Farhan Shariff · Sep 24, 2018

Auditable Event Type and Event

I am currently using InterSystems for patients data management related to intake treatment planning and delivery of dose.

should I create a new attribute to track Patient ID or using an existing attribute within Audit log ? what are the good practices guidelines?

If I use Event Data field to record Patient_ID is it possible out of the box to search entries for a specific Patient_ID ?

0 3 233 3



It's certainly possible to create a user-defined audit event and add audit events from your application code.  What's the purpose of tracking patient IDs?

Audit events are stored in the CACHEAUDIT database and by default are purged after a set number of days. So using the audit log to track patient IDs might not be the right solution.  It all depends on what your ultimate goal for tracking is.  

You might want to contact the WRC or your account team for more-specific help.


Thanks Eric for the Reply.

Purpose of tracking Patient Ids : Application being developed is used to track steps in a patient treatment planning workflows, hence for auditing it is required that event being executed be linked to a patient. There can be multiple patients who might be undergoing same treatment workflow steps.

  1. Yes I know I can create user events but the question is which already existing attribute of the audit log is efficient to record patient ID's  ? considering  user event created will have same attribute structure 

Example : If I have user   defined"event" Medical record with "event type" as create , edit , approve, view , cancel etc. then Is it a good idea to track Patient ID's , workflow ID in attribute "event data" ? I would not prefer to create a new attribute (column) to track patient ID's , not sure if that is good practise ?

2. Specific use case is that I should be able filter and see auditable events for a specific patient, which is part of patients treatment history. 

3. Also patient information might be subjected data privacy regulation so I am looking into possibilities  of configuration (enable /disable patient id's) of  anonymizing and deanonymizeing patient ID's but yet be  able to track the event.

You are correct. EventData is the field to use. Here's an example  query (run from %SYS namespace):

SELECT UTCTimeStamp, EventSource, EventType, Event, EventData, Username, Description
WHERE (UTCTimeStamp BETWEEN '2018-10-27 00:00:00' and '2018-10-27 23:59:59') AND (EventData = '12345') AND (Namespace = 'ABC')
ORDER BY UTCTimeStamp DESC, SystemID DESC, AuditIndex DESC

You probably want to add a WHERE clause on the Namespace column. The docs for the %SYS.Audit class ( suggest using a WHERE clause on UTCTimeStamp to speed up the search.