Modifying Without a Trace: High-level Audit Guidelines are Inadequate for Electronic Health Record Audit Mechanisms: Difference between revisions

Jump to navigation Jump to search
← Older editNewer edit →
No edit summary
No edit summary
Line 18: Line 18:


==== 3.2.1. Ill-defined Standards, Policies, and Regulations ====
==== 3.2.1. Ill-defined Standards, Policies, and Regulations ====
==== 3.2.2. Ineffective Log Analysis ====
== 4. Assessment Methodology ==
=== 4.1 High-level Assessment using Audit Guidelines and Checklists ===
==== 4.1.1 Derivation of Non-specific Auditable Events ====
==== 4.1.2 High-level Assessment Methodology ====
=== 4.2. Low-level Assessment using Black-box Test Cases ===
==== 4.2.1 Audit Test Case Template ====
==== 4.2.2 Audit Test Case Example ====
== 5. Case Studies ==
=== 5.1. Open-source EHR Systems Studied ===
=== 5.2. High-level User-based Non-repudiation Assessment===
Retrieved from "https://bw.kn1.us/wiki/index.php?title=Modifying_Without_a_Trace:_High-level_Audit_Guidelines_are_Inadequate_for_Electronic_Health_Record_Audit_Mechanisms"