PHI Modification Report type
athenaOne for Hospitals & Health Systems
PHI Modification is a report type in Report Builder. The PHI Modification report type is recommended for reviewing actions and events taken by a user or within a patient's electronic health record (EHR). This report type leverages a highly complex query that pulls and displays a significant amount of data, even when covering a limited window of time – so it’s important to use this report type as intended; if not, the resulting report may fail, or the results may not be accurate.
The PHI Modification Report Type summarizes user activity events (i.e., create, update, delete, view, login, etc.).
Given the complexity and volume of data, the Report Type will not capture every click, scroll, and view that takes place in athenaOne.
Designing the tool in this way would cause it to crash and/or error out in most cases before results are returned, and even if it were to run through to completion, the raw data would likely provide limited utility for a typical user.
For this reason, the Report was designed as a point of entry into reporting capabilities that provides a high-level view of a user’s activity to determine who accessed or modified PHI within athenaOne , and how the PHI data was modified. Clients can then further tailor and refine their search through additional criteria, filters, queries, and tools to meet their specific needs. Multiple reports can be read together, along with other audit histories, reports, or athenaOne pages to determine what may have transpired during a user’s session.
Note:
The Report may not provide the level of detail required for each client use-case (for example, the Report may indicate that a “view” occurred within a patient’s chart but may not specify every field within the chart a user viewed during that session if there were no auditable additions, modifications, disclosures, or deletions of PHI).
On the Main Menu, click Reports. Display the Report Library: On the Main Menu, click Reports. Under General, click Report Library. Click the PHI Modification from the Report Type list.
For information on how to generate a Report, refer to the “How to build a basic PHI Modification Report” article on the Success Community available here.
For additional information on available filters and interpreting Report outputs, refer to the PHI Modification Columns Explained and “PHI Modification Event Entity Types Explained” articles in the Success Community.
Some common issues clients may encounter in connection with the Report include:
-
Reports failing to run through to completion, or Results failing to return after scheduling a Report to run at a particular date/time.
-
If this happens, try shortening your date range or adding additional filters to narrow the results. If that still does not work, create a case, or contact the CSC for additional help.
-
-
The .CSV Report export is missing rows of data and/or information.
-
If this happens, it is likely because the .CSV file type opens in Microsoft Excel which has a maximum row count of 1,048,576. It is not uncommon for a Report to pull more rows than that depending on the date range and filters used.
-
There are also limitations on the number of characters that can be exported per cell within Microsoft Excel. As such, certain data returned within a Report may appear truncated.
-
Both of these limitations are a function of Microsoft Excel and not correctable by athenahealth. You could try shortening the date range or adding additional filters to adjust the output, but if this does not address the problem, the best course of action is to submit product feedback via the Success Community.
If you are encountering other issues with the Report, please refer to the Additional Information and Troubleshooting Steps for the PHI Modification Report in Report Builder article in the Success Community or create a case with the CSC for additional for guidance on best practices and Report configuration.
-
While the PHI Modification Report is generally the best way to generate summaries of user activity, clients can also leverage the User Event Log that will allow you to filter and view user events from within your tablespace.
The User Event Log tracks individual user activity, such as login and logout events, and permits monitoring of certain user activity, such as trying to access blocked patient charts.
To access and run a User Event Log report, use the following navigation path within athenaOne: Settings -> User -> User Event Log Report.
For additional assistance or questions about the User Event Log, refer to the How to view a user’s athenaNet login history using the User Event Log Report article in the Success Community. Additionally, athena offers additional default reports, refer to the “Report Builder” article in Success Community.
You can also reach out to your CSM, CSC, Custom Audits team (through a Salesforce case) for additional questions, resources or auditing information that may not be included in the Report.