1. OceanMD
  2. Security, Privacy & Encryption
  3. Clinic Privacy & Security

Clinic Privacy & Security

Tips for keeping your Ocean products secure within your clinic, including tablet security and accessing audit reports.

Print Guide
Follow

How should my HINP validate that a health service directory listing can safely receive secure electronic messages sent by other providers?

Ocean's health service directory helps providers locate other health service providers who can provide services for their patients.

Each provider has a corresponding listing in the health service directory (OceanHealthMap.ca) that lists the provider's contact information, along with various options for inter-provider communication.

The primary channels of communication used by these providers include the following mediums:

  • Phone
  • Fax
  • Physical Address
  • Email
  • Secure electronic communication using Ocean (for eReferrals, eConsults, Website Forms etc.)

Since the communication between providers typically involves the exchange of a patient's personal health information (PHI) for the purpose of providing care, from a privacy perspective, it is crucial that these listings provide accurate contact information and a secure means of communication.

As an electronic service provider, CognisantMD follows a number of strategies to ensure the integrity of listings in Ocean's health service directory.

Health Information Network Providers (HINPs) may assist in the validation and maintenance of listings under their jurisdiction. HINPs are encouraged to use the following strategies, along with their own best practices, to protect patient privacy.

Validating Basic Listing Contact Information

As a HINP facilitating this communication for a specific set of providers using Ocean, you are assuming responsibility to reasonably ensure that the providers in the directory have accurate, up-to-date, contact information.

It is very important to keep the listings' information current. Otherwise, providers may use incorrect or outdated information for sending personal health information (PHI), such as an old fax number used for a patient referral, potentially leading to a privacy breach.

Your HINP must develop and implement a dedicated and ongoing process to safely maintain the accuracy and currency of this contact information. For tips on developing this process, please see this article:

How does CognisantMD validate health service directory listings as legitimate healthcare providers?

When the listing contact information is validated successfully, it may be used as a reasonably reliable reference for traditional means of communication (phone, fax, mail etc.).

However, the endorsement to use listings for electronic communication (such as eReferral), entails some additional privacy considerations. Additional steps are required for completely validating providers who provide these electronic services.

Validating Listings for Receiving Electronic Communication Using Ocean

Prior to permitting providers to participate in the secure exchange of PHI using Ocean, it is important for the HINP to ensure that these providers not only have up-to-date contact information in the listing, but that it also:

  1. Ensures that the providers are truly represented in the real world by the Ocean user accounts and the Ocean site that they are claiming acts on behalf of in the listing (through the process of identity validation)
  2. Ensures that these providers have provided informed consent to participate as care providers within the Ocean network, along with the commitment to process electronic communications sent through Ocean in a safe, secure, and timely manner. This consent is typically provided with a signed HINP-specific participant agreement.

1. Identity Validation

It is important to be aware that any malicious user on the Internet could attempt to sign up for an Ocean account and impersonate a real-world healthcare provider by claiming a listing in the directory. Unlike a public phone, a published fax number or a physical mailing address, this user could directly receive personal health information (for example, in the form of an eReferral sent by an unwitting referrer), unless appropriate safeguards are in place.

This initial sign-up and claiming process is permitted by Ocean (for the sake of ease-of-use when onboarding on new clinicians), despite the possibility of an illegitimate claimant. To alert referrers and other healthcare providers to this risk, these listings are considered "unvalidated" and are marked with a warning in the directory:

mceclip0.png

A HINP is able to validate that the user's listing claim is legitimate. To be confident in this validation step, at a minimum, the HINP must first:

  • Speak with an individual in person or on the phone and verified their recent intent to claim this listing in Ocean.
  • Have objective evidence that this individual has the authority to act on behalf of the clinic (e.g., by calling them using the clinic's public phone number)
  • Validate the listing's contact information using an external source such as a public Internet page or the CPSO directory (in the aforementioned article)
  • Ensure that the Ocean username and the Ocean site claiming this listing within Ocean matches this individual's information as it was conveyed outside of Ocean (i.e., to ensure it matches the same information that was conveyed over the phone or in-person).

2. Provider Consent and Commitment

Prior to validating a listing claim, the HINP should have a standard agreement in place with the provider. The agreement should include, at a minimum:

  • Roles and responsibilities of the provider acting as an Ocean message recipient.
  • A review of how the services may affect the privacy of the individuals who are subject of the information (e.g., a Privacy Impact Assessment).
  • An agreement to comply with the restrictions and conditions in accordance with PIPEDA and/or local provincial privacy law.
  • A review of their responsibility to monitor for Ocean messages and respond to these messages in a reasonably timely manner (similar to the standard of care for specialists with regard to responding to faxed referrals within mandated deadlines)

If the above criteria are met in accordance with your own organization's policy (as determined by your privacy officer), you may proceed to validate the listing's claim.

Validating Listing Claims in Ocean for Electronic Communication

Once the above requirements have been reviewed and approved, a representative of the HINP may proceed to validate the listing (once the representative's Ocean user account has been granted this privilege by CognisantMD).

To validate the listing, go to the Ocean site managing the listing, update the relevant information, and click Save Changes. If the listing has not already been validated to receive eReferrals, you will see a prompt asking you to verify that the site is valid (along with a link to this article). Once you confirm, the listing will be considered valid and the warning shown in the Ocean health map will no longer be visible.

mceclip0.png 

 

Securing Your Tablets

We recommend taking the following steps to ensure secure use of your Ocean tablets. Implementation of each recommendation may be dependent on the tablet or other hardware manufacturer.

Required

Ensure any Google (or other) accounts are removed from each tablet before patient use

These accounts are not necessary for configuration or operation of the Ocean software and may allow installation of apps from the Google Play Store, or access to other services. They may be temporarily necessary for installing other security apps while configuring the tablet (e.g. for remote wipe), but should be removed immediately afterward. To do this, go into tablet settings, locate the "Accounts" section and remove each account found there.

Highly Recommended

Enable Screen Pinning

If you are running Android 5.0 or higher, pinning the Patient Tablet application will inhibit patients from navigating away from Ocean while using the the tablet. Pinning disables the physical buttons on the device, as well as the notification area that can normally be accessed by swiping down from the very top of the screen.

It is recommended that prior to enabling screen pinning, you set a PIN or password for your tablet's lock screen. This will ensure if the device is powered off or rebooted, patients will not be able to access other applications prior to staff re-opening the Ocean Tablet application.

To do this, open the Android Settings application and navigate to "Lock Screen and Security", select "Screen Lock Type" and choose either the PIN or Password option.

  • Click the icon located in the bottom left corner of the Ocean Tablet app (this will appear as either the Ocean logo or a single cog icon.)
  • Enter your Ocean username and password to open the Administrative Menu
  • From the menu, select "Enable Screen Pinning"

To disable screen pinning, simply return to the Administration Menu and select "Disable Screen Pinning."

Please note: If your tablet is powered off or rebooted, you will be prompted to re-enable screen pinning when the Ocean Tablet app is next relaunched.

Configure your tablets to use a guest Wi-Fi network

The Ocean software only needs access to the internet. It does not need access to any internal clinic computers, so we strongly recommend configuring your clinic Wi-Fi router to have a guest network that separates the tablets from your internal clinic systems. Configuration of this network is dependent on your Wi-Fi router model.

Install "remote wipe" software on each tablet

Remote wipe software packages allow you to track tablets through a web application and remotely reset them to factory state if they connect to the internet, thus removing access to any Ocean services. If a tablet goes missing, it can be deregistered easily using the Ocean Portal to avoid access to any patient data and unnecessary charges.

Enable Ocean's birth date validation

In the Tablets tab of the Ocean Portal, enter into the tablet settings and ensure that, on the introduction screen, "Always Show Introduction Screen" and "Use Birthday Validation" are both enabled. This will require a patient to provide their birthday (month and day) before proceeding.

Avoid keyboards from tablet manufacturers

Some of these keyboards include "predictive text" features that can show text suggestions that may have been learned from previous patient responses. While we don't believe this can expose PHI since the suggestions are not linked to a particular patient, it could cause alarm and is unnecessary.

We recommend using the stock Google keyboard ("Gboard"), which can be downloaded from the Google Play Store, or disabling any predictive text features. Samsung tablets are known to ship with the Samsung keyboard that has this feature enabled by default (learn how to disable predictive text on Samsung keyboards).

Optional

Restricting Downloads

If you are concerned about patients installing additional apps to your tablets, you can optionally use a restricted account for the Ocean software. Restricted accounts are available as a feature on some tablet models and can be configured to prevent installation of apps, changes to tablet settings, etc. without a password. There are some downsides to this, however:

  • The Patient Tablet software will no longer be able to auto-update itself. Each tablet will have to be manually updated periodically using the tablet administrator account.
  • There will be additional configuration steps for each tablet and the administrator password will need to be remembered. If the administrator password is forgotten, it will be necessary to do a factory reset and reconfiguration of the tablet.

Tracking Two-Factor Authentication Compliance

Ocean offers Two-Factor Authentication (2FA) as an optional feature to provide an additional level of security for Ocean users. The feature can be enabled by users by following the steps outlined in How To Enable and Disable Two-Factor Authentication.

Two-Factor Authentication Compliance Report

Site Administrators can access a 2FA compliance report to assist in tracking user compliance an organization's 2FA policy.

  • Log into the Ocean Portal, select the "Menu" button in the top left corner, and selecti "Admin".
  • From the Admin Settings page, select 'Reports'.

  • Locate the 'Export Two Factor Authentication Compliance Report' heading, and press the 'Export' button to download the report.

    The '2FA Configured' column in the report indicates which user accounts have 2FA configured or not.

Enforcing Two-Factor Authentication

For additional information on how you can enforce 2FA compliance for all users on your Ocean site, please refer to Enforcing Two-Factor Authentication for All Users on your Ocean Site.

URLs, and IPs That Need to be Allowlisted for Ocean

About

We understand that our customers need to be confident that they are communicating with the Ocean platform in a secure environment. One of the ways of ensuring this is to only permit traffic to enter a customer network from trusted IPs owned by OceanMD.

NOTE: This information is subject to change. Please subscribe to this support article to be notified about any changes made to it.

 

Production Ocean IPs and URLs

Inbound Firewall Changes Required (Allow traffic from Ocean to your network)

Receive Webhook events for patient engagement or eReferral updates:

  • 35.182.46.13
  • 3.98.235.196
  • 15.222.173.33
  • 15.222.94.245

Integrate CloudConnect with an OscarPro EMR:

  • 15.222.173.33
  • 15.222.94.245

 

Outbound Firewall Changes Required (Allow traffic from your network to Ocean)

NOTE: Most customers don't have outbound IP or URL restrictions in place so these changes may not be necessary. Check with your network administrator if you're unsure.

Access the Ocean portal and / or Ocean APIs:

Requests to Ocean transit through Cloudflare. See an up to date list of IPs for the Cloudflare network here. Any of these IPs may be used to communicate with the Ocean platform.

 

Ocean URLs

If you have a firewall configured to only permit access to certain allowlisted URLs, you will need to add the following URLs to your allowlist in order to take advantage of all Ocean features.

Development Ocean IPs and URLs

The following IPs must be added to inbound and outbound allowlists during development and testing of new API integrations against our pre-production environments:

  • Staging
    • 54.236.209.188
    • 34.228.180.183
  • Test
    • 44.192.0.146
    • 107.21.66.254

 

If you have a firewall configured to only permit access to certain allowlisted URLs, you will need to add the following URL to your allowlist to be able to access our staging and/or test environments:

 

Warning

This information is subject to change. Please subscribe to this support article to be notified about any changes made to it.

 

Change Log

Aug 23, 2023

Updated Ocean URL allow list, updated inbound Ocean ips
July 14, 2022

Updated Ocean URL allow list, removed obsolete links
June 20, 2022

Removed production Ocean IPs :

  • 52.233.47.110
  • 13.71.164.223
May 4, 2022

Added 2 new Production Ocean IPs (inbound) to be allowlisted as necessary.

  • 3.98.235.196
  • 15.222.94.245
June 22, 2023

Updated the Ocean URL allowlist and added descriptions for each.

 

Guide for Reviewing Your Site's Audit Logs

Introduction

This guide is intended to assist health information custodians and Ocean site administrators with the review and interpretation of your site's Ocean audit log for PHIPA compliance related to auditing and monitoring.

Under the guidance of Canadian PIPEDA / PHIPA Law, health information custodians (HIC’s), including physicians and nurse practitioners, have a duty to ensure that platforms with PHI are audited and that the audit logs are reviewed on a periodic and random basis to help protect personal health information (PHI) against unauthorized use or disclosure.

According to the Information and Privacy Commissioner of Ontario:

"The logging, auditing and monitoring of all accesses to electronic records of personal health information is important to ensure the privacy of individuals and the confidentiality of their personal health information. The capacity to log all instances where personal health information is collected, used and disclosed by agents will enable custodians to respond to requests for information and complaints about the collection, use or disclosure of an individual’s personal health information; to audit and monitor all collections, uses and disclosures of personal health information by all of their agents; and to investigate actual or suspected privacy breaches including cases of unauthorized access. Logging, auditing and monitoring can be an effective deterrent to unauthorized access if all agents are made aware that all of their activities in relation to electronic records of personal health information will be logged ...

The policy and procedures should require the custodian to conduct ongoing, targeted (reactive) and random (proactive) auditing and monitoring of the logs"

Audit Logging in Ocean

Ocean, as a system that provides access for users to PHI, should be included in the HIC’s regular auditing activities   (in addition to the site's EMR and other platforms with PHI).

To assist with this task, Ocean captures all user activity related to the storage, retrieval, and presentation of PHI both from the underlying EMR as well as Ocean itself. The full audit data for a specific Ocean site is available for download at any time.

Ocean's logging and exports only provides access to activity within the specific Ocean site. Other activity, such as interactions with an underlying EMR or subsequent disclosure activity (such as printing / emailing of PHI),is not captured by Ocean. To review this activity, it is recommended that site administrators also refer to EMR audit logs as well as specific computer terminal usage logs according to internal audit policy.

Exporting the Audit Data

To export the audit log, go to the Reports section of your Ocean site administration page. Choose the relevant start and end date, and choose User "All" for a site-wide audit.

The report is then downloaded as a CSV file, which may be opened and presented by any mainstream spreadsheet application such as Excel or Google Sheets.

Although the audit report itself does not contain any PHI, it should nonetheless be treated as sensitive documentation, with appropriate safeguards in place for the encrypted transmission, storage and deletion of this information as required.

Ocean provides site administrators direct access to the previous two months' worth of audit data. Audit entries that are older than this are archived and can be obtained by submitting a support ticket.

Audit Report Description

When the CSV file is opened in a spreadsheet application, the following columns should be visible. A sample row is included in the screenshot as an example.mceclip0.png

The audit data represents a direct extraction of the values stored within Ocean, and can be interpreted with the help of this guide:

Column Name

Description

_id

A unique ID for the log entry.

creationDate

The date that the log entry was created (i.e., the date and time of the event)

siteNum

The Ocean site number of the site that the activity was performed within.

user

The username of the Ocean user performing the action.

userFullName

The full name of the Ocean user performing the action.

action

The type of the audit log entry. The actions may represent explicit or implicit consequences of the user's interactions. Please consult this guide for documentation on each specific action.

properties

This column, and subsequent columns, represent the properties or values associated with the action. They provide necessary context to understand the action, such as the relevant patient ID. Each property is listed sequentially with its name in the first column, followed by the value in the subsequent column.

What to Look for In Terms of Patient Privacy

Each audit action listed above represents user activity that may be relevant to understanding the wider context of each user's recorded behaviour in Ocean, so you should consult the guide linked above as routine and/or reactive audits are performed at your site.

A few key audit actions should be highlighted with regard to reviewing PHI use:

  • VIEW_PATIENTS: The user has opened the Patients tab, which displays the standard summary view containing patient names:mceclip2.png
  • GET_PATIENT: A patient record was retrieved from the database by Ocean reference number ("ref") and returned to a client (either to show it to the user in the web browser or for an Ocean tablet/kiosk).
  • UPLOAD_PATIENT: A patient was uploaded from the EMR to create an Ocean patient record. The ref is the Ocean assigned reference ID; the externalPatientRef is the EMR's patient ID; the client is the general system that uploaded the patient record; and the version describes the version of the client.

These audit actions will help you identify the specific patient records that may have been used or disclosed.

Documentation for Ocean Audit Log Entries

This article provides a description for the various types of audit log entries listed in Ocean audit logs.

Note that, since the list of audit types in Ocean continues to grow, the following list will be updated periodically and may not be comprehensive.

Exporting the User Activity Log 

User Activity logs provide insight on all Ocean user activities on your Ocean site. 

To download a user activity log, you must be an administrative user on your Ocean site. Login to the Ocean Portal and click "Menu" in the top left corner. Select "Admin" and from the Admin Settings page, select "Reports". Under the Export User Activities heading, select a date range and Ocean user for your logs. Click the Export button to download a .csv file onto your computer. 

For more information on reviewing your site's audit logs for privacy reasons, please refer to this article.

Audit Types

Each audit record contains:

  • siteNum: The Ocean site number under which the action was performed
  • userName: The Ocean username of the user who directly or indirectly triggered the audit action.
  • creationDate: The date/time that the action was recorded in Ocean (which should be within a few milliseconds at most of the actual event)
Audit Type

Audit Record Properties

 Description
REGISTER_TABLET macAddr, "tabletName", "ipAddress" The Ocean Tablet app was registered (includes Kiosk registrations).
UPDATE_TABLET_TOKEN macAddr, "ipAddress"
The Ocean Tablet authentication token has been regenerated. This can be done manually via the app's Admin menu, and may be done automatically in future.
DEREGISTER_TABLET siteNum,"macAddr","tabletName", "reason"
The Ocean Tablet app was deregistered. This can be done via the Ocean web portal, the admin menu on the Tablet app, or automatically for a security related reason (e.g. unauthorized app install, too many attempts to unlock, etc.)
ASSIGN_TABLET_TO_TABLET_SETTINGS macAddr, "key" Within the web portal in Tablets tab, a tablet was moved (dragged-and-dropped) from one settings group to another.
RENAME_TABLET_SETTINGS_KEY old, "new" A tablet settings group was renamed in Ocean web portal.
DELETE_TABLET_SETTINGS_KEY key A tablet settings group was deleted in Ocean web portal.
UPDATE_SUBSITE_REF_ON_TABLET macAddr,"newSubsiteRef" The subsite reference (for billing purposes) for a tablet was changed.
UPLOAD_PATIENT ref,"externalPatientRef","client","v"
A patient was uploaded from the EMR to create an Ocean patient record. The ref is the Ocean assigned reference ID, the externalPatientRef is the EMR's patient ID, the client describes what uploaded the patient record, and the version describes the version of the client (only applies where client-side code is used for uploads).
REUSE_PATIENT ref,"externalPatientRef","client","v"
A patient was to be uploaded, but an existing patient record was found in Ocean based on the externalPatientRef (the EMR's patient ID), so the patient record in Ocean was reused instead of a new one created.
UPDATE_OR_ADD_PATIENT ref,"externalPatientRef" A patient record in Ocean was updated or created (sometimes redundant with other audit actions).
GET_PATIENT ref,"client","v", "reqType"
A patient record was retrieved from the database by Ocean reference number ("ref") and returned to a client (either to show in the web browser or for an Ocean Tablet/Kiosk).
GET_PATIENT_BY_ACCESS_TOKEN ptAccessToken,"ref"
A patient record was retrieved from the database by access token, which is used by Ocean Online to send to patients via email.
ADD_ON_DEMAND_FORM ref,"formRef" A form (idenfied by "formRef") was added to the queue for a patient (identified by "ref").
REMOVE_EFORM_FROM_QUEUE ref,"formRef" A form (idenfied by "formRef") was removed from the queue for a patient (identified by "ref").
UPDATE_PATIENT_NOTE ref,"oceanSessionId"
A patient note payload was updated. The "ref" property identifies the patient, and the "oceanSessionId" identifies the session in which the note was generated, either via Ocean Online or on a Tablet.
RETRIEVE_PATIENT_UPDATE ref A patient note payload was downloaded, e.g. to update the EMR record.
FINALIZE_PATIENT_UPDATE ref
A patient note payload was finalized, i.e. it is now safe for the EMR to download the note. In contrast, a note that is generated by a tablet might be updated multiple times (once for each completed form) before the tablet session is complete and the note is "finalized", and safe to download to the patient chart.
MARK_NOTES_AS_DOWNLOADED ref  
MARK_NOTES_FINALIZED ref
A user clicked "Mark Notes Finalized" in the patients tab to complete an interrupted patient session and trigger a download to the EMR.
RESET_NOTES_DOWNLOADED ref
The patient notes were reset manually to trigger the EMR download again, often because of a problem downloading the notes (e.g. an EMR-side error).
DELETE_PATIENT ref,"externalPatientRef", "ptSiteNum" A patient record was deleted in Ocean. Note that this has no impact on the patient record in the EMR.
DELETE_ALL_PATIENTS   All patient records in a given Ocean site were deleted. This is currently only possible in demo sites.
LOCK_PATIENT ref
A patient record was "locked" manually, meaning the Ocean system will not automatically delete it as per standard rentention/purge rules.
VIEW_PATIENTS   A user viewed the patients tab and may have seen patient names and other information in summary view.
FORM_COMPLETED ref,"formRef","src", "lang"
An Ocean eForm with reference "formRef" was completed for a patient indicated by the "ref" property. The languge and device used to complete the form (tb = tablet, ol = online) are also captured as parameters.
PATIENT_MESSAGE_LICENSE_TOGGLE "patientLicenseEnabled" A user enabled a Patient Messages & Reminders Provider License.
SECURE_MESSAGE_SENT ref, "hasAttachment", "expiryDate" A secure message was sent to a patient indicated by the "ref" property.
SECURE_MESSAGE_CONFIRMED ref, "finishedViewing", "ptReplied"
A patient (with Ocean reference ref) viewed a secure message and confirmed receipt. If "finishedViewing" is true, it means the patient indicated that the secure message was no longer needed. If "ptRelied" is true, it means the patient typed in a reply.
VIEW_FORM_MEMORY ref, "externalPtRef", "viewed" A user clicked to view the form memory for the patient with reference ref and the EMR ID externalPtRef.
CLEAR_FORM_MEMORY ref, "externalPtRef", "deleted" A user chose to "Clear Form Memory" after viewing the form memory for a patient.
CREATE_STUB_PATIENT ref, "externalPatientRef"
A temporary placeholder record in Ocean has been created in anticipation of an upload of the patient record from the EMR (with patient record ID "externalPtRef")
PATIENT_DOWNLOADED_TO_EMR ref
The EMR sent a message to Ocean indicating that the Ocean notes were successfully downloaded for a patient record with Ocean reference "ref".
OVERDUE_NOTIFICATION_SENT externalPatientRef, "emailUsed", "ptSiteNum"
An email indicating that a secure message or form for patient with EMR ID externalPatientRef has been flagged as overdue (awaiting the patient's response).
PATIENT_APPOINTMENT_UPDATED ref, "newAppt", "oldAppt" The appointments held in Ocean for a patient with reference "ref" have been updated by an external system (the EMR).
CREATE_EMAIL_INVITE oceanRef, "overdueDate", "expiryDate", "hasSecureMsg", "formCount"
A user has created a "secure email link" for an Ocean email that will be subsequently emailed to the patient with reference "oceanRef". The link has an "expiryDate" after which it can no longer be used and an optional earlier "dueDate" after which it will be flagged as "overdue". If a free-text secure message is included, "hasSecureMsg" is "true". The number of Ocean eForms included in the link is included as "formCount"
FORM_SENT oceanRef, "formRef"
A specific Ocean eForm with form reference "formRef" has been sent via a secure email link to a patient with reference "oceanRef"
MARK_PATIENT_ARRIVED ref
A patient with Ocean reference "ref" has been marked as "Arrived" within Ocean, which will subsequently request the EMR to mark the patient as arrived in the appointment schedule.
OCEAN_REMINDER_SENT ref, "apptDateTime", "templateName", "providerName", "reasonForVisit"
An Ocean reminder was sent to a patient with reference "ref" for an EMR appointment at "apptDateTime" for a provider with name "providerName" tagged with an appointment reason "reasonForVisit", using the message template "templateName"
OCEAN_REMINDER_CONFIGURATION_SAVED cfg A configuration for an Ocean reminder has been saved in the Ocean Reminder configuration screen in Ocean.
OCEAN_REMINDER_SUBSCRIPTION_CANCELLED   A user has canceled a site's Ocean Reminder subscription.
OCEAN_REMINDER_SCHEDULED_SEND   The Ocean Reminders engine executed at this time for a specific site.
OCEAN_REMINDER_FORCE_SEND   A user has clicked "Force Send" to force the Ocean Reminders to execute at a specific site.
REMINDER_APPOINTMENT_CONFIRMED ref, "apptId", "scheduleId" A patient has confirmed an appointment using a reminder link.
REFERRAL_TARGET_ADD_NEW ref A new directory listing was created.
REFERRAL_TARGET_UPDATE ref A directory listing was updated. 
REFERRAL_TARGET_KEY_PAIR_UPDATE siteNum A new set of public/private encryption keys was generated for a site. 
REFERRAL_TARGET_CHANGE_NEEDING_REVIEW ref, "modifiedBy" A directory was changed by a user that has been routinely flagged as requiring CognisantMD administrator review.
REFERRAL_TARGET_REVIEWED_BY_REGIONAL_AUTHORITY ref, "raSiteNum" A directory was changed by a user that has been routinely flagged as requiring administrator review by the regional eReferral authority / HINP.
REFERRAL_TARGET_MARKED_INVALID modifiedBy  (Sorry for the inconvenience; this article is still under construction)
REFERRAL_TARGET_DELETE ref, "title"  
REFERRAL_TARGET_SAVE_COMMENT ref, "note"  
REFERRAL_TARGET_VOTE ref, "vote"  
REFERRAL_TARGET_EREFERRAL_VALIDATION_CHANGED ref, "valid"  
REFERRAL_TARGET_REJECT_PENDING_CLAIM ref  
CLAIM_REFERRAL_TARGET ref, "siteNum"  
ACCEPT_EREFERRAL_FEES userName, "siteNum"  
REFERRAL_CREATED
referralRef, "route", "referrerSurname", "referrerFirstName", "professionalId", "billingNum", "srcSiteNum", "srcExtPtRef", "referralTargetRef","services","eRequestRef","eRequestSource","referrerUserName"
  
REFERRAL_CREATED_BY_DELEGATE
referralRef, "route", "referrerSurname", "referrerFirstName", "professionalId", "billingNum", "srcSiteNum", "srcExtPtRef", "referralTargetRef","services","eRequestRef","eRequestSource","referringUserName"
  
REFERRAL_UPDATED referralRef, "referral"  
REFERRAL_NOTE_EDITED referralRef, "urgency"  
REFERRAL_PT_DEMOGRAPHICS_UPDATED referralRef, "consentToContactViaEmail"  
REFERRAL_REFERRER_UPDATED referralRef, "referrerUserName"  
REFERRAL_HEALTH_SERVICE_REASSIGNED referralRef, "healthService"  
REFERRAL_COMMENT_SAVED
referralRef, "external", "commentRef", "showForOtherSites"
  
REFERRAL_COMMENT_DELETED referralRef, "external", "commentRef"  
REFERRAL_SAVE_REVIEW_NOTE
referralRef, "commentRef", "priority", "protocol", "urgency", "axFields"
  
REFERRAL_FORWARDED referralRef, "referralTargetRef"  
REFERRAL_DECLINED referralRef  
REFERRAL_EXTERNAL_COMMENT_ADDED referralRef, "commentRef"  
REFERRAL_COMMENT_REVIEWED referralRef, "commentRef"  
REFERRAL_FORWARD_REVOKED referralRef, "referralTargetRef"  
REFERRAL_RESENT referralRef  
REFERRAL_OWNERSHIP_RECLAIMED referralRef  
REFERRAL_BOOKED referralRef  
REFERRAL_BOOKING_CHANGED referralRef  
REFERRAL_BOOKING_CONFIRMED referralRef, "confirmationSource", "confirmed"  
REFERRAL_BOOKING_CANCELED referralRef, "confirmationSource"  
REFERRAL_SET_COMPLETED referralRef, "completed"  
REFERRAL_SET_PROCESSED referralRef, "processed"  
REFERRAL_PDF_DOWNLOADED referralRef, "siteNum"  
REFERRAL_PATIENT_HANDOUT_DOWNLOADED referralRef, "siteNum"  
REFERRAL_NOTIFICATION_SHEET_DOWNLOADED referralRef, "siteNum"  
REFERRAL_EVENT_LOGGED referralRef, "eventType"  
REFERRAL_PRINTED referralRef  
REFERRAL_EXPORTED referralRef  
REFERRAL_VIEWED referralRef  
REFERRAL_EVENT_LOG_VIEWED referralRef  
REFERRAL_DOWNLOADED referralRef  
REFERRAL_CONVERTED referralRef, "communicationType"  
REFERRAL_OVERDUE_NOTIFICATION_SENT
siteNum, "referralRef", "externalPatientRef", "emailUsed"
  
REFERRAL_ARCHIVED referralRef  
REFERRAL_EMAIL_CONSENT_CLAIMED
referrerSignature, "referralRef", "externalPatientRef"
  
REFERRAL_FORWARDED_TO_PATIENT_PORTAL referralRef  
REFERRAL_NOTE_EMAILED
referralRef, "commentRef", "toPatient", "toReferrer"
  
REFERRAL_IMPORT_PATIENT referralRef, "ptRef", "upsert"  
REFERRAL_ACCEPTED referralRef  
REFERRAL_MARK_AWAITING_REPLY referralRef, "needsReview"  
REFERRAL_MARK_NEEDS_REVIEW referralRef, "needsReview"  
REFERRAL_EMAIL_SENT referralRef, "target", "maskedEmail"  
REFERRAL_SAVE_SITE_ACCESS_KEY referralRef  
IMPORT_REQUISITION_ATTEMPT referralRef  
IMPORT_REQUISITION referralRef  
DELETE_REFERRAL referralRef  
REFERRAL_PROCEED_WITH_REQUEST referralRef  
REFERRAL_SAVE_INITIAL_INFO id  
REFERRAL_INITIAL_INFO_DELETED id  
REFERRAL_SAVE_FOR_LATER
id, "siteNum", "referrerSurname", "referrerFirstName"
  
UPDATE_WAIT_TIMES wtType, "waitTime", "numUpdated"  
SAVE_REFERRAL_FAVOURITE id  
REMOVE_REFERRAL_FAVOURITE id  
REFERRAL_REDIRECT referralRef, "url"  
REFERRAL_INTEGRATION_ADD    
REFERRAL_INTEGRATION_SAVE    
REFERRAL_INTEGRATION_DELETE ref  
REFERRAL_INTEGRATION_SET_DISABLED ref, "enabled"  
REFERRAL_INTEGRATION_EVENT_PUSH ref, "referralRef", "result"  
EXPORTED_REFERRALS   A user has clicked the "Export" button on the eReferrals & eConsults page to download a copy of all eRequests.
     
ONLINE_BOOKING_CHECKIN_REQUEST sessionRef, "apptType"  
ONLINE_BOOKING_CHECKIN_RESPONSE sessionRef, "success", "ppName"  
ONLINE_BOOKING_REQUEST
sessionRef, "referralRef", "date", "time", "duration"
  
ONLINE_BOOKING_COMPLETED
sessionRef, "referralRef", "date", "scheduleRef", "scheduleName", "linkRef", "linkName"
  
     
ONLINE_BOOKING_APPT_TYPES_UPDATED    
ONLINE_BOOKING_SCHEDULE_ACTIVATED emrScheduleName  
ONLINE_BOOKING_SCHEDULE_DEACTIVATED emrScheduleName  
ONLINE_BOOKING_SCHEDULE_UPDATED    
ONLINE_BOOKING_SCHEDULE_DELETED scheduleRef  
ONLINE_BOOKING_LINK_UPDATED    
ONLINE_BOOKING_LINK_DELETED linkRef  
     
PATIENT_CHECKIN_REQUEST eReqRef  
PATIENT_CHECKIN_RESPONSE success, "eReqRef"  
SAVE_SITE_SETTINGS    
SAVE_TABLET_SETTINGS    
SAVE_FAVOURITES    
SAVE_EFORM_FAVOURITE favourite  
REMOVE_EFORM_FAVOURITE favourite  
CREATE_SITE siteNum  
DELETE_SITE siteNum  
REACTIVATE_SITE siteNum  
START_BILLING_FOR_SITE siteNum, "paying"  
STOP_BILLING_FOR_SITE siteNum  
SET_SITE_SUPPORT_SITE siteNum  
UNSET_SITE_SUPPORT_SITE siteNum  
UPDATE_SITE_PASSWORD siteNum, "siteKey", "intendedUse"  
OBTAIN_SITE_CREDENTIAL siteNum, "siteKey"  
UPDATE_SHARED_ENCRYPTION_KEY siteNum, "keyInfo"  
VIEW_SHARED_ENCRYPTION_KEY keyValid  
UPDATE_BILLING_INFO    
SAVE_WEBQ_TEMPLATE    
ALTERNATE_ID_RISK_ACKNOWLEDGEMENT   A user pressed Accept when presented with the Alternate ID Privacy & Security disclaimer.
UPDATE_PAYER siteNum,"payer"  
UPDATE_INVOICE_DATE siteNum, "lastInvoiceDate"  
ACCEPT_LICENSE_AGREEMENT licenseType, "licenseKey", "licenseVersion"  
UPDATE_BILLING_CONTRACT siteNum, "contractId"  
UPDATE_EMR_TYPE siteNum, "emrType"  
SIS_ENABLED_TOGGLE enabled A user toggled the 'Enable Ocean Cloud Connect' checkbox within the Site Features area.
SIS_DEAUTHORIZED siteNum  
ADD_SITE_ADMIN siteNum, "userName"  
REMOVE_SITE_ADMIN siteNum, "userName"  
UPDATE_SITE_ACCEPTS_EREFERRALS acceptsEReferrals  
LOGIN_ATTEMPT ipAddress, "result"  
SAVE_USER    
SAVE_USER_PREF username, "key"  
ADD_SITE_FOR_USER username, "siteNum"  
REMOVE_SITE_FROM_USER username, "siteNum"  
DELETE_USER id  
SWITCH_SITE_CONTEXT newSiteNum  
EULA_ACCEPTED    
OLD_BROWSER_REFUSED_UPGRADE userAgent  
ASSOCIATE_EMR_USER_NAME emrUserName, "ipAddress"  
ASSOCIATE_REGIONAL_SSO_USER_NAME regionalSsoUserName, "ipAddress"  
UNSUBSCRIBE_NOTIFICATION userName, "notificationType"  
SEND_USER_VERIFICATION_EMAIL userName, "email"  
USER_VERIFICATION_LINK_CLICKED userName, "email"  
USER_AUTH_CHECK client, "ipAddress"  
PRIVACY_TRAINING_VIEWED    
USER_ACCEPT_LICENSE_AGREEMENT
licenseType, "licenseKey", "licenseVersion", "referrer"
  
SET_OCEAN_PLUS userName, "oceanPlus" A user enabled or disabled a Patient Messages User License within the Users page.
ENABLE_TWO_FACTOR_AUTH    
DISABLE_TWO_FACTOR_AUTH    
TWO_FACTOR_REQUEST_EMAIL_CODE username  
ANON_EMR_USER_SEEN emrUserName  
ADD_DELEGATE_USER providerUser, "delegateUser"  
REMOVE_DELEGATE_USER providerUser, "delegateUser"  
ADD_PRIMARY_DELEGATE_USER providerUser, "delegateUser"  
REMOVE_PRIMARY_DELEGATE_USER providerUser, "delegateUser"  
INSERT_DBFILE ref,"global"  
UPDATE_DBFILE ref,"global"  
DELETE_DBFILE id  
INSERT_EFORM    
UPDATE_EFORM    
IMPORT_EFORM ref, "parentSiteNum"  
SYNCH_EFORM ref  
SEVER_PARENT_EFORM ref, "siteNum", "parentSiteNum"  
I18N_EFORM ref  
DELETE_EFORM ref, "siteNum", "id", "global"  
EFORM_UPLOAD_LICENSE_ACCEPTED licenseStr  
ADD_EFORM_REPORT    
DELETE_EFORM_REPORT id  
REVERT_EFORM    
DELETE_CLINICAL_RESOURCE    
UPDATE_CLINICAL_RESOURCE    
CR_UPLOAD_LICENSE_ACCEPTED licenseStr  
CR_DOWNLOAD_LICENSE_ACCEPTED    
INVALID_PATIENT_ACCESS ptAccessKey The system received an attempt to retrieve a patient by an access key (ptAccessKey) that doesn't exist.
SHOW_SITE_PASSWORD    
REQUEST_USER_NAME username, "siteNum", "emailAddress"  
REQUEST_PASSWORD_RESET username, "siteNum", "emailAddress"  
PASSWORD_RESET_TOKEN_USAGE resetToken, "userNames"  
TOO_MANY_GET_PATIENT_ATTEMPTS macAddr
An Ocean Tablet requested invalid patient references too many times in a row and was locked out (deregistered) as a security precaution.
EFORM_ERROR error, "ref", "eFormSiteNum", "ptRef"  
PAY_INVOICE invoiceId  
GENERATE_INVOICE siteNum,"endDate","invoiceNum"  
CREATE_COUPON    
UPDATE_COUPON siteNum, "id"  
TRANSFER_COUPON
sourceSiteNum, "destinationSiteNum", "sourceCouponId", "newCouponId"
  
OFFLINE_PAYMENT siteNum, "lastInvoiceDate"  
UPDATE_INVOICE_PAID invoiceId  
RESET_INVOICE_TO_PENDING
invoiceId, "invoiceDate", "sfpInvoiceIds", "newInvoiceId"
  
EMR_TYPE_LOG emrType  
VIEW_STUDIES    
CREATE_STUDY siteNum, "studyName"  
UPDATE_STUDY siteNum, "oldStudyName", "newStudyName"  
EXPORT_STUDY studyName,"startDate","endDate"  
ANON_DATA_SUBMITTED
anonDataId,"siteNum","originatingSiteNum","formRef","studyName","src"
  
DELETE_ANON_DATA anonDataId  
TABLET_USE_LOG    
PATIENT_REPORT_DOWNLOADED siteNum, "id"  
EREQUEST_LINK_CREATED eRequestRef  
EREQUEST_LINK_UPDATED eRequestRef  
EREQUEST_LINK_DELETED eRequestRef  
EREQUEST_LINK_ACTIVATED eRequestRef  
EREQUEST_LINK_DEACTIVATED eRequestRef  
PATIENT_BATCH_CREATED batchRef, "type", "patientRefs"  
PATIENT_BATCH_COMPLETED batchRef, "type", "patientRefs"  
REGIONAL_AUTHORITY_APPLICATION_INITIATED rtRef, "raSiteNum"  
REGIONAL_AUTHORITY_APPLICATION_REVIEWED
rtRef, "rtSiteNum", "approved", "declineReason"
  
REGIONAL_AUTHORITY_APPLICATION_REMOVED rtRef, "rtSiteNum", "removalReason"  
REGIONAL_AUTHORITY_ADD_HINP name  
REGIONAL_AUTHORITY_EDIT_HINP name, "updatedName"  
REGIONAL_AUTHORITY_REMOVE_HINP name  
REGIONAL_AUTHORITY_CHANGED_HINP ref, "oldName", "newName"  
REGIONAL_AUTHORITY_INVALIDATED_LICENSE ref, "user", "version"  
REGIONAL_AUTHORITY_CHANGED_PT_PORTAL_MODE ptPortalMode  
HCV_AUDIT
macAddress, "tabletName", "requestAuditUId", "responseAuditUId", "serviceUser", "endUser", "timeSent", "timeReceived", "responseAction", "responseCode", "responseID", "success", "configPassed", "faultCode", "errorMessage"
  
SIS_VIEW_SHARED_ENCRYPTION_KEY ipAddress  
SIS_SAVED_SHARED_ENCRYPTION_KEY ipAddress  
SIS_EMR_CONFIGURATION_CHANGED ipAddress, "emrType"  
SIS_EMR_SET_AUTO_SYNC ipAddress, "autoSync"  
SIS_USER_LOGIN ip_address  
SIS_CREATED_PATIENT_IN_EMR_FROM_REFERRAL ip_address, "pt_ref", "pt_ext_ref"  
SIS_CREATED_PATIENT_IN_EMR_FROM_WALKIN ip_address, "pt_ref", "pt_ext_ref"  
SIS_SYNC_FAILURE_ALERT    
EMR_ACTION_DELETED_BY_ADMIN    
ELASTICSEARCH_UPDATE_ACTIVATED esActivated  
ELASTICSEARCH_UPDATE_INDEXNAME esIndexName  
ELASTICSEARCH_UPDATE_ENDPOINT esEndpoint  
ANNOUNCEMENT_CREATED   A new Ocean announcement has been created.
ANNOUNCEMENT_UPDATED   An Ocean announcement has been updated.
ANNOUNCEMENT_DELETED   An Ocean announcement has been deleted.
ORGANIZATION_CREATED ref, "title" An "Organization" at the site has been created.
ORGANIZATION_DELETED ref An "Organization" at the site has been deleted.
ORGANIZATION_UPDATED ref, "title" An "Organization" at the site has been updated.
ORGANIZATION_ADDED_TO_RT orgRef, "rtRef"  
ORGANIZATION_REMOVED_FROM_RT orgRef, "rtRef"  
CHANGED_SITE_HEALTH_INFORMATION_CUSTODIAN isHic  
EMR_ATTACHMENT_UPLOAD ptRef  
EMR_ATTACHMENT_SENT ptRef  
ZENDESK_ID_UPDATED zendeskId  
ZENDESK_EMAIL_UPDATED newEmail, "zendeskId"