According to the company's Web site, the Laserfiche Audit Trail allows a user to easily monitor who has been viewing which documents and when. This allows a firm to monitor sensitive case documents that need to remain secure, track staff productivity or document search activity for public records. The software also ensures that this information is always readily available through easily discernible audit logs. The audit trail allows nonstop monitoring of server activity and can sort by any field to easily accommodate search preferences.
The software has the following highlights:
It allows a search by title, location,
first visited, last visited, expiration and visit count.
It offers precise round-the-clock tracking of document usage.
It offers an instant display of the itemized audit log.
It offers a detailed monitoring of staff productivity.
It records in real time (the audit log is instantly updated when you perform an action).
It enables selective reporting and queries.
The file security is only accessible by the system administrator and not by every workstation.
The advanced edition has the same features as the starter and standard editions, but also records changes in security settings so that management and system administrators can monitor system activity:
It can track who assigns which rights to which users.
It can maintain records of searches performed in the Laserfiche repository.
It requires users to submit reasons for printing, e-mailing and exporting documents.
It enforces the application of watermarks containing the name of the user responsible for printing as well as other information.
It monitors attempts to change passwords.
Another program that has advanced audit-trail capabilities is DocuXplorer (http://www.docuxplorer.com). DocuXplorer security and event logs allow users to comply with regulations under Sarbanes-Oxley and the Health Insurance Portability and Accountability Act, SEC and NASD rules for document security, confidentiality, retention and audit trails.
DocuXplorer security, like other programs, allows users to select default settings for read-only, read/write and full controls, but it also allows users to customize permissions for individuals and groups for any function of the program depending on each person's security and business process needs.
Ultimately, the system you choose will depend on what the SEC ruling will identify as the standard. However, if you already own one of these systems, chances are you are probably covered for whatever standards may be imposed.
David Lawrence, AIF (Accredited Investment Fiduciary), is a practice efficiency consultant and is president of David Lawrence and Associates, a practice-consulting firm based in Lutz, Fla. (www.efficientpractice.com). David Lawrence is a much-sought-after public speaker on a variety of leadership, financial and technical topics. For details, visit www.davidlawrencespeaks.com.