Audits of IAR

Effective date: September 30, 2011

Revised January 2018

Relevant Legislation:

Not applicable to this policy.

Intent:

The intent is to ensure a standardized approach to IAR audits.

Definitions:

Integrated Assessment Record is an application that allows assessment information to move with the client from one health service provider to another. Health Service Providers (HSPs) can use the IAR to view timely client assessment information electronically, securely and accurately.

Policy:

  1. User Authority will perform weekly audit logs to look for abnormal activities and events.
  2. Any suspicious or unusual event found during the audit log review will be investigated further. If applicable, an incident report will be completed, and appropriate parties will be alerted for further investigation and resolution of the incident.
  3. In the event of inquiries or complaints by a client or staff member, audit logs or audit log reports will be reviewed in order to determine if an unauthorized event has occurred. As above, if applicable an incident report will be completed and appropriate parties alerted for further investigation and resolution of the incident.
  4. Special attention will be paid to any events in the audit log or audit log reports that may identify potential disclosures of personal health information (PHI), such as unusually high volumes of viewing and other access events.

Procedures:

See program manual.