I am reviewing OpenEMR and cannot find answers to couple of questions (True / false):
- Audit Trail logging cannot be disabled by user?
- There’s no PHI information stored on end-user devices (eg. in session data)?
- There’s log integrity in place and any alternation is easily detected