> ## Documentation Index
> Fetch the complete documentation index at: https://docs.carelane.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Audit Trails

> Complete records of all actions for compliance and accountability

Audit trails provide a complete, immutable record of all actions taken in Carelane, supporting regulatory compliance and enabling accountability.

## What is an Audit Trail?

An audit trail is a chronological record of:

* Who did what
* When they did it
* What changed
* The before and after values

## What Gets Audited

### Data Changes

| Event      | Information Captured                 |
| ---------- | ------------------------------------ |
| **Create** | New data, who created it             |
| **Update** | Old value, new value, who changed it |
| **Delete** | What was deleted, who deleted it     |

### User Actions

| Event           | Information Captured       |
| --------------- | -------------------------- |
| **Login**       | User, time, method         |
| **Role Change** | Who changed what role      |
| **Export**      | What was exported, by whom |

### Status Changes

| Event                  | Information Captured |
| ---------------------- | -------------------- |
| **Record Status**      | Status transitions   |
| **Participant Status** | State changes        |
| **Study Status**       | Lifecycle events     |

## Accessing Audit Trails

### Record-Level Audit

View changes to a specific record:

<Steps>
  <Step title="Open Record">
    Navigate to the participant record or questionnaire response.
  </Step>

  <Step title="View History">
    Click "History" or "Audit Trail".
  </Step>

  <Step title="Review Events">
    See all changes to this record.
  </Step>
</Steps>

### Study-Level Audit

View all study activities:

<Steps>
  <Step title="Navigate to Study">
    Open the study.
  </Step>

  <Step title="Open Audit Log">
    Go to Settings > Audit Log.
  </Step>

  <Step title="Filter and Review">
    Filter by date, user, or event type.
  </Step>
</Steps>

### Organization Audit

View organization-wide activities:

* Settings changes
* Member management
* Study creation

## Audit Event Details

Each audit event includes:

| Field          | Description                                                                                                                             |
| -------------- | --------------------------------------------------------------------------------------------------------------------------------------- |
| **Timestamp**  | Exact time, displayed in the viewer's local time zone                                                                                   |
| **User**       | Who performed the action — display name with the user's **unique ID** shown on hover, so two users with similar names can be told apart |
| **Action**     | What was done                                                                                                                           |
| **Resource**   | What was affected                                                                                                                       |
| **Old Value**  | Previous value (for changes)                                                                                                            |
| **New Value**  | New value (for changes)                                                                                                                 |
| **Change**     | Diff summary — what specifically changed                                                                                                |
| **IP Address** | Where the action originated                                                                                                             |

<Note>
  Exporting the audit log includes the full user ID (alongside the display name), the old value, the new value, and the change field — so compliance exports carry the same fidelity as the viewer on screen.
</Note>

## Filtering Audit Logs

Filter to find specific events:

| Filter         | Use Case                   |
| -------------- | -------------------------- |
| **Date Range** | Events within a period     |
| **User**       | Actions by a specific user |
| **Event Type** | Specific types of actions  |
| **Resource**   | Changes to specific items  |

## Exporting Audit Logs

Export for compliance or review:

<Steps>
  <Step title="Set Filters">
    Configure desired scope.
  </Step>

  <Step title="Export">
    Click export button.
  </Step>

  <Step title="Download">
    Download the audit log file.
  </Step>
</Steps>

Export formats:

* CSV for spreadsheet analysis
* JSON for system integration

## Regulatory Requirements

Audit trails support:

### 21 CFR Part 11

| Requirement            | How Met                 |
| ---------------------- | ----------------------- |
| Audit trail of changes | All data changes logged |
| User attribution       | User identity captured  |
| Timestamp              | Date/time of all events |
| Cannot be modified     | Immutable audit log     |

### ICH GCP

| Requirement         | How Met              |
| ------------------- | -------------------- |
| Documentation       | Complete records     |
| Traceability        | Change history       |
| Corrections visible | Old values preserved |

## Using Audit Trails

### Compliance Audits

During regulatory audits:

* Export relevant audit logs
* Demonstrate change control
* Show user accountability

### Investigations

When investigating issues:

* Identify when something changed
* Determine who made changes
* Understand the sequence of events

### Quality Reviews

For quality purposes:

* Review patterns of changes
* Identify potential issues
* Monitor data quality

## Best Practices

<AccordionGroup>
  <Accordion title="Regular Review">
    Periodically review audit logs for anomalies.
  </Accordion>

  <Accordion title="Export for Retention">
    Export logs to meet retention requirements.
  </Accordion>

  <Accordion title="Understand Coverage">
    Know what is and isn't captured in the audit trail.
  </Accordion>

  <Accordion title="Use for Training">
    Identify issues to address in training.
  </Accordion>
</AccordionGroup>

## Related

<CardGroup cols={2}>
  <Card title="Regulatory" icon="scale-balanced" href="/security-compliance/regulatory">
    Compliance requirements.
  </Card>

  <Card title="Organization Audit" icon="clock-rotate-left" href="/organization-admin/audit">
    Organization-level audit.
  </Card>
</CardGroup>
