Website back end users activity log and HIPAA compliance [closed]

https://stackoverflow.com/questions/13573796

database
logging
content-management-system
backend
hipaa

02-12-2021
|

Question

Can someone inform me as to what is the required length of time I should keep website user activity logs in a DB to meet HIPAA compliance?

Thanks

Solution

Disclaimer: I am not a lawyer and I second Josh Berke's comment.

Six months is generally what I've heard discussed as a minimum, but when it comes to HIPAA compliance there is no such thing as being too safe. If there's no technical limitation, retain audit trails for as long as you can.

Licensed under: CC-BY-SA with attribution

Not affiliated with StackOverflow