Logging user viewing activities and exporting activities on web player for HIPPA compliance

Dear all, thank you for contributing to this discussion.

With recent Spotfire releases. including 10.10 LTS, it is possible to log user actions related to individual pages and visual analytics actions such as filtering. Please see the Action log reference.

It would be great to have you feedback on if anything is still missing for you to reach your objectives.

For actual logging of PII and PHI it should be logged from the application UI level, not below it (such as Oracle). The reason is that A) in viewing it is only necessary to log what the user actually sees on the page - not every record that is queued up for the visualization. B.) you can't assume anything ie. export. and c) the majority of data breaches are from inside personnel.

Here''s why: you are required to be able to provide the patient, should they inquire, a record of everyone who has accessed their record. If this data is to be used in a court of law or any type of litigious activity, should nefarious actions have taken place, a scatter-shot method of auditing the user's activities will be shot down in a minute. We would also like to be able to use Spotfire to easily ID those that have legitimate business need of accessing a particular patient's info vs one who does not.

Also if we are trying to search for unusual activity, if we are just blanket logging, it now has become useless. The whole point of analysis is to find something useful, but we are not holding Spotfire to the same standard as the data from other systems that needs to be analyzed. At this point it looks like a GIGO attempt to monitor something we take very seriously, people's privacy and security of data. If we want cloud acceptance, we need to do better than that. 

We use action logging to track user activities for logging, opening file things like that. HIPPA log is a complete different story

I have verified wtih our product analyst, initially we think when data gets loaded to spotfire, we can "assume" it is seen by the user, it is NOT the case here. we need to be able to log the exact data which user drilled down to see.

Yes I did, Action Logging only logs user action at the analysis file level, not actions performed on visualizations.

I think you need to take another look at Action Logging and further enhance it with additional custom logging. Tab selections are logged in Action Logging so you could for instance have separate tabs for HIPPA visualizations. You can also create a separate log file when IronPython scripts are executed. This could again drive loading data on visualisations, setting filters, etc. Exporting data is not covered in Action Logging but you could add a separate logger for this if you know the correct classes. In any case exporting data shouldn't be separate than displaying it, once it's on the user's screen you can consider it as "seen by the user" and "potentially extracted" since how could you log a user taking a screen shot with their iPhone and then doing OCR on the images?

For data the user has seeing I wouldn't use Spotfire, you should at database solutions that specialize on HIPPA compliance like Oracle Database Vault. 

Spotfire Action Logging is only logging user activities at analysis file level. I have confirmed this with TIBCO support, currently what we need is logging user actions within the analysis on each visualization, ex click a tab, making a selection, which is not available now. This is very important to applications which contain PHI data, we need to be able to log what PHI data is accessed and exported by who, where and when.

Have you looked at Action Logging? Pretty much everything you asked it's there:

https://docs.tibco.com/pub/spotfire_server/7.6.1/doc/html/tsas_admin_help/GUID-67B1DBFC-B1DB-49B1-A492-4B684FAADB72.html