To protect and secure electronic protected health information or patient records, you need to know who is accessing which systems and data, and what users are doing at all times. Records of all events taking place in your environment are being logged right now into event logs, W3C logs or Syslog files across your servers, workstations and networking devices. Think about it log files contain complete audit trails of access, additions, deletions or manipulation of key information (i.e. employee records, patient health data, etc.).