Audit Logging

Learn how PR-TOP protects your clients' most sensitive data with industry-leading security measures.

What Events Are Logged

PR-TOP maintains a comprehensive audit trail of all security-relevant events. Every action that touches sensitive data is recorded with a timestamp, actor identity, and action description:

  • Authentication events: login, logout, failed login attempts, password resets
  • Data access: client record views, diary entry reads, session transcript access
  • Data modifications: record creation, updates, deletions
  • Consent changes: grant, revoke, and consent-denied access attempts
  • Administrative actions: user role changes, system configuration updates, AI spending limit changes

Retention Policy

Audit logs are retained for a configurable period (default: 90 days) to balance accountability with storage efficiency. Critical security events (failed logins, consent changes, data deletions) are retained for a longer period.

Automated cleanup runs on a scheduled basis, removing only logs that have exceeded their retention window.

Tamper-Proof Storage

Audit log entries are append-only — once written, they cannot be modified or deleted through the application interface. This ensures the integrity of the audit trail even if an account is compromised.

Logs are stored in a dedicated database table with restricted write access, separate from the main application data.

Access Transparency

Therapists can view the audit trail for their own account, seeing exactly when and how their client data was accessed. This transparency builds trust and supports accountability in the therapeutic relationship.

Superadmins have access to the full system audit log through the admin dashboard, with filtering by event type, user, and date range.