如下表所列:The Patients app has its own logged activities, listed in the following table:

友好名称Friendly name 操作Operation 说明Description
查看患者列表Viewed patient list PatientListViewPatientListView 用户查看了一个患者列表。A user viewed a patient list.
已删除的患者列表Deleted patient list PatientListDeletePatientListDelete 用户删除了一个患者列表。A user deleted a list of patients.
已将患者添加到列表Added patient to list PatientListAddPatientPatientListAddPatient 患者已添加到患者列表。A patient was added to a list of patients.
已添加患者笔记Added note for patient PatientNoteAddPatientNoteAdd 已将笔记添加到患者记录。A note was added to a patient record.
已创建患者架构Created patient schema PatientSchemaCreatePatientSchemaCreate 已创建患者记录中使用的一组列。A set of columns used in the patient record was created.
用户启动了导出User initiated an export ExportInitiationExportInitiation 患者数据已从 "患者" 应用导出到 Excel 文件中。Patient data was exported from the Patients app into an Excel file. 该文件将保存在团队 sharepoint 网站中。The file will be saved in the Team sharepoint site.
已创建患者列表Created patient list PatientListCreatePatientListCreate 用户创建了一个患者列表。A user created a list of patients.
设置默认患者列表Set default patient list PatientListDefaultSetPatientListDefaultSet 用户将特定列表设置为默认列表。A user set a particular list as the default list.
已从列表中删除患者Removed patient from list PatientListRemovePatientPatientListRemovePatient 患者已从患者列表中删除。A patient was removed from a list of patients.
已搜索患者Searched patient PatientSearchPatientSearch 已搜索 EHR 服务中的患者记录。Searched a patient record in the EHR service.
更新的患者架构Updated patient schema PatientSchemaUpdatePatientSchemaUpdate 已更新患者记录中使用的一组现有列。Updated an existing set of columns used in the patient record. <!--
已重命名的患者列表Renamed patient list PatientListRenamePatientListRename 已重命名患者列表。A list of patients was renamed.
已编辑的患者列表中的列Edited columns in patient list PatientListEditColumnsPatientListEditColumns 已编辑患者列表中的列, (添加或删除) 。A column in a list of patients was edited (added or removed).
查看患者详细信息Viewed patient details PatientViewPatientView 用户查看了一条患者记录。A user viewed a patient record.
已编辑的患者详细信息Edited patient details PatientDetailsEditPatientDetailsEdit 已编辑患者记录的详细信息。A detail on a patient record was edited.
设置 EHR 连接Set EHR connection EHRConnectionSetEHRConnectionSet 设置用于连接 EHR FHIR 服务连接的 URL。Set the URL used to connect to the EHR FHIR Service connection. 示例: https://api-v8-dstu2.hspconsortium.org/ContosoHospital/openExample: https://api-v8-dstu2.hspconsortium.org/ContosoHospital/open

您可以根据需要自定义审核以搜索或筛选任何这些已记录的活动。You can customize your Audit as needed to search for or filter on any of these logged activities.

Microsoft 团队 活动中介绍了常规 microsoft 团队的已记录活动。Logged activities for Microsoft Teams in general are described in Microsoft Teams activities.

搜索审核日志Search the audit log

将电子医疗记录集成到 Microsoft Teams 中Integrating Electronic Healthcare Records into Microsoft Teams