Computing in Science and Engineering
Implementing Fair Non-repudiable Interactions with Web Services
EDOC '05 Proceedings of the Ninth IEEE International EDOC Enterprise Computing Conference
Logging in the Age of Web Services
IEEE Security and Privacy
Towards More Trustable Log Files for Digital Forensics by Means of "Trusted Computing
AINA '10 Proceedings of the 2010 24th IEEE International Conference on Advanced Information Networking and Applications
SP 800-92. Guide to Computer Security Log Management
SP 800-92. Guide to Computer Security Log Management
Enabling robust information accountability in E-healthcare systems
HealthSec'12 Proceedings of the 3rd USENIX conference on Health Security and Privacy
Measuring the forensic-ability of audit logs for nonrepudiation
Proceedings of the 2013 International Conference on Software Engineering
Mining Deviations from Patient Care Pathways via Electronic Medical Record System Audits
ACM Transactions on Management Information Systems (TMIS) - Special Issue on Informatics for Smart Health and Wellbeing
Hi-index | 0.00 |
Without adequate audit mechanisms, electronic health record (EHR) systems remain vulnerable to undetected misuse. Users could modify or delete protected health information without these actions being traceable. The objective of this paper is to assess electronic health record audit mechanisms to determine the current degree of auditing for non-repudiation and to assess whether general audit guidelines adequately address non-repudiation. We derived 16 general auditable event types that affect non-repudiation based upon four publications. We qualitatively assess three open-source EHR systems to determine if the systems log these 16 event types. We find that the systems log an average of 12.5% of these event types. We also generated 58 black-box test cases based on specific auditable events derived from Certification Commission for Health Information Technology criteria. We find that only 4.02% of these tests pass. Additionally, 20% of tests fail in all three EHR systems. As a result, actions including the modification of patient demographics and assignment of user privileges can be executed without a trace of the user performing the action. The ambiguous nature of general auditable events may explain the inadequacy of auditing for non-repudiation. EHR system developers should focus on specific auditable events for managing protected health information instead of general events derived from guidelines.