A medical center performing dozens of different examinations daily needed to ensure precise control over access to sensitive patient data stored in FileMaker. These records contain personal information, test results, and visit histories accessed by doctors, nurses, and call center staff. The client was therefore looking for a solution that would allow them to track who accesses these records, what actions they perform, and display this information clearly — not only for internal security purposes but also for potential audits and data change reviews.
We designed and implemented a logging system directly within the FileMaker environment. The system focuses specifically on patient records and related actions, such as modifications to personal information or rescheduling of examinations. Unlike standard logs that capture only data changes, our system also records mere viewing of a record. In addition, it tracks all edits and deletions.
Each access to a patient record is stored along with information about who viewed which record and when. In case of modifications, the system logs exactly which fields were changed and allows comparison between old and new values. This data is stored in a separate database accessible only to administrators, enabling detailed filtering by event type, record, time, or user.
Logs are retained in the system for one year, after which older entries are automatically archived into separate files. To maintain performance, we emphasized an efficient logging structure and fast record lookup to ensure smooth operation without slowing down the main system.
